v1alpha1

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2024 License: Apache-2.0 Imports: 19 Imported by: 1

Documentation

Overview

Package v1alpha1 contains API schema definitions for the gateway.envoyproxy.io API group.

+kubebuilder:object:generate=true +groupName=gateway.envoyproxy.io

Index

Constants

View Source 
const (
	// PolicyConditionOverridden indicates whether the policy has
	// completely attached to all the sections within the target or not.
	//
	// Possible reasons for this condition to be True are:
	//
	// * "Overridden"
	//
	PolicyConditionOverridden gwapiv1a2.PolicyConditionType = "Overridden"

	// PolicyReasonOverridden is used with the "Overridden" condition when the policy
	// has been overridden by another policy targeting a section within the same target.
	PolicyReasonOverridden gwapiv1a2.PolicyConditionReason = "Overridden"
)
View Source 
const (
	// KindEnvoyGateway is the name of the EnvoyGateway kind.
	KindEnvoyGateway = "EnvoyGateway"
	// GatewayControllerName is the name of the GatewayClass controller.
	GatewayControllerName = "gateway.envoyproxy.io/gatewayclass-controller"
	// GatewayAdminPort is the port which envoy gateway admin server is listening on.
	GatewayAdminPort = 19000
	// GatewayAdminHost is the host of envoy gateway admin server.
	GatewayAdminHost = "127.0.0.1"
	// GatewayMetricsPort is the port which envoy gateway metrics server is listening on.
	GatewayMetricsPort = 19001
	// GatewayMetricsHost is the host of envoy gateway metrics server.
	GatewayMetricsHost = "0.0.0.0"
)
View Source 
const (
	// KubernetesWatchModeTypeNamespaces indicates that the namespace watch mode is used.
	KubernetesWatchModeTypeNamespaces = "Namespaces"

	// KubernetesWatchModeTypeNamespaceSelector indicates that namespaceSelector watch
	// mode is used.
	KubernetesWatchModeTypeNamespaceSelector = "NamespaceSelector"
)
View Source 
const (
	// PolicyConditionProgrammed indicates whether the policy has been translated
	// and ready to be programmed into the data plane.
	//
	// Possible reasons for this condition to be True are:
	//
	// * "Programmed"
	//
	// Possible reasons for this condition to be False are:
	//
	// * "Invalid"
	// * "ResourceNotFound"
	//
	PolicyConditionProgrammed gwapiv1a2.PolicyConditionType = "Programmed"

	// PolicyReasonProgrammed is used with the "Programmed" condition when the policy
	// is ready to be programmed into the data plane.
	PolicyReasonProgrammed gwapiv1a2.PolicyConditionReason = "Programmed"

	// PolicyReasonInvalid is used with the "Programmed" condition when the patch
	// is syntactically or semantically invalid.
	PolicyReasonInvalid gwapiv1a2.PolicyConditionReason = "Invalid"

	// PolicyReasonTargetNotFound is used with the "Programmed" condition when the
	// policy cannot find the resource type to patch to.
	PolicyReasonResourceNotFound gwapiv1a2.PolicyConditionReason = "ResourceNotFound"

	// PolicyReasonDisabled is used with the "Accepted" condition when the policy
	// feature is disabled by the configuration.
	PolicyReasonDisabled gwapiv1a2.PolicyConditionReason = "Disabled"
)
View Source 
const (
	// DefaultDeploymentReplicas is the default number of deployment replicas.
	DefaultDeploymentReplicas = 1
	// DefaultDeploymentCPUResourceRequests for deployment cpu resource
	DefaultDeploymentCPUResourceRequests = "100m"
	// DefaultDeploymentMemoryResourceRequests for deployment memory resource
	DefaultDeploymentMemoryResourceRequests = "512Mi"
	// DefaultEnvoyProxyImage is the default image used by envoyproxy
	DefaultEnvoyProxyImage = "envoyproxy/envoy:distroless-v1.29.3"
	// DefaultShutdownManagerCPUResourceRequests for shutdown manager cpu resource
	DefaultShutdownManagerCPUResourceRequests = "10m"
	// DefaultShutdownManagerMemoryResourceRequests for shutdown manager memory resource
	DefaultShutdownManagerMemoryResourceRequests = "32Mi"
	// DefaultShutdownManagerImage is the default image used for the shutdown manager.
	DefaultShutdownManagerImage = "envoyproxy/gateway-dev:latest"
	// DefaultRateLimitImage is the default image used by ratelimit.
	DefaultRateLimitImage = "envoyproxy/ratelimit:19f2079f"
	// HTTPProtocol is the common-used http protocol.
	HTTPProtocol = "http"
	// GRPCProtocol is the common-used grpc protocol.
	GRPCProtocol = "grpc"
)
View Source 
const BasicAuthUsersSecretKey = ".htpasswd"
View Source 
const GroupName = "gateway.envoyproxy.io"
View Source 
const (
	// KindBackendTrafficPolicy is the name of the BackendTrafficPolicy kind.
	KindBackendTrafficPolicy = "BackendTrafficPolicy"
)
View Source 
const (
	// KindClientTrafficPolicy is the name of the ClientTrafficPolicy kind.
	KindClientTrafficPolicy = "ClientTrafficPolicy"
)
View Source 
const (
	// KindEnvoyPatchPolicy is the name of the EnvoyPatchPolicy kind.
	KindEnvoyPatchPolicy = "EnvoyPatchPolicy"
)
View Source 
const (
	// KindEnvoyProxy is the name of the EnvoyProxy kind.
	KindEnvoyProxy = "EnvoyProxy"
)
View Source 
const (
	// KindSecurityPolicy is the name of the SecurityPolicy kind.
	KindSecurityPolicy = "SecurityPolicy"
)
View Source 
const OIDCClientSecretKey = "client-secret"

Variables

View Source 
var (

	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func DefaultEnvoyProxyHpaMetrics added in v1.0.0 

func DefaultEnvoyProxyHpaMetrics() []autoscalingv2.MetricSpec

func DefaultKubernetesContainerImage added in v0.6.0 

func DefaultKubernetesContainerImage(image string) *string

DefaultKubernetesContainerImage returns the default envoyproxy image.

func DefaultKubernetesDeploymentStrategy added in v0.6.0 

func DefaultKubernetesDeploymentStrategy() *appv1.DeploymentStrategy

DefaultKubernetesDeploymentStrategy returns the default deployment strategy settings.

func DefaultResourceRequirements added in v0.6.0 

func DefaultResourceRequirements() *corev1.ResourceRequirements

DefaultResourceRequirements returns a new ResourceRequirements with default settings.

func DefaultShutdownManagerContainerResourceRequirements added in v1.0.0 

func DefaultShutdownManagerContainerResourceRequirements() *v1.ResourceRequirements

DefaultShutdownManagerContainerResourceRequirements returns a new ResourceRequirements with default settings.

Types

type ALPNProtocol added in v1.0.0 

type ALPNProtocol string

ALPNProtocol specifies the protocol to be negotiated using ALPN +kubebuilder:validation:Enum=http/1.0;http/1.1;h2 

const (
	// HTTPProtocolVersion1_0 specifies that HTTP/1.0 should be negotiable with ALPN
	HTTPProtocolVersion1_0 ALPNProtocol = "http/1.0"
	// HTTPProtocolVersion1_1 specifies that HTTP/1.1 should be negotiable with ALPN
	HTTPProtocolVersion1_1 ALPNProtocol = "http/1.1"
	// HTTPProtocolVersion2 specifies that HTTP/2 should be negotiable with ALPN
	HTTPProtocolVersion2 ALPNProtocol = "h2"
)

When adding ALPN constants, they must be values that are defined in the IANA registry for ALPN identification sequences https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids

type ActiveHealthCheck added in v1.0.0 

type ActiveHealthCheck struct {
	// Timeout defines the time to wait for a health check response.
	//
	// +kubebuilder:validation:Format=duration
	// +kubebuilder:default="1s"
	// +optional
	Timeout *metav1.Duration `json:"timeout"`

	// Interval defines the time between active health checks.
	//
	// +kubebuilder:validation:Format=duration
	// +kubebuilder:default="3s"
	// +optional
	Interval *metav1.Duration `json:"interval"`

	// UnhealthyThreshold defines the number of unhealthy health checks required before a backend host is marked unhealthy.
	//
	// +kubebuilder:validation:Minimum=1
	// +kubebuilder:default=3
	// +optional
	UnhealthyThreshold *uint32 `json:"unhealthyThreshold"`

	// HealthyThreshold defines the number of healthy health checks required before a backend host is marked healthy.
	//
	// +kubebuilder:validation:Minimum=1
	// +kubebuilder:default=1
	// +optional
	HealthyThreshold *uint32 `json:"healthyThreshold"`

	// Type defines the type of health checker.
	// +kubebuilder:validation:Enum=HTTP;TCP
	// +unionDiscriminator
	Type ActiveHealthCheckerType `json:"type" yaml:"type"`

	// HTTP defines the configuration of http health checker.
	// It's required while the health checker type is HTTP.
	// +optional
	HTTP *HTTPActiveHealthChecker `json:"http,omitempty" yaml:"http,omitempty"`

	// TCP defines the configuration of tcp health checker.
	// It's required while the health checker type is TCP.
	// +optional
	TCP *TCPActiveHealthChecker `json:"tcp,omitempty" yaml:"tcp,omitempty"`
}

ActiveHealthCheck defines the active health check configuration. EG supports various types of active health checking including HTTP, TCP. +union

+kubebuilder:validation:XValidation:rule="self.type == 'HTTP' ? has(self.http) : !has(self.http)",message="If Health Checker type is HTTP, http field needs to be set." +kubebuilder:validation:XValidation:rule="self.type == 'TCP' ? has(self.tcp) : !has(self.tcp)",message="If Health Checker type is TCP, tcp field needs to be set."

func (*ActiveHealthCheck) DeepCopy added in v1.0.0 

func (in *ActiveHealthCheck) DeepCopy() *ActiveHealthCheck

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveHealthCheck.

func (*ActiveHealthCheck) DeepCopyInto added in v1.0.0 

func (in *ActiveHealthCheck) DeepCopyInto(out *ActiveHealthCheck)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ActiveHealthCheckPayload added in v1.0.0 

type ActiveHealthCheckPayload struct {
	// Type defines the type of the payload.
	// +kubebuilder:validation:Enum=Text;Binary
	// +unionDiscriminator
	Type ActiveHealthCheckPayloadType `json:"type" yaml:"type"`
	// Text payload in plain text.
	// +optional
	Text *string `json:"text,omitempty" yaml:"text,omitempty"`
	// Binary payload base64 encoded.
	// +optional
	Binary []byte `json:"binary,omitempty" yaml:"binary,omitempty"`
}

ActiveHealthCheckPayload defines the encoding of the payload bytes in the payload. +union +kubebuilder:validation:XValidation:rule="self.type == 'Text' ? has(self.text) : !has(self.text)",message="If payload type is Text, text field needs to be set." +kubebuilder:validation:XValidation:rule="self.type == 'Binary' ? has(self.binary) : !has(self.binary)",message="If payload type is Binary, binary field needs to be set."

func (*ActiveHealthCheckPayload) DeepCopy added in v1.0.0 

func (in *ActiveHealthCheckPayload) DeepCopy() *ActiveHealthCheckPayload

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActiveHealthCheckPayload.

func (*ActiveHealthCheckPayload) DeepCopyInto added in v1.0.0 

func (in *ActiveHealthCheckPayload) DeepCopyInto(out *ActiveHealthCheckPayload)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ActiveHealthCheckPayloadType added in v1.0.0 

type ActiveHealthCheckPayloadType string

ActiveHealthCheckPayloadType is the type of the payload. +kubebuilder:validation:Enum=Text;Binary 

const (
	// ActiveHealthCheckPayloadTypeText defines the Text type payload.
	ActiveHealthCheckPayloadTypeText ActiveHealthCheckPayloadType = "Text"
	// ActiveHealthCheckPayloadTypeBinary defines the Binary type payload.
	ActiveHealthCheckPayloadTypeBinary ActiveHealthCheckPayloadType = "Binary"
)

type ActiveHealthCheckerType added in v1.0.0 

type ActiveHealthCheckerType string

ActiveHealthCheckerType is the type of health checker. +kubebuilder:validation:Enum=HTTP;TCP 

const (
	// ActiveHealthCheckerTypeHTTP defines the HTTP type of health checking.
	ActiveHealthCheckerTypeHTTP ActiveHealthCheckerType = "HTTP"
	// ActiveHealthCheckerTypeTCP defines the TCP type of health checking.
	ActiveHealthCheckerTypeTCP ActiveHealthCheckerType = "TCP"
)

type BackOffPolicy added in v1.0.0 

type BackOffPolicy struct {
	// BaseInterval is the base interval between retries.
	//
	// +kubebuilder:validation:Format=duration
	BaseInterval *metav1.Duration `json:"baseInterval,omitempty"`
	// MaxInterval is the maximum interval between retries. This parameter is optional, but must be greater than or equal to the base_interval if set.
	// The default is 10 times the base_interval
	//
	// +optional
	// +kubebuilder:validation:Format=duration
	MaxInterval *metav1.Duration `json:"maxInterval,omitempty"`
}

func (*BackOffPolicy) DeepCopy added in v1.0.0 

func (in *BackOffPolicy) DeepCopy() *BackOffPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackOffPolicy.

func (*BackOffPolicy) DeepCopyInto added in v1.0.0 

func (in *BackOffPolicy) DeepCopyInto(out *BackOffPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BackendTrafficPolicy added in v0.6.0 

type BackendTrafficPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// spec defines the desired state of BackendTrafficPolicy.
	Spec BackendTrafficPolicySpec `json:"spec"`

	// status defines the current status of BackendTrafficPolicy.
	Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}

+kubebuilder:object:root=true +kubebuilder:resource:categories=envoy-gateway,shortName=btp +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[?(@.type=="Accepted")].reason` +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`

BackendTrafficPolicy allows the user to configure the behavior of the connection between the Envoy Proxy listener and the backend service.

func (*BackendTrafficPolicy) DeepCopy added in v0.6.0 

func (in *BackendTrafficPolicy) DeepCopy() *BackendTrafficPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTrafficPolicy.

func (*BackendTrafficPolicy) DeepCopyInto added in v0.6.0 

func (in *BackendTrafficPolicy) DeepCopyInto(out *BackendTrafficPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BackendTrafficPolicy) DeepCopyObject added in v0.6.0 

func (in *BackendTrafficPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BackendTrafficPolicyList added in v0.6.0 

type BackendTrafficPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []BackendTrafficPolicy `json:"items"`
}

+kubebuilder:object:root=true BackendTrafficPolicyList contains a list of BackendTrafficPolicy resources.

func (*BackendTrafficPolicyList) DeepCopy added in v0.6.0 

func (in *BackendTrafficPolicyList) DeepCopy() *BackendTrafficPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTrafficPolicyList.

func (*BackendTrafficPolicyList) DeepCopyInto added in v0.6.0 

func (in *BackendTrafficPolicyList) DeepCopyInto(out *BackendTrafficPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BackendTrafficPolicyList) DeepCopyObject added in v0.6.0 

func (in *BackendTrafficPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BackendTrafficPolicySpec added in v0.6.0 

type BackendTrafficPolicySpec struct {
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
	// +kubebuilder:validation:XValidation:rule="self.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute']", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
	// +kubebuilder:validation:XValidation:rule="!has(self.sectionName)",message="this policy does not yet support the sectionName field"
	//
	// targetRef is the name of the resource this policy
	// is being attached to.
	// This Policy and the TargetRef MUST be in the same namespace
	// for this Policy to have effect and be applied to the Gateway.
	TargetRef gwapiv1a2.PolicyTargetReferenceWithSectionName `json:"targetRef"`

	// RateLimit allows the user to limit the number of incoming requests
	// to a predefined value based on attributes within the traffic flow.
	// +optional
	RateLimit *RateLimitSpec `json:"rateLimit,omitempty"`

	// LoadBalancer policy to apply when routing traffic from the gateway to
	// the backend endpoints
	// +optional
	LoadBalancer *LoadBalancer `json:"loadBalancer,omitempty"`

	// ProxyProtocol enables the Proxy Protocol when communicating with the backend.
	// +optional
	ProxyProtocol *ProxyProtocol `json:"proxyProtocol,omitempty"`

	// TcpKeepalive settings associated with the upstream client connection.
	// Disabled by default.
	//
	// +optional
	TCPKeepalive *TCPKeepalive `json:"tcpKeepalive,omitempty"`

	// HealthCheck allows gateway to perform active health checking on backends.
	//
	// +optional
	HealthCheck *HealthCheck `json:"healthCheck,omitempty"`

	// FaultInjection defines the fault injection policy to be applied. This configuration can be used to
	// inject delays and abort requests to mimic failure scenarios such as service failures and overloads
	// +optional
	FaultInjection *FaultInjection `json:"faultInjection,omitempty"`

	// Circuit Breaker settings for the upstream connections and requests.
	// If not set, circuit breakers will be enabled with the default thresholds
	//
	// +optional
	CircuitBreaker *CircuitBreaker `json:"circuitBreaker,omitempty"`

	// Retry provides more advanced usage, allowing users to customize the number of retries, retry fallback strategy, and retry triggering conditions.
	// If not set, retry will be disabled.
	// +optional
	Retry *Retry `json:"retry,omitempty"`

	// Timeout settings for the backend connections.
	//
	// +optional
	Timeout *Timeout `json:"timeout,omitempty"`

	// The compression config for the http streams.
	//
	// +optional
	Compression []*Compression `json:"compression,omitempty"`
}

spec defines the desired state of BackendTrafficPolicy.

func (*BackendTrafficPolicySpec) DeepCopy added in v0.6.0 

func (in *BackendTrafficPolicySpec) DeepCopy() *BackendTrafficPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTrafficPolicySpec.

func (*BackendTrafficPolicySpec) DeepCopyInto added in v0.6.0 

func (in *BackendTrafficPolicySpec) DeepCopyInto(out *BackendTrafficPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BasicAuth added in v1.0.0 

type BasicAuth struct {
	// The Kubernetes secret which contains the username-password pairs in
	// htpasswd format, used to verify user credentials in the "Authorization"
	// header.
	//
	// This is an Opaque secret. The username-password pairs should be stored in
	// the key ".htpasswd". As the key name indicates, the value needs to be the
	// htpasswd format, for example: "user1:{SHA}hashed_user1_password".
	// Right now, only SHA hash algorithm is supported.
	// Reference to https://httpd.apache.org/docs/2.4/programs/htpasswd.html
	// for more details.
	//
	// Note: The secret must be in the same namespace as the SecurityPolicy.
	Users gwapiv1b1.SecretObjectReference `json:"users"`
}

BasicAuth defines the configuration for the HTTP Basic Authentication.

func (*BasicAuth) DeepCopy added in v1.0.0 

func (in *BasicAuth) DeepCopy() *BasicAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BasicAuth.

func (*BasicAuth) DeepCopyInto added in v1.0.0 

func (in *BasicAuth) DeepCopyInto(out *BasicAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BootstrapType added in v0.6.0 

type BootstrapType string

BootstrapType defines the types of bootstrap supported by Envoy Gateway. +kubebuilder:validation:Enum=Merge;Replace 

const (
	// Merge merges the provided bootstrap with the default one. The provided bootstrap can add or override a value
	// within a map, or add a new value to a list.
	// Please note that the provided bootstrap can't override a value within a list.
	BootstrapTypeMerge BootstrapType = "Merge"

	// Replace replaces the default bootstrap with the provided one.
	BootstrapTypeReplace BootstrapType = "Replace"
)

type CORS added in v0.6.0 

type CORS struct {
	// AllowOrigins defines the origins that are allowed to make requests.
	// +kubebuilder:validation:MinItems=1
	AllowOrigins []Origin `json:"allowOrigins,omitempty" yaml:"allowOrigins"`
	// AllowMethods defines the methods that are allowed to make requests.
	// +kubebuilder:validation:MinItems=1
	AllowMethods []string `json:"allowMethods,omitempty" yaml:"allowMethods"`
	// AllowHeaders defines the headers that are allowed to be sent with requests.
	AllowHeaders []string `json:"allowHeaders,omitempty" yaml:"allowHeaders,omitempty"`
	// ExposeHeaders defines the headers that can be exposed in the responses.
	ExposeHeaders []string `json:"exposeHeaders,omitempty" yaml:"exposeHeaders,omitempty"`
	// MaxAge defines how long the results of a preflight request can be cached.
	MaxAge *metav1.Duration `json:"maxAge,omitempty" yaml:"maxAge,omitempty"`
	// AllowCredentials indicates whether a request can include user credentials
	// like cookies, authentication headers, or TLS client certificates.
	AllowCredentials *bool `json:"allowCredentials,omitempty" yaml:"allowCredentials,omitempty"`
}

CORS defines the configuration for Cross-Origin Resource Sharing (CORS).

func (*CORS) DeepCopy added in v0.6.0 

func (in *CORS) DeepCopy() *CORS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CORS.

func (*CORS) DeepCopyInto added in v0.6.0 

func (in *CORS) DeepCopyInto(out *CORS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CircuitBreaker added in v1.0.0 

type CircuitBreaker struct {
	// The maximum number of connections that Envoy will establish to the referenced backend defined within a xRoute rule.
	//
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=4294967295
	// +kubebuilder:default=1024
	// +optional
	MaxConnections *int64 `json:"maxConnections,omitempty"`

	// The maximum number of pending requests that Envoy will queue to the referenced backend defined within a xRoute rule.
	//
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=4294967295
	// +kubebuilder:default=1024
	// +optional
	MaxPendingRequests *int64 `json:"maxPendingRequests,omitempty"`

	// The maximum number of parallel requests that Envoy will make to the referenced backend defined within a xRoute rule.
	//
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=4294967295
	// +kubebuilder:default=1024
	// +optional
	MaxParallelRequests *int64 `json:"maxParallelRequests,omitempty"`

	// The maximum number of parallel retries that Envoy will make to the referenced backend defined within a xRoute rule.
	//
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=4294967295
	// +kubebuilder:default=1024
	// +optional
	MaxParallelRetries *int64 `json:"maxParallelRetries,omitempty"`

	// The maximum number of requests that Envoy will make over a single connection to the referenced backend defined within a xRoute rule.
	// Default: unlimited.
	//
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=4294967295
	// +optional
	MaxRequestsPerConnection *int64 `json:"maxRequestsPerConnection,omitempty"`
}

CircuitBreaker defines the Circuit Breaker configuration.

func (*CircuitBreaker) DeepCopy added in v1.0.0 

func (in *CircuitBreaker) DeepCopy() *CircuitBreaker

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CircuitBreaker.

func (*CircuitBreaker) DeepCopyInto added in v1.0.0 

func (in *CircuitBreaker) DeepCopyInto(out *CircuitBreaker)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClaimToHeader added in v0.5.0 

type ClaimToHeader struct {

	// Header defines the name of the HTTP request header that the JWT Claim will be saved into.
	Header string `json:"header"`

	// Claim is the JWT Claim that should be saved into the header : it can be a nested claim of type
	// (eg. "claim.nested.key", "sub"). The nested claim name must use dot "."
	// to separate the JSON name path.
	Claim string `json:"claim"`
}

ClaimToHeader defines a configuration to convert JWT claims into HTTP headers

func (*ClaimToHeader) DeepCopy added in v0.5.0 

func (in *ClaimToHeader) DeepCopy() *ClaimToHeader

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClaimToHeader.

func (*ClaimToHeader) DeepCopyInto added in v0.5.0 

func (in *ClaimToHeader) DeepCopyInto(out *ClaimToHeader)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientIPDetectionSettings added in v1.0.0 

type ClientIPDetectionSettings struct {
	// XForwardedForSettings provides configuration for using X-Forwarded-For headers for determining the client IP address.
	//
	// +optional
	XForwardedFor *XForwardedForSettings `json:"xForwardedFor,omitempty"`
	// CustomHeader provides configuration for determining the client IP address for a request based on
	// a trusted custom HTTP header. This uses the the custom_header original IP detection extension.
	// Refer to https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/http/original_ip_detection/custom_header/v3/custom_header.proto
	// for more details.
	//
	// +optional
	CustomHeader *CustomHeaderExtensionSettings `json:"customHeader,omitempty"`
}

ClientIPDetectionSettings provides configuration for determining the original client IP address for requests.

+kubebuilder:validation:XValidation:rule="!(has(self.xForwardedFor) && has(self.customHeader))",message="customHeader cannot be used in conjunction with xForwardedFor"

func (*ClientIPDetectionSettings) DeepCopy added in v1.0.0 

func (in *ClientIPDetectionSettings) DeepCopy() *ClientIPDetectionSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientIPDetectionSettings.

func (*ClientIPDetectionSettings) DeepCopyInto added in v1.0.0 

func (in *ClientIPDetectionSettings) DeepCopyInto(out *ClientIPDetectionSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientTimeout added in v1.0.0 

type ClientTimeout struct {
	// Timeout settings for HTTP.
	//
	// +optional
	HTTP *HTTPClientTimeout `json:"http,omitempty"`
}

func (*ClientTimeout) DeepCopy added in v1.0.0 

func (in *ClientTimeout) DeepCopy() *ClientTimeout

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTimeout.

func (*ClientTimeout) DeepCopyInto added in v1.0.0 

func (in *ClientTimeout) DeepCopyInto(out *ClientTimeout)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientTrafficPolicy added in v0.6.0 

type ClientTrafficPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the desired state of ClientTrafficPolicy.
	Spec ClientTrafficPolicySpec `json:"spec"`

	// Status defines the current status of ClientTrafficPolicy.
	Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}

ClientTrafficPolicy allows the user to configure the behavior of the connection between the downstream client and Envoy Proxy listener.

func (*ClientTrafficPolicy) DeepCopy added in v0.6.0 

func (in *ClientTrafficPolicy) DeepCopy() *ClientTrafficPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTrafficPolicy.

func (*ClientTrafficPolicy) DeepCopyInto added in v0.6.0 

func (in *ClientTrafficPolicy) DeepCopyInto(out *ClientTrafficPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientTrafficPolicy) DeepCopyObject added in v0.6.0 

func (in *ClientTrafficPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientTrafficPolicyList added in v0.6.0 

type ClientTrafficPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClientTrafficPolicy `json:"items"`
}

ClientTrafficPolicyList contains a list of ClientTrafficPolicy resources.

func (*ClientTrafficPolicyList) DeepCopy added in v0.6.0 

func (in *ClientTrafficPolicyList) DeepCopy() *ClientTrafficPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTrafficPolicyList.

func (*ClientTrafficPolicyList) DeepCopyInto added in v0.6.0 

func (in *ClientTrafficPolicyList) DeepCopyInto(out *ClientTrafficPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientTrafficPolicyList) DeepCopyObject added in v0.6.0 

func (in *ClientTrafficPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientTrafficPolicySpec added in v0.6.0 

type ClientTrafficPolicySpec struct {
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
	// +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'", message="this policy can only have a targetRef.kind of Gateway"
	// +kubebuilder:validation:XValidation:rule="!has(self.sectionName)",message="this policy does not yet support the sectionName field"
	//
	// TargetRef is the name of the Gateway resource this policy
	// is being attached to.
	// This Policy and the TargetRef MUST be in the same namespace
	// for this Policy to have effect and be applied to the Gateway.
	// TargetRef
	TargetRef gwapiv1a2.PolicyTargetReferenceWithSectionName `json:"targetRef"`
	// TcpKeepalive settings associated with the downstream client connection.
	// If defined, sets SO_KEEPALIVE on the listener socket to enable TCP Keepalives.
	// Disabled by default.
	//
	// +optional
	TCPKeepalive *TCPKeepalive `json:"tcpKeepalive,omitempty"`
	// EnableProxyProtocol interprets the ProxyProtocol header and adds the
	// Client Address into the X-Forwarded-For header.
	// Note Proxy Protocol must be present when this field is set, else the connection
	// is closed.
	//
	// +optional
	EnableProxyProtocol *bool `json:"enableProxyProtocol,omitempty"`
	// ClientIPDetectionSettings provides configuration for determining the original client IP address for requests.
	//
	// +optional
	ClientIPDetection *ClientIPDetectionSettings `json:"clientIPDetection,omitempty"`
	// HTTP3 provides HTTP/3 configuration on the listener.
	//
	// +optional
	HTTP3 *HTTP3Settings `json:"http3,omitempty"`
	// TLS settings configure TLS termination settings with the downstream client.
	//
	// +optional
	TLS *TLSSettings `json:"tls,omitempty"`
	// Path enables managing how the incoming path set by clients can be normalized.
	//
	// +optional
	Path *PathSettings `json:"path,omitempty"`
	// HTTP1 provides HTTP/1 configuration on the listener.
	//
	// +optional
	HTTP1 *HTTP1Settings `json:"http1,omitempty"`
	// HeaderSettings provides configuration for header management.
	//
	// +optional
	Headers *HeaderSettings `json:"headers,omitempty"`
	// Timeout settings for the client connections.
	//
	// +optional
	Timeout *ClientTimeout `json:"timeout,omitempty"`
}

ClientTrafficPolicySpec defines the desired state of ClientTrafficPolicy.

func (*ClientTrafficPolicySpec) DeepCopy added in v0.6.0 

func (in *ClientTrafficPolicySpec) DeepCopy() *ClientTrafficPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientTrafficPolicySpec.

func (*ClientTrafficPolicySpec) DeepCopyInto added in v0.6.0 

func (in *ClientTrafficPolicySpec) DeepCopyInto(out *ClientTrafficPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClientValidationContext added in v1.0.0 

type ClientValidationContext struct {
	// CACertificateRefs contains one or more references to
	// Kubernetes objects that contain TLS certificates of
	// the Certificate Authorities that can be used
	// as a trust anchor to validate the certificates presented by the client.
	//
	// A single reference to a Kubernetes ConfigMap or a Kubernetes Secret,
	// with the CA certificate in a key named `ca.crt` is currently supported.
	//
	// References to a resource in different namespace are invalid UNLESS there
	// is a ReferenceGrant in the target namespace that allows the certificate
	// to be attached.
	//
	// +kubebuilder:validation:MaxItems=8
	// +optional
	CACertificateRefs []gwapiv1.SecretObjectReference `json:"caCertificateRefs,omitempty"`
}

ClientValidationContext holds configuration that can be used to validate the client initiating the TLS connection to the Gateway. By default, no client specific configuration is validated.

func (*ClientValidationContext) DeepCopy added in v1.0.0 

func (in *ClientValidationContext) DeepCopy() *ClientValidationContext

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientValidationContext.

func (*ClientValidationContext) DeepCopyInto added in v1.0.0 

func (in *ClientValidationContext) DeepCopyInto(out *ClientValidationContext)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Compression added in v1.0.0 

type Compression struct {
	// CompressorType defines the compressor type to use for compression.
	//
	// +required
	Type CompressorType `json:"type"`

	// The configuration for GZIP compressor.
	//
	// +optional
	Gzip *GzipCompressor `json:"gzip,omitempty"`
}

Compression defines the config of enabling compression. This can help reduce the bandwidth at the expense of higher CPU.

func (*Compression) DeepCopy added in v1.0.0 

func (in *Compression) DeepCopy() *Compression

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Compression.

func (*Compression) DeepCopyInto added in v1.0.0 

func (in *Compression) DeepCopyInto(out *Compression)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CompressorType added in v1.0.0 

type CompressorType string

CompressorType defines the types of compressor library supported by Envoy Gateway.

+kubebuilder:validation:Enum=Gzip

type ConsistentHash added in v0.6.0 

type ConsistentHash struct {
	Type ConsistentHashType `json:"type"`
}

ConsistentHash defines the configuration related to the consistent hash load balancer policy

func (*ConsistentHash) DeepCopy added in v0.6.0 

func (in *ConsistentHash) DeepCopy() *ConsistentHash

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsistentHash.

func (*ConsistentHash) DeepCopyInto added in v0.6.0 

func (in *ConsistentHash) DeepCopyInto(out *ConsistentHash)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConsistentHashType added in v0.6.0 

type ConsistentHashType string

ConsistentHashType defines the type of input to hash on. +kubebuilder:validation:Enum=SourceIP 

const (
	// SourceIPConsistentHashType hashes based on the source IP address.
	SourceIPConsistentHashType ConsistentHashType = "SourceIP"
)

type CustomHeaderExtensionSettings added in v1.0.0 

type CustomHeaderExtensionSettings struct {
	// Name of the header containing the original downstream remote address, if present.
	//
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=255
	// +kubebuilder:validation:Pattern="^[A-Za-z0-9-]+$"
	//
	Name string `json:"name"`
	// FailClosed is a switch used to control the flow of traffic when client IP detection
	// fails. If set to true, the listener will respond with 403 Forbidden when the client
	// IP address cannot be determined.
	//
	// +optional
	FailClosed *bool `json:"failClosed,omitempty"`
}

CustomHeader provides configuration for determining the client IP address for a request based on a trusted custom HTTP header. This uses the the custom_header original IP detection extension. Refer to https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/http/original_ip_detection/custom_header/v3/custom_header.proto for more details.

func (*CustomHeaderExtensionSettings) DeepCopy added in v1.0.0 

func (in *CustomHeaderExtensionSettings) DeepCopy() *CustomHeaderExtensionSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomHeaderExtensionSettings.

func (*CustomHeaderExtensionSettings) DeepCopyInto added in v1.0.0 

func (in *CustomHeaderExtensionSettings) DeepCopyInto(out *CustomHeaderExtensionSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomTag added in v0.6.0 

type CustomTag struct {
	// Type defines the type of custom tag.
	// +kubebuilder:validation:Enum=Literal;Environment;RequestHeader
	// +unionDiscriminator
	// +kubebuilder:default=Literal
	Type CustomTagType `json:"type"`
	// Literal adds hard-coded value to each span.
	// It's required when the type is "Literal".
	Literal *LiteralCustomTag `json:"literal,omitempty"`
	// Environment adds value from environment variable to each span.
	// It's required when the type is "Environment".
	Environment *EnvironmentCustomTag `json:"environment,omitempty"`
	// RequestHeader adds value from request header to each span.
	// It's required when the type is "RequestHeader".
	RequestHeader *RequestHeaderCustomTag `json:"requestHeader,omitempty"`
}

func (*CustomTag) DeepCopy added in v0.6.0 

func (in *CustomTag) DeepCopy() *CustomTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomTag.

func (*CustomTag) DeepCopyInto added in v0.6.0 

func (in *CustomTag) DeepCopyInto(out *CustomTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomTagType added in v0.6.0 

type CustomTagType string
const (
	// CustomTagTypeLiteral adds hard-coded value to each span.
	CustomTagTypeLiteral CustomTagType = "Literal"
	// CustomTagTypeEnvironment adds value from environment variable to each span.
	CustomTagTypeEnvironment CustomTagType = "Environment"
	// CustomTagTypeRequestHeader adds value from request header to each span.
	CustomTagTypeRequestHeader CustomTagType = "RequestHeader"
)

type EnvironmentCustomTag added in v0.6.0 

type EnvironmentCustomTag struct {
	// Name defines the name of the environment variable which to extract the value from.
	Name string `json:"name"`
	// DefaultValue defines the default value to use if the environment variable is not set.
	// +optional
	DefaultValue *string `json:"defaultValue,omitempty"`
}

EnvironmentCustomTag adds value from environment variable to each span.

func (*EnvironmentCustomTag) DeepCopy added in v0.6.0 

func (in *EnvironmentCustomTag) DeepCopy() *EnvironmentCustomTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvironmentCustomTag.

func (*EnvironmentCustomTag) DeepCopyInto added in v0.6.0 

func (in *EnvironmentCustomTag) DeepCopyInto(out *EnvironmentCustomTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGateway added in v0.6.0 

type EnvoyGateway struct {
	metav1.TypeMeta `json:",inline"`

	// EnvoyGatewaySpec defines the desired state of EnvoyGateway.
	EnvoyGatewaySpec `json:",inline"`
}

EnvoyGateway is the schema for the envoygateways API.

func DefaultEnvoyGateway added in v0.6.0 

func DefaultEnvoyGateway() *EnvoyGateway

DefaultEnvoyGateway returns a new EnvoyGateway with default configuration parameters.

func (*EnvoyGateway) DeepCopy added in v0.6.0 

func (in *EnvoyGateway) DeepCopy() *EnvoyGateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGateway.

func (*EnvoyGateway) DeepCopyInto added in v0.6.0 

func (in *EnvoyGateway) DeepCopyInto(out *EnvoyGateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyGateway) DeepCopyObject added in v0.6.0 

func (in *EnvoyGateway) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*EnvoyGateway) DisablePrometheus added in v0.6.0 

func (e *EnvoyGateway) DisablePrometheus() bool

DisablePrometheus returns if disable prometheus.

func (*EnvoyGateway) GetEnvoyGatewayAdmin added in v0.6.0 

func (e *EnvoyGateway) GetEnvoyGatewayAdmin() *EnvoyGatewayAdmin

GetEnvoyGatewayAdmin returns the EnvoyGatewayAdmin of EnvoyGateway or a default EnvoyGatewayAdmin if unspecified.

func (*EnvoyGateway) GetEnvoyGatewayAdminAddress added in v0.6.0 

func (e *EnvoyGateway) GetEnvoyGatewayAdminAddress() string

GetEnvoyGatewayAdminAddress returns the EnvoyGateway Admin Address.

func (*EnvoyGateway) GetEnvoyGatewayProvider added in v0.6.0 

func (e *EnvoyGateway) GetEnvoyGatewayProvider() *EnvoyGatewayProvider

GetEnvoyGatewayProvider returns the EnvoyGatewayProvider of EnvoyGateway or a default EnvoyGatewayProvider if unspecified.

func (*EnvoyGateway) GetEnvoyGatewayTelemetry added in v0.6.0 

func (e *EnvoyGateway) GetEnvoyGatewayTelemetry() *EnvoyGatewayTelemetry

GetEnvoyGatewayTelemetry returns the EnvoyGatewayTelemetry of EnvoyGateway or a default EnvoyGatewayTelemetry if unspecified.

func (*EnvoyGateway) NamespaceMode added in v1.0.0 

func (e *EnvoyGateway) NamespaceMode() bool

NamespaceMode returns if uses namespace mode.

func (*EnvoyGateway) SetEnvoyGatewayDefaults added in v0.6.0 

func (e *EnvoyGateway) SetEnvoyGatewayDefaults()

SetEnvoyGatewayDefaults sets default EnvoyGateway configuration parameters.

type EnvoyGatewayAdmin added in v0.6.0 

type EnvoyGatewayAdmin struct {

	// Address defines the address of Envoy Gateway Admin Server.
	//
	// +optional
	Address *EnvoyGatewayAdminAddress `json:"address,omitempty"`
	// EnableDumpConfig defines if enable dump config in Envoy Gateway logs.
	//
	// +optional
	EnableDumpConfig bool `json:"enableDumpConfig,omitempty"`
	// EnablePprof defines if enable pprof in Envoy Gateway Admin Server.
	//
	// +optional
	EnablePprof bool `json:"enablePprof,omitempty"`
}

EnvoyGatewayAdmin defines the Envoy Gateway Admin configuration.

func DefaultEnvoyGatewayAdmin added in v0.6.0 

func DefaultEnvoyGatewayAdmin() *EnvoyGatewayAdmin

DefaultEnvoyGatewayAdmin returns a new EnvoyGatewayAdmin with default configuration parameters.

func (*EnvoyGatewayAdmin) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayAdmin) DeepCopy() *EnvoyGatewayAdmin

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayAdmin.

func (*EnvoyGatewayAdmin) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayAdmin) DeepCopyInto(out *EnvoyGatewayAdmin)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayAdminAddress added in v0.6.0 

type EnvoyGatewayAdminAddress struct {
	// Port defines the port the admin server is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=19000
	Port int `json:"port,omitempty"`
	// Host defines the admin server hostname.
	//
	// +optional
	// +kubebuilder:default="127.0.0.1"
	Host string `json:"host,omitempty"`
}

EnvoyGatewayAdminAddress defines the Envoy Gateway Admin Address configuration.

func DefaultEnvoyGatewayAdminAddress added in v0.6.0 

func DefaultEnvoyGatewayAdminAddress() *EnvoyGatewayAdminAddress

DefaultEnvoyGatewayAdminAddress returns a new EnvoyGatewayAdminAddress with default configuration parameters.

func (*EnvoyGatewayAdminAddress) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayAdminAddress) DeepCopy() *EnvoyGatewayAdminAddress

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayAdminAddress.

func (*EnvoyGatewayAdminAddress) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayAdminAddress) DeepCopyInto(out *EnvoyGatewayAdminAddress)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayCustomProvider added in v0.6.0 

type EnvoyGatewayCustomProvider struct {
	// Resource defines the desired resource provider.
	// This provider is used to specify the provider to be used
	// to retrieve the resource configurations such as Gateway API
	// resources
	Resource EnvoyGatewayResourceProvider `json:"resource"`
	// Infrastructure defines the desired infrastructure provider.
	// This provider is used to specify the provider to be used
	// to provide an environment to deploy the out resources like
	// the Envoy Proxy data plane.
	Infrastructure EnvoyGatewayInfrastructureProvider `json:"infrastructure"`
}

EnvoyGatewayCustomProvider defines configuration for the Custom provider.

func (*EnvoyGatewayCustomProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayCustomProvider) DeepCopy() *EnvoyGatewayCustomProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayCustomProvider.

func (*EnvoyGatewayCustomProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayCustomProvider) DeepCopyInto(out *EnvoyGatewayCustomProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayFileResourceProvider added in v0.6.0 

type EnvoyGatewayFileResourceProvider struct {
	// Paths are the paths to a directory or file containing the resource configuration.
	// Recursive sub directories are not currently supported.
	Paths []string `json:"paths"`
}

EnvoyGatewayFileResourceProvider defines configuration for the File Resource provider.

func (*EnvoyGatewayFileResourceProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayFileResourceProvider) DeepCopy() *EnvoyGatewayFileResourceProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayFileResourceProvider.

func (*EnvoyGatewayFileResourceProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayFileResourceProvider) DeepCopyInto(out *EnvoyGatewayFileResourceProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayHostInfrastructureProvider added in v0.6.0 

type EnvoyGatewayHostInfrastructureProvider struct {
}

EnvoyGatewayHostInfrastructureProvider defines configuration for the Host Infrastructure provider.

func (*EnvoyGatewayHostInfrastructureProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayHostInfrastructureProvider) DeepCopy() *EnvoyGatewayHostInfrastructureProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayHostInfrastructureProvider.

func (*EnvoyGatewayHostInfrastructureProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayHostInfrastructureProvider) DeepCopyInto(out *EnvoyGatewayHostInfrastructureProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayInfrastructureProvider added in v0.6.0 

type EnvoyGatewayInfrastructureProvider struct {
	// Type is the type of infrastructure providers to use. Supported types are "Host".
	//
	// +unionDiscriminator
	Type InfrastructureProviderType `json:"type"`
	// Host defines the configuration of the Host provider. Host provides runtime
	// deployment of the data plane as a child process on the host environment.
	//
	// +optional
	Host *EnvoyGatewayHostInfrastructureProvider `json:"host,omitempty"`
}

EnvoyGatewayInfrastructureProvider defines configuration for the Custom Infrastructure provider.

func (*EnvoyGatewayInfrastructureProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayInfrastructureProvider) DeepCopy() *EnvoyGatewayInfrastructureProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayInfrastructureProvider.

func (*EnvoyGatewayInfrastructureProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayInfrastructureProvider) DeepCopyInto(out *EnvoyGatewayInfrastructureProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayKubernetesProvider added in v0.6.0 

type EnvoyGatewayKubernetesProvider struct {
	// RateLimitDeployment defines the desired state of the Envoy ratelimit deployment resource.
	// If unspecified, default settings for the managed Envoy ratelimit deployment resource
	// are applied.
	//
	// +optional
	RateLimitDeployment *KubernetesDeploymentSpec `json:"rateLimitDeployment,omitempty"`

	// Watch holds configuration of which input resources should be watched and reconciled.
	// +optional
	Watch *KubernetesWatchMode `json:"watch,omitempty"`
	// Deploy holds configuration of how output managed resources such as the Envoy Proxy data plane
	// should be deployed
	// +optional
	Deploy *KubernetesDeployMode `json:"deploy,omitempty"`
	// OverwriteControlPlaneCerts updates the secrets containing the control plane certs, when set.
	// +optional
	OverwriteControlPlaneCerts *bool `json:"overwriteControlPlaneCerts,omitempty"`
}

EnvoyGatewayKubernetesProvider defines configuration for the Kubernetes provider.

func DefaultEnvoyGatewayKubeProvider added in v0.6.0 

func DefaultEnvoyGatewayKubeProvider() *EnvoyGatewayKubernetesProvider

DefaultEnvoyGatewayKubeProvider returns a new EnvoyGatewayKubernetesProvider with default settings.

func (*EnvoyGatewayKubernetesProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayKubernetesProvider) DeepCopy() *EnvoyGatewayKubernetesProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayKubernetesProvider.

func (*EnvoyGatewayKubernetesProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayKubernetesProvider) DeepCopyInto(out *EnvoyGatewayKubernetesProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayLogComponent added in v0.6.0 

type EnvoyGatewayLogComponent string

EnvoyGatewayLogComponent defines a component that supports a configured logging level. +kubebuilder:validation:Enum=default;provider;gateway-api;xds-translator;xds-server;infrastructure;global-ratelimit 

const (
	// LogComponentGatewayDefault defines the "default"-wide logging component. When specified,
	// all other logging components are ignored.
	LogComponentGatewayDefault EnvoyGatewayLogComponent = "default"

	// LogComponentProviderRunner defines the "provider" runner component.
	LogComponentProviderRunner EnvoyGatewayLogComponent = "provider"

	// LogComponentGatewayAPIRunner defines the "gateway-api" runner component.
	LogComponentGatewayAPIRunner EnvoyGatewayLogComponent = "gateway-api"

	// LogComponentXdsTranslatorRunner defines the "xds-translator" runner component.
	LogComponentXdsTranslatorRunner EnvoyGatewayLogComponent = "xds-translator"

	// LogComponentXdsServerRunner defines the "xds-server" runner component.
	LogComponentXdsServerRunner EnvoyGatewayLogComponent = "xds-server"

	// LogComponentInfrastructureRunner defines the "infrastructure" runner component.
	LogComponentInfrastructureRunner EnvoyGatewayLogComponent = "infrastructure"

	// LogComponentGlobalRateLimitRunner defines the "global-ratelimit" runner component.
	LogComponentGlobalRateLimitRunner EnvoyGatewayLogComponent = "global-ratelimit"
)

type EnvoyGatewayLogging added in v0.6.0 

type EnvoyGatewayLogging struct {
	// Level is the logging level. If unspecified, defaults to "info".
	// EnvoyGatewayLogComponent options: default/provider/gateway-api/xds-translator/xds-server/infrastructure/global-ratelimit.
	// LogLevel options: debug/info/error/warn.
	//
	// +kubebuilder:default={default: info}
	Level map[EnvoyGatewayLogComponent]LogLevel `json:"level,omitempty"`
}

EnvoyGatewayLogging defines logging for Envoy Gateway.

func DefaultEnvoyGatewayLogging added in v0.6.0 

func DefaultEnvoyGatewayLogging() *EnvoyGatewayLogging

DefaultEnvoyGatewayLogging returns a new EnvoyGatewayLogging with default configuration parameters.

func (*EnvoyGatewayLogging) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayLogging) DeepCopy() *EnvoyGatewayLogging

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayLogging.

func (*EnvoyGatewayLogging) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayLogging) DeepCopyInto(out *EnvoyGatewayLogging)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyGatewayLogging) DefaultEnvoyGatewayLoggingLevel added in v0.6.0 

func (logging *EnvoyGatewayLogging) DefaultEnvoyGatewayLoggingLevel(level LogLevel) LogLevel

DefaultEnvoyGatewayLoggingLevel returns a new EnvoyGatewayLogging with default configuration parameters. When v1alpha1.LogComponentGatewayDefault specified, all other logging components are ignored.

func (*EnvoyGatewayLogging) SetEnvoyGatewayLoggingDefaults added in v0.6.0 

func (logging *EnvoyGatewayLogging) SetEnvoyGatewayLoggingDefaults()

SetEnvoyGatewayLoggingDefaults sets default EnvoyGatewayLogging configuration parameters.

type EnvoyGatewayMetricSink added in v0.6.0 

type EnvoyGatewayMetricSink struct {
	// Type defines the metric sink type.
	// EG control plane currently supports OpenTelemetry.
	// +kubebuilder:validation:Enum=OpenTelemetry
	// +kubebuilder:default=OpenTelemetry
	Type MetricSinkType `json:"type"`
	// OpenTelemetry defines the configuration for OpenTelemetry sink.
	// It's required if the sink type is OpenTelemetry.
	OpenTelemetry *EnvoyGatewayOpenTelemetrySink `json:"openTelemetry,omitempty"`
}

EnvoyGatewayMetricSink defines control plane metric sinks where metrics are sent to.

func (*EnvoyGatewayMetricSink) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayMetricSink) DeepCopy() *EnvoyGatewayMetricSink

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayMetricSink.

func (*EnvoyGatewayMetricSink) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayMetricSink) DeepCopyInto(out *EnvoyGatewayMetricSink)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayMetrics added in v0.6.0 

type EnvoyGatewayMetrics struct {
	// Sinks defines the metric sinks where metrics are sent to.
	Sinks []EnvoyGatewayMetricSink `json:"sinks,omitempty"`
	// Prometheus defines the configuration for prometheus endpoint.
	Prometheus *EnvoyGatewayPrometheusProvider `json:"prometheus,omitempty"`
}

EnvoyGatewayMetrics defines control plane push/pull metrics configurations.

func DefaultEnvoyGatewayMetrics added in v0.6.0 

func DefaultEnvoyGatewayMetrics() *EnvoyGatewayMetrics

DefaultEnvoyGatewayMetrics returns a new EnvoyGatewayMetrics with default configuration parameters.

func (*EnvoyGatewayMetrics) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayMetrics) DeepCopy() *EnvoyGatewayMetrics

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayMetrics.

func (*EnvoyGatewayMetrics) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayMetrics) DeepCopyInto(out *EnvoyGatewayMetrics)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayOpenTelemetrySink added in v0.6.0 

type EnvoyGatewayOpenTelemetrySink struct {
	// Host define the sink service hostname.
	Host string `json:"host"`
	// Protocol define the sink service protocol.
	// +kubebuilder:validation:Enum=grpc;http
	Protocol string `json:"protocol"`
	// Port defines the port the sink service is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=4317
	Port int32 `json:"port,omitempty"`
}

func (*EnvoyGatewayOpenTelemetrySink) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayOpenTelemetrySink) DeepCopy() *EnvoyGatewayOpenTelemetrySink

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayOpenTelemetrySink.

func (*EnvoyGatewayOpenTelemetrySink) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayOpenTelemetrySink) DeepCopyInto(out *EnvoyGatewayOpenTelemetrySink)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayPrometheusProvider added in v0.6.0 

type EnvoyGatewayPrometheusProvider struct {
	// Disable defines if disables the prometheus metrics in pull mode.
	//
	Disable bool `json:"disable,omitempty"`
}

EnvoyGatewayPrometheusProvider will expose prometheus endpoint in pull mode.

func DefaultEnvoyGatewayPrometheus added in v0.6.0 

func DefaultEnvoyGatewayPrometheus() *EnvoyGatewayPrometheusProvider

DefaultEnvoyGatewayPrometheus returns a new EnvoyGatewayMetrics with default configuration parameters.

func (*EnvoyGatewayPrometheusProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayPrometheusProvider) DeepCopy() *EnvoyGatewayPrometheusProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayPrometheusProvider.

func (*EnvoyGatewayPrometheusProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayPrometheusProvider) DeepCopyInto(out *EnvoyGatewayPrometheusProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayProvider added in v0.6.0 

type EnvoyGatewayProvider struct {
	// Type is the type of provider to use. Supported types are "Kubernetes".
	//
	// +unionDiscriminator
	Type ProviderType `json:"type"`

	// Kubernetes defines the configuration of the Kubernetes provider. Kubernetes
	// provides runtime configuration via the Kubernetes API.
	//
	// +optional
	Kubernetes *EnvoyGatewayKubernetesProvider `json:"kubernetes,omitempty"`

	// Custom defines the configuration for the Custom provider. This provider
	// allows you to define a specific resource provider and a infrastructure
	// provider.
	//
	// +optional
	Custom *EnvoyGatewayCustomProvider `json:"custom,omitempty"`
}

EnvoyGatewayProvider defines the desired configuration of a provider. +union

func DefaultEnvoyGatewayProvider added in v0.6.0 

func DefaultEnvoyGatewayProvider() *EnvoyGatewayProvider

DefaultEnvoyGatewayProvider returns a new EnvoyGatewayProvider with default configuration parameters.

func (*EnvoyGatewayProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayProvider) DeepCopy() *EnvoyGatewayProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayProvider.

func (*EnvoyGatewayProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayProvider) DeepCopyInto(out *EnvoyGatewayProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyGatewayProvider) GetEnvoyGatewayKubeProvider added in v0.6.0 

func (r *EnvoyGatewayProvider) GetEnvoyGatewayKubeProvider() *EnvoyGatewayKubernetesProvider

GetEnvoyGatewayKubeProvider returns the EnvoyGatewayKubernetesProvider of Provider or a default EnvoyGatewayKubernetesProvider if unspecified. If EnvoyGatewayProvider is not of type "Kubernetes", a nil EnvoyGatewayKubernetesProvider is returned.

type EnvoyGatewayResourceProvider added in v0.6.0 

type EnvoyGatewayResourceProvider struct {
	// Type is the type of resource provider to use. Supported types are "File".
	//
	// +unionDiscriminator
	Type ResourceProviderType `json:"type"`
	// File defines the configuration of the File provider. File provides runtime
	// configuration defined by one or more files.
	//
	// +optional
	File *EnvoyGatewayFileResourceProvider `json:"file,omitempty"`
}

EnvoyGatewayResourceProvider defines configuration for the Custom Resource provider.

func (*EnvoyGatewayResourceProvider) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayResourceProvider) DeepCopy() *EnvoyGatewayResourceProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayResourceProvider.

func (*EnvoyGatewayResourceProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayResourceProvider) DeepCopyInto(out *EnvoyGatewayResourceProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewaySpec added in v0.6.0 

type EnvoyGatewaySpec struct {
	// Gateway defines desired Gateway API specific configuration. If unset,
	// default configuration parameters will apply.
	//
	// +optional
	Gateway *Gateway `json:"gateway,omitempty"`

	// Provider defines the desired provider and provider-specific configuration.
	// If unspecified, the Kubernetes provider is used with default configuration
	// parameters.
	//
	// +optional
	Provider *EnvoyGatewayProvider `json:"provider,omitempty"`

	// Logging defines logging parameters for Envoy Gateway.
	//
	// +optional
	// +kubebuilder:default={default: info}
	Logging *EnvoyGatewayLogging `json:"logging,omitempty"`

	// Admin defines the desired admin related abilities.
	// If unspecified, the Admin is used with default configuration
	// parameters.
	//
	// +optional
	Admin *EnvoyGatewayAdmin `json:"admin,omitempty"`

	// Telemetry defines the desired control plane telemetry related abilities.
	// If unspecified, the telemetry is used with default configuration.
	//
	// +optional
	Telemetry *EnvoyGatewayTelemetry `json:"telemetry,omitempty"`

	// RateLimit defines the configuration associated with the Rate Limit service
	// deployed by Envoy Gateway required to implement the Global Rate limiting
	// functionality. The specific rate limit service used here is the reference
	// implementation in Envoy. For more details visit https://github.com/envoyproxy/ratelimit.
	// This configuration is unneeded for "Local" rate limiting.
	//
	// +optional
	RateLimit *RateLimit `json:"rateLimit,omitempty"`

	// ExtensionManager defines an extension manager to register for the Envoy Gateway Control Plane.
	//
	// +optional
	ExtensionManager *ExtensionManager `json:"extensionManager,omitempty"`

	// ExtensionAPIs defines the settings related to specific Gateway API Extensions
	// implemented by Envoy Gateway
	//
	// +optional
	ExtensionAPIs *ExtensionAPISettings `json:"extensionApis,omitempty"`
}

EnvoyGatewaySpec defines the desired state of Envoy Gateway.

func (*EnvoyGatewaySpec) DeepCopy added in v0.6.0 

func (in *EnvoyGatewaySpec) DeepCopy() *EnvoyGatewaySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewaySpec.

func (*EnvoyGatewaySpec) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewaySpec) DeepCopyInto(out *EnvoyGatewaySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyGatewayTelemetry added in v0.6.0 

type EnvoyGatewayTelemetry struct {
	// Metrics defines metrics configuration for envoy gateway.
	Metrics *EnvoyGatewayMetrics `json:"metrics,omitempty"`
}

EnvoyGatewayTelemetry defines telemetry configurations for envoy gateway control plane. Control plane will focus on metrics observability telemetry and tracing telemetry later.

func DefaultEnvoyGatewayTelemetry added in v0.6.0 

func DefaultEnvoyGatewayTelemetry() *EnvoyGatewayTelemetry

DefaultEnvoyGatewayTelemetry returns a new EnvoyGatewayTelemetry with default configuration parameters.

func (*EnvoyGatewayTelemetry) DeepCopy added in v0.6.0 

func (in *EnvoyGatewayTelemetry) DeepCopy() *EnvoyGatewayTelemetry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyGatewayTelemetry.

func (*EnvoyGatewayTelemetry) DeepCopyInto added in v0.6.0 

func (in *EnvoyGatewayTelemetry) DeepCopyInto(out *EnvoyGatewayTelemetry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyJSONPatchConfig added in v0.5.0 

type EnvoyJSONPatchConfig struct {
	// Type is the typed URL of the Envoy xDS Resource
	Type EnvoyResourceType `json:"type"`
	// Name is the name of the resource
	Name string `json:"name"`
	// Patch defines the JSON Patch Operation
	Operation JSONPatchOperation `json:"operation"`
}

EnvoyJSONPatchConfig defines the configuration for patching a Envoy xDS Resource using JSONPatch semantic

func (*EnvoyJSONPatchConfig) DeepCopy added in v0.5.0 

func (in *EnvoyJSONPatchConfig) DeepCopy() *EnvoyJSONPatchConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyJSONPatchConfig.

func (*EnvoyJSONPatchConfig) DeepCopyInto added in v0.5.0 

func (in *EnvoyJSONPatchConfig) DeepCopyInto(out *EnvoyJSONPatchConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyPatchPolicy added in v0.5.0 

type EnvoyPatchPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the desired state of EnvoyPatchPolicy.
	Spec EnvoyPatchPolicySpec `json:"spec"`

	// Status defines the current status of EnvoyPatchPolicy.
	Status EnvoyPatchPolicyStatus `json:"status,omitempty"`
}

EnvoyPatchPolicy allows the user to modify the generated Envoy xDS resources by Envoy Gateway using this patch API

func (*EnvoyPatchPolicy) DeepCopy added in v0.5.0 

func (in *EnvoyPatchPolicy) DeepCopy() *EnvoyPatchPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyPatchPolicy.

func (*EnvoyPatchPolicy) DeepCopyInto added in v0.5.0 

func (in *EnvoyPatchPolicy) DeepCopyInto(out *EnvoyPatchPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyPatchPolicy) DeepCopyObject added in v0.5.0 

func (in *EnvoyPatchPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EnvoyPatchPolicyList added in v0.5.0 

type EnvoyPatchPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []EnvoyPatchPolicy `json:"items"`
}

EnvoyPatchPolicyList contains a list of EnvoyPatchPolicy resources.

func (*EnvoyPatchPolicyList) DeepCopy added in v0.5.0 

func (in *EnvoyPatchPolicyList) DeepCopy() *EnvoyPatchPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyPatchPolicyList.

func (*EnvoyPatchPolicyList) DeepCopyInto added in v0.5.0 

func (in *EnvoyPatchPolicyList) DeepCopyInto(out *EnvoyPatchPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyPatchPolicyList) DeepCopyObject added in v0.5.0 

func (in *EnvoyPatchPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EnvoyPatchPolicySpec added in v0.5.0 

type EnvoyPatchPolicySpec struct {
	// Type decides the type of patch.
	// Valid EnvoyPatchType values are "JSONPatch".
	//
	// +unionDiscriminator
	Type EnvoyPatchType `json:"type"`
	// JSONPatch defines the JSONPatch configuration.
	//
	// +optional
	JSONPatches []EnvoyJSONPatchConfig `json:"jsonPatches,omitempty"`
	// TargetRef is the name of the Gateway API resource this policy
	// is being attached to.
	// By default attaching to Gateway is supported and
	// when mergeGateways is enabled it should attach to GatewayClass.
	// This Policy and the TargetRef MUST be in the same namespace
	// for this Policy to have effect and be applied to the Gateway
	// TargetRef
	TargetRef gwapiv1a2.PolicyTargetReference `json:"targetRef"`
	// Priority of the EnvoyPatchPolicy.
	// If multiple EnvoyPatchPolicies are applied to the same
	// TargetRef, they will be applied in the ascending order of
	// the priority i.e. int32.min has the highest priority and
	// int32.max has the lowest priority.
	// Defaults to 0.
	Priority int32 `json:"priority,omitempty"`
}

EnvoyPatchPolicySpec defines the desired state of EnvoyPatchPolicy. +union

func (*EnvoyPatchPolicySpec) DeepCopy added in v0.5.0 

func (in *EnvoyPatchPolicySpec) DeepCopy() *EnvoyPatchPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyPatchPolicySpec.

func (*EnvoyPatchPolicySpec) DeepCopyInto added in v0.5.0 

func (in *EnvoyPatchPolicySpec) DeepCopyInto(out *EnvoyPatchPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyPatchPolicyStatus added in v0.5.0 

type EnvoyPatchPolicyStatus struct {
	// Conditions describe the current conditions of the EnvoyPatchPolicy.
	//
	// +optional
	// +listType=map
	// +listMapKey=type
	// +kubebuilder:validation:MaxItems=8
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

EnvoyPatchPolicyStatus defines the state of EnvoyPatchPolicy

func (*EnvoyPatchPolicyStatus) DeepCopy added in v0.5.0 

func (in *EnvoyPatchPolicyStatus) DeepCopy() *EnvoyPatchPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyPatchPolicyStatus.

func (*EnvoyPatchPolicyStatus) DeepCopyInto added in v0.5.0 

func (in *EnvoyPatchPolicyStatus) DeepCopyInto(out *EnvoyPatchPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyPatchType added in v0.5.0 

type EnvoyPatchType string

EnvoyPatchType specifies the types of Envoy patching mechanisms. +kubebuilder:validation:Enum=JSONPatch 

const (
	// JSONPatchEnvoyPatchType allows the user to patch the generated xDS resources using JSONPatch semantics.
	// For more details on the semantics, please refer to https://datatracker.ietf.org/doc/html/rfc6902
	JSONPatchEnvoyPatchType EnvoyPatchType = "JSONPatch"
)

type EnvoyProxy added in v0.6.0 

type EnvoyProxy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// EnvoyProxySpec defines the desired state of EnvoyProxy.
	Spec EnvoyProxySpec `json:"spec,omitempty"`
	// EnvoyProxyStatus defines the actual state of EnvoyProxy.
	Status EnvoyProxyStatus `json:"status,omitempty"`
}

EnvoyProxy is the schema for the envoyproxies API.

func (*EnvoyProxy) DeepCopy added in v0.6.0 

func (in *EnvoyProxy) DeepCopy() *EnvoyProxy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxy.

func (*EnvoyProxy) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxy) DeepCopyInto(out *EnvoyProxy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyProxy) DeepCopyObject added in v0.6.0 

func (in *EnvoyProxy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*EnvoyProxy) GetEnvoyProxyProvider added in v0.6.0 

func (e *EnvoyProxy) GetEnvoyProxyProvider() *EnvoyProxyProvider

GetEnvoyProxyProvider returns the EnvoyProxyProvider of EnvoyProxy or a default EnvoyProxyProvider if unspecified.

type EnvoyProxyKubernetesProvider added in v0.6.0 

type EnvoyProxyKubernetesProvider struct {
	// EnvoyDeployment defines the desired state of the Envoy deployment resource.
	// If unspecified, default settings for the managed Envoy deployment resource
	// are applied.
	//
	// +optional
	EnvoyDeployment *KubernetesDeploymentSpec `json:"envoyDeployment,omitempty"`

	// EnvoyService defines the desired state of the Envoy service resource.
	// If unspecified, default settings for the managed Envoy service resource
	// are applied.
	//
	// +optional
	EnvoyService *KubernetesServiceSpec `json:"envoyService,omitempty"`

	// EnvoyHpa defines the Horizontal Pod Autoscaler settings for Envoy Proxy Deployment.
	// Once the HPA is being set, Replicas field from EnvoyDeployment will be ignored.
	//
	// +optional
	EnvoyHpa *KubernetesHorizontalPodAutoscalerSpec `json:"envoyHpa,omitempty"`
}

EnvoyProxyKubernetesProvider defines configuration for the Kubernetes resource provider.

func DefaultEnvoyProxyKubeProvider added in v0.6.0 

func DefaultEnvoyProxyKubeProvider() *EnvoyProxyKubernetesProvider

DefaultEnvoyProxyKubeProvider returns a new EnvoyProxyKubernetesProvider with default settings.

func (*EnvoyProxyKubernetesProvider) DeepCopy added in v0.6.0 

func (in *EnvoyProxyKubernetesProvider) DeepCopy() *EnvoyProxyKubernetesProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxyKubernetesProvider.

func (*EnvoyProxyKubernetesProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxyKubernetesProvider) DeepCopyInto(out *EnvoyProxyKubernetesProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyProxyList added in v0.6.0 

type EnvoyProxyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []EnvoyProxy `json:"items"`
}

EnvoyProxyList contains a list of EnvoyProxy

func (*EnvoyProxyList) DeepCopy added in v0.6.0 

func (in *EnvoyProxyList) DeepCopy() *EnvoyProxyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxyList.

func (*EnvoyProxyList) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxyList) DeepCopyInto(out *EnvoyProxyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyProxyList) DeepCopyObject added in v0.6.0 

func (in *EnvoyProxyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type EnvoyProxyProvider added in v0.6.0 

type EnvoyProxyProvider struct {
	// Type is the type of resource provider to use. A resource provider provides
	// infrastructure resources for running the data plane, e.g. Envoy proxy, and
	// optional auxiliary control planes. Supported types are "Kubernetes".
	//
	// +unionDiscriminator
	Type ProviderType `json:"type"`
	// Kubernetes defines the desired state of the Kubernetes resource provider.
	// Kubernetes provides infrastructure resources for running the data plane,
	// e.g. Envoy proxy. If unspecified and type is "Kubernetes", default settings
	// for managed Kubernetes resources are applied.
	//
	// +optional
	Kubernetes *EnvoyProxyKubernetesProvider `json:"kubernetes,omitempty"`
}

EnvoyProxyProvider defines the desired state of a resource provider. +union

func DefaultEnvoyProxyProvider added in v0.6.0 

func DefaultEnvoyProxyProvider() *EnvoyProxyProvider

DefaultEnvoyProxyProvider returns a new EnvoyProxyProvider with default settings.

func (*EnvoyProxyProvider) DeepCopy added in v0.6.0 

func (in *EnvoyProxyProvider) DeepCopy() *EnvoyProxyProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxyProvider.

func (*EnvoyProxyProvider) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxyProvider) DeepCopyInto(out *EnvoyProxyProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EnvoyProxyProvider) GetEnvoyProxyKubeProvider added in v0.6.0 

func (r *EnvoyProxyProvider) GetEnvoyProxyKubeProvider() *EnvoyProxyKubernetesProvider

GetEnvoyProxyKubeProvider returns the EnvoyProxyKubernetesProvider of EnvoyProxyProvider or a default EnvoyProxyKubernetesProvider if unspecified. If EnvoyProxyProvider is not of type "Kubernetes", a nil EnvoyProxyKubernetesProvider is returned.

type EnvoyProxySpec added in v0.6.0 

type EnvoyProxySpec struct {
	// Provider defines the desired resource provider and provider-specific configuration.
	// If unspecified, the "Kubernetes" resource provider is used with default configuration
	// parameters.
	//
	// +optional
	Provider *EnvoyProxyProvider `json:"provider,omitempty"`

	// Logging defines logging parameters for managed proxies.
	// +kubebuilder:default={level: {default: warn}}
	Logging ProxyLogging `json:"logging,omitempty"`

	// Telemetry defines telemetry parameters for managed proxies.
	//
	// +optional
	Telemetry *ProxyTelemetry `json:"telemetry,omitempty"`

	// Bootstrap defines the Envoy Bootstrap as a YAML string.
	// Visit https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/bootstrap/v3/bootstrap.proto#envoy-v3-api-msg-config-bootstrap-v3-bootstrap
	// to learn more about the syntax.
	// If set, this is the Bootstrap configuration used for the managed Envoy Proxy fleet instead of the default Bootstrap configuration
	// set by Envoy Gateway.
	// Some fields within the Bootstrap that are required to communicate with the xDS Server (Envoy Gateway) and receive xDS resources
	// from it are not configurable and will result in the `EnvoyProxy` resource being rejected.
	// Backward compatibility across minor versions is not guaranteed.
	// We strongly recommend using `egctl x translate` to generate a `EnvoyProxy` resource with the `Bootstrap` field set to the default
	// Bootstrap configuration used. You can edit this configuration, and rerun `egctl x translate` to ensure there are no validation errors.
	//
	// +optional
	Bootstrap *ProxyBootstrap `json:"bootstrap,omitempty"`

	// Concurrency defines the number of worker threads to run. If unset, it defaults to
	// the number of cpuset threads on the platform.
	//
	// +optional
	Concurrency *int32 `json:"concurrency,omitempty"`

	// ExtraArgs defines additional command line options that are provided to Envoy.
	// More info: https://www.envoyproxy.io/docs/envoy/latest/operations/cli#command-line-options
	// Note: some command line options are used internally(e.g. --log-level) so they cannot be provided here.
	//
	// +optional
	ExtraArgs []string `json:"extraArgs,omitempty"`

	// MergeGateways defines if Gateway resources should be merged onto the same Envoy Proxy Infrastructure.
	// Setting this field to true would merge all Gateway Listeners under the parent Gateway Class.
	// This means that the port, protocol and hostname tuple must be unique for every listener.
	// If a duplicate listener is detected, the newer listener (based on timestamp) will be rejected and its status will be updated with a "Accepted=False" condition.
	//
	// +optional
	MergeGateways *bool `json:"mergeGateways,omitempty"`

	// Shutdown defines configuration for graceful envoy shutdown process.
	//
	// +optional
	Shutdown *ShutdownConfig `json:"shutdown,omitempty"`
}

EnvoyProxySpec defines the desired state of EnvoyProxy.

func (*EnvoyProxySpec) DeepCopy added in v0.6.0 

func (in *EnvoyProxySpec) DeepCopy() *EnvoyProxySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxySpec.

func (*EnvoyProxySpec) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxySpec) DeepCopyInto(out *EnvoyProxySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyProxyStatus added in v0.6.0 

type EnvoyProxyStatus struct {
}

EnvoyProxyStatus defines the observed state of EnvoyProxy. This type is not implemented until https://github.com/envoyproxy/gateway/issues/1007 is fixed.

func (*EnvoyProxyStatus) DeepCopy added in v0.6.0 

func (in *EnvoyProxyStatus) DeepCopy() *EnvoyProxyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyProxyStatus.

func (*EnvoyProxyStatus) DeepCopyInto added in v0.6.0 

func (in *EnvoyProxyStatus) DeepCopyInto(out *EnvoyProxyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EnvoyResourceType added in v0.5.0 

type EnvoyResourceType string

EnvoyResourceType specifies the type URL of the Envoy resource. +kubebuilder:validation:Enum=type.googleapis.com/envoy.config.listener.v3.Listener;type.googleapis.com/envoy.config.route.v3.RouteConfiguration;type.googleapis.com/envoy.config.cluster.v3.Cluster;type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment;type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret 

const (
	// ListenerEnvoyResourceType defines the Type URL of the Listener resource
	ListenerEnvoyResourceType EnvoyResourceType = "type.googleapis.com/envoy.config.listener.v3.Listener"
	// RouteConfigurationEnvoyResourceType defines the Type URL of the RouteConfiguration resource
	RouteConfigurationEnvoyResourceType EnvoyResourceType = "type.googleapis.com/envoy.config.route.v3.RouteConfiguration"
	// ClusterEnvoyResourceType defines the Type URL of the Cluster resource
	ClusterEnvoyResourceType EnvoyResourceType = "type.googleapis.com/envoy.config.cluster.v3.Cluster"
	// ClusterLoadAssignmentEnvoyResourceType defines the Type URL of the ClusterLoadAssignment resource
	ClusterLoadAssignmentEnvoyResourceType EnvoyResourceType = "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment"
)

type ExtAuth added in v1.0.0 

type ExtAuth struct {
	// GRPC defines the gRPC External Authorization service.
	// Either GRPCService or HTTPService must be specified,
	// and only one of them can be provided.
	GRPC *GRPCExtAuthService `json:"grpc,omitempty"`

	// HTTP defines the HTTP External Authorization service.
	// Either GRPCService or HTTPService must be specified,
	// and only one of them can be provided.
	HTTP *HTTPExtAuthService `json:"http,omitempty"`

	// HeadersToExtAuth defines the client request headers that will be included
	// in the request to the external authorization service.
	// Note: If not specified, the default behavior for gRPC and HTTP external
	// authorization services is different due to backward compatibility reasons.
	// All headers will be included in the check request to a gRPC authorization server.
	// Only the following headers will be included in the check request to an HTTP
	// authorization server: Host, Method, Path, Content-Length, and Authorization.
	// And these headers will always be included to the check request to an HTTP
	// authorization server by default, no matter whether they are specified
	// in HeadersToExtAuth or not.
	// +optional
	HeadersToExtAuth []string `json:"headersToExtAuth,omitempty"`
}

+kubebuilder:validation:XValidation:rule="(has(self.grpc) || has(self.http))",message="one of grpc or http must be specified" +kubebuilder:validation:XValidation:rule="(has(self.grpc) && !has(self.http)) || (!has(self.grpc) && has(self.http))",message="only one of grpc or http can be specified" +kubebuilder:validation:XValidation:rule="has(self.grpc) ? (!has(self.grpc.backendRef.group) || self.grpc.backendRef.group == \"\") : true", message="group is invalid, only the core API group (specified by omitting the group field or setting it to an empty string) is supported" +kubebuilder:validation:XValidation:rule="has(self.grpc) ? (!has(self.grpc.backendRef.kind) || self.grpc.backendRef.kind == 'Service') : true", message="kind is invalid, only Service (specified by omitting the kind field or setting it to 'Service') is supported" +kubebuilder:validation:XValidation:rule="has(self.http) ? (!has(self.http.backendRef.group) || self.http.backendRef.group == \"\") : true", message="group is invalid, only the core API group (specified by omitting the group field or setting it to an empty string) is supported" +kubebuilder:validation:XValidation:rule="has(self.http) ? (!has(self.http.backendRef.kind) || self.http.backendRef.kind == 'Service') : true", message="kind is invalid, only Service (specified by omitting the kind field or setting it to 'Service') is supported"

ExtAuth defines the configuration for External Authorization.

func (*ExtAuth) DeepCopy added in v1.0.0 

func (in *ExtAuth) DeepCopy() *ExtAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtAuth.

func (*ExtAuth) DeepCopyInto added in v1.0.0 

func (in *ExtAuth) DeepCopyInto(out *ExtAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionAPISettings added in v0.6.0 

type ExtensionAPISettings struct {
	// EnableEnvoyPatchPolicy enables Envoy Gateway to
	// reconcile and implement the EnvoyPatchPolicy resources.
	EnableEnvoyPatchPolicy bool `json:"enableEnvoyPatchPolicy"`
}

ExtensionAPISettings defines the settings specific to Gateway API Extensions.

func (*ExtensionAPISettings) DeepCopy added in v0.6.0 

func (in *ExtensionAPISettings) DeepCopy() *ExtensionAPISettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionAPISettings.

func (*ExtensionAPISettings) DeepCopyInto added in v0.6.0 

func (in *ExtensionAPISettings) DeepCopyInto(out *ExtensionAPISettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionHooks added in v0.6.0 

type ExtensionHooks struct {
	// XDSTranslator defines all the supported extension hooks for the xds-translator runner
	XDSTranslator *XDSTranslatorHooks `json:"xdsTranslator,omitempty"`
}

ExtensionHooks defines extension hooks across all supported runners

func (*ExtensionHooks) DeepCopy added in v0.6.0 

func (in *ExtensionHooks) DeepCopy() *ExtensionHooks

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionHooks.

func (*ExtensionHooks) DeepCopyInto added in v0.6.0 

func (in *ExtensionHooks) DeepCopyInto(out *ExtensionHooks)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionManager added in v0.6.0 

type ExtensionManager struct {
	// Resources defines the set of K8s resources the extension will handle.
	//
	// +optional
	Resources []GroupVersionKind `json:"resources,omitempty"`

	// Hooks defines the set of hooks the extension supports
	//
	// +kubebuilder:validation:Required
	Hooks *ExtensionHooks `json:"hooks,omitempty"`

	// Service defines the configuration of the extension service that the Envoy
	// Gateway Control Plane will call through extension hooks.
	//
	// +kubebuilder:validation:Required
	Service *ExtensionService `json:"service,omitempty"`
}

ExtensionManager defines the configuration for registering an extension manager to the Envoy Gateway control plane.

func (*ExtensionManager) DeepCopy added in v0.6.0 

func (in *ExtensionManager) DeepCopy() *ExtensionManager

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionManager.

func (*ExtensionManager) DeepCopyInto added in v0.6.0 

func (in *ExtensionManager) DeepCopyInto(out *ExtensionManager)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionService added in v0.6.0 

type ExtensionService struct {
	// Host define the extension service hostname.
	Host string `json:"host"`

	// Port defines the port the extension service is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=80
	Port int32 `json:"port,omitempty"`

	// TLS defines TLS configuration for communication between Envoy Gateway and
	// the extension service.
	//
	// +optional
	TLS *ExtensionTLS `json:"tls,omitempty"`
}

ExtensionService defines the configuration for connecting to a registered extension service.

func (*ExtensionService) DeepCopy added in v0.6.0 

func (in *ExtensionService) DeepCopy() *ExtensionService

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionService.

func (*ExtensionService) DeepCopyInto added in v0.6.0 

func (in *ExtensionService) DeepCopyInto(out *ExtensionService)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExtensionTLS added in v0.6.0 

type ExtensionTLS struct {
	// CertificateRef contains a references to objects (Kubernetes objects or otherwise) that
	// contains a TLS certificate and private keys. These certificates are used to
	// establish a TLS handshake to the extension server.
	//
	// CertificateRef can only reference a Kubernetes Secret at this time.
	//
	// +kubebuilder:validation:Required
	CertificateRef gwapiv1.SecretObjectReference `json:"certificateRef"`
}

ExtensionTLS defines the TLS configuration when connecting to an extension service

func (*ExtensionTLS) DeepCopy added in v0.6.0 

func (in *ExtensionTLS) DeepCopy() *ExtensionTLS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionTLS.

func (*ExtensionTLS) DeepCopyInto added in v0.6.0 

func (in *ExtensionTLS) DeepCopyInto(out *ExtensionTLS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FaultInjection added in v1.0.0 

type FaultInjection struct {

	// If specified, a delay will be injected into the request.
	//
	// +optional
	Delay *FaultInjectionDelay `json:"delay,omitempty"`

	// If specified, the request will be aborted if it meets the configuration criteria.
	//
	// +optional
	Abort *FaultInjectionAbort `json:"abort,omitempty"`
}

FaultInjection defines the fault injection policy to be applied. This configuration can be used to inject delays and abort requests to mimic failure scenarios such as service failures and overloads +union

+kubebuilder:validation:XValidation:rule=" has(self.delay) || has(self.abort) ",message="Delay and abort faults are set at least one."

func (*FaultInjection) DeepCopy added in v1.0.0 

func (in *FaultInjection) DeepCopy() *FaultInjection

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FaultInjection.

func (*FaultInjection) DeepCopyInto added in v1.0.0 

func (in *FaultInjection) DeepCopyInto(out *FaultInjection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FaultInjectionAbort added in v1.0.0 

type FaultInjectionAbort struct {
	// StatusCode specifies the HTTP status code to be returned
	//
	// +optional
	// +kubebuilder:validation:Minimum=200
	// +kubebuilder:validation:Maximum=600
	HTTPStatus *int32 `json:"httpStatus,omitempty"`

	// GrpcStatus specifies the GRPC status code to be returned
	//
	// +optional
	GrpcStatus *int32 `json:"grpcStatus,omitempty"`

	// Percentage specifies the percentage of requests to be aborted. Default 100%, if set 0, no requests will be aborted. Accuracy to 0.0001%.
	// +optional
	// +kubebuilder:default=100
	Percentage *float32 `json:"percentage,omitempty"`
}

FaultInjectionAbort defines the abort fault injection configuration +union

+kubebuilder:validation:XValidation:rule=" !(has(self.httpStatus) && has(self.grpcStatus)) ",message="httpStatus and grpcStatus cannot be simultaneously defined." +kubebuilder:validation:XValidation:rule=" has(self.httpStatus) || has(self.grpcStatus) ",message="httpStatus and grpcStatus are set at least one."

func (*FaultInjectionAbort) DeepCopy added in v1.0.0 

func (in *FaultInjectionAbort) DeepCopy() *FaultInjectionAbort

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FaultInjectionAbort.

func (*FaultInjectionAbort) DeepCopyInto added in v1.0.0 

func (in *FaultInjectionAbort) DeepCopyInto(out *FaultInjectionAbort)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FaultInjectionDelay added in v1.0.0 

type FaultInjectionDelay struct {
	// FixedDelay specifies the fixed delay duration
	//
	// +required
	FixedDelay *metav1.Duration `json:"fixedDelay"`

	// Percentage specifies the percentage of requests to be delayed. Default 100%, if set 0, no requests will be delayed. Accuracy to 0.0001%.
	// +optional
	// +kubebuilder:default=100
	Percentage *float32 `json:"percentage,omitempty"`
}

FaultInjectionDelay defines the delay fault injection configuration

func (*FaultInjectionDelay) DeepCopy added in v1.0.0 

func (in *FaultInjectionDelay) DeepCopy() *FaultInjectionDelay

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FaultInjectionDelay.

func (*FaultInjectionDelay) DeepCopyInto added in v1.0.0 

func (in *FaultInjectionDelay) DeepCopyInto(out *FaultInjectionDelay)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FileEnvoyProxyAccessLog added in v0.6.0 

type FileEnvoyProxyAccessLog struct {
	// Path defines the file path used to expose envoy access log(e.g. /dev/stdout).
	// +kubebuilder:validation:MinLength=1
	Path string `json:"path,omitempty"`
}

func (*FileEnvoyProxyAccessLog) DeepCopy added in v0.6.0 

func (in *FileEnvoyProxyAccessLog) DeepCopy() *FileEnvoyProxyAccessLog

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileEnvoyProxyAccessLog.

func (*FileEnvoyProxyAccessLog) DeepCopyInto added in v0.6.0 

func (in *FileEnvoyProxyAccessLog) DeepCopyInto(out *FileEnvoyProxyAccessLog)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GRPCExtAuthService added in v1.0.0 

type GRPCExtAuthService struct {
	// BackendRef references a Kubernetes object that represents the
	// backend server to which the authorization request will be sent.
	// Only service Kind is supported for now.
	BackendRef gwapiv1.BackendObjectReference `json:"backendRef"`
}

GRPCExtAuthService defines the gRPC External Authorization service The authorization request message is defined in https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/auth/v3/external_auth.proto

func (*GRPCExtAuthService) DeepCopy added in v1.0.0 

func (in *GRPCExtAuthService) DeepCopy() *GRPCExtAuthService

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GRPCExtAuthService.

func (*GRPCExtAuthService) DeepCopyInto added in v1.0.0 

func (in *GRPCExtAuthService) DeepCopyInto(out *GRPCExtAuthService)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Gateway added in v0.6.0 

type Gateway struct {
	// ControllerName defines the name of the Gateway API controller. If unspecified,
	// defaults to "gateway.envoyproxy.io/gatewayclass-controller". See the following
	// for additional details:
	//   https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1.GatewayClass
	//
	// +optional
	ControllerName string `json:"controllerName,omitempty"`
}

Gateway defines the desired Gateway API configuration of Envoy Gateway.

func DefaultGateway added in v0.6.0 

func DefaultGateway() *Gateway

DefaultGateway returns a new Gateway with default configuration parameters.

func (*Gateway) DeepCopy added in v0.6.0 

func (in *Gateway) DeepCopy() *Gateway

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Gateway.

func (*Gateway) DeepCopyInto added in v0.6.0 

func (in *Gateway) DeepCopyInto(out *Gateway)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GlobalRateLimit 

type GlobalRateLimit struct {
	// Rules are a list of RateLimit selectors and limits. Each rule and its
	// associated limit is applied in a mutually exclusive way. If a request
	// matches multiple rules, each of their associated limits get applied, so a
	// single request might increase the rate limit counters for multiple rules
	// if selected. The rate limit service will return a logical OR of the individual
	// rate limit decisions of all matching rules. For example, if a request
	// matches two rules, one rate limited and one not, the final decision will be
	// to rate limit the request.
	//
	// +kubebuilder:validation:MaxItems=16
	Rules []RateLimitRule `json:"rules"`
}

GlobalRateLimit defines global rate limit configuration.

func (*GlobalRateLimit) DeepCopy 

func (in *GlobalRateLimit) DeepCopy() *GlobalRateLimit

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlobalRateLimit.

func (*GlobalRateLimit) DeepCopyInto 

func (in *GlobalRateLimit) DeepCopyInto(out *GlobalRateLimit)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GroupVersionKind added in v0.6.0 

type GroupVersionKind struct {
	Group   string `json:"group"`
	Version string `json:"version"`
	Kind    string `json:"kind"`
}

GroupVersionKind unambiguously identifies a Kind. It can be converted to k8s.io/apimachinery/pkg/runtime/schema.GroupVersionKind

func (*GroupVersionKind) DeepCopy added in v0.6.0 

func (in *GroupVersionKind) DeepCopy() *GroupVersionKind

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupVersionKind.

func (*GroupVersionKind) DeepCopyInto added in v0.6.0 

func (in *GroupVersionKind) DeepCopyInto(out *GroupVersionKind)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GzipCompressor added in v1.0.0 

type GzipCompressor struct {
}

GzipCompressor defines the config for the Gzip compressor. The default values can be found here: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/compression/gzip/compressor/v3/gzip.proto#extension-envoy-compression-gzip-compressor

func (*GzipCompressor) DeepCopy added in v1.0.0 

func (in *GzipCompressor) DeepCopy() *GzipCompressor

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GzipCompressor.

func (*GzipCompressor) DeepCopyInto added in v1.0.0 

func (in *GzipCompressor) DeepCopyInto(out *GzipCompressor)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTP10Settings added in v1.0.0 

type HTTP10Settings struct {
	// UseDefaultHost defines if the HTTP/1.0 request is missing the Host header,
	// then the hostname associated with the listener should be injected into the
	// request.
	// If this is not set and an HTTP/1.0 request arrives without a host, then
	// it will be rejected.
	// +optional
	UseDefaultHost *bool `json:"useDefaultHost,omitempty"`
}

HTTP10Settings provides HTTP/1.0 configuration on the listener.

func (*HTTP10Settings) DeepCopy added in v1.0.0 

func (in *HTTP10Settings) DeepCopy() *HTTP10Settings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP10Settings.

func (*HTTP10Settings) DeepCopyInto added in v1.0.0 

func (in *HTTP10Settings) DeepCopyInto(out *HTTP10Settings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTP1Settings added in v1.0.0 

type HTTP1Settings struct {
	// EnableTrailers defines if HTTP/1 trailers should be proxied by Envoy.
	// +optional
	EnableTrailers *bool `json:"enableTrailers,omitempty"`
	// PreserveHeaderCase defines if Envoy should preserve the letter case of headers.
	// By default, Envoy will lowercase all the headers.
	// +optional
	PreserveHeaderCase *bool `json:"preserveHeaderCase,omitempty"`
	// HTTP10 turns on support for HTTP/1.0 and HTTP/0.9 requests.
	// +optional
	HTTP10 *HTTP10Settings `json:"http10,omitempty"`
}

HTTP1Settings provides HTTP/1 configuration on the listener.

func (*HTTP1Settings) DeepCopy added in v1.0.0 

func (in *HTTP1Settings) DeepCopy() *HTTP1Settings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP1Settings.

func (*HTTP1Settings) DeepCopyInto added in v1.0.0 

func (in *HTTP1Settings) DeepCopyInto(out *HTTP1Settings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTP3Settings added in v1.0.0 

type HTTP3Settings struct {
}

HTTP3Settings provides HTTP/3 configuration on the listener.

func (*HTTP3Settings) DeepCopy added in v1.0.0 

func (in *HTTP3Settings) DeepCopy() *HTTP3Settings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP3Settings.

func (*HTTP3Settings) DeepCopyInto added in v1.0.0 

func (in *HTTP3Settings) DeepCopyInto(out *HTTP3Settings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPActiveHealthChecker added in v1.0.0 

type HTTPActiveHealthChecker struct {
	// Path defines the HTTP path that will be requested during health checking.
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=1024
	Path string `json:"path" yaml:"path"`
	// Method defines the HTTP method used for health checking.
	// Defaults to GET
	// +optional
	Method *string `json:"method,omitempty" yaml:"method,omitempty"`
	// ExpectedStatuses defines a list of HTTP response statuses considered healthy.
	// Defaults to 200 only
	// +optional
	ExpectedStatuses []HTTPStatus `json:"expectedStatuses,omitempty" yaml:"expectedStatuses,omitempty"`
	// ExpectedResponse defines a list of HTTP expected responses to match.
	// +optional
	ExpectedResponse *ActiveHealthCheckPayload `json:"expectedResponse,omitempty" yaml:"expectedResponse,omitempty"`
}

HTTPActiveHealthChecker defines the settings of http health check.

func (*HTTPActiveHealthChecker) DeepCopy added in v1.0.0 

func (in *HTTPActiveHealthChecker) DeepCopy() *HTTPActiveHealthChecker

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPActiveHealthChecker.

func (*HTTPActiveHealthChecker) DeepCopyInto added in v1.0.0 

func (in *HTTPActiveHealthChecker) DeepCopyInto(out *HTTPActiveHealthChecker)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPClientTimeout added in v1.0.0 

type HTTPClientTimeout struct {
	// The duration envoy waits for the complete request reception. This timer starts upon request
	// initiation and stops when either the last byte of the request is sent upstream or when the response begins.
	//
	// +optional
	RequestReceivedTimeout *gwapiv1.Duration `json:"requestReceivedTimeout,omitempty"`
}

func (*HTTPClientTimeout) DeepCopy added in v1.0.0 

func (in *HTTPClientTimeout) DeepCopy() *HTTPClientTimeout

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPClientTimeout.

func (*HTTPClientTimeout) DeepCopyInto added in v1.0.0 

func (in *HTTPClientTimeout) DeepCopyInto(out *HTTPClientTimeout)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPExtAuthService added in v1.0.0 

type HTTPExtAuthService struct {
	// BackendRef references a Kubernetes object that represents the
	// backend server to which the authorization request will be sent.
	// Only service Kind is supported for now.
	BackendRef gwapiv1.BackendObjectReference `json:"backendRef"`

	// Path is the path of the HTTP External Authorization service.
	// If path is specified, the authorization request will be sent to that path,
	// or else the authorization request will be sent to the root path.
	Path *string `json:"path,omitempty"`

	// HeadersToBackend are the authorization response headers that will be added
	// to the original client request before sending it to the backend server.
	// Note that coexisting headers will be overridden.
	// If not specified, no authorization response headers will be added to the
	// original client request.
	// +optional
	HeadersToBackend []string `json:"headersToBackend,omitempty"`
}

HTTPExtAuthService defines the HTTP External Authorization service

func (*HTTPExtAuthService) DeepCopy added in v1.0.0 

func (in *HTTPExtAuthService) DeepCopy() *HTTPExtAuthService

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPExtAuthService.

func (*HTTPExtAuthService) DeepCopyInto added in v1.0.0 

func (in *HTTPExtAuthService) DeepCopyInto(out *HTTPExtAuthService)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HTTPStatus added in v1.0.0 

type HTTPStatus int

HTTPStatus defines the http status code. +kubebuilder:validation:Minimum=100 +kubebuilder:validation:Maximum=600 +kubebuilder:validation:ExclusiveMaximum=true

type HTTPTimeout added in v1.0.0 

type HTTPTimeout struct {
	// The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.
	// Default: 1 hour.
	//
	// +optional
	ConnectionIdleTimeout *gwapiv1.Duration `json:"connectionIdleTimeout,omitempty"`

	// The maximum duration of an HTTP connection.
	// Default: unlimited.
	//
	// +optional
	MaxConnectionDuration *gwapiv1.Duration `json:"maxConnectionDuration,omitempty"`
}

func (*HTTPTimeout) DeepCopy added in v1.0.0 

func (in *HTTPTimeout) DeepCopy() *HTTPTimeout

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPTimeout.

func (*HTTPTimeout) DeepCopyInto added in v1.0.0 

func (in *HTTPTimeout) DeepCopyInto(out *HTTPTimeout)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HeaderMatch 

type HeaderMatch struct {
	// Type specifies how to match against the value of the header.
	//
	// +optional
	// +kubebuilder:default=Exact
	Type *HeaderMatchType `json:"type,omitempty"`

	// Name of the HTTP header.
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=256
	Name string `json:"name"`

	// Value within the HTTP header. Due to the
	// case-insensitivity of header names, "foo" and "Foo" are considered equivalent.
	// Do not set this field when Type="Distinct", implying matching on any/all unique
	// values within the header.
	//
	// +optional
	// +kubebuilder:validation:MaxLength=1024
	Value *string `json:"value,omitempty"`
}

HeaderMatch defines the match attributes within the HTTP Headers of the request.

func (*HeaderMatch) DeepCopy 

func (in *HeaderMatch) DeepCopy() *HeaderMatch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderMatch.

func (*HeaderMatch) DeepCopyInto 

func (in *HeaderMatch) DeepCopyInto(out *HeaderMatch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HeaderMatchType 

type HeaderMatchType string

HeaderMatchType specifies the semantics of how HTTP header values should be compared. Valid HeaderMatchType values are "Exact", "RegularExpression", and "Distinct".

+kubebuilder:validation:Enum=Exact;RegularExpression;Distinct 

const (
	// HeaderMatchExact matches the exact value of the Value field against the value of
	// the specified HTTP Header.
	HeaderMatchExact HeaderMatchType = "Exact"
	// HeaderMatchRegularExpression matches a regular expression against the value of the
	// specified HTTP Header. The regex string must adhere to the syntax documented in
	// https://github.com/google/re2/wiki/Syntax.
	HeaderMatchRegularExpression HeaderMatchType = "RegularExpression"
	// HeaderMatchDistinct matches any and all possible unique values encountered in the
	// specified HTTP Header. Note that each unique value will receive its own rate limit
	// bucket.
	// Note: This is only supported for Global Rate Limits.
	HeaderMatchDistinct HeaderMatchType = "Distinct"
)

HeaderMatchType constants.

type HeaderSettings added in v1.0.0 

type HeaderSettings struct {
	// EnableEnvoyHeaders configures Envoy Proxy to add the "X-Envoy-" headers to requests
	// and responses.
	// +optional
	EnableEnvoyHeaders *bool `json:"enableEnvoyHeaders,omitempty"`
}

HeaderSettings providess configuration options for headers on the listener.

func (*HeaderSettings) DeepCopy added in v1.0.0 

func (in *HeaderSettings) DeepCopy() *HeaderSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeaderSettings.

func (*HeaderSettings) DeepCopyInto added in v1.0.0 

func (in *HeaderSettings) DeepCopyInto(out *HeaderSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HealthCheck added in v1.0.0 

type HealthCheck struct {
	// Active health check configuration
	// +optional
	Active *ActiveHealthCheck `json:"active,omitempty"`

	// Passive passive check configuration
	// +optional
	Passive *PassiveHealthCheck `json:"passive,omitempty"`
}

HealthCheck configuration to decide which endpoints are healthy and can be used for routing.

func (*HealthCheck) DeepCopy added in v1.0.0 

func (in *HealthCheck) DeepCopy() *HealthCheck

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthCheck.

func (*HealthCheck) DeepCopyInto added in v1.0.0 

func (in *HealthCheck) DeepCopyInto(out *HealthCheck)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type InfrastructureProviderType added in v0.6.0 

type InfrastructureProviderType string

InfrastructureProviderType defines the types of custom infrastructure providers supported by Envoy Gateway.

+kubebuilder:validation:Enum=Host 

const (
	// InfrastructureProviderTypeHost defines the "Host" provider.
	InfrastructureProviderTypeHost InfrastructureProviderType = "Host"
)

type JSONPatchOperation added in v0.5.0 

type JSONPatchOperation struct {
	// Op is the type of operation to perform
	Op JSONPatchOperationType `json:"op"`
	// Path is the location of the target document/field where the operation will be performed
	// Refer to https://datatracker.ietf.org/doc/html/rfc6901 for more details.
	Path string `json:"path"`
	// From is the source location of the value to be copied or moved. Only valid
	// for move or copy operations
	// Refer to https://datatracker.ietf.org/doc/html/rfc6901 for more details.
	// +optional
	From *string `json:"from,omitempty"`
	// Value is the new value of the path location. The value is only used by
	// the `add` and `replace` operations.
	// +optional
	Value *apiextensionsv1.JSON `json:"value,omitempty"`
}

JSONPatchOperation defines the JSON Patch Operation as defined in https://datatracker.ietf.org/doc/html/rfc6902

func (*JSONPatchOperation) DeepCopy added in v0.5.0 

func (in *JSONPatchOperation) DeepCopy() *JSONPatchOperation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JSONPatchOperation.

func (*JSONPatchOperation) DeepCopyInto added in v0.5.0 

func (in *JSONPatchOperation) DeepCopyInto(out *JSONPatchOperation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JSONPatchOperationType added in v0.5.0 

type JSONPatchOperationType string

JSONPatchOperationType specifies the JSON Patch operations that can be performed. +kubebuilder:validation:Enum=add;remove;replace;move;copy;test

type JWT added in v0.6.0 

type JWT struct {

	// Providers defines the JSON Web Token (JWT) authentication provider type.
	// When multiple JWT providers are specified, the JWT is considered valid if
	// any of the providers successfully validate the JWT. For additional details,
	// see https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/jwt_authn_filter.html.
	//
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:MaxItems=4
	Providers []JWTProvider `json:"providers"`
}

JWT defines the configuration for JSON Web Token (JWT) authentication.

func (*JWT) DeepCopy added in v0.6.0 

func (in *JWT) DeepCopy() *JWT

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWT.

func (*JWT) DeepCopyInto added in v0.6.0 

func (in *JWT) DeepCopyInto(out *JWT)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JWTExtractor added in v1.0.0 

type JWTExtractor struct {
	// Headers represents a list of HTTP request headers to extract the JWT token from.
	//
	// +optional
	Headers []JWTHeaderExtractor `json:"headers,omitempty"`

	// Cookies represents a list of cookie names to extract the JWT token from.
	//
	// +optional
	Cookies []string `json:"cookies,omitempty"`

	// Params represents a list of query parameters to extract the JWT token from.
	//
	// +optional
	Params []string `json:"params,omitempty"`
}

JWTExtractor defines a custom JWT token extraction from HTTP request. If specified, Envoy will extract the JWT token from the listed extractors (headers, cookies, or params) and validate each of them. If any value extracted is found to be an invalid JWT, a 401 error will be returned.

func (*JWTExtractor) DeepCopy added in v1.0.0 

func (in *JWTExtractor) DeepCopy() *JWTExtractor

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTExtractor.

func (*JWTExtractor) DeepCopyInto added in v1.0.0 

func (in *JWTExtractor) DeepCopyInto(out *JWTExtractor)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JWTHeaderExtractor added in v1.0.0 

type JWTHeaderExtractor struct {
	// Name is the HTTP header name to retrieve the token
	//
	// +kubebuilder:validation:Required
	Name string `json:"name"`

	// ValuePrefix is the prefix that should be stripped before extracting the token.
	// The format would be used by Envoy like "{ValuePrefix}<TOKEN>".
	// For example, "Authorization: Bearer <TOKEN>", then the ValuePrefix="Bearer " with a space at the end.
	//
	// +optional
	ValuePrefix *string `json:"valuePrefix,omitempty"`
}

JWTHeaderExtractor defines an HTTP header location to extract JWT token

func (*JWTHeaderExtractor) DeepCopy added in v1.0.0 

func (in *JWTHeaderExtractor) DeepCopy() *JWTHeaderExtractor

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTHeaderExtractor.

func (*JWTHeaderExtractor) DeepCopyInto added in v1.0.0 

func (in *JWTHeaderExtractor) DeepCopyInto(out *JWTHeaderExtractor)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type JWTProvider added in v0.6.0 

type JWTProvider struct {
	// Name defines a unique name for the JWT provider. A name can have a variety of forms,
	// including RFC1123 subdomains, RFC 1123 labels, or RFC 1035 labels.
	//
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=253
	Name string `json:"name"`

	// Issuer is the principal that issued the JWT and takes the form of a URL or email address.
	// For additional details, see https://tools.ietf.org/html/rfc7519#section-4.1.1 for
	// URL format and https://rfc-editor.org/rfc/rfc5322.html for email format. If not provided,
	// the JWT issuer is not checked.
	//
	// +kubebuilder:validation:MaxLength=253
	// +optional
	Issuer string `json:"issuer,omitempty"`

	// Audiences is a list of JWT audiences allowed access. For additional details, see
	// https://tools.ietf.org/html/rfc7519#section-4.1.3. If not provided, JWT audiences
	// are not checked.
	//
	// +kubebuilder:validation:MaxItems=8
	// +optional
	Audiences []string `json:"audiences,omitempty"`

	// RemoteJWKS defines how to fetch and cache JSON Web Key Sets (JWKS) from a remote
	// HTTP/HTTPS endpoint.
	RemoteJWKS RemoteJWKS `json:"remoteJWKS"`

	// ClaimToHeaders is a list of JWT claims that must be extracted into HTTP request headers
	// For examples, following config:
	// The claim must be of type; string, int, double, bool. Array type claims are not supported
	//
	// +optional
	ClaimToHeaders []ClaimToHeader `json:"claimToHeaders,omitempty"`

	// RecomputeRoute clears the route cache and recalculates the routing decision.
	// This field must be enabled if the headers generated from the claim are used for
	// route matching decisions. If the recomputation selects a new route, features targeting
	// the new matched route will be applied.
	//
	// +optional
	RecomputeRoute *bool `json:"recomputeRoute,omitempty"`

	// ExtractFrom defines different ways to extract the JWT token from HTTP request.
	// If empty, it defaults to extract JWT token from the Authorization HTTP request header using Bearer schema
	// or access_token from query parameters.
	//
	// +optional
	ExtractFrom *JWTExtractor `json:"extractFrom,omitempty"`
}

JWTProvider defines how a JSON Web Token (JWT) can be verified. +kubebuilder:validation:XValidation:rule="(has(self.recomputeRoute) && self.recomputeRoute) ? size(self.claimToHeaders) > 0 : true", message="claimToHeaders must be specified if recomputeRoute is enabled"

func (*JWTProvider) DeepCopy added in v0.6.0 

func (in *JWTProvider) DeepCopy() *JWTProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JWTProvider.

func (*JWTProvider) DeepCopyInto added in v0.6.0 

func (in *JWTProvider) DeepCopyInto(out *JWTProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesContainerSpec added in v0.6.0 

type KubernetesContainerSpec struct {
	// List of environment variables to set in the container.
	//
	// +optional
	Env []corev1.EnvVar `json:"env,omitempty"`

	// Resources required by this container.
	// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
	//
	// +optional
	Resources *corev1.ResourceRequirements `json:"resources,omitempty"`

	// SecurityContext defines the security options the container should be run with.
	// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
	// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
	//
	// +optional
	SecurityContext *corev1.SecurityContext `json:"securityContext,omitempty"`

	// Image specifies the EnvoyProxy container image to be used, instead of the default image.
	//
	// +optional
	Image *string `json:"image,omitempty"`

	// VolumeMounts are volumes to mount into the container's filesystem.
	// Cannot be updated.
	//
	// +optional
	VolumeMounts []corev1.VolumeMount `json:"volumeMounts,omitempty"`
}

KubernetesContainerSpec defines the desired state of the Kubernetes container resource.

func DefaultKubernetesContainer added in v0.6.0 

func DefaultKubernetesContainer(image string) *KubernetesContainerSpec

DefaultKubernetesContainer returns a new KubernetesContainerSpec with default settings.

func (*KubernetesContainerSpec) DeepCopy added in v0.6.0 

func (in *KubernetesContainerSpec) DeepCopy() *KubernetesContainerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesContainerSpec.

func (*KubernetesContainerSpec) DeepCopyInto added in v0.6.0 

func (in *KubernetesContainerSpec) DeepCopyInto(out *KubernetesContainerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesDeployMode added in v0.6.0 

type KubernetesDeployMode struct {
}

KubernetesDeployMode holds configuration for how to deploy managed resources such as the Envoy Proxy data plane fleet.

func (*KubernetesDeployMode) DeepCopy added in v0.6.0 

func (in *KubernetesDeployMode) DeepCopy() *KubernetesDeployMode

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesDeployMode.

func (*KubernetesDeployMode) DeepCopyInto added in v0.6.0 

func (in *KubernetesDeployMode) DeepCopyInto(out *KubernetesDeployMode)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesDeploymentSpec added in v0.6.0 

type KubernetesDeploymentSpec struct {
	// Patch defines how to perform the patch operation to deployment
	//
	// +optional
	Patch *KubernetesPatchSpec `json:"patch,omitempty"`

	// Replicas is the number of desired pods. Defaults to 1.
	//
	// +optional
	Replicas *int32 `json:"replicas,omitempty"`

	// The deployment strategy to use to replace existing pods with new ones.
	// +optional
	Strategy *appv1.DeploymentStrategy `json:"strategy,omitempty"`

	// Pod defines the desired specification of pod.
	//
	// +optional
	Pod *KubernetesPodSpec `json:"pod,omitempty"`

	// Container defines the desired specification of main container.
	//
	// +optional
	Container *KubernetesContainerSpec `json:"container,omitempty"`

	// List of initialization containers belonging to the pod.
	// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
	//
	// +optional
	InitContainers []corev1.Container `json:"initContainers,omitempty"`
}

KubernetesDeploymentSpec defines the desired state of the Kubernetes deployment resource.

func DefaultKubernetesDeployment added in v0.6.0 

func DefaultKubernetesDeployment(image string) *KubernetesDeploymentSpec

DefaultKubernetesDeployment returns a new KubernetesDeploymentSpec with default settings.

func (*KubernetesDeploymentSpec) ApplyMergePatch added in v1.0.0 

func (deployment *KubernetesDeploymentSpec) ApplyMergePatch(old *appv1.Deployment) (*appv1.Deployment, error)

ApplyMergePatch applies a merge patch to a deployment based on the merge type

func (*KubernetesDeploymentSpec) DeepCopy added in v0.6.0 

func (in *KubernetesDeploymentSpec) DeepCopy() *KubernetesDeploymentSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesDeploymentSpec.

func (*KubernetesDeploymentSpec) DeepCopyInto added in v0.6.0 

func (in *KubernetesDeploymentSpec) DeepCopyInto(out *KubernetesDeploymentSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesHorizontalPodAutoscalerSpec added in v1.0.0 

type KubernetesHorizontalPodAutoscalerSpec struct {
	// minReplicas is the lower limit for the number of replicas to which the autoscaler
	// can scale down. It defaults to 1 replica.
	//
	// +kubebuilder:validation:XValidation:message="minReplicas must be greater than 0",rule="self > 0"
	// +optional
	MinReplicas *int32 `json:"minReplicas,omitempty"`

	// maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up.
	// It cannot be less that minReplicas.
	//
	// +kubebuilder:validation:XValidation:message="maxReplicas must be greater than 0",rule="self > 0"
	MaxReplicas *int32 `json:"maxReplicas"`

	// metrics contains the specifications for which to use to calculate the
	// desired replica count (the maximum replica count across all metrics will
	// be used).
	// If left empty, it defaults to being based on CPU utilization with average on 80% usage.
	//
	// +optional
	Metrics []autoscalingv2.MetricSpec `json:"metrics,omitempty"`

	// behavior configures the scaling behavior of the target
	// in both Up and Down directions (scaleUp and scaleDown fields respectively).
	// If not set, the default HPAScalingRules for scale up and scale down are used.
	// See k8s.io.autoscaling.v2.HorizontalPodAutoScalerBehavior.
	//
	// +optional
	Behavior *autoscalingv2.HorizontalPodAutoscalerBehavior `json:"behavior,omitempty"`
}

KubernetesHorizontalPodAutoscalerSpec defines Kubernetes Horizontal Pod Autoscaler settings of Envoy Proxy Deployment. When HPA is enabled, it is recommended that the value in `KubernetesDeploymentSpec.replicas` be removed, otherwise Envoy Gateway will revert back to this value every time reconciliation occurs. See k8s.io.autoscaling.v2.HorizontalPodAutoScalerSpec.

+kubebuilder:validation:XValidation:message="maxReplicas cannot be less than minReplicas",rule="!has(self.minReplicas) || self.maxReplicas >= self.minReplicas"

func (*KubernetesHorizontalPodAutoscalerSpec) DeepCopy added in v1.0.0 

func (in *KubernetesHorizontalPodAutoscalerSpec) DeepCopy() *KubernetesHorizontalPodAutoscalerSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesHorizontalPodAutoscalerSpec.

func (*KubernetesHorizontalPodAutoscalerSpec) DeepCopyInto added in v1.0.0 

func (in *KubernetesHorizontalPodAutoscalerSpec) DeepCopyInto(out *KubernetesHorizontalPodAutoscalerSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesPatchSpec added in v1.0.0 

type KubernetesPatchSpec struct {
	// Type is the type of merge operation to perform
	//
	// By default, StrategicMerge is used as the patch type.
	// +optional
	Type *MergeType `json:"type,omitempty"`

	// Object contains the raw configuration for merged object
	Value apiextensionsv1.JSON `json:"value"`
}

KubernetesPatchSpec defines how to perform the patch operation

func (*KubernetesPatchSpec) DeepCopy added in v1.0.0 

func (in *KubernetesPatchSpec) DeepCopy() *KubernetesPatchSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesPatchSpec.

func (*KubernetesPatchSpec) DeepCopyInto added in v1.0.0 

func (in *KubernetesPatchSpec) DeepCopyInto(out *KubernetesPatchSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesPodSpec added in v0.6.0 

type KubernetesPodSpec struct {
	// Annotations are the annotations that should be appended to the pods.
	// By default, no pod annotations are appended.
	//
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Labels are the additional labels that should be tagged to the pods.
	// By default, no additional pod labels are tagged.
	//
	// +optional
	Labels map[string]string `json:"labels,omitempty"`

	// SecurityContext holds pod-level security attributes and common container settings.
	// Optional: Defaults to empty.  See type description for default values of each field.
	//
	// +optional
	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`

	// If specified, the pod's scheduling constraints.
	// +optional
	Affinity *corev1.Affinity `json:"affinity,omitempty"`

	// If specified, the pod's tolerations.
	// +optional
	Tolerations []corev1.Toleration `json:"tolerations,omitempty"`

	// Volumes that can be mounted by containers belonging to the pod.
	// More info: https://kubernetes.io/docs/concepts/storage/volumes
	//
	// +optional
	Volumes []corev1.Volume `json:"volumes,omitempty"`

	// ImagePullSecrets is an optional list of references to secrets
	// in the same namespace to use for pulling any of the images used by this PodSpec.
	// If specified, these secrets will be passed to individual puller implementations for them to use.
	// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
	//
	// +optional
	ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`

	// NodeSelector is a selector which must be true for the pod to fit on a node.
	// Selector which must match a node's labels for the pod to be scheduled on that node.
	// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
	//
	// +optional
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`

	// TopologySpreadConstraints describes how a group of pods ought to spread across topology
	// domains. Scheduler will schedule pods in a way which abides by the constraints.
	// All topologySpreadConstraints are ANDed.
	//
	// +optional
	TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
}

KubernetesPodSpec defines the desired state of the Kubernetes pod resource.

func DefaultKubernetesPod added in v0.6.0 

func DefaultKubernetesPod() *KubernetesPodSpec

DefaultKubernetesPod returns a new KubernetesPodSpec with default settings.

func (*KubernetesPodSpec) DeepCopy added in v0.6.0 

func (in *KubernetesPodSpec) DeepCopy() *KubernetesPodSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesPodSpec.

func (*KubernetesPodSpec) DeepCopyInto added in v0.6.0 

func (in *KubernetesPodSpec) DeepCopyInto(out *KubernetesPodSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesServiceSpec added in v0.6.0 

type KubernetesServiceSpec struct {
	// Annotations that should be appended to the service.
	// By default, no annotations are appended.
	//
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// Type determines how the Service is exposed. Defaults to LoadBalancer.
	// Valid options are ClusterIP, LoadBalancer and NodePort.
	// "LoadBalancer" means a service will be exposed via an external load balancer (if the cloud provider supports it).
	// "ClusterIP" means a service will only be accessible inside the cluster, via the cluster IP.
	// "NodePort" means a service will be exposed on a static Port on all Nodes of the cluster.
	// +kubebuilder:default:="LoadBalancer"
	// +optional
	Type *ServiceType `json:"type,omitempty"`

	// LoadBalancerClass, when specified, allows for choosing the LoadBalancer provider
	// implementation if more than one are available or is otherwise expected to be specified
	// +optional
	LoadBalancerClass *string `json:"loadBalancerClass,omitempty"`

	// AllocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for
	// services with type LoadBalancer. Default is "true". It may be set to "false" if the cluster
	// load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a
	// value), those requests will be respected, regardless of this field. This field may only be set for
	// services with type LoadBalancer and will be cleared if the type is changed to any other type.
	// +optional
	AllocateLoadBalancerNodePorts *bool `json:"allocateLoadBalancerNodePorts,omitempty"`

	// LoadBalancerIP defines the IP Address of the underlying load balancer service. This field
	// may be ignored if the load balancer provider does not support this feature.
	// This field has been deprecated in Kubernetes, but it is still used for setting the IP Address in some cloud
	// providers such as GCP.
	//
	// +kubebuilder:validation:XValidation:message="loadBalancerIP must be a valid IPv4 address",rule="self.matches(r\"^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$\")"
	// +optional
	LoadBalancerIP *string `json:"loadBalancerIP,omitempty"`

	// ExternalTrafficPolicy determines the externalTrafficPolicy for the Envoy Service. Valid options
	// are Local and Cluster. Default is "Local". "Local" means traffic will only go to pods on the node
	// receiving the traffic. "Cluster" means connections are loadbalanced to all pods in the cluster.
	// +kubebuilder:default:="Local"
	// +optional
	ExternalTrafficPolicy *ServiceExternalTrafficPolicy `json:"externalTrafficPolicy,omitempty"`

	// Patch defines how to perform the patch operation to the service
	//
	// +optional
	Patch *KubernetesPatchSpec `json:"patch,omitempty"`
}

KubernetesServiceSpec defines the desired state of the Kubernetes service resource. +kubebuilder:validation:XValidation:message="allocateLoadBalancerNodePorts can only be set for LoadBalancer type",rule="!has(self.allocateLoadBalancerNodePorts) || self.type == 'LoadBalancer'" +kubebuilder:validation:XValidation:message="loadBalancerIP can only be set for LoadBalancer type",rule="!has(self.loadBalancerIP) || self.type == 'LoadBalancer'"

func DefaultKubernetesService added in v0.6.0 

func DefaultKubernetesService() *KubernetesServiceSpec

DefaultKubernetesService returns a new KubernetesServiceSpec with default settings.

func (*KubernetesServiceSpec) ApplyMergePatch added in v1.0.0 

func (service *KubernetesServiceSpec) ApplyMergePatch(old *corev1.Service) (*corev1.Service, error)

ApplyMergePatch applies a merge patch to a service based on the merge type

func (*KubernetesServiceSpec) DeepCopy added in v0.6.0 

func (in *KubernetesServiceSpec) DeepCopy() *KubernetesServiceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesServiceSpec.

func (*KubernetesServiceSpec) DeepCopyInto added in v0.6.0 

func (in *KubernetesServiceSpec) DeepCopyInto(out *KubernetesServiceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesWatchMode added in v0.6.0 

type KubernetesWatchMode struct {
	// Type indicates what watch mode to use. KubernetesWatchModeTypeNamespaces and
	// KubernetesWatchModeTypeNamespaceSelector are currently supported
	// By default, when this field is unset or empty, Envoy Gateway will watch for input namespaced resources
	// from all namespaces.
	Type KubernetesWatchModeType `json:"type,omitempty"`

	// Namespaces holds the list of namespaces that Envoy Gateway will watch for namespaced scoped
	// resources such as Gateway, HTTPRoute and Service.
	// Note that Envoy Gateway will continue to reconcile relevant cluster scoped resources such as
	// GatewayClass that it is linked to. Precisely one of Namespaces and NamespaceSelector must be set.
	Namespaces []string `json:"namespaces,omitempty"`

	// NamespaceSelector holds the label selector used to dynamically select namespaces.
	// Envoy Gateway will watch for namespaces matching the specified label selector.
	// Precisely one of Namespaces and NamespaceSelector must be set.
	NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty"`
}

KubernetesWatchMode holds the configuration for which input resources to watch and reconcile.

func (*KubernetesWatchMode) DeepCopy added in v0.6.0 

func (in *KubernetesWatchMode) DeepCopy() *KubernetesWatchMode

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesWatchMode.

func (*KubernetesWatchMode) DeepCopyInto added in v0.6.0 

func (in *KubernetesWatchMode) DeepCopyInto(out *KubernetesWatchMode)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesWatchModeType added in v0.6.0 

type KubernetesWatchModeType string

KubernetesWatchModeType defines the type of KubernetesWatchMode

type LiteralCustomTag added in v0.6.0 

type LiteralCustomTag struct {
	// Value defines the hard-coded value to add to each span.
	Value string `json:"value"`
}

LiteralCustomTag adds hard-coded value to each span.

func (*LiteralCustomTag) DeepCopy added in v0.6.0 

func (in *LiteralCustomTag) DeepCopy() *LiteralCustomTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LiteralCustomTag.

func (*LiteralCustomTag) DeepCopyInto added in v0.6.0 

func (in *LiteralCustomTag) DeepCopyInto(out *LiteralCustomTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LoadBalancer added in v0.6.0 

type LoadBalancer struct {
	// Type decides the type of Load Balancer policy.
	// Valid LoadBalancerType values are
	// "ConsistentHash",
	// "LeastRequest",
	// "Random",
	// "RoundRobin",
	//
	// +unionDiscriminator
	Type LoadBalancerType `json:"type"`
	// ConsistentHash defines the configuration when the load balancer type is
	// set to ConsistentHash
	//
	// +optional
	ConsistentHash *ConsistentHash `json:"consistentHash,omitempty"`

	// SlowStart defines the configuration related to the slow start load balancer policy.
	// If set, during slow start window, traffic sent to the newly added hosts will gradually increase.
	// Currently this is only supported for RoundRobin and LeastRequest load balancers
	//
	// +optional
	SlowStart *SlowStart `json:"slowStart,omitempty"`
}

LoadBalancer defines the load balancer policy to be applied. +union

+kubebuilder:validation:XValidation:rule="self.type == 'ConsistentHash' ? has(self.consistentHash) : !has(self.consistentHash)",message="If LoadBalancer type is consistentHash, consistentHash field needs to be set." +kubebuilder:validation:XValidation:rule="self.type in ['Random', 'ConsistentHash'] ? !has(self.slowStart) : true ",message="Currently SlowStart is only supported for RoundRobin and LeastRequest load balancers."

func (*LoadBalancer) DeepCopy added in v0.6.0 

func (in *LoadBalancer) DeepCopy() *LoadBalancer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancer.

func (*LoadBalancer) DeepCopyInto added in v0.6.0 

func (in *LoadBalancer) DeepCopyInto(out *LoadBalancer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LoadBalancerType added in v0.6.0 

type LoadBalancerType string

LoadBalancerType specifies the types of LoadBalancer. +kubebuilder:validation:Enum=ConsistentHash;LeastRequest;Random;RoundRobin 

const (
	// ConsistentHashLoadBalancerType load balancer policy.
	ConsistentHashLoadBalancerType LoadBalancerType = "ConsistentHash"
	// LeastRequestLoadBalancerType load balancer policy.
	LeastRequestLoadBalancerType LoadBalancerType = "LeastRequest"
	// RandomLoadBalancerType load balancer policy.
	RandomLoadBalancerType LoadBalancerType = "Random"
	// RoundRobinLoadBalancerType load balancer policy.
	RoundRobinLoadBalancerType LoadBalancerType = "RoundRobin"
)

type LocalRateLimit added in v1.0.0 

type LocalRateLimit struct {
	// Rules are a list of RateLimit selectors and limits. If a request matches
	// multiple rules, the strictest limit is applied. For example, if a request
	// matches two rules, one with 10rps and one with 20rps, the final limit will
	// be based on the rule with 10rps.
	//
	// +optional
	// +kubebuilder:validation:MaxItems=16
	Rules []RateLimitRule `json:"rules"`
}

LocalRateLimit defines local rate limit configuration.

func (*LocalRateLimit) DeepCopy added in v1.0.0 

func (in *LocalRateLimit) DeepCopy() *LocalRateLimit

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalRateLimit.

func (*LocalRateLimit) DeepCopyInto added in v1.0.0 

func (in *LocalRateLimit) DeepCopyInto(out *LocalRateLimit)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LogLevel added in v0.6.0 

type LogLevel string

LogLevel defines a log level for Envoy Gateway and EnvoyProxy system logs. +kubebuilder:validation:Enum=debug;info;error;warn 

const (
	// LogLevelDebug defines the "debug" logging level.
	LogLevelDebug LogLevel = "debug"

	// LogLevelInfo defines the "Info" logging level.
	LogLevelInfo LogLevel = "info"

	// LogLevelWarn defines the "Warn" logging level.
	LogLevelWarn LogLevel = "warn"

	// LogLevelError defines the "Error" logging level.
	LogLevelError LogLevel = "error"
)

type MergeType added in v1.0.0 

type MergeType string

MergeType defines the type of merge operation 

const (
	// StrategicMerge indicates a strategic merge patch type
	StrategicMerge MergeType = "StrategicMerge"
	// JSONMerge indicates a JSON merge patch type
	JSONMerge MergeType = "JSONMerge"
)

type MetricSinkType added in v0.6.0 

type MetricSinkType string
const (
	MetricSinkTypeOpenTelemetry MetricSinkType = "OpenTelemetry"
)

type OIDC added in v1.0.0 

type OIDC struct {
	// The OIDC Provider configuration.
	Provider OIDCProvider `json:"provider"`

	// The client ID to be used in the OIDC
	// [Authentication Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	//
	// +kubebuilder:validation:MinLength=1
	ClientID string `json:"clientID"`

	// The Kubernetes secret which contains the OIDC client secret to be used in the
	// [Authentication Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	//
	// This is an Opaque secret. The client secret should be stored in the key
	// "client-secret".
	// +kubebuilder:validation:Required
	ClientSecret gwapiv1b1.SecretObjectReference `json:"clientSecret"`

	// The OIDC scopes to be used in the
	// [Authentication Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// The "openid" scope is always added to the list of scopes if not already
	// specified.
	// +optional
	Scopes []string `json:"scopes,omitempty"`

	// The redirect URL to be used in the OIDC
	// [Authentication Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// If not specified, uses the default redirect URI "%REQ(x-forwarded-proto)%://%REQ(:authority)%/oauth2/callback"
	RedirectURL *string `json:"redirectURL,omitempty"`

	// The path to log a user out, clearing their credential cookies.
	// If not specified, uses a default logout path "/logout"
	LogoutPath *string `json:"logoutPath,omitempty"`
}

OIDC defines the configuration for the OpenID Connect (OIDC) authentication.

func (*OIDC) DeepCopy added in v1.0.0 

func (in *OIDC) DeepCopy() *OIDC

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDC.

func (*OIDC) DeepCopyInto added in v1.0.0 

func (in *OIDC) DeepCopyInto(out *OIDC)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OIDCProvider added in v1.0.0 

type OIDCProvider struct {
	// The OIDC Provider's [issuer identifier](https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery).
	// Issuer MUST be a URI RFC 3986 [RFC3986] with a scheme component that MUST
	// be https, a host component, and optionally, port and path components and
	// no query or fragment components.
	// +kubebuilder:validation:MinLength=1
	Issuer string `json:"issuer"`

	// The OIDC Provider's [authorization endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).
	// If not provided, EG will try to discover it from the provider's [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).
	//
	// +optional
	AuthorizationEndpoint *string `json:"authorizationEndpoint,omitempty"`

	// The OIDC Provider's [token endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).
	// If not provided, EG will try to discover it from the provider's [Well-Known Configuration Endpoint](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).
	//
	// +optional
	TokenEndpoint *string `json:"tokenEndpoint,omitempty"`
}

OIDCProvider defines the OIDC Provider configuration.

func (*OIDCProvider) DeepCopy added in v1.0.0 

func (in *OIDCProvider) DeepCopy() *OIDCProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProvider.

func (*OIDCProvider) DeepCopyInto added in v1.0.0 

func (in *OIDCProvider) DeepCopyInto(out *OIDCProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OpenTelemetryEnvoyProxyAccessLog added in v0.6.0 

type OpenTelemetryEnvoyProxyAccessLog struct {
	// Host define the extension service hostname.
	Host string `json:"host"`
	// Port defines the port the extension service is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=4317
	Port int32 `json:"port,omitempty"`
	// Resources is a set of labels that describe the source of a log entry, including envoy node info.
	// It's recommended to follow [semantic conventions](https://opentelemetry.io/docs/reference/specification/resource/semantic_conventions/).
	// +optional
	Resources map[string]string `json:"resources,omitempty"`
}

TODO: consider reuse ExtensionService?

func (*OpenTelemetryEnvoyProxyAccessLog) DeepCopy added in v0.6.0 

func (in *OpenTelemetryEnvoyProxyAccessLog) DeepCopy() *OpenTelemetryEnvoyProxyAccessLog

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenTelemetryEnvoyProxyAccessLog.

func (*OpenTelemetryEnvoyProxyAccessLog) DeepCopyInto added in v0.6.0 

func (in *OpenTelemetryEnvoyProxyAccessLog) DeepCopyInto(out *OpenTelemetryEnvoyProxyAccessLog)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Origin added in v1.0.0 

type Origin string

Origin is defined by the scheme (protocol), hostname (domain), and port of the URL used to access it. The hostname can be "precise" which is just the domain name or "wildcard" which is a domain name prefixed with a single wildcard label such as "*.example.com". In addition to that a single wildcard (with or without scheme) can be configured to match any origin.

For example, the following are valid origins: - https://foo.example.com - https://*.example.com - http://foo.example.com:8080 - http://*.example.com:8080 - https://*

+kubebuilder:validation:MinLength=1 +kubebuilder:validation:MaxLength=253 +kubebuilder:validation:Pattern=`^(\*|https?:\/\/(\*|(\*\.)?(([\w-]+\.?)+)?[\w-]+)(:\d{1,5})?)$`

type PassiveHealthCheck added in v1.0.0 

type PassiveHealthCheck struct {

	// SplitExternalLocalOriginErrors enables splitting of errors between external and local origin.
	//
	// +kubebuilder:default=false
	// +optional
	SplitExternalLocalOriginErrors *bool `json:"splitExternalLocalOriginErrors,omitempty"`

	// Interval defines the time between passive health checks.
	//
	// +kubebuilder:validation:Format=duration
	// +kubebuilder:default="3s"
	// +optional
	Interval *metav1.Duration `json:"interval,omitempty"`

	// ConsecutiveLocalOriginFailures sets the number of consecutive local origin failures triggering ejection.
	// Parameter takes effect only when split_external_local_origin_errors is set to true.
	//
	// +kubebuilder:default=5
	// +optional
	ConsecutiveLocalOriginFailures *uint32 `json:"consecutiveLocalOriginFailures,omitempty"`

	// ConsecutiveGatewayErrors sets the number of consecutive gateway errors triggering ejection.
	//
	// +kubebuilder:default=0
	// +optional
	ConsecutiveGatewayErrors *uint32 `json:"consecutiveGatewayErrors,omitempty"`

	// Consecutive5xxErrors sets the number of consecutive 5xx errors triggering ejection.
	//
	// +kubebuilder:default=5
	// +optional
	Consecutive5xxErrors *uint32 `json:"consecutive5XxErrors,omitempty"`

	// BaseEjectionTime defines the base duration for which a host will be ejected on consecutive failures.
	//
	// +kubebuilder:validation:Format=duration
	// +kubebuilder:default="30s"
	// +optional
	BaseEjectionTime *metav1.Duration `json:"baseEjectionTime,omitempty"`

	// MaxEjectionPercent sets the maximum percentage of hosts in a cluster that can be ejected.
	//
	// +kubebuilder:default=10
	// +optional
	MaxEjectionPercent *int32 `json:"maxEjectionPercent,omitempty"`
}

PassiveHealthCheck defines the configuration for passive health checks in the context of Envoy's Outlier Detection, see https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/outlier

func (*PassiveHealthCheck) DeepCopy added in v1.0.0 

func (in *PassiveHealthCheck) DeepCopy() *PassiveHealthCheck

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PassiveHealthCheck.

func (*PassiveHealthCheck) DeepCopyInto added in v1.0.0 

func (in *PassiveHealthCheck) DeepCopyInto(out *PassiveHealthCheck)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PathEscapedSlashAction added in v1.0.0 

type PathEscapedSlashAction string

PathEscapedSlashAction determines the action for requests that contain %2F, %2f, %5C, or %5c sequences in the URI path. +kubebuilder:validation:Enum=KeepUnchanged;RejectRequest;UnescapeAndForward;UnescapeAndRedirect 

const (
	// KeepUnchangedAction keeps escaped slashes as they arrive without changes
	KeepUnchangedAction PathEscapedSlashAction = "KeepUnchanged"
	// RejectRequestAction rejects client requests containing escaped slashes
	// with a 400 status. gRPC requests will be rejected with the INTERNAL (13)
	// error code.
	// The "httpN.downstream_rq_failed_path_normalization" counter is incremented
	// for each rejected request.
	RejectRequestAction PathEscapedSlashAction = "RejectRequest"
	// UnescapeAndRedirect unescapes %2F and %5C sequences and redirects to the new path
	// if these sequences were present.
	//
	// Redirect occurs after path normalization and merge slashes transformations if
	// they were configured. gRPC requests will be rejected with the INTERNAL (13)
	// error code.
	// This option minimizes possibility of path confusion exploits by forcing request
	// with unescaped slashes to traverse all parties: downstream client, intermediate
	// proxies, Envoy and upstream server.
	// The “httpN.downstream_rq_redirected_with_normalized_path” counter is incremented
	// for each redirected request.
	UnescapeAndRedirect PathEscapedSlashAction = "UnescapeAndRedirect"
	// UnescapeAndForward unescapes %2F and %5C sequences and forwards the request.
	// Note: this option should not be enabled if intermediaries perform path based access
	// control as it may lead to path confusion vulnerabilities.
	UnescapeAndForward PathEscapedSlashAction = "UnescapeAndForward"
)

type PathSettings added in v1.0.0 

type PathSettings struct {
	// EscapedSlashesAction determines how %2f, %2F, %5c, or %5C sequences in the path URI
	// should be handled.
	// The default is UnescapeAndRedirect.
	//
	// +optional
	EscapedSlashesAction *PathEscapedSlashAction `json:"escapedSlashesAction,omitempty"`
	// DisableMergeSlashes allows disabling the default configuration of merging adjacent
	// slashes in the path.
	// Note that slash merging is not part of the HTTP spec and is provided for convenience.
	//
	// +optional
	DisableMergeSlashes *bool `json:"disableMergeSlashes,omitempty"`
}

PathSettings provides settings that managing how the incoming path set by clients is handled.

func (*PathSettings) DeepCopy added in v1.0.0 

func (in *PathSettings) DeepCopy() *PathSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathSettings.

func (*PathSettings) DeepCopyInto added in v1.0.0 

func (in *PathSettings) DeepCopyInto(out *PathSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PerRetryPolicy added in v1.0.0 

type PerRetryPolicy struct {
	// Timeout is the timeout per retry attempt.
	//
	// +optional
	// +kubebuilder:validation:Format=duration
	Timeout *metav1.Duration `json:"timeout,omitempty"`
	// Backoff is the backoff policy to be applied per retry attempt. gateway uses a fully jittered exponential
	// back-off algorithm for retries. For additional details,
	// see https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#config-http-filters-router-x-envoy-max-retries
	//
	// +optional
	BackOff *BackOffPolicy `json:"backOff,omitempty"`
}

func (*PerRetryPolicy) DeepCopy added in v1.0.0 

func (in *PerRetryPolicy) DeepCopy() *PerRetryPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PerRetryPolicy.

func (*PerRetryPolicy) DeepCopyInto added in v1.0.0 

func (in *PerRetryPolicy) DeepCopyInto(out *PerRetryPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProviderType added in v0.6.0 

type ProviderType string

ProviderType defines the types of providers supported by Envoy Gateway.

+kubebuilder:validation:Enum=Kubernetes 

const (
	// ProviderTypeKubernetes defines the "Kubernetes" provider.
	ProviderTypeKubernetes ProviderType = "Kubernetes"

	// ProviderTypeFile defines the "File" provider. This type is not implemented
	// until https://github.com/envoyproxy/gateway/issues/1001 is fixed.
	ProviderTypeFile ProviderType = "File"
)

type ProxyAccessLog added in v0.6.0 

type ProxyAccessLog struct {
	// Disable disables access logging for managed proxies if set to true.
	Disable bool `json:"disable,omitempty"`
	// Settings defines accesslog settings for managed proxies.
	// If unspecified, will send default format to stdout.
	// +optional
	Settings []ProxyAccessLogSetting `json:"settings,omitempty"`
}

func (*ProxyAccessLog) DeepCopy added in v0.6.0 

func (in *ProxyAccessLog) DeepCopy() *ProxyAccessLog

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyAccessLog.

func (*ProxyAccessLog) DeepCopyInto added in v0.6.0 

func (in *ProxyAccessLog) DeepCopyInto(out *ProxyAccessLog)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyAccessLogFormat added in v0.6.0 

type ProxyAccessLogFormat struct {
	// Type defines the type of accesslog format.
	// +kubebuilder:validation:Enum=Text;JSON
	// +unionDiscriminator
	Type ProxyAccessLogFormatType `json:"type,omitempty"`
	// Text defines the text accesslog format, following Envoy accesslog formatting,
	// It's required when the format type is "Text".
	// Envoy [command operators](https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators) may be used in the format.
	// The [format string documentation](https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#config-access-log-format-strings) provides more information.
	// +optional
	Text *string `json:"text,omitempty"`
	// JSON is additional attributes that describe the specific event occurrence.
	// Structured format for the envoy access logs. Envoy [command operators](https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators)
	// can be used as values for fields within the Struct.
	// It's required when the format type is "JSON".
	// +optional
	JSON map[string]string `json:"json,omitempty"`
}

ProxyAccessLogFormat defines the format of accesslog. By default accesslogs are written to standard output. +union

+kubebuilder:validation:XValidation:rule="self.type == 'Text' ? has(self.text) : !has(self.text)",message="If AccessLogFormat type is Text, text field needs to be set." +kubebuilder:validation:XValidation:rule="self.type == 'JSON' ? has(self.json) : !has(self.json)",message="If AccessLogFormat type is JSON, json field needs to be set."

func (*ProxyAccessLogFormat) DeepCopy added in v0.6.0 

func (in *ProxyAccessLogFormat) DeepCopy() *ProxyAccessLogFormat

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyAccessLogFormat.

func (*ProxyAccessLogFormat) DeepCopyInto added in v0.6.0 

func (in *ProxyAccessLogFormat) DeepCopyInto(out *ProxyAccessLogFormat)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyAccessLogFormatType added in v0.6.0 

type ProxyAccessLogFormatType string
const (
	// ProxyAccessLogFormatTypeText defines the text accesslog format.
	ProxyAccessLogFormatTypeText ProxyAccessLogFormatType = "Text"
	// ProxyAccessLogFormatTypeJSON defines the JSON accesslog format.
	ProxyAccessLogFormatTypeJSON ProxyAccessLogFormatType = "JSON"
)

type ProxyAccessLogSetting added in v0.6.0 

type ProxyAccessLogSetting struct {
	// Format defines the format of accesslog.
	Format ProxyAccessLogFormat `json:"format"`
	// Sinks defines the sinks of accesslog.
	// +kubebuilder:validation:MinItems=1
	Sinks []ProxyAccessLogSink `json:"sinks"`
}

func (*ProxyAccessLogSetting) DeepCopy added in v0.6.0 

func (in *ProxyAccessLogSetting) DeepCopy() *ProxyAccessLogSetting

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyAccessLogSetting.

func (*ProxyAccessLogSetting) DeepCopyInto added in v0.6.0 

func (in *ProxyAccessLogSetting) DeepCopyInto(out *ProxyAccessLogSetting)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyAccessLogSink added in v0.6.0 

type ProxyAccessLogSink struct {
	// Type defines the type of accesslog sink.
	// +kubebuilder:validation:Enum=File;OpenTelemetry
	// +unionDiscriminator
	Type ProxyAccessLogSinkType `json:"type,omitempty"`
	// File defines the file accesslog sink.
	// +optional
	File *FileEnvoyProxyAccessLog `json:"file,omitempty"`
	// OpenTelemetry defines the OpenTelemetry accesslog sink.
	// +optional
	OpenTelemetry *OpenTelemetryEnvoyProxyAccessLog `json:"openTelemetry,omitempty"`
}

ProxyAccessLogSink defines the sink of accesslog. +union

+kubebuilder:validation:XValidation:rule="self.type == 'File' ? has(self.file) : !has(self.file)",message="If AccessLogSink type is File, file field needs to be set." +kubebuilder:validation:XValidation:rule="self.type == 'OpenTelemetry' ? has(self.openTelemetry) : !has(self.openTelemetry)",message="If AccessLogSink type is OpenTelemetry, openTelemetry field needs to be set."

func (*ProxyAccessLogSink) DeepCopy added in v0.6.0 

func (in *ProxyAccessLogSink) DeepCopy() *ProxyAccessLogSink

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyAccessLogSink.

func (*ProxyAccessLogSink) DeepCopyInto added in v0.6.0 

func (in *ProxyAccessLogSink) DeepCopyInto(out *ProxyAccessLogSink)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyAccessLogSinkType added in v0.6.0 

type ProxyAccessLogSinkType string
const (
	// ProxyAccessLogSinkTypeFile defines the file accesslog sink.
	ProxyAccessLogSinkTypeFile ProxyAccessLogSinkType = "File"
	// ProxyAccessLogSinkTypeOpenTelemetry defines the OpenTelemetry accesslog sink.
	// When the provider is Kubernetes, EnvoyGateway always sends `k8s.namespace.name`
	// and `k8s.pod.name` as additional attributes.
	ProxyAccessLogSinkTypeOpenTelemetry ProxyAccessLogSinkType = "OpenTelemetry"
)

type ProxyBootstrap added in v0.6.0 

type ProxyBootstrap struct {
	// Type is the type of the bootstrap configuration, it should be either Replace or Merge.
	// If unspecified, it defaults to Replace.
	// +optional
	// +kubebuilder:default=Replace
	Type *BootstrapType `json:"type"`

	// Value is a YAML string of the bootstrap.
	Value string `json:"value"`
}

ProxyBootstrap defines Envoy Bootstrap configuration.

func (*ProxyBootstrap) DeepCopy added in v0.6.0 

func (in *ProxyBootstrap) DeepCopy() *ProxyBootstrap

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyBootstrap.

func (*ProxyBootstrap) DeepCopyInto added in v0.6.0 

func (in *ProxyBootstrap) DeepCopyInto(out *ProxyBootstrap)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyLogComponent added in v0.6.0 

type ProxyLogComponent string

ProxyLogComponent defines a component that supports a configured logging level. +kubebuilder:validation:Enum=system;upstream;http;connection;admin;client;filter;main;router;runtime 

const (
	// LogComponentDefault defines the default logging component.
	// See more details: https://www.envoyproxy.io/docs/envoy/latest/operations/cli#cmdoption-l
	LogComponentDefault ProxyLogComponent = "default"

	// LogComponentUpstream defines the "upstream" logging component.
	LogComponentUpstream ProxyLogComponent = "upstream"

	// LogComponentHTTP defines the "http" logging component.
	LogComponentHTTP ProxyLogComponent = "http"

	// LogComponentConnection defines the "connection" logging component.
	LogComponentConnection ProxyLogComponent = "connection"

	// LogComponentAdmin defines the "admin" logging component.
	LogComponentAdmin ProxyLogComponent = "admin"

	// LogComponentClient defines the "client" logging component.
	LogComponentClient ProxyLogComponent = "client"

	// LogComponentFilter defines the "filter" logging component.
	LogComponentFilter ProxyLogComponent = "filter"

	// LogComponentMain defines the "main" logging component.
	LogComponentMain ProxyLogComponent = "main"

	// LogComponentRouter defines the "router" logging component.
	LogComponentRouter ProxyLogComponent = "router"

	// LogComponentRuntime defines the "runtime" logging component.
	LogComponentRuntime ProxyLogComponent = "runtime"
)

type ProxyLogging added in v0.6.0 

type ProxyLogging struct {
	// Level is a map of logging level per component, where the component is the key
	// and the log level is the value. If unspecified, defaults to "default: warn".
	//
	// +kubebuilder:default={default: warn}
	Level map[ProxyLogComponent]LogLevel `json:"level,omitempty"`
}

ProxyLogging defines logging parameters for managed proxies.

func (*ProxyLogging) DeepCopy added in v0.6.0 

func (in *ProxyLogging) DeepCopy() *ProxyLogging

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyLogging.

func (*ProxyLogging) DeepCopyInto added in v0.6.0 

func (in *ProxyLogging) DeepCopyInto(out *ProxyLogging)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProxyLogging) DefaultEnvoyProxyLoggingLevel added in v0.6.0 

func (logging *ProxyLogging) DefaultEnvoyProxyLoggingLevel() LogLevel

DefaultEnvoyProxyLoggingLevel returns envoy proxy v1alpha1.LogComponentGatewayDefault log level. If unspecified, defaults to "warn". When specified, all other logging components are ignored.

func (*ProxyLogging) GetEnvoyProxyComponentLevel added in v0.6.0 

func (logging *ProxyLogging) GetEnvoyProxyComponentLevel() string

GetEnvoyProxyComponentLevel returns envoy proxy component log level args. xref: https://www.envoyproxy.io/docs/envoy/latest/operations/cli#cmdoption-component-log-level

type ProxyMetricSink added in v0.6.0 

type ProxyMetricSink struct {
	// Type defines the metric sink type.
	// EG currently only supports OpenTelemetry.
	// +kubebuilder:validation:Enum=OpenTelemetry
	// +kubebuilder:default=OpenTelemetry
	// +unionDiscriminator
	Type MetricSinkType `json:"type"`
	// OpenTelemetry defines the configuration for OpenTelemetry sink.
	// It's required if the sink type is OpenTelemetry.
	// +optional
	OpenTelemetry *ProxyOpenTelemetrySink `json:"openTelemetry,omitempty"`
}

ProxyMetricSink defines the sink of metrics. Default metrics sink is OpenTelemetry. +union

+kubebuilder:validation:XValidation:rule="self.type == 'OpenTelemetry' ? has(self.openTelemetry) : !has(self.openTelemetry)",message="If MetricSink type is OpenTelemetry, openTelemetry field needs to be set."

func (*ProxyMetricSink) DeepCopy added in v0.6.0 

func (in *ProxyMetricSink) DeepCopy() *ProxyMetricSink

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyMetricSink.

func (*ProxyMetricSink) DeepCopyInto added in v0.6.0 

func (in *ProxyMetricSink) DeepCopyInto(out *ProxyMetricSink)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyMetrics added in v0.6.0 

type ProxyMetrics struct {
	// Prometheus defines the configuration for Admin endpoint `/stats/prometheus`.
	Prometheus *ProxyPrometheusProvider `json:"prometheus,omitempty"`
	// Sinks defines the metric sinks where metrics are sent to.
	Sinks []ProxyMetricSink `json:"sinks,omitempty"`
	// Matches defines configuration for selecting specific metrics instead of generating all metrics stats
	// that are enabled by default. This helps reduce CPU and memory overhead in Envoy, but eliminating some stats
	// may after critical functionality. Here are the stats that we strongly recommend not disabling:
	// `cluster_manager.warming_clusters`, `cluster.<cluster_name>.membership_total`,`cluster.<cluster_name>.membership_healthy`,
	// `cluster.<cluster_name>.membership_degraded`,reference  https://github.com/envoyproxy/envoy/issues/9856,
	// https://github.com/envoyproxy/envoy/issues/14610
	//
	Matches []StringMatch `json:"matches,omitempty"`

	// EnableVirtualHostStats enables envoy stat metrics for virtual hosts.
	EnableVirtualHostStats bool `json:"enableVirtualHostStats,omitempty"`
}

func (*ProxyMetrics) DeepCopy added in v0.6.0 

func (in *ProxyMetrics) DeepCopy() *ProxyMetrics

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyMetrics.

func (*ProxyMetrics) DeepCopyInto added in v0.6.0 

func (in *ProxyMetrics) DeepCopyInto(out *ProxyMetrics)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyOpenTelemetrySink added in v0.6.0 

type ProxyOpenTelemetrySink struct {
	// Host define the service hostname.
	Host string `json:"host"`
	// Port defines the port the service is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +kubebuilder:default=4317
	Port int32 `json:"port,omitempty"`
}

func (*ProxyOpenTelemetrySink) DeepCopy added in v0.6.0 

func (in *ProxyOpenTelemetrySink) DeepCopy() *ProxyOpenTelemetrySink

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyOpenTelemetrySink.

func (*ProxyOpenTelemetrySink) DeepCopyInto added in v0.6.0 

func (in *ProxyOpenTelemetrySink) DeepCopyInto(out *ProxyOpenTelemetrySink)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyPrometheusProvider added in v0.6.0 

type ProxyPrometheusProvider struct {
	// Disable the Prometheus endpoint.
	Disable bool `json:"disable,omitempty"`
}

func (*ProxyPrometheusProvider) DeepCopy added in v0.6.0 

func (in *ProxyPrometheusProvider) DeepCopy() *ProxyPrometheusProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyPrometheusProvider.

func (*ProxyPrometheusProvider) DeepCopyInto added in v0.6.0 

func (in *ProxyPrometheusProvider) DeepCopyInto(out *ProxyPrometheusProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyProtocol added in v1.0.0 

type ProxyProtocol struct {
	// Version of ProxyProtol
	// Valid ProxyProtocolVersion values are
	// "V1"
	// "V2"
	Version ProxyProtocolVersion `json:"version"`
}

ProxyProtocol defines the configuration related to the proxy protocol when communicating with the backend.

func (*ProxyProtocol) DeepCopy added in v1.0.0 

func (in *ProxyProtocol) DeepCopy() *ProxyProtocol

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyProtocol.

func (*ProxyProtocol) DeepCopyInto added in v1.0.0 

func (in *ProxyProtocol) DeepCopyInto(out *ProxyProtocol)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyProtocolVersion added in v1.0.0 

type ProxyProtocolVersion string

ProxyProtocolVersion defines the version of the Proxy Protocol to use. +kubebuilder:validation:Enum=V1;V2 

const (
	// ProxyProtocolVersionV1 is the PROXY protocol version 1 (human readable format).
	ProxyProtocolVersionV1 ProxyProtocolVersion = "V1"
	// ProxyProtocolVersionV2 is the PROXY protocol version 2 (binary format).
	ProxyProtocolVersionV2 ProxyProtocolVersion = "V2"
)

type ProxyTelemetry added in v0.6.0 

type ProxyTelemetry struct {
	// AccessLogs defines accesslog parameters for managed proxies.
	// If unspecified, will send default format to stdout.
	// +optional
	AccessLog *ProxyAccessLog `json:"accessLog,omitempty"`
	// Tracing defines tracing configuration for managed proxies.
	// If unspecified, will not send tracing data.
	// +optional
	Tracing *ProxyTracing `json:"tracing,omitempty"`

	// Metrics defines metrics configuration for managed proxies.
	Metrics *ProxyMetrics `json:"metrics,omitempty"`
}

func (*ProxyTelemetry) DeepCopy added in v0.6.0 

func (in *ProxyTelemetry) DeepCopy() *ProxyTelemetry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyTelemetry.

func (*ProxyTelemetry) DeepCopyInto added in v0.6.0 

func (in *ProxyTelemetry) DeepCopyInto(out *ProxyTelemetry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProxyTracing added in v0.6.0 

type ProxyTracing struct {
	// SamplingRate controls the rate at which traffic will be
	// selected for tracing if no prior sampling decision has been made.
	// Defaults to 100, valid values [0-100]. 100 indicates 100% sampling.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=100
	// +kubebuilder:default=100
	// +optional
	SamplingRate *uint32 `json:"samplingRate,omitempty"`
	// CustomTags defines the custom tags to add to each span.
	// If provider is kubernetes, pod name and namespace are added by default.
	CustomTags map[string]CustomTag `json:"customTags,omitempty"`
	// Provider defines the tracing provider.
	// Only OpenTelemetry is supported currently.
	Provider TracingProvider `json:"provider"`
}

func (*ProxyTracing) DeepCopy added in v0.6.0 

func (in *ProxyTracing) DeepCopy() *ProxyTracing

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyTracing.

func (*ProxyTracing) DeepCopyInto added in v0.6.0 

func (in *ProxyTracing) DeepCopyInto(out *ProxyTracing)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimit added in v0.6.0 

type RateLimit struct {
	// Backend holds the configuration associated with the
	// database backend used by the rate limit service to store
	// state associated with global ratelimiting.
	Backend RateLimitDatabaseBackend `json:"backend"`

	// Timeout specifies the timeout period for the proxy to access the ratelimit server
	// If not set, timeout is 20ms.
	// +optional
	// +kubebuilder:validation:Format=duration
	Timeout *metav1.Duration `json:"timeout,omitempty"`

	// FailClosed is a switch used to control the flow of traffic
	// when the response from the ratelimit server cannot be obtained.
	// If FailClosed is false, let the traffic pass,
	// otherwise, don't let the traffic pass and return 500.
	// If not set, FailClosed is False.
	FailClosed bool `json:"failClosed"`

	// Telemetry defines telemetry configuration for RateLimit.
	// +optional
	Telemetry *RateLimitTelemetry `json:"telemetry,omitempty"`
}

RateLimit defines the configuration associated with the Rate Limit Service used for Global Rate Limiting.

func (*RateLimit) DeepCopy added in v0.6.0 

func (in *RateLimit) DeepCopy() *RateLimit

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimit.

func (*RateLimit) DeepCopyInto added in v0.6.0 

func (in *RateLimit) DeepCopyInto(out *RateLimit)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitDatabaseBackend added in v0.6.0 

type RateLimitDatabaseBackend struct {
	// Type is the type of database backend to use. Supported types are:
	//	* Redis: Connects to a Redis database.
	//
	// +unionDiscriminator
	Type RateLimitDatabaseBackendType `json:"type"`
	// Redis defines the settings needed to connect to a Redis database.
	//
	// +optional
	Redis *RateLimitRedisSettings `json:"redis,omitempty"`
}

RateLimitDatabaseBackend defines the configuration associated with the database backend used by the rate limit service. +union

func (*RateLimitDatabaseBackend) DeepCopy added in v0.6.0 

func (in *RateLimitDatabaseBackend) DeepCopy() *RateLimitDatabaseBackend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitDatabaseBackend.

func (*RateLimitDatabaseBackend) DeepCopyInto added in v0.6.0 

func (in *RateLimitDatabaseBackend) DeepCopyInto(out *RateLimitDatabaseBackend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitDatabaseBackendType added in v0.6.0 

type RateLimitDatabaseBackendType string

RateLimitDatabaseBackendType specifies the types of database backend to be used by the rate limit service. +kubebuilder:validation:Enum=Redis 

const (
	// RedisBackendType uses a redis database for the rate limit service.
	RedisBackendType RateLimitDatabaseBackendType = "Redis"
)

type RateLimitMetrics added in v1.0.0 

type RateLimitMetrics struct {
	// Prometheus defines the configuration for prometheus endpoint.
	Prometheus *RateLimitMetricsPrometheusProvider `json:"prometheus,omitempty"`
}

func (*RateLimitMetrics) DeepCopy added in v1.0.0 

func (in *RateLimitMetrics) DeepCopy() *RateLimitMetrics

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitMetrics.

func (*RateLimitMetrics) DeepCopyInto added in v1.0.0 

func (in *RateLimitMetrics) DeepCopyInto(out *RateLimitMetrics)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitMetricsPrometheusProvider added in v1.0.0 

type RateLimitMetricsPrometheusProvider struct {
	// Disable the Prometheus endpoint.
	Disable bool `json:"disable,omitempty"`
}

func (*RateLimitMetricsPrometheusProvider) DeepCopy added in v1.0.0 

func (in *RateLimitMetricsPrometheusProvider) DeepCopy() *RateLimitMetricsPrometheusProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitMetricsPrometheusProvider.

func (*RateLimitMetricsPrometheusProvider) DeepCopyInto added in v1.0.0 

func (in *RateLimitMetricsPrometheusProvider) DeepCopyInto(out *RateLimitMetricsPrometheusProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitRedisSettings added in v0.6.0 

type RateLimitRedisSettings struct {
	// URL of the Redis Database.
	URL string `json:"url"`

	// TLS defines TLS configuration for connecting to redis database.
	//
	// +optional
	TLS *RedisTLSSettings `json:"tls,omitempty"`
}

RateLimitRedisSettings defines the configuration for connecting to redis database.

func (*RateLimitRedisSettings) DeepCopy added in v0.6.0 

func (in *RateLimitRedisSettings) DeepCopy() *RateLimitRedisSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitRedisSettings.

func (*RateLimitRedisSettings) DeepCopyInto added in v0.6.0 

func (in *RateLimitRedisSettings) DeepCopyInto(out *RateLimitRedisSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitRule 

type RateLimitRule struct {
	// ClientSelectors holds the list of select conditions to select
	// specific clients using attributes from the traffic flow.
	// All individual select conditions must hold True for this rule
	// and its limit to be applied.
	//
	// If no client selectors are specified, the rule applies to all traffic of
	// the targeted Route.
	//
	// If the policy targets a Gateway, the rule applies to each Route of the Gateway.
	// Please note that each Route has its own rate limit counters. For example,
	// if a Gateway has two Routes, and the policy has a rule with limit 10rps,
	// each Route will have its own 10rps limit.
	//
	// +optional
	// +kubebuilder:validation:MaxItems=8
	ClientSelectors []RateLimitSelectCondition `json:"clientSelectors,omitempty"`
	// Limit holds the rate limit values.
	// This limit is applied for traffic flows when the selectors
	// compute to True, causing the request to be counted towards the limit.
	// The limit is enforced and the request is ratelimited, i.e. a response with
	// 429 HTTP status code is sent back to the client when
	// the selected requests have reached the limit.
	Limit RateLimitValue `json:"limit"`
}

RateLimitRule defines the semantics for matching attributes from the incoming requests, and setting limits for them.

func (*RateLimitRule) DeepCopy 

func (in *RateLimitRule) DeepCopy() *RateLimitRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitRule.

func (*RateLimitRule) DeepCopyInto 

func (in *RateLimitRule) DeepCopyInto(out *RateLimitRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitSelectCondition 

type RateLimitSelectCondition struct {
	// Headers is a list of request headers to match. Multiple header values are ANDed together,
	// meaning, a request MUST match all the specified headers.
	// At least one of headers or sourceCIDR condition must be specified.
	//
	// +listType=map
	// +listMapKey=name
	// +optional
	// +kubebuilder:validation:MaxItems=16
	Headers []HeaderMatch `json:"headers,omitempty"`

	// SourceCIDR is the client IP Address range to match on.
	// At least one of headers or sourceCIDR condition must be specified.
	//
	// +optional
	SourceCIDR *SourceMatch `json:"sourceCIDR,omitempty"`
}

RateLimitSelectCondition specifies the attributes within the traffic flow that can be used to select a subset of clients to be ratelimited. All the individual conditions must hold True for the overall condition to hold True.

func (*RateLimitSelectCondition) DeepCopy 

func (in *RateLimitSelectCondition) DeepCopy() *RateLimitSelectCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitSelectCondition.

func (*RateLimitSelectCondition) DeepCopyInto 

func (in *RateLimitSelectCondition) DeepCopyInto(out *RateLimitSelectCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitSpec added in v0.6.0 

type RateLimitSpec struct {
	// Type decides the scope for the RateLimits.
	// Valid RateLimitType values are "Global" or "Local".
	//
	// +unionDiscriminator
	Type RateLimitType `json:"type"`
	// Global defines global rate limit configuration.
	//
	// +optional
	Global *GlobalRateLimit `json:"global,omitempty"`

	// Local defines local rate limit configuration.
	//
	// +optional
	Local *LocalRateLimit `json:"local,omitempty"`
}

RateLimitSpec defines the desired state of RateLimitSpec. +union

func (*RateLimitSpec) DeepCopy added in v0.6.0 

func (in *RateLimitSpec) DeepCopy() *RateLimitSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitSpec.

func (*RateLimitSpec) DeepCopyInto added in v0.6.0 

func (in *RateLimitSpec) DeepCopyInto(out *RateLimitSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitTelemetry added in v1.0.0 

type RateLimitTelemetry struct {
	// Metrics defines metrics configuration for RateLimit.
	Metrics *RateLimitMetrics `json:"metrics,omitempty"`
}

func (*RateLimitTelemetry) DeepCopy added in v1.0.0 

func (in *RateLimitTelemetry) DeepCopy() *RateLimitTelemetry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitTelemetry.

func (*RateLimitTelemetry) DeepCopyInto added in v1.0.0 

func (in *RateLimitTelemetry) DeepCopyInto(out *RateLimitTelemetry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitType 

type RateLimitType string

RateLimitType specifies the types of RateLimiting. +kubebuilder:validation:Enum=Global;Local 

const (
	// GlobalRateLimitType allows the rate limits to be applied across all Envoy
	// proxy instances.
	GlobalRateLimitType RateLimitType = "Global"

	// LocalRateLimitType allows the rate limits to be applied on a per Envoy
	// proxy instance basis.
	LocalRateLimitType RateLimitType = "Local"
)

type RateLimitUnit 

type RateLimitUnit string

RateLimitUnit specifies the intervals for setting rate limits. Valid RateLimitUnit values are "Second", "Minute", "Hour", and "Day".

+kubebuilder:validation:Enum=Second;Minute;Hour;Day 

const (
	// RateLimitUnitSecond specifies the rate limit interval to be 1 second.
	RateLimitUnitSecond RateLimitUnit = "Second"

	// RateLimitUnitMinute specifies the rate limit interval to be 1 minute.
	RateLimitUnitMinute RateLimitUnit = "Minute"

	// RateLimitUnitHour specifies the rate limit interval to be 1 hour.
	RateLimitUnitHour RateLimitUnit = "Hour"

	// RateLimitUnitDay specifies the rate limit interval to be 1 day.
	RateLimitUnitDay RateLimitUnit = "Day"
)

RateLimitUnit constants.

type RateLimitValue 

type RateLimitValue struct {
	Requests uint          `json:"requests"`
	Unit     RateLimitUnit `json:"unit"`
}

RateLimitValue defines the limits for rate limiting.

func (*RateLimitValue) DeepCopy 

func (in *RateLimitValue) DeepCopy() *RateLimitValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitValue.

func (*RateLimitValue) DeepCopyInto 

func (in *RateLimitValue) DeepCopyInto(out *RateLimitValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RedisTLSSettings added in v0.6.0 

type RedisTLSSettings struct {
	// CertificateRef defines the client certificate reference for TLS connections.
	// Currently only a Kubernetes Secret of type TLS is supported.
	// +optional
	CertificateRef *gwapiv1.SecretObjectReference `json:"certificateRef,omitempty"`
}

RedisTLSSettings defines the TLS configuration for connecting to redis database.

func (*RedisTLSSettings) DeepCopy added in v0.6.0 

func (in *RedisTLSSettings) DeepCopy() *RedisTLSSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RedisTLSSettings.

func (*RedisTLSSettings) DeepCopyInto added in v0.6.0 

func (in *RedisTLSSettings) DeepCopyInto(out *RedisTLSSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RemoteJWKS 

type RemoteJWKS struct {
	// URI is the HTTPS URI to fetch the JWKS. Envoy's system trust bundle is used to
	// validate the server certificate.
	//
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=253
	URI string `json:"uri"`
}

RemoteJWKS defines how to fetch and cache JSON Web Key Sets (JWKS) from a remote HTTP/HTTPS endpoint.

func (*RemoteJWKS) DeepCopy 

func (in *RemoteJWKS) DeepCopy() *RemoteJWKS

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RemoteJWKS.

func (*RemoteJWKS) DeepCopyInto 

func (in *RemoteJWKS) DeepCopyInto(out *RemoteJWKS)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequestHeaderCustomTag added in v0.6.0 

type RequestHeaderCustomTag struct {
	// Name defines the name of the request header which to extract the value from.
	Name string `json:"name"`
	// DefaultValue defines the default value to use if the request header is not set.
	// +optional
	DefaultValue *string `json:"defaultValue,omitempty"`
}

RequestHeaderCustomTag adds value from request header to each span.

func (*RequestHeaderCustomTag) DeepCopy added in v0.6.0 

func (in *RequestHeaderCustomTag) DeepCopy() *RequestHeaderCustomTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestHeaderCustomTag.

func (*RequestHeaderCustomTag) DeepCopyInto added in v0.6.0 

func (in *RequestHeaderCustomTag) DeepCopyInto(out *RequestHeaderCustomTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceProviderType added in v0.6.0 

type ResourceProviderType string

ResourceProviderType defines the types of custom resource providers supported by Envoy Gateway.

+kubebuilder:validation:Enum=File 

const (
	// ResourceProviderTypeFile defines the "File" provider.
	ResourceProviderTypeFile ResourceProviderType = "File"
)

type Retry added in v1.0.0 

type Retry struct {
	// NumRetries is the number of retries to be attempted. Defaults to 2.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=2
	NumRetries *int32 `json:"numRetries,omitempty"`

	// RetryOn specifies the retry trigger condition.
	//
	// If not specified, the default is to retry on connect-failure,refused-stream,unavailable,cancelled,retriable-status-codes(503).
	// +optional
	RetryOn *RetryOn `json:"retryOn,omitempty"`

	// PerRetry is the retry policy to be applied per retry attempt.
	//
	// +optional
	PerRetry *PerRetryPolicy `json:"perRetry,omitempty"`
}

Retry defines the retry strategy to be applied.

func (*Retry) DeepCopy added in v1.0.0 

func (in *Retry) DeepCopy() *Retry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Retry.

func (*Retry) DeepCopyInto added in v1.0.0 

func (in *Retry) DeepCopyInto(out *Retry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RetryOn added in v1.0.0 

type RetryOn struct {
	// Triggers specifies the retry trigger condition(Http/Grpc).
	//
	// +optional
	Triggers []TriggerEnum `json:"triggers,omitempty"`

	// HttpStatusCodes specifies the http status codes to be retried.
	// The retriable-status-codes trigger must also be configured for these status codes to trigger a retry.
	//
	// +optional
	HTTPStatusCodes []HTTPStatus `json:"httpStatusCodes,omitempty"`
}

func (*RetryOn) DeepCopy added in v1.0.0 

func (in *RetryOn) DeepCopy() *RetryOn

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RetryOn.

func (*RetryOn) DeepCopyInto added in v1.0.0 

func (in *RetryOn) DeepCopyInto(out *RetryOn)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityPolicy added in v0.6.0 

type SecurityPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the desired state of SecurityPolicy.
	Spec SecurityPolicySpec `json:"spec"`

	// Status defines the current status of SecurityPolicy.
	Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}

SecurityPolicy allows the user to configure various security settings for a Gateway.

func (*SecurityPolicy) DeepCopy added in v0.6.0 

func (in *SecurityPolicy) DeepCopy() *SecurityPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicy.

func (*SecurityPolicy) DeepCopyInto added in v0.6.0 

func (in *SecurityPolicy) DeepCopyInto(out *SecurityPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecurityPolicy) DeepCopyObject added in v0.6.0 

func (in *SecurityPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SecurityPolicyList added in v0.6.0 

type SecurityPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []SecurityPolicy `json:"items"`
}

SecurityPolicyList contains a list of SecurityPolicy resources.

func (*SecurityPolicyList) DeepCopy added in v0.6.0 

func (in *SecurityPolicyList) DeepCopy() *SecurityPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicyList.

func (*SecurityPolicyList) DeepCopyInto added in v0.6.0 

func (in *SecurityPolicyList) DeepCopyInto(out *SecurityPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecurityPolicyList) DeepCopyObject added in v0.6.0 

func (in *SecurityPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SecurityPolicySpec added in v0.6.0 

type SecurityPolicySpec struct {
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
	// +kubebuilder:validation:XValidation:rule="self.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute']", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute"
	// +kubebuilder:validation:XValidation:rule="!has(self.sectionName)",message="this policy does not yet support the sectionName field"
	//
	// TargetRef is the name of the Gateway resource this policy
	// is being attached to.
	// This Policy and the TargetRef MUST be in the same namespace
	// for this Policy to have effect and be applied to the Gateway.
	TargetRef gwapiv1a2.PolicyTargetReferenceWithSectionName `json:"targetRef"`

	// CORS defines the configuration for Cross-Origin Resource Sharing (CORS).
	//
	// +optional
	CORS *CORS `json:"cors,omitempty"`

	// BasicAuth defines the configuration for the HTTP Basic Authentication.
	//
	// +optional
	BasicAuth *BasicAuth `json:"basicAuth,omitempty"`

	// JWT defines the configuration for JSON Web Token (JWT) authentication.
	//
	// +optional
	JWT *JWT `json:"jwt,omitempty"`

	// OIDC defines the configuration for the OpenID Connect (OIDC) authentication.
	//
	// +optional
	OIDC *OIDC `json:"oidc,omitempty"`

	// ExtAuth defines the configuration for External Authorization.
	//
	// +optional
	ExtAuth *ExtAuth `json:"extAuth,omitempty"`
}

SecurityPolicySpec defines the desired state of SecurityPolicy.

func (*SecurityPolicySpec) DeepCopy added in v0.6.0 

func (in *SecurityPolicySpec) DeepCopy() *SecurityPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicySpec.

func (*SecurityPolicySpec) DeepCopyInto added in v0.6.0 

func (in *SecurityPolicySpec) DeepCopyInto(out *SecurityPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityPolicyStatus added in v0.6.0 

type SecurityPolicyStatus struct {
	// Conditions describe the current conditions of the SecurityPolicy.
	//
	// +optional
	// +listType=map
	// +listMapKey=type
	// +kubebuilder:validation:MaxItems=8
	Conditions []metav1.Condition `json:"conditions,omitempty"`
}

SecurityPolicyStatus defines the state of SecurityPolicy

func (*SecurityPolicyStatus) DeepCopy added in v0.6.0 

func (in *SecurityPolicyStatus) DeepCopy() *SecurityPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicyStatus.

func (*SecurityPolicyStatus) DeepCopyInto added in v0.6.0 

func (in *SecurityPolicyStatus) DeepCopyInto(out *SecurityPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceExternalTrafficPolicy added in v1.0.0 

type ServiceExternalTrafficPolicy string

ServiceExternalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs. +enum +kubebuilder:validation:Enum=Local;Cluster 

const (
	// ServiceExternalTrafficPolicyCluster routes traffic to all endpoints.
	ServiceExternalTrafficPolicyCluster ServiceExternalTrafficPolicy = "Cluster"

	// ServiceExternalTrafficPolicyLocal preserves the source IP of the traffic by
	// routing only to endpoints on the same node as the traffic was received on
	// (dropping the traffic if there are no local endpoints).
	ServiceExternalTrafficPolicyLocal ServiceExternalTrafficPolicy = "Local"
)

func DefaultKubernetesServiceExternalTrafficPolicy added in v1.0.0 

func DefaultKubernetesServiceExternalTrafficPolicy() *ServiceExternalTrafficPolicy

func GetKubernetesServiceExternalTrafficPolicy added in v1.0.0 

func GetKubernetesServiceExternalTrafficPolicy(serviceExternalTrafficPolicy ServiceExternalTrafficPolicy) *ServiceExternalTrafficPolicy

type ServiceType added in v0.6.0 

type ServiceType string

ServiceType string describes ingress methods for a service +enum +kubebuilder:validation:Enum=ClusterIP;LoadBalancer;NodePort 

const (
	// ServiceTypeClusterIP means a service will only be accessible inside the
	// cluster, via the cluster IP.
	ServiceTypeClusterIP ServiceType = "ClusterIP"

	// ServiceTypeLoadBalancer means a service will be exposed via an
	// external load balancer (if the cloud provider supports it).
	ServiceTypeLoadBalancer ServiceType = "LoadBalancer"

	// ServiceTypeNodePort means a service will be exposed on each Kubernetes Node
	// at a static Port, common across all Nodes.
	ServiceTypeNodePort ServiceType = "NodePort"
)

func DefaultKubernetesServiceType added in v0.6.0 

func DefaultKubernetesServiceType() *ServiceType

DefaultKubernetesServiceType returns a new KubernetesServiceType with default settings.

func GetKubernetesServiceType added in v0.6.0 

func GetKubernetesServiceType(serviceType ServiceType) *ServiceType

GetKubernetesServiceType returns the KubernetesServiceType pointer.

type ShutdownConfig added in v1.0.0 

type ShutdownConfig struct {
	// DrainTimeout defines the graceful drain timeout. This should be less than the pod's terminationGracePeriodSeconds.
	// If unspecified, defaults to 600 seconds.
	//
	// +optional
	DrainTimeout *metav1.Duration `json:"drainTimeout,omitempty"`
	// MinDrainDuration defines the minimum drain duration allowing time for endpoint deprogramming to complete.
	// If unspecified, defaults to 5 seconds.
	//
	// +optional
	MinDrainDuration *metav1.Duration `json:"minDrainDuration,omitempty"`
}

ShutdownConfig defines configuration for graceful envoy shutdown process.

func (*ShutdownConfig) DeepCopy added in v1.0.0 

func (in *ShutdownConfig) DeepCopy() *ShutdownConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShutdownConfig.

func (*ShutdownConfig) DeepCopyInto added in v1.0.0 

func (in *ShutdownConfig) DeepCopyInto(out *ShutdownConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SlowStart added in v1.0.0 

type SlowStart struct {
	// Window defines the duration of the warm up period for newly added host.
	// During slow start window, traffic sent to the newly added hosts will gradually increase.
	// Currently only supports linear growth of traffic. For additional details,
	// see https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#config-cluster-v3-cluster-slowstartconfig
	// +kubebuilder:validation:Required
	Window *metav1.Duration `json:"window"`
}

SlowStart defines the configuration related to the slow start load balancer policy.

func (*SlowStart) DeepCopy added in v1.0.0 

func (in *SlowStart) DeepCopy() *SlowStart

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SlowStart.

func (*SlowStart) DeepCopyInto added in v1.0.0 

func (in *SlowStart) DeepCopyInto(out *SlowStart)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SourceMatch added in v0.5.0 

type SourceMatch struct {
	// +optional
	// +kubebuilder:default=Exact
	Type *SourceMatchType `json:"type,omitempty"`

	// Value is the IP CIDR that represents the range of Source IP Addresses of the client.
	// These could also be the intermediate addresses through which the request has flown through and is part of the  `X-Forwarded-For` header.
	// For example, `192.168.0.1/32`, `192.168.0.0/24`, `001:db8::/64`.
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=256
	Value string `json:"value"`
}

func (*SourceMatch) DeepCopy added in v0.5.0 

func (in *SourceMatch) DeepCopy() *SourceMatch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SourceMatch.

func (*SourceMatch) DeepCopyInto added in v0.5.0 

func (in *SourceMatch) DeepCopyInto(out *SourceMatch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SourceMatchType added in v0.5.0 

type SourceMatchType string
const (
	// SourceMatchExact All IP Addresses within the specified Source IP CIDR are treated as a single client selector
	// and share the same rate limit bucket.
	SourceMatchExact SourceMatchType = "Exact"
	// SourceMatchDistinct Each IP Address within the specified Source IP CIDR is treated as a distinct client selector
	// and uses a separate rate limit bucket/counter.
	// Note: This is only supported for Global Rate Limits.
	SourceMatchDistinct SourceMatchType = "Distinct"
)

type StringMatch added in v0.6.0 

type StringMatch struct {
	// Type specifies how to match against a string.
	//
	// +optional
	// +kubebuilder:default=Exact
	Type *StringMatchType `json:"type,omitempty"`

	// Value specifies the string value that the match must have.
	//
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:MaxLength=1024
	Value string `json:"value"`
}

StringMatch defines how to match any strings. This is a general purpose match condition that can be used by other EG APIs that need to match against a string.

func (*StringMatch) DeepCopy added in v0.6.0 

func (in *StringMatch) DeepCopy() *StringMatch

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StringMatch.

func (*StringMatch) DeepCopyInto added in v0.6.0 

func (in *StringMatch) DeepCopyInto(out *StringMatch)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StringMatchType added in v1.0.0 

type StringMatchType string

StringMatchType specifies the semantics of how a string value should be compared. Valid MatchType values are "Exact", "Prefix", "Suffix", "RegularExpression".

+kubebuilder:validation:Enum=Exact;Prefix;Suffix;RegularExpression 

const (
	// StringMatchExact :the input string must match exactly the match value.
	StringMatchExact StringMatchType = "Exact"

	// StringMatchPrefix :the input string must start with the match value.
	StringMatchPrefix StringMatchType = "Prefix"

	// StringMatchSuffix :the input string must end with the match value.
	StringMatchSuffix StringMatchType = "Suffix"

	// StringMatchRegularExpression :The input string must match the regular expression
	// specified in the match value.
	// The regex string must adhere to the syntax documented in
	// https://github.com/google/re2/wiki/Syntax.
	StringMatchRegularExpression StringMatchType = "RegularExpression"
)

type TCPActiveHealthChecker added in v1.0.0 

type TCPActiveHealthChecker struct {
	// Send defines the request payload.
	// +optional
	Send *ActiveHealthCheckPayload `json:"send,omitempty" yaml:"send,omitempty"`
	// Receive defines the expected response payload.
	// +optional
	Receive *ActiveHealthCheckPayload `json:"receive,omitempty" yaml:"receive,omitempty"`
}

TCPActiveHealthChecker defines the settings of tcp health check.

func (*TCPActiveHealthChecker) DeepCopy added in v1.0.0 

func (in *TCPActiveHealthChecker) DeepCopy() *TCPActiveHealthChecker

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPActiveHealthChecker.

func (*TCPActiveHealthChecker) DeepCopyInto added in v1.0.0 

func (in *TCPActiveHealthChecker) DeepCopyInto(out *TCPActiveHealthChecker)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TCPKeepalive added in v0.6.0 

type TCPKeepalive struct {
	// The total number of unacknowledged probes to send before deciding
	// the connection is dead.
	// Defaults to 9.
	//
	// +optional
	Probes *uint32 `json:"probes,omitempty"`
	// The duration a connection needs to be idle before keep-alive
	// probes start being sent.
	// The duration format is
	// Defaults to `7200s`.
	//
	// +optional
	IdleTime *gwapiv1.Duration `json:"idleTime,omitempty"`
	// The duration between keep-alive probes.
	// Defaults to `75s`.
	//
	// +optional
	Interval *gwapiv1.Duration `json:"interval,omitempty"`
}

TCPKeepalive define the TCP Keepalive configuration.

func (*TCPKeepalive) DeepCopy added in v0.6.0 

func (in *TCPKeepalive) DeepCopy() *TCPKeepalive

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPKeepalive.

func (*TCPKeepalive) DeepCopyInto added in v0.6.0 

func (in *TCPKeepalive) DeepCopyInto(out *TCPKeepalive)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TCPTimeout added in v1.0.0 

type TCPTimeout struct {
	// The timeout for network connection establishment, including TCP and TLS handshakes.
	// Default: 10 seconds.
	//
	// +optional
	ConnectTimeout *gwapiv1.Duration `json:"connectTimeout,omitempty"`
}

func (*TCPTimeout) DeepCopy added in v1.0.0 

func (in *TCPTimeout) DeepCopy() *TCPTimeout

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPTimeout.

func (*TCPTimeout) DeepCopyInto added in v1.0.0 

func (in *TCPTimeout) DeepCopyInto(out *TCPTimeout)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSSettings added in v1.0.0 

type TLSSettings struct {

	// Min specifies the minimal TLS protocol version to allow.
	// The default is TLS 1.2 if this is not specified.
	//
	// +optional
	MinVersion *TLSVersion `json:"minVersion,omitempty"`

	// Max specifies the maximal TLS protocol version to allow
	// The default is TLS 1.3 if this is not specified.
	//
	// +optional
	MaxVersion *TLSVersion `json:"maxVersion,omitempty"`

	// Ciphers specifies the set of cipher suites supported when
	// negotiating TLS 1.0 - 1.2. This setting has no effect for TLS 1.3.
	// In non-FIPS Envoy Proxy builds the default cipher list is:
	// - [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
	// - [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
	// - ECDHE-ECDSA-AES256-GCM-SHA384
	// - ECDHE-RSA-AES256-GCM-SHA384
	// In builds using BoringSSL FIPS the default cipher list is:
	// - ECDHE-ECDSA-AES128-GCM-SHA256
	// - ECDHE-RSA-AES128-GCM-SHA256
	// - ECDHE-ECDSA-AES256-GCM-SHA384
	// - ECDHE-RSA-AES256-GCM-SHA384
	//
	// +optional
	Ciphers []string `json:"ciphers,omitempty"`

	// ECDHCurves specifies the set of supported ECDH curves.
	// In non-FIPS Envoy Proxy builds the default curves are:
	// - X25519
	// - P-256
	// In builds using BoringSSL FIPS the default curve is:
	// - P-256
	//
	// +optional
	ECDHCurves []string `json:"ecdhCurves,omitempty"`

	// SignatureAlgorithms specifies which signature algorithms the listener should
	// support.
	//
	// +optional
	SignatureAlgorithms []string `json:"signatureAlgorithms,omitempty"`

	// ALPNProtocols supplies the list of ALPN protocols that should be
	// exposed by the listener. By default h2 and http/1.1 are enabled.
	// Supported values are:
	// - http/1.0
	// - http/1.1
	// - h2
	//
	// +optional
	ALPNProtocols []ALPNProtocol `json:"alpnProtocols,omitempty"`

	// ClientValidation specifies the configuration to validate the client
	// initiating the TLS connection to the Gateway listener.
	// +optional
	ClientValidation *ClientValidationContext `json:"clientValidation,omitempty"`
}

+kubebuilder:validation:XValidation:rule="has(self.minVersion) && self.minVersion == '1.3' ? !has(self.ciphers) : true", message="setting ciphers has no effect if the minimum possible TLS version is 1.3" +kubebuilder:validation:XValidation:rule="has(self.minVersion) && has(self.maxVersion) ? {\"Auto\":0,\"1.0\":1,\"1.1\":2,\"1.2\":3,\"1.3\":4}[self.minVersion] <= {\"1.0\":1,\"1.1\":2,\"1.2\":3,\"1.3\":4,\"Auto\":5}[self.maxVersion] : !has(self.minVersion) && has(self.maxVersion) ? 3 <= {\"1.0\":1,\"1.1\":2,\"1.2\":3,\"1.3\":4,\"Auto\":5}[self.maxVersion] : true", message="minVersion must be smaller or equal to maxVersion"

func (*TLSSettings) DeepCopy added in v1.0.0 

func (in *TLSSettings) DeepCopy() *TLSSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSettings.

func (*TLSSettings) DeepCopyInto added in v1.0.0 

func (in *TLSSettings) DeepCopyInto(out *TLSSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSVersion added in v1.0.0 

type TLSVersion string

TLSVersion specifies the TLS version +kubebuilder:validation:Enum=Auto;"1.0";"1.1";"1.2";"1.3" 

const (
	// TLSAuto allows Envoy to choose the optimal TLS Version
	TLSAuto TLSVersion = "Auto"
	// TLS1.0 specifies TLS version 1.0
	TLSv10 TLSVersion = "1.0"
	// TLS1.1 specifies TLS version 1.1
	TLSv11 TLSVersion = "1.1"
	// TLSv1.2 specifies TLS version 1.2
	TLSv12 TLSVersion = "1.2"
	// TLSv1.3 specifies TLS version 1.3
	TLSv13 TLSVersion = "1.3"
)

type Timeout added in v1.0.0 

type Timeout struct {
	// Timeout settings for TCP.
	//
	// +optional
	TCP *TCPTimeout `json:"tcp,omitempty"`

	// Timeout settings for HTTP.
	//
	// +optional
	HTTP *HTTPTimeout `json:"http,omitempty"`
}

Timeout defines configuration for timeouts related to connections.

func (*Timeout) DeepCopy added in v1.0.0 

func (in *Timeout) DeepCopy() *Timeout

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Timeout.

func (*Timeout) DeepCopyInto added in v1.0.0 

func (in *Timeout) DeepCopyInto(out *Timeout)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TracingProvider added in v0.6.0 

type TracingProvider struct {
	// Type defines the tracing provider type.
	// EG currently only supports OpenTelemetry.
	// +kubebuilder:validation:Enum=OpenTelemetry
	// +kubebuilder:default=OpenTelemetry
	Type TracingProviderType `json:"type"`
	// Host define the provider service hostname.
	Host string `json:"host"`
	// Port defines the port the provider service is exposed on.
	//
	// +optional
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:default=4317
	Port int32 `json:"port,omitempty"`
}

func (*TracingProvider) DeepCopy added in v0.6.0 

func (in *TracingProvider) DeepCopy() *TracingProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TracingProvider.

func (*TracingProvider) DeepCopyInto added in v0.6.0 

func (in *TracingProvider) DeepCopyInto(out *TracingProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TracingProviderType added in v0.6.0 

type TracingProviderType string
const (
	TracingProviderTypeOpenTelemetry TracingProviderType = "OpenTelemetry"
)

type TriggerEnum added in v1.0.0 

type TriggerEnum string

TriggerEnum specifies the conditions that trigger retries. +kubebuilder:validation:Enum={"5xx","gateway-error","reset","connect-failure","retriable-4xx","refused-stream","retriable-status-codes","cancelled","deadline-exceeded","internal","resource-exhausted","unavailable"} 

const (

	// The upstream server responds with any 5xx response code, or does not respond at all (disconnect/reset/read timeout).
	// Includes connect-failure and refused-stream.
	Error5XX TriggerEnum = "5xx"
	// The response is a gateway error (502,503 or 504).
	GatewayError TriggerEnum = "gateway-error"
	// The upstream server does not respond at all (disconnect/reset/read timeout.)
	Reset TriggerEnum = "reset"
	// Connection failure to the upstream server (connect timeout, etc.). (Included in *5xx*)
	ConnectFailure TriggerEnum = "connect-failure"
	// The upstream server responds with a retriable 4xx response code.
	// Currently, the only response code in this category is 409.
	Retriable4XX TriggerEnum = "retriable-4xx"
	// The upstream server resets the stream with a REFUSED_STREAM error code.
	RefusedStream TriggerEnum = "refused-stream"
	// The upstream server responds with any response code matching one defined in the RetriableStatusCodes.
	RetriableStatusCodes TriggerEnum = "retriable-status-codes"

	// The gRPC status code in the response headers is “cancelled”.
	Cancelled TriggerEnum = "cancelled"
	// The gRPC status code in the response headers is “deadline-exceeded”.
	DeadlineExceeded TriggerEnum = "deadline-exceeded"
	// The gRPC status code in the response headers is “internal”.
	Internal TriggerEnum = "internal"
	// The gRPC status code in the response headers is “resource-exhausted”.
	ResourceExhausted TriggerEnum = "resource-exhausted"
	// The gRPC status code in the response headers is “unavailable”.
	Unavailable TriggerEnum = "unavailable"
)

type XDSTranslatorHook added in v0.6.0 

type XDSTranslatorHook string

XDSTranslatorHook defines the types of hooks that an Envoy Gateway extension may support for the xds-translator

+kubebuilder:validation:Enum=VirtualHost;Route;HTTPListener;Translation 

const (
	XDSVirtualHost  XDSTranslatorHook = "VirtualHost"
	XDSRoute        XDSTranslatorHook = "Route"
	XDSHTTPListener XDSTranslatorHook = "HTTPListener"
	XDSTranslation  XDSTranslatorHook = "Translation"
)

type XDSTranslatorHooks added in v0.6.0 

type XDSTranslatorHooks struct {
	Pre  []XDSTranslatorHook `json:"pre,omitempty"`
	Post []XDSTranslatorHook `json:"post,omitempty"`
}

XDSTranslatorHooks contains all the pre and post hooks for the xds-translator runner.

func (*XDSTranslatorHooks) DeepCopy added in v0.6.0 

func (in *XDSTranslatorHooks) DeepCopy() *XDSTranslatorHooks

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XDSTranslatorHooks.

func (*XDSTranslatorHooks) DeepCopyInto added in v0.6.0 

func (in *XDSTranslatorHooks) DeepCopyInto(out *XDSTranslatorHooks)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type XForwardedForSettings added in v1.0.0 

type XForwardedForSettings struct {
	// NumTrustedHops controls the number of additional ingress proxy hops from the right side of XFF HTTP
	// headers to trust when determining the origin client's IP address.
	// Refer to https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#x-forwarded-for
	// for more details.
	//
	// +optional
	NumTrustedHops *uint32 `json:"numTrustedHops,omitempty"`
}

XForwardedForSettings provides configuration for using X-Forwarded-For headers for determining the client IP address.

func (*XForwardedForSettings) DeepCopy added in v1.0.0 

func (in *XForwardedForSettings) DeepCopy() *XForwardedForSettings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XForwardedForSettings.

func (*XForwardedForSettings) DeepCopyInto added in v1.0.0 

func (in *XForwardedForSettings) DeepCopyInto(out *XForwardedForSettings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.