github.com/cilium/cilium@v1.16.2/pkg/k8s/apis/cilium.io/client/crds/v2/ciliumendpoints.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 creationTimestamp: null 8 name: ciliumendpoints.cilium.io 9 spec: 10 group: cilium.io 11 names: 12 categories: 13 - cilium 14 kind: CiliumEndpoint 15 listKind: CiliumEndpointList 16 plural: ciliumendpoints 17 shortNames: 18 - cep 19 - ciliumep 20 singular: ciliumendpoint 21 scope: Namespaced 22 versions: 23 - additionalPrinterColumns: 24 - description: Security Identity 25 jsonPath: .status.identity.id 26 name: Security Identity 27 type: integer 28 - description: Ingress enforcement in the endpoint 29 jsonPath: .status.policy.ingress.state 30 name: Ingress Enforcement 31 priority: 1 32 type: string 33 - description: Egress enforcement in the endpoint 34 jsonPath: .status.policy.egress.state 35 name: Egress Enforcement 36 priority: 1 37 type: string 38 - description: Status of visibility policy in the endpoint 39 jsonPath: .status.visibility-policy-status 40 name: Visibility Policy 41 priority: 1 42 type: string 43 - description: Endpoint current state 44 jsonPath: .status.state 45 name: Endpoint State 46 type: string 47 - description: Endpoint IPv4 address 48 jsonPath: .status.networking.addressing[0].ipv4 49 name: IPv4 50 type: string 51 - description: Endpoint IPv6 address 52 jsonPath: .status.networking.addressing[0].ipv6 53 name: IPv6 54 type: string 55 name: v2 56 schema: 57 openAPIV3Schema: 58 description: CiliumEndpoint is the status of a Cilium policy rule. 59 properties: 60 apiVersion: 61 description: 'APIVersion defines the versioned schema of this representation 62 of an object. Servers should convert recognized schemas to the latest 63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 64 type: string 65 kind: 66 description: 'Kind is a string value representing the REST resource this 67 object represents. Servers may infer this from the endpoint the client 68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 69 type: string 70 metadata: 71 type: object 72 status: 73 description: EndpointStatus is the status of a Cilium endpoint. 74 properties: 75 controllers: 76 description: Controllers is the list of failing controllers for this 77 endpoint. 78 items: 79 description: ControllerStatus is the status of a failing controller. 80 properties: 81 configuration: 82 description: Configuration is the controller configuration 83 properties: 84 error-retry: 85 description: Retry on error 86 type: boolean 87 error-retry-base: 88 description: 'Base error retry back-off time Format: duration' 89 format: int64 90 type: integer 91 interval: 92 description: 'Regular synchronization interval Format: duration' 93 format: int64 94 type: integer 95 type: object 96 name: 97 description: Name is the name of the controller 98 type: string 99 status: 100 description: Status is the status of the controller 101 properties: 102 consecutive-failure-count: 103 format: int64 104 type: integer 105 failure-count: 106 format: int64 107 type: integer 108 last-failure-msg: 109 type: string 110 last-failure-timestamp: 111 type: string 112 last-success-timestamp: 113 type: string 114 success-count: 115 format: int64 116 type: integer 117 type: object 118 uuid: 119 description: UUID is the UUID of the controller 120 type: string 121 type: object 122 type: array 123 encryption: 124 description: Encryption is the encryption configuration of the node 125 properties: 126 key: 127 description: Key is the index to the key to use for encryption 128 or 0 if encryption is disabled. 129 type: integer 130 type: object 131 external-identifiers: 132 description: ExternalIdentifiers is a set of identifiers to identify 133 the endpoint apart from the pod name. This includes container runtime 134 IDs. 135 properties: 136 cni-attachment-id: 137 description: ID assigned to this attachment by container runtime 138 type: string 139 container-id: 140 description: ID assigned by container runtime (deprecated, may 141 not be unique) 142 type: string 143 container-name: 144 description: Name assigned to container (deprecated, may not be 145 unique) 146 type: string 147 docker-endpoint-id: 148 description: Docker endpoint ID 149 type: string 150 docker-network-id: 151 description: Docker network ID 152 type: string 153 k8s-namespace: 154 description: K8s namespace for this endpoint (deprecated, may 155 not be unique) 156 type: string 157 k8s-pod-name: 158 description: K8s pod name for this endpoint (deprecated, may not 159 be unique) 160 type: string 161 pod-name: 162 description: K8s pod for this endpoint (deprecated, may not be 163 unique) 164 type: string 165 type: object 166 health: 167 description: Health is the overall endpoint & subcomponent health. 168 properties: 169 bpf: 170 description: bpf 171 type: string 172 connected: 173 description: Is this endpoint reachable 174 type: boolean 175 overallHealth: 176 description: overall health 177 type: string 178 policy: 179 description: policy 180 type: string 181 type: object 182 id: 183 description: ID is the cilium-agent-local ID of the endpoint. 184 format: int64 185 type: integer 186 identity: 187 description: Identity is the security identity associated with the 188 endpoint 189 properties: 190 id: 191 description: ID is the numeric identity of the endpoint 192 format: int64 193 type: integer 194 labels: 195 description: Labels is the list of labels associated with the 196 identity 197 items: 198 type: string 199 type: array 200 type: object 201 log: 202 description: Log is the list of the last few warning and error log 203 entries 204 items: 205 description: "EndpointStatusChange Indication of a change of status 206 \n swagger:model EndpointStatusChange" 207 properties: 208 code: 209 description: 'Code indicate type of status change Enum: [ok 210 failed]' 211 type: string 212 message: 213 description: Status message 214 type: string 215 state: 216 description: state 217 type: string 218 timestamp: 219 description: Timestamp when status change occurred 220 type: string 221 type: object 222 type: array 223 named-ports: 224 description: "NamedPorts List of named Layer 4 port and protocol pairs 225 which will be used in Network Policy specs. \n swagger:model NamedPorts" 226 items: 227 description: "Port Layer 4 port / protocol pair \n swagger:model 228 Port" 229 properties: 230 name: 231 description: Optional layer 4 port name 232 type: string 233 port: 234 description: Layer 4 port number 235 type: integer 236 protocol: 237 description: 'Layer 4 protocol Enum: [TCP UDP SCTP ICMP ICMPV6 238 ANY]' 239 type: string 240 type: object 241 type: array 242 networking: 243 description: Networking is the networking properties of the endpoint. 244 properties: 245 addressing: 246 description: IP4/6 addresses assigned to this Endpoint 247 items: 248 description: AddressPair is a pair of IPv4 and/or IPv6 address. 249 properties: 250 ipv4: 251 type: string 252 ipv6: 253 type: string 254 type: object 255 type: array 256 node: 257 description: NodeIP is the IP of the node the endpoint is running 258 on. The IP must be reachable between nodes. 259 type: string 260 required: 261 - addressing 262 type: object 263 policy: 264 description: EndpointPolicy represents the endpoint's policy by listing 265 all allowed ingress and egress identities in combination with L4 266 port and protocol. 267 properties: 268 egress: 269 description: EndpointPolicyDirection is the list of allowed identities 270 per direction. 271 properties: 272 adding: 273 description: Deprecated 274 items: 275 description: IdentityTuple specifies a peer by identity, 276 destination port and protocol. 277 properties: 278 dest-port: 279 type: integer 280 identity: 281 format: int64 282 type: integer 283 identity-labels: 284 additionalProperties: 285 type: string 286 type: object 287 protocol: 288 type: integer 289 type: object 290 type: array 291 allowed: 292 description: AllowedIdentityList is a list of IdentityTuples 293 that species peers that are allowed. 294 items: 295 description: IdentityTuple specifies a peer by identity, 296 destination port and protocol. 297 properties: 298 dest-port: 299 type: integer 300 identity: 301 format: int64 302 type: integer 303 identity-labels: 304 additionalProperties: 305 type: string 306 type: object 307 protocol: 308 type: integer 309 type: object 310 type: array 311 denied: 312 description: DenyIdentityList is a list of IdentityTuples 313 that species peers that are denied. 314 items: 315 description: IdentityTuple specifies a peer by identity, 316 destination port and protocol. 317 properties: 318 dest-port: 319 type: integer 320 identity: 321 format: int64 322 type: integer 323 identity-labels: 324 additionalProperties: 325 type: string 326 type: object 327 protocol: 328 type: integer 329 type: object 330 type: array 331 enforcing: 332 type: boolean 333 removing: 334 description: Deprecated 335 items: 336 description: IdentityTuple specifies a peer by identity, 337 destination port and protocol. 338 properties: 339 dest-port: 340 type: integer 341 identity: 342 format: int64 343 type: integer 344 identity-labels: 345 additionalProperties: 346 type: string 347 type: object 348 protocol: 349 type: integer 350 type: object 351 type: array 352 state: 353 description: 'EndpointPolicyState defines the state of the 354 Policy mode: "enforcing", "non-enforcing", "disabled"' 355 type: string 356 required: 357 - enforcing 358 type: object 359 ingress: 360 description: EndpointPolicyDirection is the list of allowed identities 361 per direction. 362 properties: 363 adding: 364 description: Deprecated 365 items: 366 description: IdentityTuple specifies a peer by identity, 367 destination port and protocol. 368 properties: 369 dest-port: 370 type: integer 371 identity: 372 format: int64 373 type: integer 374 identity-labels: 375 additionalProperties: 376 type: string 377 type: object 378 protocol: 379 type: integer 380 type: object 381 type: array 382 allowed: 383 description: AllowedIdentityList is a list of IdentityTuples 384 that species peers that are allowed. 385 items: 386 description: IdentityTuple specifies a peer by identity, 387 destination port and protocol. 388 properties: 389 dest-port: 390 type: integer 391 identity: 392 format: int64 393 type: integer 394 identity-labels: 395 additionalProperties: 396 type: string 397 type: object 398 protocol: 399 type: integer 400 type: object 401 type: array 402 denied: 403 description: DenyIdentityList is a list of IdentityTuples 404 that species peers that are denied. 405 items: 406 description: IdentityTuple specifies a peer by identity, 407 destination port and protocol. 408 properties: 409 dest-port: 410 type: integer 411 identity: 412 format: int64 413 type: integer 414 identity-labels: 415 additionalProperties: 416 type: string 417 type: object 418 protocol: 419 type: integer 420 type: object 421 type: array 422 enforcing: 423 type: boolean 424 removing: 425 description: Deprecated 426 items: 427 description: IdentityTuple specifies a peer by identity, 428 destination port and protocol. 429 properties: 430 dest-port: 431 type: integer 432 identity: 433 format: int64 434 type: integer 435 identity-labels: 436 additionalProperties: 437 type: string 438 type: object 439 protocol: 440 type: integer 441 type: object 442 type: array 443 state: 444 description: 'EndpointPolicyState defines the state of the 445 Policy mode: "enforcing", "non-enforcing", "disabled"' 446 type: string 447 required: 448 - enforcing 449 type: object 450 type: object 451 state: 452 description: State is the state of the endpoint. 453 enum: 454 - creating 455 - waiting-for-identity 456 - not-ready 457 - waiting-to-regenerate 458 - regenerating 459 - restoring 460 - ready 461 - disconnecting 462 - disconnected 463 - invalid 464 type: string 465 visibility-policy-status: 466 type: string 467 type: object 468 required: 469 - metadata 470 type: object 471 served: true 472 storage: true 473 subresources: {} 474 status: 475 acceptedNames: 476 kind: "" 477 plural: "" 478 conditions: [] 479 storedVersions: []