/* eslint-disable */ /** * This file was automatically generated by json-schema-to-typescript. * DO NOT MODIFY IT BY HAND. Instead, modify the source JSONSchema file, * and run json-schema-to-typescript to regenerate this file. */ export interface K8SDestinationRuleV1Beta1 { /** * Configuration affecting load balancing, outlier detection, etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html */ spec?: { /** * A list of namespaces to which this destination rule is exported. */ exportTo?: string[]; /** * The name of a service from the service registry. */ host: string; /** * One or more named sets that represent individual versions of a service. */ subsets?: { /** * Labels apply a filter over the endpoints of a service in the service registry. */ labels?: { [k: string]: string; }; /** * Name of the subset. */ name: string; /** * Traffic policies that apply to this subset. */ trafficPolicy?: { connectionPool?: { /** * HTTP connection pool settings. */ http?: { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. * * Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE */ h2UpgradePolicy?: "DEFAULT" | "DO_NOT_UPGRADE" | "UPGRADE"; /** * Maximum number of requests that will be queued while waiting for a ready connection pool connection. */ http1MaxPendingRequests?: number; /** * Maximum number of active requests to a destination. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection. */ maxConcurrentStreams?: number; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; /** * Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. */ maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; }; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: { /** * TCP connection timeout. */ connectTimeout?: string; /** * The idle timeout for TCP connections. */ idleTimeout?: string; /** * The maximum duration of a connection. */ maxConnectionDuration?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: { /** * The time duration between keep-alive probes. */ interval?: string; /** * Maximum number of keepalive probes to send without response before deciding the connection is dead. */ probes?: number; /** * The time duration a connection needs to be idle before keep-alive probes start being sent. */ time?: string; }; }; }; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: { [k: string]: unknown; }; outlierDetection?: { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; /** * The number of consecutive locally originated failures before ejection occurs. */ consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; /** * Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. */ maxEjectionPercent?: number; /** * Outlier detection will be enabled as long as the associated load balancing pool has at least `minHealthPercent` hosts in healthy mode. */ minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; }; /** * Traffic policies specific to individual ports. * * @maxItems 4096 */ portLevelSettings?: { connectionPool?: { /** * HTTP connection pool settings. */ http?: { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. * * Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE */ h2UpgradePolicy?: "DEFAULT" | "DO_NOT_UPGRADE" | "UPGRADE"; /** * Maximum number of requests that will be queued while waiting for a ready connection pool connection. */ http1MaxPendingRequests?: number; /** * Maximum number of active requests to a destination. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection. */ maxConcurrentStreams?: number; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; /** * Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. */ maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; }; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: { /** * TCP connection timeout. */ connectTimeout?: string; /** * The idle timeout for TCP connections. */ idleTimeout?: string; /** * The maximum duration of a connection. */ maxConnectionDuration?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: { /** * The time duration between keep-alive probes. */ interval?: string; /** * Maximum number of keepalive probes to send without response before deciding the connection is dead. */ probes?: number; /** * The time duration a connection needs to be idle before keep-alive probes start being sent. */ time?: string; }; }; }; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: { [k: string]: unknown; }; outlierDetection?: { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; /** * The number of consecutive locally originated failures before ejection occurs. */ consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; /** * Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. */ maxEjectionPercent?: number; /** * Outlier detection will be enabled as long as the associated load balancing pool has at least `minHealthPercent` hosts in healthy mode. */ minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; }; /** * Specifies the number of a port on the destination service on which this policy is being applied. */ port?: { number?: number; }; /** * TLS related settings for connections to the upstream service. */ tls?: { /** * OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. */ caCertificates?: string; /** * OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate. */ caCrl?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; /** * The name of the secret that holds the TLS certs for the client including the CA certificates. */ credentialName?: string; /** * `insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host. */ insecureSkipVerify?: boolean; /** * Indicates whether connections to this port should be secured using TLS. * * Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL */ mode?: "DISABLE" | "SIMPLE" | "MUTUAL" | "ISTIO_MUTUAL"; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; /** * A list of alternate names to verify the subject identity in the certificate. */ subjectAltNames?: string[]; }; }[]; /** * The upstream PROXY protocol settings. */ proxyProtocol?: { /** * The PROXY protocol version to use. * * Valid Options: V1, V2 */ version?: "V1" | "V2"; }; /** * TLS related settings for connections to the upstream service. */ tls?: { /** * OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. */ caCertificates?: string; /** * OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate. */ caCrl?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; /** * The name of the secret that holds the TLS certs for the client including the CA certificates. */ credentialName?: string; /** * `insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host. */ insecureSkipVerify?: boolean; /** * Indicates whether connections to this port should be secured using TLS. * * Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL */ mode?: "DISABLE" | "SIMPLE" | "MUTUAL" | "ISTIO_MUTUAL"; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; /** * A list of alternate names to verify the subject identity in the certificate. */ subjectAltNames?: string[]; }; /** * Configuration of tunneling TCP over other transport or application layers for the host configured in the DestinationRule. */ tunnel?: { /** * Specifies which protocol to use for tunneling the downstream connection. */ protocol?: string; /** * Specifies a host to which the downstream connection is tunneled. */ targetHost: string; /** * Specifies a port to which the downstream connection is tunneled. */ targetPort: number; }; }; }[]; /** * Traffic policies to apply (load balancing policy, connection pool sizes, outlier detection). */ trafficPolicy?: { connectionPool?: { /** * HTTP connection pool settings. */ http?: { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. * * Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE */ h2UpgradePolicy?: string; /** * Maximum number of requests that will be queued while waiting for a ready connection pool connection. */ http1MaxPendingRequests?: number; /** * Maximum number of active requests to a destination. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection. */ maxConcurrentStreams?: number; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; /** * Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. */ maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; }; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: { /** * TCP connection timeout. */ connectTimeout?: string; /** * The idle timeout for TCP connections. */ idleTimeout?: string; /** * The maximum duration of a connection. */ maxConnectionDuration?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: { /** * The time duration between keep-alive probes. */ interval?: string; /** * Maximum number of keepalive probes to send without response before deciding the connection is dead. */ probes?: number; /** * The time duration a connection needs to be idle before keep-alive probes start being sent. */ time?: string; }; }; }; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: { [k: string]: unknown; }; outlierDetection?: { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; /** * The number of consecutive locally originated failures before ejection occurs. */ consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; /** * Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. */ maxEjectionPercent?: number; /** * Outlier detection will be enabled as long as the associated load balancing pool has at least `minHealthPercent` hosts in healthy mode. */ minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; }; /** * Traffic policies specific to individual ports. * * @maxItems 4096 */ portLevelSettings?: { connectionPool?: { /** * HTTP connection pool settings. */ http?: { /** * Specify if http1.1 connection should be upgraded to http2 for the associated destination. * * Valid Options: DEFAULT, DO_NOT_UPGRADE, UPGRADE */ h2UpgradePolicy?: "DEFAULT" | "DO_NOT_UPGRADE" | "UPGRADE"; /** * Maximum number of requests that will be queued while waiting for a ready connection pool connection. */ http1MaxPendingRequests?: number; /** * Maximum number of active requests to a destination. */ http2MaxRequests?: number; /** * The idle timeout for upstream connection pool connections. */ idleTimeout?: string; /** * The maximum number of concurrent streams allowed for a peer on one HTTP/2 connection. */ maxConcurrentStreams?: number; /** * Maximum number of requests per connection to a backend. */ maxRequestsPerConnection?: number; /** * Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. */ maxRetries?: number; /** * If set to true, client protocol will be preserved while initiating connection to backend. */ useClientProtocol?: boolean; }; /** * Settings common to both HTTP and TCP upstream connections. */ tcp?: { /** * TCP connection timeout. */ connectTimeout?: string; /** * The idle timeout for TCP connections. */ idleTimeout?: string; /** * The maximum duration of a connection. */ maxConnectionDuration?: string; /** * Maximum number of HTTP1 /TCP connections to a destination host. */ maxConnections?: number; /** * If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives. */ tcpKeepalive?: { /** * The time duration between keep-alive probes. */ interval?: string; /** * Maximum number of keepalive probes to send without response before deciding the connection is dead. */ probes?: number; /** * The time duration a connection needs to be idle before keep-alive probes start being sent. */ time?: string; }; }; }; /** * Settings controlling the load balancer algorithms. */ loadBalancer?: { [k: string]: unknown; }; outlierDetection?: { /** * Minimum ejection duration. */ baseEjectionTime?: string; /** * Number of 5xx errors before a host is ejected from the connection pool. */ consecutive5xxErrors?: number; consecutiveErrors?: number; /** * Number of gateway errors before a host is ejected from the connection pool. */ consecutiveGatewayErrors?: number; /** * The number of consecutive locally originated failures before ejection occurs. */ consecutiveLocalOriginFailures?: number; /** * Time interval between ejection sweep analysis. */ interval?: string; /** * Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. */ maxEjectionPercent?: number; /** * Outlier detection will be enabled as long as the associated load balancing pool has at least `minHealthPercent` hosts in healthy mode. */ minHealthPercent?: number; /** * Determines whether to distinguish local origin failures from external errors. */ splitExternalLocalOriginErrors?: boolean; }; /** * Specifies the number of a port on the destination service on which this policy is being applied. */ port?: { number?: number; }; /** * TLS related settings for connections to the upstream service. */ tls?: { /** * OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. */ caCertificates?: string; /** * OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate. */ caCrl?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; /** * The name of the secret that holds the TLS certs for the client including the CA certificates. */ credentialName?: string; /** * `insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host. */ insecureSkipVerify?: boolean; /** * Indicates whether connections to this port should be secured using TLS. * * Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL */ mode?: "DISABLE" | "SIMPLE" | "MUTUAL" | "ISTIO_MUTUAL"; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; /** * A list of alternate names to verify the subject identity in the certificate. */ subjectAltNames?: string[]; }; }[]; /** * The upstream PROXY protocol settings. */ proxyProtocol?: { /** * The PROXY protocol version to use. * * Valid Options: V1, V2 */ version?: string; }; /** * TLS related settings for connections to the upstream service. */ tls?: { /** * OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. */ caCertificates?: string; /** * OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented server certificate. */ caCrl?: string; /** * REQUIRED if mode is `MUTUAL`. */ clientCertificate?: string; /** * The name of the secret that holds the TLS certs for the client including the CA certificates. */ credentialName?: string; /** * `insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host. */ insecureSkipVerify?: boolean; /** * Indicates whether connections to this port should be secured using TLS. * * Valid Options: DISABLE, SIMPLE, MUTUAL, ISTIO_MUTUAL */ mode?: string; /** * REQUIRED if mode is `MUTUAL`. */ privateKey?: string; /** * SNI string to present to the server during TLS handshake. */ sni?: string; /** * A list of alternate names to verify the subject identity in the certificate. */ subjectAltNames?: string[]; }; /** * Configuration of tunneling TCP over other transport or application layers for the host configured in the DestinationRule. */ tunnel?: { /** * Specifies which protocol to use for tunneling the downstream connection. */ protocol?: string; /** * Specifies a host to which the downstream connection is tunneled. */ targetHost: string; /** * Specifies a port to which the downstream connection is tunneled. */ targetPort: number; }; }; /** * Criteria used to select the specific set of pods/VMs on which this `DestinationRule` configuration should be applied. */ workloadSelector?: { /** * One or more labels that indicate a specific set of pods/VMs on which a policy should be applied. */ matchLabels?: { [k: string]: string; }; }; }; status?: { /** * Current service state of the resource. */ conditions?: { /** * Last time we probed the condition. */ lastProbeTime?: string; /** * Last time the condition transitioned from one status to another. */ lastTransitionTime?: string; /** * Human-readable message indicating details about last transition. */ message?: string; /** * Unique, one-word, CamelCase reason for the condition's last transition. */ reason?: string; /** * Status is the status of the condition. */ status?: string; /** * Type is the type of the condition. */ type?: string; }[]; /** * Resource Generation to which the Reconciled Condition refers. */ observedGeneration?: number | string; /** * Includes any errors or warnings detected by Istio's analyzers. */ validationMessages?: { /** * A url pointing to the Istio documentation for this specific error type. */ documentationUrl?: string; /** * Represents how severe a message is. * * Valid Options: UNKNOWN, ERROR, WARNING, INFO */ level?: "UNKNOWN" | "ERROR" | "WARNING" | "INFO"; type?: { /** * A 7 character code matching `^IST[0-9]{4}$` intended to uniquely identify the message type. */ code?: string; /** * A human-readable name for the message type. */ name?: string; }; }[]; }; }