Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the projectcontour.io v1alpha1 API group
+kubebuilder:object:generate=true +k8s:deepcopy-gen=package +groupName=projectcontour.io
Index ¶
- Constants
- Variables
- type AccessLogFormatString
- type AccessLogJSONFields
- type AccessLogLevel
- type AccessLogType
- type ClusterDNSFamilyType
- type ClusterParameters
- type ContourConfiguration
- type ContourConfigurationList
- type ContourConfigurationSpec
- type ContourConfigurationStatus
- type ContourDeployment
- type ContourDeploymentList
- type ContourDeploymentSpec
- type ContourDeploymentStatus
- type ContourSettings
- type DebugConfig
- type EnvoyConfig
- type EnvoyListener
- type EnvoyListenerConfig
- type EnvoyLogging
- type EnvoySettings
- type EnvoyTLS
- type ExtensionProtocolVersion
- type ExtensionService
- type ExtensionServiceList
- type ExtensionServiceSpec
- type ExtensionServiceStatus
- type ExtensionServiceTarget
- type GatewayConfig
- type HTTPProxyConfig
- type HTTPVersionType
- type HeadersPolicy
- type HealthConfig
- type IngressConfig
- type LogLevel
- type MetricsConfig
- type MetricsTLS
- type NamespacedName
- type NetworkParameters
- type NetworkPublishing
- type NetworkPublishingType
- type NodePlacement
- type PolicyConfig
- type RateLimitServiceConfig
- type TLS
- type TimeoutParameters
- type WorkloadType
- type XDSServerConfig
- type XDSServerType
Constants ¶
const ( // A Kubernetes daemonset. WorkloadTypeDaemonSet = "DaemonSet" // A Kubernetes deployment. WorkloadTypeDeployment = "Deployment" )
const DefaultAccessLogType = EnvoyAccessLog
DefaultAccessLogType is the default access log format.
Variables ¶
var ( ExtensionServiceGVR = GroupVersion.WithResource("extensionservices") ContourConfigurationGVR = GroupVersion.WithResource("contourconfigurations") ContourDeploymentGVR = GroupVersion.WithResource("contourdeployments") )
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "projectcontour.io", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
var DefaultAccessLogJSONFields = AccessLogJSONFields([]string{
"@timestamp",
"authority",
"bytes_received",
"bytes_sent",
"downstream_local_address",
"downstream_remote_address",
"duration",
"method",
"path",
"protocol",
"request_id",
"requested_server_name",
"response_code",
"response_flags",
"uber_trace_id",
"upstream_cluster",
"upstream_host",
"upstream_local_address",
"upstream_service_time",
"user_agent",
"x_forwarded_for",
"grpc_status",
})
DefaultAccessLogJSONFields are fields that will be included by default when JSON logging is enabled.
var DefaultTLSCiphers = []string{
"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]",
"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]",
"ECDHE-ECDSA-AES256-GCM-SHA384",
"ECDHE-RSA-AES256-GCM-SHA384",
}
DefaultTLSCiphers contains the list of default ciphers used by Contour. A handful are commented out, as they're arguably less secure. They're also unnecessary - most of the clients that might need to use the commented ciphers are unable to connect without TLS 1.0, which contour never enables.
This list is ignored if the client and server negotiate TLS 1.3.
The commented ciphers are left in place to simplify updating this list for future versions of envoy.
var ValidTLSCiphers = map[string]struct{}{
"[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]": {},
"[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]": {},
"ECDHE-ECDSA-AES128-GCM-SHA256": {},
"ECDHE-RSA-AES128-GCM-SHA256": {},
"ECDHE-ECDSA-AES128-SHA": {},
"ECDHE-RSA-AES128-SHA": {},
"AES128-GCM-SHA256": {},
"AES128-SHA": {},
"ECDHE-ECDSA-AES256-GCM-SHA384": {},
"ECDHE-RSA-AES256-GCM-SHA384": {},
"ECDHE-ECDSA-AES256-SHA": {},
"ECDHE-RSA-AES256-SHA": {},
"AES256-GCM-SHA384": {},
"AES256-SHA": {},
}
ValidTLSCiphers contains the list of TLS ciphers that Envoy supports See: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters Note: This list is a superset of what is valid for stock Envoy builds and those using BoringSSL FIPS.
Functions ¶
This section is empty.
Types ¶
type AccessLogFormatString ¶ added in v1.22.0
type AccessLogFormatString string
func (AccessLogFormatString) Validate ¶ added in v1.22.0
func (s AccessLogFormatString) Validate() error
type AccessLogJSONFields ¶ added in v1.22.0
type AccessLogJSONFields []string
func (AccessLogJSONFields) AsFieldMap ¶ added in v1.22.0
func (a AccessLogJSONFields) AsFieldMap() map[string]string
func (AccessLogJSONFields) DeepCopy ¶ added in v1.22.0
func (in AccessLogJSONFields) DeepCopy() AccessLogJSONFields
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogJSONFields.
func (AccessLogJSONFields) DeepCopyInto ¶ added in v1.22.0
func (in AccessLogJSONFields) DeepCopyInto(out *AccessLogJSONFields)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (AccessLogJSONFields) Validate ¶ added in v1.22.0
func (a AccessLogJSONFields) Validate() error
type AccessLogLevel ¶ added in v1.21.0
type AccessLogLevel string
const ( // Log all requests. This is the default. LogLevelInfo AccessLogLevel = "info" // Log only requests that result in an error. LogLevelError AccessLogLevel = "error" // Disable the access log. LogLevelDisabled AccessLogLevel = "disabled" )
func (AccessLogLevel) Validate ¶ added in v1.21.0
func (a AccessLogLevel) Validate() error
type AccessLogType ¶ added in v1.19.0
type AccessLogType string
AccessLogType is the name of a supported access logging mechanism.
const ( // Set the Envoy access logging to Envoy's standard format. // Can be customized using `accessLogFormatString`. EnvoyAccessLog AccessLogType = "envoy" // Set the Envoy access logging to a JSON format. // Can be customized using `jsonFields`. JSONAccessLog AccessLogType = "json" )
func (AccessLogType) Validate ¶ added in v1.19.0
func (a AccessLogType) Validate() error
type ClusterDNSFamilyType ¶ added in v1.19.0
type ClusterDNSFamilyType string
ClusterDNSFamilyType is the Ip family to use for resolving DNS names in an Envoy cluster config.
const ( // DNS lookups will do a v6 lookup first, followed by a v4 if that fails. AutoClusterDNSFamily ClusterDNSFamilyType = "auto" // DNS lookups will only attempt v4 queries. IPv4ClusterDNSFamily ClusterDNSFamilyType = "v4" // DNS lookups will only attempt v6 queries. IPv6ClusterDNSFamily ClusterDNSFamilyType = "v6" )
func (ClusterDNSFamilyType) Validate ¶ added in v1.21.0
func (d ClusterDNSFamilyType) Validate() error
type ClusterParameters ¶ added in v1.19.0
type ClusterParameters struct {
// DNSLookupFamily defines how external names are looked up
// When configured as V4, the DNS resolver will only perform a lookup
// for addresses in the IPv4 family. If V6 is configured, the DNS resolver
// will only perform a lookup for addresses in the IPv6 family.
// If AUTO is configured, the DNS resolver will first perform a lookup
// for addresses in the IPv6 family and fallback to a lookup for addresses
// in the IPv4 family.
// Note: This only applies to externalName clusters.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto.html#envoy-v3-api-enum-config-cluster-v3-cluster-dnslookupfamily
// for more information.
//
// Values: `auto` (default), `v4`, `v6`.
//
// Other values will produce an error.
// +optional
DNSLookupFamily ClusterDNSFamilyType `json:"dnsLookupFamily,omitempty"`
}
ClusterParameters holds various configurable cluster values.
func (*ClusterParameters) DeepCopy ¶ added in v1.19.0
func (in *ClusterParameters) DeepCopy() *ClusterParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterParameters.
func (*ClusterParameters) DeepCopyInto ¶ added in v1.19.0
func (in *ClusterParameters) DeepCopyInto(out *ClusterParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ContourConfiguration ¶ added in v1.19.0
type ContourConfiguration struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ContourConfigurationSpec `json:"spec"`
// +optional
Status ContourConfigurationStatus `json:"status,omitempty"`
}
ContourConfiguration is the schema for a Contour instance.
func (*ContourConfiguration) DeepCopy ¶ added in v1.19.0
func (in *ContourConfiguration) DeepCopy() *ContourConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourConfiguration.
func (*ContourConfiguration) DeepCopyInto ¶ added in v1.19.0
func (in *ContourConfiguration) DeepCopyInto(out *ContourConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContourConfiguration) DeepCopyObject ¶ added in v1.19.0
func (in *ContourConfiguration) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ContourConfigurationList ¶ added in v1.19.0
type ContourConfigurationList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ContourConfiguration `json:"items"`
}
ContourConfigurationList contains a list of Contour configuration resources.
func (*ContourConfigurationList) DeepCopy ¶ added in v1.19.0
func (in *ContourConfigurationList) DeepCopy() *ContourConfigurationList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourConfigurationList.
func (*ContourConfigurationList) DeepCopyInto ¶ added in v1.19.0
func (in *ContourConfigurationList) DeepCopyInto(out *ContourConfigurationList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContourConfigurationList) DeepCopyObject ¶ added in v1.19.0
func (in *ContourConfigurationList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ContourConfigurationSpec ¶ added in v1.19.0
type ContourConfigurationSpec struct {
// XDSServer contains parameters for the xDS server.
// +optional
XDSServer *XDSServerConfig `json:"xdsServer,omitempty"`
// Ingress contains parameters for ingress options.
// +optional
Ingress *IngressConfig `json:"ingress,omitempty"`
// Debug contains parameters to enable debug logging
// and debug interfaces inside Contour.
// +optional
Debug *DebugConfig `json:"debug,omitempty"`
// Health defines the endpoints Contour uses to serve health checks.
//
// Contour's default is { address: "0.0.0.0", port: 8000 }.
// +optional
Health *HealthConfig `json:"health,omitempty"`
// Envoy contains parameters for Envoy as well
// as how to optionally configure a managed Envoy fleet.
// +optional
Envoy *EnvoyConfig `json:"envoy,omitempty"`
// Gateway contains parameters for the gateway-api Gateway that Contour
// is configured to serve traffic.
// +optional
Gateway *GatewayConfig `json:"gateway,omitempty"`
// HTTPProxy defines parameters on HTTPProxy.
// +optional
HTTPProxy *HTTPProxyConfig `json:"httpproxy,omitempty"`
// EnableExternalNameService allows processing of ExternalNameServices
//
// Contour's default is false for security reasons.
// +optional
EnableExternalNameService *bool `json:"enableExternalNameService,omitempty"`
// RateLimitService optionally holds properties of the Rate Limit Service
// to be used for global rate limiting.
// +optional
RateLimitService *RateLimitServiceConfig `json:"rateLimitService,omitempty"`
// Policy specifies default policy applied if not overridden by the user
// +optional
Policy *PolicyConfig `json:"policy,omitempty"`
// Metrics defines the endpoint Contour uses to serve metrics.
//
// Contour's default is { address: "0.0.0.0", port: 8000 }.
// +optional
Metrics *MetricsConfig `json:"metrics,omitempty"`
}
ContourConfigurationSpec represents a configuration of a Contour controller. It contains most of all the options that can be customized, the other remaining options being command line flags.
func (*ContourConfigurationSpec) DeepCopy ¶ added in v1.19.0
func (in *ContourConfigurationSpec) DeepCopy() *ContourConfigurationSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourConfigurationSpec.
func (*ContourConfigurationSpec) DeepCopyInto ¶ added in v1.19.0
func (in *ContourConfigurationSpec) DeepCopyInto(out *ContourConfigurationSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContourConfigurationSpec) Validate ¶ added in v1.20.0
func (c *ContourConfigurationSpec) Validate() error
Validate configuration that is not already covered by CRD validation.
type ContourConfigurationStatus ¶ added in v1.19.0
type ContourConfigurationStatus struct {
// Conditions contains the current status of the Contour resource.
//
// Contour will update a single condition, `Valid`, that is in normal-true polarity.
//
// Contour will not modify any other Conditions set in this block,
// in case some other controller wants to add a Condition.
//
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
// +listType=map
// +listMapKey=type
Conditions []contour_api_v1.DetailedCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
}
ContourConfigurationStatus defines the observed state of a ContourConfiguration resource.
func (*ContourConfigurationStatus) DeepCopy ¶ added in v1.19.0
func (in *ContourConfigurationStatus) DeepCopy() *ContourConfigurationStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourConfigurationStatus.
func (*ContourConfigurationStatus) DeepCopyInto ¶ added in v1.19.0
func (in *ContourConfigurationStatus) DeepCopyInto(out *ContourConfigurationStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ContourDeployment ¶ added in v1.19.0
type ContourDeployment struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ContourDeploymentSpec `json:"spec,omitempty"`
Status ContourDeploymentStatus `json:"status,omitempty"`
}
ContourDeployment is the schema for a Contour Deployment.
func (*ContourDeployment) DeepCopy ¶ added in v1.19.0
func (in *ContourDeployment) DeepCopy() *ContourDeployment
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourDeployment.
func (*ContourDeployment) DeepCopyInto ¶ added in v1.19.0
func (in *ContourDeployment) DeepCopyInto(out *ContourDeployment)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContourDeployment) DeepCopyObject ¶ added in v1.19.0
func (in *ContourDeployment) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ContourDeploymentList ¶ added in v1.19.0
type ContourDeploymentList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ContourDeployment `json:"items"`
}
ContourDeploymentList contains a list of Contour Deployment resources.
func (*ContourDeploymentList) DeepCopy ¶ added in v1.19.0
func (in *ContourDeploymentList) DeepCopy() *ContourDeploymentList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourDeploymentList.
func (*ContourDeploymentList) DeepCopyInto ¶ added in v1.19.0
func (in *ContourDeploymentList) DeepCopyInto(out *ContourDeploymentList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ContourDeploymentList) DeepCopyObject ¶ added in v1.19.0
func (in *ContourDeploymentList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ContourDeploymentSpec ¶ added in v1.19.0
type ContourDeploymentSpec struct {
// Contour specifies deployment-time settings for the Contour
// part of the installation, i.e. the xDS server/control plane
// and associated resources, including things like replica count
// for the Deployment, and node placement constraints for the pods.
//
// +optional
Contour *ContourSettings `json:"contour,omitempty"`
// Envoy specifies deployment-time settings for the Envoy
// part of the installation, i.e. the xDS client/data plane
// and associated resources, including things like the workload
// type to use (DaemonSet or Deployment), node placement constraints
// for the pods, and various options for the Envoy service.
//
// +optional
Envoy *EnvoySettings `json:"envoy,omitempty"`
// RuntimeSettings is a ContourConfiguration spec to be used when
// provisioning a Contour instance that will influence aspects of
// the Contour instance's runtime behavior.
//
// +optional
RuntimeSettings *ContourConfigurationSpec `json:"runtimeSettings,omitempty"`
// ResourceLabels is a set of labels to add to the provisioned Contour resources.
// +optional
ResourceLabels map[string]string `json:"resourceLabels,omitempty"`
}
ContourDeploymentSpec specifies options for how a Contour instance should be provisioned.
func (*ContourDeploymentSpec) DeepCopy ¶ added in v1.19.0
func (in *ContourDeploymentSpec) DeepCopy() *ContourDeploymentSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourDeploymentSpec.
func (*ContourDeploymentSpec) DeepCopyInto ¶ added in v1.19.0
func (in *ContourDeploymentSpec) DeepCopyInto(out *ContourDeploymentSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ContourDeploymentStatus ¶ added in v1.19.0
type ContourDeploymentStatus struct {
// Conditions describe the current conditions of the ContourDeployment resource.
//
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
// +listType=map
// +listMapKey=type
Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
}
ContourDeploymentStatus defines the observed state of a ContourDeployment resource.
func (*ContourDeploymentStatus) DeepCopy ¶ added in v1.19.0
func (in *ContourDeploymentStatus) DeepCopy() *ContourDeploymentStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourDeploymentStatus.
func (*ContourDeploymentStatus) DeepCopyInto ¶ added in v1.19.0
func (in *ContourDeploymentStatus) DeepCopyInto(out *ContourDeploymentStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ContourSettings ¶ added in v1.21.0
type ContourSettings struct {
// Replicas is the desired number of Contour replicas. If unset,
// defaults to 2.
//
// +kubebuilder:validation:Minimum=0
Replicas int32 `json:"replicas,omitempty"`
// NodePlacement describes node scheduling configuration of Contour pods.
//
// +optional
NodePlacement *NodePlacement `json:"nodePlacement,omitempty"`
// KubernetesLogLevel Enable Kubernetes client debug logging with log level. If unset,
// defaults to 0.
//
// +kubebuilder:validation:Minimum=0
// +kubebuilder:validation:Maximum=9
// +optional
KubernetesLogLevel uint8 `json:"kubernetesLogLevel,omitempty"`
// LogLevel sets the log level for Contour
// Allowed values are "info", "debug".
//
// +optional
LogLevel LogLevel `json:"logLevel,omitempty"`
// Compute Resources required by contour container.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// +optional
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
}
ContourSettings contains settings for the Contour part of the installation, i.e. the xDS server/control plane and associated resources.
func (*ContourSettings) DeepCopy ¶ added in v1.21.0
func (in *ContourSettings) DeepCopy() *ContourSettings
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContourSettings.
func (*ContourSettings) DeepCopyInto ¶ added in v1.21.0
func (in *ContourSettings) DeepCopyInto(out *ContourSettings)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DebugConfig ¶ added in v1.19.0
type DebugConfig struct {
// Defines the Contour debug address interface.
//
// Contour's default is "127.0.0.1".
// +optional
Address string `json:"address,omitempty"`
// Defines the Contour debug address port.
//
// Contour's default is 6060.
// +optional
Port int `json:"port,omitempty"`
}
DebugConfig contains Contour specific troubleshooting options.
func (*DebugConfig) DeepCopy ¶ added in v1.19.0
func (in *DebugConfig) DeepCopy() *DebugConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DebugConfig.
func (*DebugConfig) DeepCopyInto ¶ added in v1.19.0
func (in *DebugConfig) DeepCopyInto(out *DebugConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EnvoyConfig ¶ added in v1.19.0
type EnvoyConfig struct {
// Listener hold various configurable Envoy listener values.
// +optional
Listener *EnvoyListenerConfig `json:"listener,omitempty"`
// Service holds Envoy service parameters for setting Ingress status.
//
// Contour's default is { namespace: "projectcontour", name: "envoy" }.
// +optional
Service *NamespacedName `json:"service,omitempty"`
// Defines the HTTP Listener for Envoy.
//
// Contour's default is { address: "0.0.0.0", port: 8080, accessLog: "/dev/stdout" }.
// +optional
HTTPListener *EnvoyListener `json:"http,omitempty"`
// Defines the HTTPS Listener for Envoy.
//
// Contour's default is { address: "0.0.0.0", port: 8443, accessLog: "/dev/stdout" }.
// +optional
HTTPSListener *EnvoyListener `json:"https,omitempty"`
// Health defines the endpoint Envoy uses to serve health checks.
//
// Contour's default is { address: "0.0.0.0", port: 8002 }.
// +optional
Health *HealthConfig `json:"health,omitempty"`
// Metrics defines the endpoint Envoy uses to serve metrics.
//
// Contour's default is { address: "0.0.0.0", port: 8002 }.
// +optional
Metrics *MetricsConfig `json:"metrics,omitempty"`
// ClientCertificate defines the namespace/name of the Kubernetes
// secret containing the client certificate and private key
// to be used when establishing TLS connection to upstream
// cluster.
// +optional
ClientCertificate *NamespacedName `json:"clientCertificate,omitempty"`
// Logging defines how Envoy's logs can be configured.
// +optional
Logging *EnvoyLogging `json:"logging,omitempty"`
// DefaultHTTPVersions defines the default set of HTTPS
// versions the proxy should accept. HTTP versions are
// strings of the form "HTTP/xx". Supported versions are
// "HTTP/1.1" and "HTTP/2".
//
// Values: `HTTP/1.1`, `HTTP/2` (default: both).
//
// Other values will produce an error.
// +optional
DefaultHTTPVersions []HTTPVersionType `json:"defaultHTTPVersions,omitempty"`
// Timeouts holds various configurable timeouts that can
// be set in the config file.
// +optional
Timeouts *TimeoutParameters `json:"timeouts,omitempty"`
// Cluster holds various configurable Envoy cluster values that can
// be set in the config file.
// +optional
Cluster *ClusterParameters `json:"cluster,omitempty"`
// Network holds various configurable Envoy network values.
// +optional
Network *NetworkParameters `json:"network,omitempty"`
}
EnvoyConfig defines how Envoy is to be Configured from Contour.
func (*EnvoyConfig) DeepCopy ¶ added in v1.19.0
func (in *EnvoyConfig) DeepCopy() *EnvoyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyConfig.
func (*EnvoyConfig) DeepCopyInto ¶ added in v1.19.0
func (in *EnvoyConfig) DeepCopyInto(out *EnvoyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EnvoyConfig) Validate ¶ added in v1.20.0
func (e *EnvoyConfig) Validate() error
Validate configuration that cannot be handled with CRD validation.
type EnvoyListener ¶ added in v1.19.0
type EnvoyListener struct {
// Defines an Envoy Listener Address.
// +kubebuilder:validation:MinLength=1
// +optional
Address string `json:"address,omitempty"`
// Defines an Envoy listener Port.
// +optional
Port int `json:"port,omitempty"`
// AccessLog defines where Envoy logs are outputted for this listener.
// +optional
AccessLog string `json:"accessLog,omitempty"`
}
EnvoyListener defines parameters for an Envoy Listener.
func (*EnvoyListener) DeepCopy ¶ added in v1.19.0
func (in *EnvoyListener) DeepCopy() *EnvoyListener
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyListener.
func (*EnvoyListener) DeepCopyInto ¶ added in v1.19.0
func (in *EnvoyListener) DeepCopyInto(out *EnvoyListener)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EnvoyListenerConfig ¶ added in v1.19.0
type EnvoyListenerConfig struct {
// Use PROXY protocol for all listeners.
//
// Contour's default is false.
// +optional
UseProxyProto *bool `json:"useProxyProtocol,omitempty"`
// DisableAllowChunkedLength disables the RFC-compliant Envoy behavior to
// strip the "Content-Length" header if "Transfer-Encoding: chunked" is
// also set. This is an emergency off-switch to revert back to Envoy's
// default behavior in case of failures. Please file an issue if failures
// are encountered.
// See: https://github.com/projectcontour/contour/issues/3221
//
// Contour's default is false.
// +optional
DisableAllowChunkedLength *bool `json:"disableAllowChunkedLength,omitempty"`
// DisableMergeSlashes disables Envoy's non-standard merge_slashes path transformation option
// which strips duplicate slashes from request URL paths.
//
// Contour's default is false.
// +optional
DisableMergeSlashes *bool `json:"disableMergeSlashes,omitempty"`
// ConnectionBalancer. If the value is exact, the listener will use the exact connection balancer
// See https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/listener.proto#envoy-api-msg-listener-connectionbalanceconfig
// for more information.
//
// Values: (empty string): use the default ConnectionBalancer, `exact`: use the Exact ConnectionBalancer.
//
// Other values will produce an error.
// +optional
ConnectionBalancer string `json:"connectionBalancer,omitempty"`
// TLS holds various configurable Envoy TLS listener values.
// +optional
TLS *EnvoyTLS `json:"tls,omitempty"`
}
EnvoyListenerConfig hold various configurable Envoy listener values.
func (*EnvoyListenerConfig) DeepCopy ¶ added in v1.19.0
func (in *EnvoyListenerConfig) DeepCopy() *EnvoyListenerConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyListenerConfig.
func (*EnvoyListenerConfig) DeepCopyInto ¶ added in v1.19.0
func (in *EnvoyListenerConfig) DeepCopyInto(out *EnvoyListenerConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EnvoyLogging ¶ added in v1.19.0
type EnvoyLogging struct {
// AccessLogFormat sets the global access log format.
//
// Values: `envoy` (default), `json`.
//
// Other values will produce an error.
// +optional
AccessLogFormat AccessLogType `json:"accessLogFormat,omitempty"`
// AccessLogFormatString sets the access log format when format is set to `envoy`.
// When empty, Envoy's default format is used.
// +optional
AccessLogFormatString string `json:"accessLogFormatString,omitempty"`
// AccessLogJSONFields sets the fields that JSON logging will
// output when AccessLogFormat is json.
// +optional
AccessLogJSONFields AccessLogJSONFields `json:"accessLogJSONFields,omitempty"`
// AccessLogLevel sets the verbosity level of the access log.
//
// Values: `info` (default, meaning all requests are logged), `error` and `disabled`.
//
// Other values will produce an error.
// +optional
AccessLogLevel AccessLogLevel `json:"accessLogLevel,omitempty"`
}
EnvoyLogging defines how Envoy's logs can be configured.
func (*EnvoyLogging) AccessLogFormatterExtensions ¶ added in v1.22.0
func (e *EnvoyLogging) AccessLogFormatterExtensions() []string
AccessLogFormatterExtensions returns a list of formatter extension names required by the access log format.
Note: When adding support for new formatter, update the list of extensions here and add corresponding configuration in internal/envoy/v3/accesslog.go extensionConfig(). Currently only one extension exist in Envoy.
func (*EnvoyLogging) DeepCopy ¶ added in v1.19.0
func (in *EnvoyLogging) DeepCopy() *EnvoyLogging
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyLogging.
func (*EnvoyLogging) DeepCopyInto ¶ added in v1.19.0
func (in *EnvoyLogging) DeepCopyInto(out *EnvoyLogging)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EnvoyLogging) Validate ¶ added in v1.21.0
func (e *EnvoyLogging) Validate() error
type EnvoySettings ¶ added in v1.21.0
type EnvoySettings struct {
// WorkloadType is the type of workload to install Envoy
// as. Choices are DaemonSet and Deployment. If unset, defaults
// to DaemonSet.
//
// +optional
WorkloadType WorkloadType `json:"workloadType,omitempty"`
// Replicas is the desired number of Envoy replicas. If WorkloadType
// is not "Deployment", this field is ignored. Otherwise, if unset,
// defaults to 2.
//
// +kubebuilder:validation:Minimum=0
Replicas int32 `json:"replicas,omitempty"`
// NetworkPublishing defines how to expose Envoy to a network.
//
// +optional.
NetworkPublishing *NetworkPublishing `json:"networkPublishing,omitempty"`
// NodePlacement describes node scheduling configuration of Envoy pods.
//
// +optional
NodePlacement *NodePlacement `json:"nodePlacement,omitempty"`
// ExtraVolumes holds the extra volumes to add.
// +optional
ExtraVolumes []corev1.Volume `json:"extraVolumes,omitempty"`
// ExtraVolumeMounts holds the extra volume mounts to add (normally used with extraVolumes).
// +optional
ExtraVolumeMounts []corev1.VolumeMount `json:"extraVolumeMounts,omitempty"`
// PodAnnotations defines annotations to add to the Envoy pods.
// +optional
PodAnnotations map[string]string `json:"podAnnotations,omitempty"`
// Compute Resources required by envoy container.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
// +optional
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
}
EnvoySettings contains settings for the Envoy part of the installation, i.e. the xDS client/data plane and associated resources.
func (*EnvoySettings) DeepCopy ¶ added in v1.21.0
func (in *EnvoySettings) DeepCopy() *EnvoySettings
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoySettings.
func (*EnvoySettings) DeepCopyInto ¶ added in v1.21.0
func (in *EnvoySettings) DeepCopyInto(out *EnvoySettings)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EnvoyTLS ¶ added in v1.19.0
type EnvoyTLS struct {
// MinimumProtocolVersion is the minimum TLS version this vhost should
// negotiate.
//
// Values: `1.2` (default), `1.3`.
//
// Other values will produce an error.
// +optional
MinimumProtocolVersion string `json:"minimumProtocolVersion,omitempty"`
// CipherSuites defines the TLS ciphers to be supported by Envoy TLS
// listeners when negotiating TLS 1.2. Ciphers are validated against the
// set that Envoy supports by default. This parameter should only be used
// by advanced users. Note that these will be ignored when TLS 1.3 is in
// use.
//
// This field is optional; when it is undefined, a Contour-managed ciphersuite list
// will be used, which may be updated to keep it secure.
//
// Contour's default list is:
// - "[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]"
// - "[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]"
// - "ECDHE-ECDSA-AES256-GCM-SHA384"
// - "ECDHE-RSA-AES256-GCM-SHA384"
//
// Ciphers provided are validated against the following list:
// - "[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]"
// - "[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]"
// - "ECDHE-ECDSA-AES128-GCM-SHA256"
// - "ECDHE-RSA-AES128-GCM-SHA256"
// - "ECDHE-ECDSA-AES128-SHA"
// - "ECDHE-RSA-AES128-SHA"
// - "AES128-GCM-SHA256"
// - "AES128-SHA"
// - "ECDHE-ECDSA-AES256-GCM-SHA384"
// - "ECDHE-RSA-AES256-GCM-SHA384"
// - "ECDHE-ECDSA-AES256-SHA"
// - "ECDHE-RSA-AES256-SHA"
// - "AES256-GCM-SHA384"
// - "AES256-SHA"
//
// Contour recommends leaving this undefined unless you are sure you must.
//
// See: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#extensions-transport-sockets-tls-v3-tlsparameters
// Note: This list is a superset of what is valid for stock Envoy builds and those using BoringSSL FIPS.
// +optional
CipherSuites []string `json:"cipherSuites,omitempty"`
}
EnvoyTLS describes tls parameters for Envoy listneners.
func (*EnvoyTLS) DeepCopy ¶ added in v1.19.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EnvoyTLS.
func (*EnvoyTLS) DeepCopyInto ¶ added in v1.19.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*EnvoyTLS) SanitizedCipherSuites ¶ added in v1.22.0
SanitizedCipherSuites returns a deduplicated list of TLS ciphers. Order is maintained.
type ExtensionProtocolVersion ¶
type ExtensionProtocolVersion string
ExtensionProtocolVersion is the version of the GRPC protocol used to access extension services. The only version currently supported is "v3".
const ( // SupportProtocolVersion2 requests the "v2" support protocol version. // // Deprecated: this protocol version is no longer supported and the // constant is retained for backwards compatibility only. SupportProtocolVersion2 ExtensionProtocolVersion = "v2" // SupportProtocolVersion3 requests the "v3" support protocol version. SupportProtocolVersion3 ExtensionProtocolVersion = "v3" )
type ExtensionService ¶
type ExtensionService struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ExtensionServiceSpec `json:"spec,omitempty"`
Status ExtensionServiceStatus `json:"status,omitempty"`
}
ExtensionService is the schema for the Contour extension services API. An ExtensionService resource binds a network service to the Contour API so that Contour API features can be implemented by collaborating components.
func (*ExtensionService) DeepCopy ¶
func (in *ExtensionService) DeepCopy() *ExtensionService
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionService.
func (*ExtensionService) DeepCopyInto ¶
func (in *ExtensionService) DeepCopyInto(out *ExtensionService)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ExtensionService) DeepCopyObject ¶
func (in *ExtensionService) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ExtensionServiceList ¶
type ExtensionServiceList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ExtensionService `json:"items"`
}
ExtensionServiceList contains a list of ExtensionService resources.
func (*ExtensionServiceList) DeepCopy ¶
func (in *ExtensionServiceList) DeepCopy() *ExtensionServiceList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceList.
func (*ExtensionServiceList) DeepCopyInto ¶
func (in *ExtensionServiceList) DeepCopyInto(out *ExtensionServiceList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ExtensionServiceList) DeepCopyObject ¶
func (in *ExtensionServiceList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ExtensionServiceSpec ¶
type ExtensionServiceSpec struct {
// Services specifies the set of Kubernetes Service resources that
// receive GRPC extension API requests.
// If no weights are specified for any of the entries in
// this array, traffic will be spread evenly across all the
// services.
// Otherwise, traffic is balanced proportionally to the
// Weight field in each entry.
//
// +required
// +kubebuilder:validation:MinItems=1
Services []ExtensionServiceTarget `json:"services"`
// UpstreamValidation defines how to verify the backend service's certificate
// +optional
UpstreamValidation *contour_api_v1.UpstreamValidation `json:"validation,omitempty"`
// Protocol may be used to specify (or override) the protocol used to reach this Service.
// Values may be h2 or h2c. If omitted, protocol-selection falls back on Service annotations.
//
// +optional
// +kubebuilder:validation:Enum=h2;h2c
Protocol *string `json:"protocol,omitempty"`
// The policy for load balancing GRPC service requests. Note that the
// `Cookie` and `RequestHash` load balancing strategies cannot be used
// here.
//
// +optional
LoadBalancerPolicy *contour_api_v1.LoadBalancerPolicy `json:"loadBalancerPolicy,omitempty"`
// The timeout policy for requests to the services.
//
// +optional
TimeoutPolicy *contour_api_v1.TimeoutPolicy `json:"timeoutPolicy,omitempty"`
// This field sets the version of the GRPC protocol that Envoy uses to
// send requests to the extension service. Since Contour always uses the
// v3 Envoy API, this is currently fixed at "v3". However, other
// protocol options will be available in future.
//
// +optional
// +kubebuilder:validation:Enum=v3
ProtocolVersion ExtensionProtocolVersion `json:"protocolVersion,omitempty"`
}
ExtensionServiceSpec defines the desired state of an ExtensionService resource.
func (*ExtensionServiceSpec) DeepCopy ¶
func (in *ExtensionServiceSpec) DeepCopy() *ExtensionServiceSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceSpec.
func (*ExtensionServiceSpec) DeepCopyInto ¶
func (in *ExtensionServiceSpec) DeepCopyInto(out *ExtensionServiceSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExtensionServiceStatus ¶
type ExtensionServiceStatus struct {
// Conditions contains the current status of the ExtensionService resource.
//
// Contour will update a single condition, `Valid`, that is in normal-true polarity.
//
// Contour will not modify any other Conditions set in this block,
// in case some other controller wants to add a Condition.
//
// +optional
// +patchMergeKey=type
// +patchStrategy=merge
// +listType=map
// +listMapKey=type
Conditions []contour_api_v1.DetailedCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
}
ExtensionServiceStatus defines the observed state of an ExtensionService resource.
func (*ExtensionServiceStatus) DeepCopy ¶
func (in *ExtensionServiceStatus) DeepCopy() *ExtensionServiceStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceStatus.
func (*ExtensionServiceStatus) DeepCopyInto ¶
func (in *ExtensionServiceStatus) DeepCopyInto(out *ExtensionServiceStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ExtensionServiceStatus) GetConditionFor ¶ added in v1.9.0
func (status *ExtensionServiceStatus) GetConditionFor(condType string) *contour_api_v1.DetailedCondition
GetConditionFor returns the a pointer to the condition for a given type, or nil if there are none currently present.
type ExtensionServiceTarget ¶ added in v1.9.0
type ExtensionServiceTarget struct {
// Name is the name of Kubernetes service that will accept service
// traffic.
//
// +required
Name string `json:"name"`
// Port (defined as Integer) to proxy traffic to since a service can have multiple defined.
//
// +required
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65536
// +kubebuilder:validation:ExclusiveMinimum=false
// +kubebuilder:validation:ExclusiveMaximum=true
Port int `json:"port"`
// Weight defines proportion of traffic to balance to the Kubernetes Service.
//
// +optional
Weight uint32 `json:"weight,omitempty"`
}
ExtensionServiceTarget defines an Kubernetes Service to target with extension service traffic.
func (*ExtensionServiceTarget) DeepCopy ¶ added in v1.9.0
func (in *ExtensionServiceTarget) DeepCopy() *ExtensionServiceTarget
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtensionServiceTarget.
func (*ExtensionServiceTarget) DeepCopyInto ¶ added in v1.9.0
func (in *ExtensionServiceTarget) DeepCopyInto(out *ExtensionServiceTarget)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GatewayConfig ¶ added in v1.19.0
type GatewayConfig struct {
// ControllerName is used to determine whether Contour should reconcile a
// GatewayClass. The string takes the form of "projectcontour.io/<namespace>/contour".
// If unset, the gatewayclass controller will not be started.
// Exactly one of ControllerName or GatewayRef must be set.
// +optional
ControllerName string `json:"controllerName,omitempty"`
// GatewayRef defines a specific Gateway that this Contour
// instance corresponds to. If set, Contour will reconcile
// only this gateway, and will not reconcile any gateway
// classes.
// Exactly one of ControllerName or GatewayRef must be set.
// +optional
GatewayRef *NamespacedName `json:"gatewayRef,omitempty"`
}
GatewayConfig holds the config for Gateway API controllers.
func (*GatewayConfig) DeepCopy ¶ added in v1.19.0
func (in *GatewayConfig) DeepCopy() *GatewayConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayConfig.
func (*GatewayConfig) DeepCopyInto ¶ added in v1.19.0
func (in *GatewayConfig) DeepCopyInto(out *GatewayConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GatewayConfig) Validate ¶ added in v1.21.0
func (g *GatewayConfig) Validate() error
Validate ensures that exactly one of ControllerName or GatewayRef are specified.
type HTTPProxyConfig ¶ added in v1.19.0
type HTTPProxyConfig struct {
// DisablePermitInsecure disables the use of the
// permitInsecure field in HTTPProxy.
//
// Contour's default is false.
// +optional
DisablePermitInsecure *bool `json:"disablePermitInsecure,omitempty"`
// Restrict Contour to searching these namespaces for root ingress routes.
// +optional
RootNamespaces []string `json:"rootNamespaces,omitempty"`
// FallbackCertificate defines the namespace/name of the Kubernetes secret to
// use as fallback when a non-SNI request is received.
// +optional
FallbackCertificate *NamespacedName `json:"fallbackCertificate,omitempty"`
}
HTTPProxyConfig defines parameters on HTTPProxy.
func (*HTTPProxyConfig) DeepCopy ¶ added in v1.19.0
func (in *HTTPProxyConfig) DeepCopy() *HTTPProxyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPProxyConfig.
func (*HTTPProxyConfig) DeepCopyInto ¶ added in v1.19.0
func (in *HTTPProxyConfig) DeepCopyInto(out *HTTPProxyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HTTPVersionType ¶ added in v1.19.0
type HTTPVersionType string
HTTPVersionType is the name of a supported HTTP version.
const ( // HTTPVersion1 is the name of the HTTP/1.1 version. HTTPVersion1 HTTPVersionType = "HTTP/1.1" // HTTPVersion2 is the name of the HTTP/2 version. HTTPVersion2 HTTPVersionType = "HTTP/2" )
type HeadersPolicy ¶ added in v1.19.0
type HeadersPolicy struct {
// +optional
Set map[string]string `json:"set,omitempty"`
// +optional
Remove []string `json:"remove,omitempty"`
}
func (*HeadersPolicy) DeepCopy ¶ added in v1.19.0
func (in *HeadersPolicy) DeepCopy() *HeadersPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HeadersPolicy.
func (*HeadersPolicy) DeepCopyInto ¶ added in v1.19.0
func (in *HeadersPolicy) DeepCopyInto(out *HeadersPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type HealthConfig ¶ added in v1.19.0
type HealthConfig struct {
// Defines the health address interface.
// +kubebuilder:validation:MinLength=1
// +optional
Address string `json:"address,omitempty"`
// Defines the health port.
// +optional
Port int `json:"port,omitempty"`
}
HealthConfig defines the endpoints to enable health checks.
func (*HealthConfig) DeepCopy ¶ added in v1.19.0
func (in *HealthConfig) DeepCopy() *HealthConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthConfig.
func (*HealthConfig) DeepCopyInto ¶ added in v1.19.0
func (in *HealthConfig) DeepCopyInto(out *HealthConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IngressConfig ¶ added in v1.19.0
type IngressConfig struct {
// Ingress Class Names Contour should use.
// +optional
ClassNames []string `json:"classNames,omitempty"`
// Address to set in Ingress object status.
// +optional
StatusAddress string `json:"statusAddress,omitempty"`
}
IngressConfig defines ingress specific config items.
func (*IngressConfig) DeepCopy ¶ added in v1.19.0
func (in *IngressConfig) DeepCopy() *IngressConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IngressConfig.
func (*IngressConfig) DeepCopyInto ¶ added in v1.19.0
func (in *IngressConfig) DeepCopyInto(out *IngressConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MetricsConfig ¶ added in v1.19.0
type MetricsConfig struct {
// Defines the metrics address interface.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=253
// +optional
Address string `json:"address,omitempty"`
// Defines the metrics port.
// +optional
Port int `json:"port,omitempty"`
// TLS holds TLS file config details.
// Metrics and health endpoints cannot have same port number when metrics is served over HTTPS.
// +optional
TLS *MetricsTLS `json:"tls,omitempty"`
}
MetricsConfig defines the metrics endpoint.
func (*MetricsConfig) DeepCopy ¶ added in v1.19.0
func (in *MetricsConfig) DeepCopy() *MetricsConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsConfig.
func (*MetricsConfig) DeepCopyInto ¶ added in v1.19.0
func (in *MetricsConfig) DeepCopyInto(out *MetricsConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MetricsTLS ¶ added in v1.20.0
type MetricsTLS struct {
// CA filename.
// +optional
CAFile string `json:"caFile,omitempty"`
// Client certificate filename.
// +optional
CertFile string `json:"certFile,omitempty"`
// Client key filename.
// +optional
KeyFile string `json:"keyFile,omitempty"`
}
TLS holds TLS file config details.
func (*MetricsTLS) DeepCopy ¶ added in v1.20.0
func (in *MetricsTLS) DeepCopy() *MetricsTLS
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsTLS.
func (*MetricsTLS) DeepCopyInto ¶ added in v1.20.0
func (in *MetricsTLS) DeepCopyInto(out *MetricsTLS)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NamespacedName ¶ added in v1.19.0
NamespacedName defines the namespace/name of the Kubernetes resource referred from the config file. Used for Contour config YAML file parsing, otherwise we could use K8s types.NamespacedName.
func (*NamespacedName) DeepCopy ¶ added in v1.19.0
func (in *NamespacedName) DeepCopy() *NamespacedName
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedName.
func (*NamespacedName) DeepCopyInto ¶ added in v1.19.0
func (in *NamespacedName) DeepCopyInto(out *NamespacedName)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NetworkParameters ¶ added in v1.19.0
type NetworkParameters struct {
// XffNumTrustedHops defines the number of additional ingress proxy hops from the
// right side of the x-forwarded-for HTTP header to trust when determining the origin
// client’s IP address.
//
// See https://www.envoyproxy.io/docs/envoy/v1.17.0/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto?highlight=xff_num_trusted_hops
// for more information.
//
// Contour's default is 0.
// +optional
XffNumTrustedHops *uint32 `json:"numTrustedHops,omitempty"`
// Configure the port used to access the Envoy Admin interface.
// If configured to port "0" then the admin interface is disabled.
//
// Contour's default is 9001.
// +optional
EnvoyAdminPort *int `json:"adminPort,omitempty"`
}
NetworkParameters hold various configurable network values.
func (*NetworkParameters) DeepCopy ¶ added in v1.19.0
func (in *NetworkParameters) DeepCopy() *NetworkParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkParameters.
func (*NetworkParameters) DeepCopyInto ¶ added in v1.19.0
func (in *NetworkParameters) DeepCopyInto(out *NetworkParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NetworkPublishing ¶ added in v1.21.0
type NetworkPublishing struct {
// NetworkPublishingType is the type of publishing strategy to use. Valid values are:
//
// * LoadBalancerService
//
// In this configuration, network endpoints for Envoy use container networking.
// A Kubernetes LoadBalancer Service is created to publish Envoy network
// endpoints.
//
// See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
//
// * NodePortService
//
// Publishes Envoy network endpoints using a Kubernetes NodePort Service.
//
// In this configuration, Envoy network endpoints use container networking. A Kubernetes
// NodePort Service is created to publish the network endpoints.
//
// See: https://kubernetes.io/docs/concepts/services-networking/service/#nodeport
//
// * ClusterIPService
//
// Publishes Envoy network endpoints using a Kubernetes ClusterIP Service.
//
// In this configuration, Envoy network endpoints use container networking. A Kubernetes
// ClusterIP Service is created to publish the network endpoints.
//
// See: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
//
// If unset, defaults to LoadBalancerService.
//
// +optional
Type NetworkPublishingType `json:"type,omitempty"`
// ServiceAnnotations is the annotations to add to
// the provisioned Envoy service.
//
// +optional
ServiceAnnotations map[string]string `json:"serviceAnnotations,omitempty"`
}
NetworkPublishing defines the schema for publishing to a network.
func (*NetworkPublishing) DeepCopy ¶ added in v1.21.0
func (in *NetworkPublishing) DeepCopy() *NetworkPublishing
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPublishing.
func (*NetworkPublishing) DeepCopyInto ¶ added in v1.21.0
func (in *NetworkPublishing) DeepCopyInto(out *NetworkPublishing)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NetworkPublishingType ¶ added in v1.21.0
type NetworkPublishingType string
NetworkPublishingType is a way to publish network endpoints.
const ( // LoadBalancerServicePublishingType publishes a network endpoint using a Kubernetes // LoadBalancer Service. LoadBalancerServicePublishingType NetworkPublishingType = "LoadBalancerService" // NodePortServicePublishingType publishes a network endpoint using a Kubernetes // NodePort Service. NodePortServicePublishingType NetworkPublishingType = "NodePortService" // ClusterIPServicePublishingType publishes a network endpoint using a Kubernetes // ClusterIP Service. ClusterIPServicePublishingType NetworkPublishingType = "ClusterIPService" )
type NodePlacement ¶ added in v1.21.0
type NodePlacement struct {
// NodeSelector is the simplest recommended form of node selection constraint
// and specifies a map of key-value pairs. For the pod to be eligible
// to run on a node, the node must have each of the indicated key-value pairs
// as labels (it can have additional labels as well).
//
// If unset, the pod(s) will be scheduled to any available node.
//
// +optional
NodeSelector map[string]string `json:"nodeSelector,omitempty"`
// Tolerations work with taints to ensure that pods are not scheduled
// onto inappropriate nodes. One or more taints are applied to a node; this
// marks that the node should not accept any pods that do not tolerate the
// taints.
//
// The default is an empty list.
//
// See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
// for additional details.
//
// +optional
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
}
NodePlacement describes node scheduling configuration for pods. If nodeSelector and tolerations are specified, the scheduler will use both to determine where to place the pod(s).
func (*NodePlacement) DeepCopy ¶ added in v1.21.0
func (in *NodePlacement) DeepCopy() *NodePlacement
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodePlacement.
func (*NodePlacement) DeepCopyInto ¶ added in v1.21.0
func (in *NodePlacement) DeepCopyInto(out *NodePlacement)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyConfig ¶ added in v1.19.0
type PolicyConfig struct {
// RequestHeadersPolicy defines the request headers set/removed on all routes
// +optional
RequestHeadersPolicy *HeadersPolicy `json:"requestHeaders,omitempty"`
// ResponseHeadersPolicy defines the response headers set/removed on all routes
// +optional
ResponseHeadersPolicy *HeadersPolicy `json:"responseHeaders,omitempty"`
// ApplyToIngress determines if the Policies will apply to ingress objects
//
// Contour's default is false.
// +optional
ApplyToIngress *bool `json:"applyToIngress,omitempty"`
}
PolicyConfig holds default policy used if not explicitly set by the user
func (*PolicyConfig) DeepCopy ¶ added in v1.19.0
func (in *PolicyConfig) DeepCopy() *PolicyConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyConfig.
func (*PolicyConfig) DeepCopyInto ¶ added in v1.19.0
func (in *PolicyConfig) DeepCopyInto(out *PolicyConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RateLimitServiceConfig ¶ added in v1.19.0
type RateLimitServiceConfig struct {
// ExtensionService identifies the extension service defining the RLS.
ExtensionService NamespacedName `json:"extensionService"`
// Domain is passed to the Rate Limit Service.
// +optional
Domain string `json:"domain,omitempty"`
// FailOpen defines whether to allow requests to proceed when the
// Rate Limit Service fails to respond with a valid rate limit
// decision within the timeout defined on the extension service.
// +optional
FailOpen *bool `json:"failOpen,omitempty"`
// EnableXRateLimitHeaders defines whether to include the X-RateLimit
// headers X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset
// (as defined by the IETF Internet-Draft linked below), on responses
// to clients when the Rate Limit Service is consulted for a request.
//
// ref. https://tools.ietf.org/id/draft-polli-ratelimit-headers-03.html
// +optional
EnableXRateLimitHeaders *bool `json:"enableXRateLimitHeaders,omitempty"`
}
RateLimitServiceConfig defines properties of a global Rate Limit Service.
func (*RateLimitServiceConfig) DeepCopy ¶ added in v1.19.0
func (in *RateLimitServiceConfig) DeepCopy() *RateLimitServiceConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitServiceConfig.
func (*RateLimitServiceConfig) DeepCopyInto ¶ added in v1.19.0
func (in *RateLimitServiceConfig) DeepCopyInto(out *RateLimitServiceConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TLS ¶ added in v1.19.0
type TLS struct {
// CA filename.
// +optional
CAFile string `json:"caFile,omitempty"`
// Client certificate filename.
// +optional
CertFile string `json:"certFile,omitempty"`
// Client key filename.
// +optional
KeyFile string `json:"keyFile,omitempty"`
// Allow serving the xDS gRPC API without TLS.
// +optional
Insecure *bool `json:"insecure,omitempty"`
}
TLS holds TLS file config details.
func (*TLS) DeepCopy ¶ added in v1.19.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLS.
func (*TLS) DeepCopyInto ¶ added in v1.19.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TimeoutParameters ¶ added in v1.19.0
type TimeoutParameters struct {
// RequestTimeout sets the client request timeout globally for Contour. Note that
// this is a timeout for the entire request, not an idle timeout. Omit or set to
// "infinity" to disable the timeout entirely.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#envoy-v3-api-field-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-request-timeout
// for more information.
// +optional
RequestTimeout *string `json:"requestTimeout,omitempty"`
// ConnectionIdleTimeout defines how long the proxy should wait while there are
// no active requests (for HTTP/1.1) or streams (for HTTP/2) before terminating
// an HTTP connection. Set to "infinity" to disable the timeout entirely.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-httpprotocoloptions-idle-timeout
// for more information.
// +optional
ConnectionIdleTimeout *string `json:"connectionIdleTimeout,omitempty"`
// StreamIdleTimeout defines how long the proxy should wait while there is no
// request activity (for HTTP/1.1) or stream activity (for HTTP/2) before
// terminating the HTTP request or stream. Set to "infinity" to disable the
// timeout entirely.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#envoy-v3-api-field-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-stream-idle-timeout
// for more information.
// +optional
StreamIdleTimeout *string `json:"streamIdleTimeout,omitempty"`
// MaxConnectionDuration defines the maximum period of time after an HTTP connection
// has been established from the client to the proxy before it is closed by the proxy,
// regardless of whether there has been activity or not. Omit or set to "infinity" for
// no max duration.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-httpprotocoloptions-max-connection-duration
// for more information.
// +optional
MaxConnectionDuration *string `json:"maxConnectionDuration,omitempty"`
// DelayedCloseTimeout defines how long envoy will wait, once connection
// close processing has been initiated, for the downstream peer to close
// the connection before Envoy closes the socket associated with the connection.
//
// Setting this timeout to 'infinity' will disable it, equivalent to setting it to '0'
// in Envoy. Leaving it unset will result in the Envoy default value being used.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#envoy-v3-api-field-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-delayed-close-timeout
// for more information.
// +optional
DelayedCloseTimeout *string `json:"delayedCloseTimeout,omitempty"`
// ConnectionShutdownGracePeriod defines how long the proxy will wait between sending an
// initial GOAWAY frame and a second, final GOAWAY frame when terminating an HTTP/2 connection.
// During this grace period, the proxy will continue to respond to new streams. After the final
// GOAWAY frame has been sent, the proxy will refuse new streams.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#envoy-v3-api-field-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-drain-timeout
// for more information.
// +optional
ConnectionShutdownGracePeriod *string `json:"connectionShutdownGracePeriod,omitempty"`
// ConnectTimeout defines how long the proxy should wait when establishing connection to upstream service.
// If not set, a default value of 2 seconds will be used.
//
// See https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#envoy-v3-api-field-config-cluster-v3-cluster-connect-timeout
// for more information.
// +optional
ConnectTimeout *string `json:"connectTimeout,omitempty"`
}
TimeoutParameters holds various configurable proxy timeout values.
func (*TimeoutParameters) DeepCopy ¶ added in v1.19.0
func (in *TimeoutParameters) DeepCopy() *TimeoutParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TimeoutParameters.
func (*TimeoutParameters) DeepCopyInto ¶ added in v1.19.0
func (in *TimeoutParameters) DeepCopyInto(out *TimeoutParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WorkloadType ¶ added in v1.21.0
type WorkloadType string
WorkloadType is the type of Kubernetes workload to use for a component.
type XDSServerConfig ¶ added in v1.19.0
type XDSServerConfig struct {
// Defines the XDSServer to use for `contour serve`.
//
// Values: `contour` (default), `envoy`.
//
// Other values will produce an error.
// +optional
Type XDSServerType `json:"type,omitempty"`
// Defines the xDS gRPC API address which Contour will serve.
//
// Contour's default is "0.0.0.0".
// +kubebuilder:validation:MinLength=1
// +optional
Address string `json:"address,omitempty"`
// Defines the xDS gRPC API port which Contour will serve.
//
// Contour's default is 8001.
// +optional
Port int `json:"port,omitempty"`
// TLS holds TLS file config details.
//
// Contour's default is { caFile: "/certs/ca.crt", certFile: "/certs/tls.cert", keyFile: "/certs/tls.key", insecure: false }.
// +optional
TLS *TLS `json:"tls,omitempty"`
}
XDSServerConfig holds the config for the Contour xDS server.
func (*XDSServerConfig) DeepCopy ¶ added in v1.19.0
func (in *XDSServerConfig) DeepCopy() *XDSServerConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XDSServerConfig.
func (*XDSServerConfig) DeepCopyInto ¶ added in v1.19.0
func (in *XDSServerConfig) DeepCopyInto(out *XDSServerConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type XDSServerType ¶ added in v1.19.0
type XDSServerType string
XDSServerType is the type of xDS server implementation.
const ( // Use Contour's xDS server. ContourServerType XDSServerType = "contour" // Use the upstream `go-control-plane`-based xDS server. EnvoyServerType XDSServerType = "envoy" )
func (XDSServerType) Validate ¶ added in v1.21.0
func (x XDSServerType) Validate() error
Source Files