github.com/cilium/cilium@v1.16.2/pkg/k8s/apis/cilium.io/client/crds/v2/ciliumegressgatewaypolicies.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 creationTimestamp: null 8 name: ciliumegressgatewaypolicies.cilium.io 9 spec: 10 group: cilium.io 11 names: 12 categories: 13 - cilium 14 - ciliumpolicy 15 kind: CiliumEgressGatewayPolicy 16 listKind: CiliumEgressGatewayPolicyList 17 plural: ciliumegressgatewaypolicies 18 shortNames: 19 - cegp 20 singular: ciliumegressgatewaypolicy 21 scope: Cluster 22 versions: 23 - additionalPrinterColumns: 24 - jsonPath: .metadata.creationTimestamp 25 name: Age 26 type: date 27 name: v2 28 schema: 29 openAPIV3Schema: 30 properties: 31 apiVersion: 32 description: 'APIVersion defines the versioned schema of this representation 33 of an object. Servers should convert recognized schemas to the latest 34 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 35 type: string 36 kind: 37 description: 'Kind is a string value representing the REST resource this 38 object represents. Servers may infer this from the endpoint the client 39 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 40 type: string 41 metadata: 42 type: object 43 spec: 44 properties: 45 destinationCIDRs: 46 description: DestinationCIDRs is a list of destination CIDRs for destination 47 IP addresses. If a destination IP matches any one CIDR, it will 48 be selected. 49 items: 50 pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$ 51 type: string 52 type: array 53 egressGateway: 54 description: EgressGateway is the gateway node responsible for SNATing 55 traffic. 56 properties: 57 egressIP: 58 description: "EgressIP is the source IP address that the egress 59 traffic is SNATed with. \n Example: When set to \"192.168.1.100\", 60 matching egress traffic will be redirected to the node matching 61 the NodeSelector field and SNATed with IP address 192.168.1.100. 62 \n When none of the Interface or EgressIP fields is specified, 63 the policy will use the first IPv4 assigned to the interface 64 with the default route." 65 format: ipv4 66 type: string 67 interface: 68 description: "Interface is the network interface to which the 69 egress IP address that the traffic is SNATed with is assigned. 70 \n Example: When set to \"eth1\", matching egress traffic will 71 be redirected to the node matching the NodeSelector field and 72 SNATed with the first IPv4 address assigned to the eth1 interface. 73 \n When none of the Interface or EgressIP fields is specified, 74 the policy will use the first IPv4 assigned to the interface 75 with the default route." 76 type: string 77 nodeSelector: 78 description: This is a label selector which selects the node that 79 should act as egress gateway for the given policy. In case multiple 80 nodes are selected, only the first one in the lexical ordering 81 over the node names will be used. This field follows standard 82 label selector semantics. 83 properties: 84 matchExpressions: 85 description: matchExpressions is a list of label selector 86 requirements. The requirements are ANDed. 87 items: 88 description: A label selector requirement is a selector 89 that contains values, a key, and an operator that relates 90 the key and values. 91 properties: 92 key: 93 description: key is the label key that the selector 94 applies to. 95 type: string 96 operator: 97 description: operator represents a key's relationship 98 to a set of values. Valid operators are In, NotIn, 99 Exists and DoesNotExist. 100 enum: 101 - In 102 - NotIn 103 - Exists 104 - DoesNotExist 105 type: string 106 values: 107 description: values is an array of string values. If 108 the operator is In or NotIn, the values array must 109 be non-empty. If the operator is Exists or DoesNotExist, 110 the values array must be empty. This array is replaced 111 during a strategic merge patch. 112 items: 113 type: string 114 type: array 115 x-kubernetes-list-type: atomic 116 required: 117 - key 118 - operator 119 type: object 120 type: array 121 x-kubernetes-list-type: atomic 122 matchLabels: 123 additionalProperties: 124 description: MatchLabelsValue represents the value from 125 the MatchLabels {key,value} pair. 126 maxLength: 63 127 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 128 type: string 129 description: matchLabels is a map of {key,value} pairs. A 130 single {key,value} in the matchLabels map is equivalent 131 to an element of matchExpressions, whose key field is "key", 132 the operator is "In", and the values array contains only 133 "value". The requirements are ANDed. 134 type: object 135 type: object 136 required: 137 - nodeSelector 138 type: object 139 excludedCIDRs: 140 description: ExcludedCIDRs is a list of destination CIDRs that will 141 be excluded from the egress gateway redirection and SNAT logic. 142 Should be a subset of destinationCIDRs otherwise it will not have 143 any effect. 144 items: 145 pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([0-9]|[1-2][0-9]|3[0-2])$ 146 type: string 147 type: array 148 selectors: 149 description: Egress represents a list of rules by which egress traffic 150 is filtered from the source pods. 151 items: 152 properties: 153 namespaceSelector: 154 description: Selects Namespaces using cluster-scoped labels. 155 This field follows standard label selector semantics; if present 156 but empty, it selects all namespaces. 157 properties: 158 matchExpressions: 159 description: matchExpressions is a list of label selector 160 requirements. The requirements are ANDed. 161 items: 162 description: A label selector requirement is a selector 163 that contains values, a key, and an operator that relates 164 the key and values. 165 properties: 166 key: 167 description: key is the label key that the selector 168 applies to. 169 type: string 170 operator: 171 description: operator represents a key's relationship 172 to a set of values. Valid operators are In, NotIn, 173 Exists and DoesNotExist. 174 enum: 175 - In 176 - NotIn 177 - Exists 178 - DoesNotExist 179 type: string 180 values: 181 description: values is an array of string values. 182 If the operator is In or NotIn, the values array 183 must be non-empty. If the operator is Exists or 184 DoesNotExist, the values array must be empty. This 185 array is replaced during a strategic merge patch. 186 items: 187 type: string 188 type: array 189 x-kubernetes-list-type: atomic 190 required: 191 - key 192 - operator 193 type: object 194 type: array 195 x-kubernetes-list-type: atomic 196 matchLabels: 197 additionalProperties: 198 description: MatchLabelsValue represents the value from 199 the MatchLabels {key,value} pair. 200 maxLength: 63 201 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 202 type: string 203 description: matchLabels is a map of {key,value} pairs. 204 A single {key,value} in the matchLabels map is equivalent 205 to an element of matchExpressions, whose key field is 206 "key", the operator is "In", and the values array contains 207 only "value". The requirements are ANDed. 208 type: object 209 type: object 210 podSelector: 211 description: This is a label selector which selects Pods. This 212 field follows standard label selector semantics; if present 213 but empty, it selects all pods. 214 properties: 215 matchExpressions: 216 description: matchExpressions is a list of label selector 217 requirements. The requirements are ANDed. 218 items: 219 description: A label selector requirement is a selector 220 that contains values, a key, and an operator that relates 221 the key and values. 222 properties: 223 key: 224 description: key is the label key that the selector 225 applies to. 226 type: string 227 operator: 228 description: operator represents a key's relationship 229 to a set of values. Valid operators are In, NotIn, 230 Exists and DoesNotExist. 231 enum: 232 - In 233 - NotIn 234 - Exists 235 - DoesNotExist 236 type: string 237 values: 238 description: values is an array of string values. 239 If the operator is In or NotIn, the values array 240 must be non-empty. If the operator is Exists or 241 DoesNotExist, the values array must be empty. This 242 array is replaced during a strategic merge patch. 243 items: 244 type: string 245 type: array 246 x-kubernetes-list-type: atomic 247 required: 248 - key 249 - operator 250 type: object 251 type: array 252 x-kubernetes-list-type: atomic 253 matchLabels: 254 additionalProperties: 255 description: MatchLabelsValue represents the value from 256 the MatchLabels {key,value} pair. 257 maxLength: 63 258 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 259 type: string 260 description: matchLabels is a map of {key,value} pairs. 261 A single {key,value} in the matchLabels map is equivalent 262 to an element of matchExpressions, whose key field is 263 "key", the operator is "In", and the values array contains 264 only "value". The requirements are ANDed. 265 type: object 266 type: object 267 type: object 268 type: array 269 required: 270 - destinationCIDRs 271 - egressGateway 272 - selectors 273 type: object 274 required: 275 - metadata 276 type: object 277 served: true 278 storage: true 279 subresources: {} 280 status: 281 acceptedNames: 282 kind: "" 283 plural: "" 284 conditions: [] 285 storedVersions: []