mirror of
https://github.com/morten-olsen/homelab-operator.git
synced 2026-02-08 01:36:28 +01:00
260 lines
9.7 KiB
JSON
260 lines
9.7 KiB
JSON
{
|
|
"properties": {
|
|
"spec": {
|
|
"description": "Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html",
|
|
"properties": {
|
|
"selector": {
|
|
"additionalProperties": {
|
|
"type": "string"
|
|
},
|
|
"description": "One or more labels that indicate a specific set of pods/VMs on which this gateway configuration should be applied.",
|
|
"type": "object"
|
|
},
|
|
"servers": {
|
|
"description": "A list of server specifications.",
|
|
"items": {
|
|
"type": "object",
|
|
"required": [
|
|
"port",
|
|
"hosts"
|
|
],
|
|
"properties": {
|
|
"bind": {
|
|
"description": "The ip or the Unix domain socket to which the listener should be bound to.",
|
|
"type": "string"
|
|
},
|
|
"defaultEndpoint": {
|
|
"type": "string"
|
|
},
|
|
"hosts": {
|
|
"description": "One or more hosts exposed by this gateway.",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"name": {
|
|
"description": "An optional name of the server, when set must be unique across all servers.",
|
|
"type": "string"
|
|
},
|
|
"port": {
|
|
"description": "The Port on which the proxy should listen for incoming connections.",
|
|
"type": "object",
|
|
"required": [
|
|
"number",
|
|
"protocol",
|
|
"name"
|
|
],
|
|
"properties": {
|
|
"name": {
|
|
"description": "Label assigned to the port.",
|
|
"type": "string"
|
|
},
|
|
"number": {
|
|
"description": "A valid non-negative integer port number.",
|
|
"type": "integer",
|
|
"maximum": 4294967295,
|
|
"minimum": 0
|
|
},
|
|
"protocol": {
|
|
"description": "The protocol exposed on the port.",
|
|
"type": "string"
|
|
},
|
|
"targetPort": {
|
|
"type": "integer",
|
|
"maximum": 4294967295,
|
|
"minimum": 0
|
|
}
|
|
}
|
|
},
|
|
"tls": {
|
|
"description": "Set of TLS related options that govern the server's behavior.",
|
|
"type": "object",
|
|
"properties": {
|
|
"caCertificates": {
|
|
"description": "REQUIRED if mode is `MUTUAL` or `OPTIONAL_MUTUAL`.",
|
|
"type": "string"
|
|
},
|
|
"caCrl": {
|
|
"description": "OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented client side certificate.",
|
|
"type": "string"
|
|
},
|
|
"cipherSuites": {
|
|
"description": "Optional: If specified, only support the specified cipher list.",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"credentialName": {
|
|
"description": "For gateways running on Kubernetes, the name of the secret that holds the TLS certs including the CA certificates.",
|
|
"type": "string"
|
|
},
|
|
"httpsRedirect": {
|
|
"description": "If set to true, the load balancer will send a 301 redirect for all http connections, asking the clients to use HTTPS.",
|
|
"type": "boolean"
|
|
},
|
|
"maxProtocolVersion": {
|
|
"description": "Optional: Maximum TLS protocol version.\n\nValid Options: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3",
|
|
"type": "string",
|
|
"enum": [
|
|
"TLS_AUTO",
|
|
"TLSV1_0",
|
|
"TLSV1_1",
|
|
"TLSV1_2",
|
|
"TLSV1_3"
|
|
]
|
|
},
|
|
"minProtocolVersion": {
|
|
"description": "Optional: Minimum TLS protocol version.\n\nValid Options: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3",
|
|
"type": "string",
|
|
"enum": [
|
|
"TLS_AUTO",
|
|
"TLSV1_0",
|
|
"TLSV1_1",
|
|
"TLSV1_2",
|
|
"TLSV1_3"
|
|
]
|
|
},
|
|
"mode": {
|
|
"description": "Optional: Indicates whether connections to this port should be secured using TLS.\n\nValid Options: PASSTHROUGH, SIMPLE, MUTUAL, AUTO_PASSTHROUGH, ISTIO_MUTUAL, OPTIONAL_MUTUAL",
|
|
"type": "string",
|
|
"enum": [
|
|
"PASSTHROUGH",
|
|
"SIMPLE",
|
|
"MUTUAL",
|
|
"AUTO_PASSTHROUGH",
|
|
"ISTIO_MUTUAL",
|
|
"OPTIONAL_MUTUAL"
|
|
]
|
|
},
|
|
"privateKey": {
|
|
"description": "REQUIRED if mode is `SIMPLE` or `MUTUAL`.",
|
|
"type": "string"
|
|
},
|
|
"serverCertificate": {
|
|
"description": "REQUIRED if mode is `SIMPLE` or `MUTUAL`.",
|
|
"type": "string"
|
|
},
|
|
"subjectAltNames": {
|
|
"description": "A list of alternate names to verify the subject identity in the certificate presented by the client.",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"verifyCertificateHash": {
|
|
"description": "An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"verifyCertificateSpki": {
|
|
"description": "An optional list of base64-encoded SHA-256 hashes of the SPKIs of authorized client certificates.",
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"type": "array"
|
|
}
|
|
},
|
|
"type": "object"
|
|
},
|
|
"status": {
|
|
"properties": {
|
|
"conditions": {
|
|
"description": "Current service state of the resource.",
|
|
"items": {
|
|
"type": "object",
|
|
"properties": {
|
|
"lastProbeTime": {
|
|
"description": "Last time we probed the condition.",
|
|
"type": "string",
|
|
"format": "date-time"
|
|
},
|
|
"lastTransitionTime": {
|
|
"description": "Last time the condition transitioned from one status to another.",
|
|
"type": "string",
|
|
"format": "date-time"
|
|
},
|
|
"message": {
|
|
"description": "Human-readable message indicating details about last transition.",
|
|
"type": "string"
|
|
},
|
|
"reason": {
|
|
"description": "Unique, one-word, CamelCase reason for the condition's last transition.",
|
|
"type": "string"
|
|
},
|
|
"status": {
|
|
"description": "Status is the status of the condition.",
|
|
"type": "string"
|
|
},
|
|
"type": {
|
|
"description": "Type is the type of the condition.",
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"type": "array"
|
|
},
|
|
"observedGeneration": {
|
|
"anyOf": [
|
|
{
|
|
"type": "integer"
|
|
},
|
|
{
|
|
"type": "string"
|
|
}
|
|
],
|
|
"description": "Resource Generation to which the Reconciled Condition refers.",
|
|
"x_kubernetes_int_or_string": true
|
|
},
|
|
"validationMessages": {
|
|
"description": "Includes any errors or warnings detected by Istio's analyzers.",
|
|
"items": {
|
|
"type": "object",
|
|
"properties": {
|
|
"documentationUrl": {
|
|
"description": "A url pointing to the Istio documentation for this specific error type.",
|
|
"type": "string"
|
|
},
|
|
"level": {
|
|
"description": "Represents how severe a message is.\n\nValid Options: UNKNOWN, ERROR, WARNING, INFO",
|
|
"type": "string",
|
|
"enum": [
|
|
"UNKNOWN",
|
|
"ERROR",
|
|
"WARNING",
|
|
"INFO"
|
|
]
|
|
},
|
|
"type": {
|
|
"type": "object",
|
|
"properties": {
|
|
"code": {
|
|
"description": "A 7 character code matching `^IST[0-9]{4}$` intended to uniquely identify the message type.",
|
|
"type": "string"
|
|
},
|
|
"name": {
|
|
"description": "A human-readable name for the message type.",
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"type": "array"
|
|
}
|
|
},
|
|
"type": "object",
|
|
"x_kubernetes_preserve_unknown_fields": true
|
|
}
|
|
},
|
|
"type": "object"
|
|
} |