github.com/cilium/cilium@v1.16.2/pkg/k8s/apis/cilium.io/client/crds/v2alpha1/ciliumbgppeeringpolicies.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 creationTimestamp: null 8 name: ciliumbgppeeringpolicies.cilium.io 9 spec: 10 group: cilium.io 11 names: 12 categories: 13 - cilium 14 - ciliumbgp 15 kind: CiliumBGPPeeringPolicy 16 listKind: CiliumBGPPeeringPolicyList 17 plural: ciliumbgppeeringpolicies 18 shortNames: 19 - bgpp 20 singular: ciliumbgppeeringpolicy 21 scope: Cluster 22 versions: 23 - additionalPrinterColumns: 24 - jsonPath: .metadata.creationTimestamp 25 name: Age 26 type: date 27 name: v2alpha1 28 schema: 29 openAPIV3Schema: 30 description: CiliumBGPPeeringPolicy is a Kubernetes third-party resource for 31 instructing Cilium's BGP control plane to create virtual BGP routers. 32 properties: 33 apiVersion: 34 description: 'APIVersion defines the versioned schema of this representation 35 of an object. Servers should convert recognized schemas to the latest 36 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 37 type: string 38 kind: 39 description: 'Kind is a string value representing the REST resource this 40 object represents. Servers may infer this from the endpoint the client 41 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 42 type: string 43 metadata: 44 type: object 45 spec: 46 description: Spec is a human readable description of a BGP peering policy 47 properties: 48 nodeSelector: 49 description: "NodeSelector selects a group of nodes where this BGP 50 Peering Policy applies. \n If empty / nil this policy applies to 51 all nodes." 52 properties: 53 matchExpressions: 54 description: matchExpressions is a list of label selector requirements. 55 The requirements are ANDed. 56 items: 57 description: A label selector requirement is a selector that 58 contains values, a key, and an operator that relates the key 59 and values. 60 properties: 61 key: 62 description: key is the label key that the selector applies 63 to. 64 type: string 65 operator: 66 description: operator represents a key's relationship to 67 a set of values. Valid operators are In, NotIn, Exists 68 and DoesNotExist. 69 enum: 70 - In 71 - NotIn 72 - Exists 73 - DoesNotExist 74 type: string 75 values: 76 description: values is an array of string values. If the 77 operator is In or NotIn, the values array must be non-empty. 78 If the operator is Exists or DoesNotExist, the values 79 array must be empty. This array is replaced during a strategic 80 merge patch. 81 items: 82 type: string 83 type: array 84 x-kubernetes-list-type: atomic 85 required: 86 - key 87 - operator 88 type: object 89 type: array 90 x-kubernetes-list-type: atomic 91 matchLabels: 92 additionalProperties: 93 description: MatchLabelsValue represents the value from the 94 MatchLabels {key,value} pair. 95 maxLength: 63 96 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 97 type: string 98 description: matchLabels is a map of {key,value} pairs. A single 99 {key,value} in the matchLabels map is equivalent to an element 100 of matchExpressions, whose key field is "key", the operator 101 is "In", and the values array contains only "value". The requirements 102 are ANDed. 103 type: object 104 type: object 105 virtualRouters: 106 description: A list of CiliumBGPVirtualRouter(s) which instructs the 107 BGP control plane how to instantiate virtual BGP routers. 108 items: 109 description: CiliumBGPVirtualRouter defines a discrete BGP virtual 110 router configuration. 111 properties: 112 exportPodCIDR: 113 default: false 114 description: ExportPodCIDR determines whether to export the 115 Node's private CIDR block to the configured neighbors. 116 type: boolean 117 localASN: 118 description: LocalASN is the ASN of this virtual router. Supports 119 extended 32bit ASNs 120 format: int64 121 maximum: 4294967295 122 minimum: 0 123 type: integer 124 neighbors: 125 description: Neighbors is a list of neighboring BGP peers for 126 this virtual router 127 items: 128 description: CiliumBGPNeighbor is a neighboring peer for use 129 in a CiliumBGPVirtualRouter configuration. 130 properties: 131 advertisedPathAttributes: 132 description: AdvertisedPathAttributes can be used to apply 133 additional path attributes to selected routes when advertising 134 them to the peer. If empty / nil, no additional path 135 attributes are advertised. 136 items: 137 description: CiliumBGPPathAttributes can be used to 138 apply additional path attributes to matched routes 139 when advertising them to a BGP peer. 140 properties: 141 communities: 142 description: Communities defines a set of community 143 values advertised in the supported BGP Communities 144 path attributes. If nil / not set, no BGP Communities 145 path attribute will be advertised. 146 properties: 147 large: 148 description: Large holds a list of the BGP Large 149 Communities Attribute (RFC 8092) values. 150 items: 151 description: BGPLargeCommunity type represents 152 a value of the BGP Large Communities Attribute 153 (RFC 8092), as three 4-byte decimal numbers 154 separated by colons. 155 pattern: ^([0-9]|[1-9][0-9]{1,8}|[1-3][0-9]{9}|4[01][0-9]{8}|42[0-8][0-9]{7}|429[0-3][0-9]{6}|4294[0-8][0-9]{5}|42949[0-5][0-9]{4}|429496[0-6][0-9]{3}|4294967[01][0-9]{2}|42949672[0-8][0-9]|429496729[0-5]):([0-9]|[1-9][0-9]{1,8}|[1-3][0-9]{9}|4[01][0-9]{8}|42[0-8][0-9]{7}|429[0-3][0-9]{6}|4294[0-8][0-9]{5}|42949[0-5][0-9]{4}|429496[0-6][0-9]{3}|4294967[01][0-9]{2}|42949672[0-8][0-9]|429496729[0-5]):([0-9]|[1-9][0-9]{1,8}|[1-3][0-9]{9}|4[01][0-9]{8}|42[0-8][0-9]{7}|429[0-3][0-9]{6}|4294[0-8][0-9]{5}|42949[0-5][0-9]{4}|429496[0-6][0-9]{3}|4294967[01][0-9]{2}|42949672[0-8][0-9]|429496729[0-5])$ 156 type: string 157 type: array 158 standard: 159 description: Standard holds a list of "standard" 160 32-bit BGP Communities Attribute (RFC 1997) 161 values defined as numeric values. 162 items: 163 description: BGPStandardCommunity type represents 164 a value of the "standard" 32-bit BGP Communities 165 Attribute (RFC 1997) as a 4-byte decimal 166 number or two 2-byte decimal numbers separated 167 by a colon (<0-65535>:<0-65535>). For example, 168 no-export community value is 65553:65281. 169 pattern: ^([0-9]|[1-9][0-9]{1,8}|[1-3][0-9]{9}|4[01][0-9]{8}|42[0-8][0-9]{7}|429[0-3][0-9]{6}|4294[0-8][0-9]{5}|42949[0-5][0-9]{4}|429496[0-6][0-9]{3}|4294967[01][0-9]{2}|42949672[0-8][0-9]|429496729[0-5])$|^([0-9]|[1-9][0-9]{1,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]):([0-9]|[1-9][0-9]{1,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$ 170 type: string 171 type: array 172 wellKnown: 173 description: WellKnown holds a list "standard" 174 32-bit BGP Communities Attribute (RFC 1997) 175 values defined as well-known string aliases 176 to their numeric values. 177 items: 178 description: "BGPWellKnownCommunity type represents 179 a value of the \"standard\" 32-bit BGP Communities 180 Attribute (RFC 1997) as a well-known string 181 alias to its numeric value. Allowed values 182 and their mapping to the numeric values: 183 \n internet = 0x00000000 184 (0:0) planned-shut = 0xffff0000 185 (65535:0) accept-own = 0xffff0001 186 (65535:1) route-filter-translated-v4 = 0xffff0002 187 (65535:2) route-filter-v4 = 0xffff0003 188 (65535:3) route-filter-translated-v6 = 0xffff0004 189 (65535:4) route-filter-v6 = 0xffff0005 190 (65535:5) llgr-stale = 0xffff0006 191 (65535:6) no-llgr = 0xffff0007 192 (65535:7) blackhole = 0xffff029a 193 (65535:666) no-export = 194 0xffffff01\t(65535:65281) no-advertise = 195 0xffffff02 (65535:65282) no-export-subconfed 196 \ = 0xffffff03 (65535:65283) no-peer 197 \ = 0xffffff04 (65535:65284)" 198 enum: 199 - internet 200 - planned-shut 201 - accept-own 202 - route-filter-translated-v4 203 - route-filter-v4 204 - route-filter-translated-v6 205 - route-filter-v6 206 - llgr-stale 207 - no-llgr 208 - blackhole 209 - no-export 210 - no-advertise 211 - no-export-subconfed 212 - no-peer 213 type: string 214 type: array 215 type: object 216 localPreference: 217 description: LocalPreference defines the preference 218 value advertised in the BGP Local Preference path 219 attribute. As Local Preference is only valid for 220 iBGP peers, this value will be ignored for eBGP 221 peers (no Local Preference path attribute will 222 be advertised). If nil / not set, the default 223 Local Preference of 100 will be advertised in 224 the Local Preference path attribute for iBGP peers. 225 format: int64 226 maximum: 4294967295 227 minimum: 0 228 type: integer 229 selector: 230 description: Selector selects a group of objects 231 of the SelectorType resulting into routes that 232 will be announced with the configured Attributes. 233 If nil / not set, all objects of the SelectorType 234 are selected. 235 properties: 236 matchExpressions: 237 description: matchExpressions is a list of label 238 selector requirements. The requirements are 239 ANDed. 240 items: 241 description: A label selector requirement 242 is a selector that contains values, a key, 243 and an operator that relates the key and 244 values. 245 properties: 246 key: 247 description: key is the label key that 248 the selector applies to. 249 type: string 250 operator: 251 description: operator represents a key's 252 relationship to a set of values. Valid 253 operators are In, NotIn, Exists and 254 DoesNotExist. 255 enum: 256 - In 257 - NotIn 258 - Exists 259 - DoesNotExist 260 type: string 261 values: 262 description: values is an array of string 263 values. If the operator is In or NotIn, 264 the values array must be non-empty. 265 If the operator is Exists or DoesNotExist, 266 the values array must be empty. This 267 array is replaced during a strategic 268 merge patch. 269 items: 270 type: string 271 type: array 272 x-kubernetes-list-type: atomic 273 required: 274 - key 275 - operator 276 type: object 277 type: array 278 x-kubernetes-list-type: atomic 279 matchLabels: 280 additionalProperties: 281 description: MatchLabelsValue represents the 282 value from the MatchLabels {key,value} pair. 283 maxLength: 63 284 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 285 type: string 286 description: matchLabels is a map of {key,value} 287 pairs. A single {key,value} in the matchLabels 288 map is equivalent to an element of matchExpressions, 289 whose key field is "key", the operator is 290 "In", and the values array contains only "value". 291 The requirements are ANDed. 292 type: object 293 type: object 294 selectorType: 295 description: 'SelectorType defines the object type 296 on which the Selector applies: - For "PodCIDR" 297 the Selector matches k8s CiliumNode resources 298 (path attributes apply to routes announced for 299 PodCIDRs of selected CiliumNodes. Only affects 300 routes of cluster scope / Kubernetes IPAM CIDRs, 301 not Multi-Pool IPAM CIDRs. - For "CiliumLoadBalancerIPPool" 302 the Selector matches CiliumLoadBalancerIPPool 303 custom resources (path attributes apply to routes 304 announced for selected CiliumLoadBalancerIPPools). 305 - For "CiliumPodIPPool" the Selector matches CiliumPodIPPool 306 custom resources (path attributes apply to routes 307 announced for allocated CIDRs of selected CiliumPodIPPools).' 308 enum: 309 - PodCIDR 310 - CiliumLoadBalancerIPPool 311 - CiliumPodIPPool 312 type: string 313 required: 314 - selectorType 315 type: object 316 type: array 317 authSecretRef: 318 description: AuthSecretRef is the name of the secret to 319 use to fetch a TCP authentication password for this 320 peer. 321 type: string 322 connectRetryTimeSeconds: 323 default: 120 324 description: ConnectRetryTimeSeconds defines the initial 325 value for the BGP ConnectRetryTimer (RFC 4271, Section 326 8). 327 format: int32 328 maximum: 2147483647 329 minimum: 1 330 type: integer 331 eBGPMultihopTTL: 332 default: 1 333 description: EBGPMultihopTTL controls the multi-hop feature 334 for eBGP peers. Its value defines the Time To Live (TTL) 335 value used in BGP packets sent to the neighbor. The 336 value 1 implies that eBGP multi-hop feature is disabled 337 (only a single hop is allowed). This field is ignored 338 for iBGP peers. 339 format: int32 340 maximum: 255 341 minimum: 1 342 type: integer 343 families: 344 description: "Families, if provided, defines a set of 345 AFI/SAFIs the speaker will negotiate with it's peer. 346 \n If this slice is not provided the default families 347 of IPv6 and IPv4 will be provided." 348 items: 349 description: CiliumBGPFamily represents a AFI/SAFI address 350 family pair. 351 properties: 352 afi: 353 description: Afi is the Address Family Identifier 354 (AFI) of the family. 355 enum: 356 - ipv4 357 - ipv6 358 - l2vpn 359 - ls 360 - opaque 361 type: string 362 safi: 363 description: Safi is the Subsequent Address Family 364 Identifier (SAFI) of the family. 365 enum: 366 - unicast 367 - multicast 368 - mpls_label 369 - encapsulation 370 - vpls 371 - evpn 372 - ls 373 - sr_policy 374 - mup 375 - mpls_vpn 376 - mpls_vpn_multicast 377 - route_target_constraints 378 - flowspec_unicast 379 - flowspec_vpn 380 - key_value 381 type: string 382 required: 383 - afi 384 - safi 385 type: object 386 type: array 387 gracefulRestart: 388 description: GracefulRestart defines graceful restart 389 parameters which are negotiated with this neighbor. 390 If empty / nil, the graceful restart capability is disabled. 391 properties: 392 enabled: 393 description: Enabled flag, when set enables graceful 394 restart capability. 395 type: boolean 396 restartTimeSeconds: 397 default: 120 398 description: RestartTimeSeconds is the estimated time 399 it will take for the BGP session to be re-established 400 with peer after a restart. After this period, peer 401 will remove stale routes. This is described RFC 402 4724 section 4.2. 403 format: int32 404 maximum: 4095 405 minimum: 1 406 type: integer 407 required: 408 - enabled 409 type: object 410 holdTimeSeconds: 411 default: 90 412 description: HoldTimeSeconds defines the initial value 413 for the BGP HoldTimer (RFC 4271, Section 4.2). Updating 414 this value will cause a session reset. 415 format: int32 416 maximum: 65535 417 minimum: 3 418 type: integer 419 keepAliveTimeSeconds: 420 default: 30 421 description: KeepaliveTimeSeconds defines the initial 422 value for the BGP KeepaliveTimer (RFC 4271, Section 423 8). It can not be larger than HoldTimeSeconds. Updating 424 this value will cause a session reset. 425 format: int32 426 maximum: 65535 427 minimum: 1 428 type: integer 429 peerASN: 430 description: PeerASN is the ASN of the peer BGP router. 431 Supports extended 32bit ASNs 432 format: int64 433 maximum: 4294967295 434 minimum: 0 435 type: integer 436 peerAddress: 437 description: PeerAddress is the IP address of the peer. 438 This must be in CIDR notation and use a /32 to express 439 a single host. 440 format: cidr 441 type: string 442 peerPort: 443 default: 179 444 description: PeerPort is the TCP port of the peer. 1-65535 445 is the range of valid port numbers that can be specified. 446 If unset, defaults to 179. 447 format: int32 448 maximum: 65535 449 minimum: 1 450 type: integer 451 required: 452 - peerASN 453 - peerAddress 454 type: object 455 minItems: 1 456 type: array 457 podIPPoolSelector: 458 description: "PodIPPoolSelector selects CiliumPodIPPools based 459 on labels. The virtual router will announce allocated CIDRs 460 of matching CiliumPodIPPools. \n If empty / nil no CiliumPodIPPools 461 will be announced." 462 properties: 463 matchExpressions: 464 description: matchExpressions is a list of label selector 465 requirements. The requirements are ANDed. 466 items: 467 description: A label selector requirement is a selector 468 that contains values, a key, and an operator that relates 469 the key and values. 470 properties: 471 key: 472 description: key is the label key that the selector 473 applies to. 474 type: string 475 operator: 476 description: operator represents a key's relationship 477 to a set of values. Valid operators are In, NotIn, 478 Exists and DoesNotExist. 479 enum: 480 - In 481 - NotIn 482 - Exists 483 - DoesNotExist 484 type: string 485 values: 486 description: values is an array of string values. 487 If the operator is In or NotIn, the values array 488 must be non-empty. If the operator is Exists or 489 DoesNotExist, the values array must be empty. This 490 array is replaced during a strategic merge patch. 491 items: 492 type: string 493 type: array 494 x-kubernetes-list-type: atomic 495 required: 496 - key 497 - operator 498 type: object 499 type: array 500 x-kubernetes-list-type: atomic 501 matchLabels: 502 additionalProperties: 503 description: MatchLabelsValue represents the value from 504 the MatchLabels {key,value} pair. 505 maxLength: 63 506 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 507 type: string 508 description: matchLabels is a map of {key,value} pairs. 509 A single {key,value} in the matchLabels map is equivalent 510 to an element of matchExpressions, whose key field is 511 "key", the operator is "In", and the values array contains 512 only "value". The requirements are ANDed. 513 type: object 514 type: object 515 serviceAdvertisements: 516 default: 517 - LoadBalancerIP 518 description: ServiceAdvertisements selects a group of BGP Advertisement(s) 519 to advertise for the selected services. 520 items: 521 description: "BGPServiceAddressType defines type of service 522 address to be advertised. \n Note list of supported service 523 addresses is not exhaustive and can be extended in the future. 524 Consumer of this API should be able to handle unknown values." 525 enum: 526 - LoadBalancerIP 527 - ClusterIP 528 - ExternalIP 529 type: string 530 type: array 531 serviceSelector: 532 description: "ServiceSelector selects a group of load balancer 533 services which this virtual router will announce. The loadBalancerClass 534 for a service must be nil or specify a class supported by 535 Cilium, e.g. \"io.cilium/bgp-control-plane\". Refer to the 536 following document for additional details regarding load balancer 537 classes: \n https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class 538 \n If empty / nil no services will be announced." 539 properties: 540 matchExpressions: 541 description: matchExpressions is a list of label selector 542 requirements. The requirements are ANDed. 543 items: 544 description: A label selector requirement is a selector 545 that contains values, a key, and an operator that relates 546 the key and values. 547 properties: 548 key: 549 description: key is the label key that the selector 550 applies to. 551 type: string 552 operator: 553 description: operator represents a key's relationship 554 to a set of values. Valid operators are In, NotIn, 555 Exists and DoesNotExist. 556 enum: 557 - In 558 - NotIn 559 - Exists 560 - DoesNotExist 561 type: string 562 values: 563 description: values is an array of string values. 564 If the operator is In or NotIn, the values array 565 must be non-empty. If the operator is Exists or 566 DoesNotExist, the values array must be empty. This 567 array is replaced during a strategic merge patch. 568 items: 569 type: string 570 type: array 571 x-kubernetes-list-type: atomic 572 required: 573 - key 574 - operator 575 type: object 576 type: array 577 x-kubernetes-list-type: atomic 578 matchLabels: 579 additionalProperties: 580 description: MatchLabelsValue represents the value from 581 the MatchLabels {key,value} pair. 582 maxLength: 63 583 pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ 584 type: string 585 description: matchLabels is a map of {key,value} pairs. 586 A single {key,value} in the matchLabels map is equivalent 587 to an element of matchExpressions, whose key field is 588 "key", the operator is "In", and the values array contains 589 only "value". The requirements are ANDed. 590 type: object 591 type: object 592 required: 593 - localASN 594 - neighbors 595 type: object 596 minItems: 1 597 type: array 598 required: 599 - virtualRouters 600 type: object 601 required: 602 - metadata 603 type: object 604 served: true 605 storage: true 606 subresources: {} 607 status: 608 acceptedNames: 609 kind: "" 610 plural: "" 611 conditions: [] 612 storedVersions: []