github.com/kubearmor/cilium@v1.6.12/api/v1/server/embedded_spec.go (about) 1 // Code generated by go-swagger; DO NOT EDIT. 2 3 package server 4 5 // This file was generated by the swagger tool. 6 // Editing this file might prove futile when you re-run the swagger generate command 7 8 import ( 9 "encoding/json" 10 ) 11 12 var ( 13 // SwaggerJSON embedded version of the swagger document used at generation time 14 SwaggerJSON json.RawMessage 15 // FlatSwaggerJSON embedded flattened version of the swagger document used at generation time 16 FlatSwaggerJSON json.RawMessage 17 ) 18 19 func init() { 20 SwaggerJSON = json.RawMessage([]byte(`{ 21 "consumes": [ 22 "application/json" 23 ], 24 "produces": [ 25 "application/json" 26 ], 27 "swagger": "2.0", 28 "info": { 29 "description": "Cilium", 30 "title": "Cilium API", 31 "version": "v1beta" 32 }, 33 "basePath": "/v1", 34 "paths": { 35 "/cluster/nodes": { 36 "get": { 37 "tags": [ 38 "daemon" 39 ], 40 "summary": "Get nodes information stored in the cilium-agent", 41 "parameters": [ 42 { 43 "type": "integer", 44 "description": "Client UUID should be used when the client wants to request\na diff of nodes added and / or removed since the last time\nthat client has made a request.\n", 45 "name": "client-id", 46 "in": "header" 47 } 48 ], 49 "responses": { 50 "200": { 51 "description": "Success", 52 "schema": { 53 "$ref": "#/definitions/ClusterNodeStatus" 54 } 55 } 56 } 57 } 58 }, 59 "/config": { 60 "get": { 61 "description": "Returns the configuration of the Cilium daemon.\n", 62 "tags": [ 63 "daemon" 64 ], 65 "summary": "Get configuration of Cilium daemon", 66 "responses": { 67 "200": { 68 "description": "Success", 69 "schema": { 70 "$ref": "#/definitions/DaemonConfiguration" 71 } 72 } 73 } 74 }, 75 "patch": { 76 "description": "Updates the daemon configuration by applying the provided\nConfigurationMap and regenerates \u0026 recompiles all required datapath\ncomponents.\n", 77 "tags": [ 78 "daemon" 79 ], 80 "summary": "Modify daemon configuration", 81 "parameters": [ 82 { 83 "name": "configuration", 84 "in": "body", 85 "required": true, 86 "schema": { 87 "$ref": "#/definitions/DaemonConfigurationSpec" 88 } 89 } 90 ], 91 "responses": { 92 "200": { 93 "description": "Success" 94 }, 95 "400": { 96 "description": "Bad configuration parameters", 97 "schema": { 98 "$ref": "#/definitions/Error" 99 } 100 }, 101 "500": { 102 "description": "Recompilation failed", 103 "schema": { 104 "$ref": "#/definitions/Error" 105 }, 106 "x-go-name": "Failure" 107 } 108 } 109 } 110 }, 111 "/debuginfo": { 112 "get": { 113 "tags": [ 114 "daemon" 115 ], 116 "summary": "Retrieve information about the agent and evironment for debugging", 117 "responses": { 118 "200": { 119 "description": "Success", 120 "schema": { 121 "$ref": "#/definitions/DebugInfo" 122 } 123 }, 124 "500": { 125 "description": "DebugInfo get failed", 126 "schema": { 127 "$ref": "#/definitions/Error" 128 }, 129 "x-go-name": "Failure" 130 } 131 } 132 } 133 }, 134 "/endpoint": { 135 "get": { 136 "description": "Retrieves a list of endpoints that have metadata matching the provided parameters, or all endpoints if no parameters provided.\n", 137 "tags": [ 138 "endpoint" 139 ], 140 "summary": "Retrieves a list of endpoints that have metadata matching the provided parameters.", 141 "parameters": [ 142 { 143 "$ref": "#/parameters/labels" 144 } 145 ], 146 "responses": { 147 "200": { 148 "description": "Success", 149 "schema": { 150 "type": "array", 151 "items": { 152 "$ref": "#/definitions/Endpoint" 153 } 154 } 155 }, 156 "404": { 157 "description": "Endpoints with provided parameters not found" 158 } 159 } 160 } 161 }, 162 "/endpoint/{id}": { 163 "get": { 164 "description": "Returns endpoint information\n", 165 "tags": [ 166 "endpoint" 167 ], 168 "summary": "Get endpoint by endpoint ID", 169 "parameters": [ 170 { 171 "$ref": "#/parameters/endpoint-id" 172 } 173 ], 174 "responses": { 175 "200": { 176 "description": "Success", 177 "schema": { 178 "$ref": "#/definitions/Endpoint" 179 } 180 }, 181 "400": { 182 "description": "Invalid endpoint ID format for specified type", 183 "schema": { 184 "$ref": "#/definitions/Error" 185 }, 186 "x-go-name": "Invalid" 187 }, 188 "404": { 189 "description": "Endpoint not found" 190 } 191 } 192 }, 193 "put": { 194 "description": "Creates a new endpoint\n", 195 "tags": [ 196 "endpoint" 197 ], 198 "summary": "Create endpoint", 199 "parameters": [ 200 { 201 "$ref": "#/parameters/endpoint-id" 202 }, 203 { 204 "$ref": "#/parameters/endpoint-change-request" 205 } 206 ], 207 "responses": { 208 "201": { 209 "description": "Created" 210 }, 211 "400": { 212 "description": "Invalid endpoint in request", 213 "schema": { 214 "$ref": "#/definitions/Error" 215 }, 216 "x-go-name": "Invalid" 217 }, 218 "409": { 219 "description": "Endpoint already exists", 220 "x-go-name": "Exists" 221 }, 222 "500": { 223 "description": "Endpoint creation failed", 224 "schema": { 225 "$ref": "#/definitions/Error" 226 }, 227 "x-go-name": "Failed" 228 } 229 } 230 }, 231 "delete": { 232 "description": "Deletes the endpoint specified by the ID. Deletion is imminent and\natomic, if the deletion request is valid and the endpoint exists,\ndeletion will occur even if errors are encountered in the process. If\nerrors have been encountered, the code 202 will be returned, otherwise\n200 on success.\n\nAll resources associated with the endpoint will be freed and the\nworkload represented by the endpoint will be disconnected.It will no\nlonger be able to initiate or receive communications of any sort.\n", 233 "tags": [ 234 "endpoint" 235 ], 236 "summary": "Delete endpoint", 237 "parameters": [ 238 { 239 "$ref": "#/parameters/endpoint-id" 240 } 241 ], 242 "responses": { 243 "200": { 244 "description": "Success" 245 }, 246 "206": { 247 "description": "Deleted with a number of errors encountered", 248 "schema": { 249 "type": "integer" 250 }, 251 "x-go-name": "Errors" 252 }, 253 "400": { 254 "description": "Invalid endpoint ID format for specified type. Details in error\nmessage\n", 255 "schema": { 256 "$ref": "#/definitions/Error" 257 }, 258 "x-go-name": "Invalid" 259 }, 260 "404": { 261 "description": "Endpoint not found" 262 } 263 } 264 }, 265 "patch": { 266 "description": "Applies the endpoint change request to an existing endpoint\n", 267 "tags": [ 268 "endpoint" 269 ], 270 "summary": "Modify existing endpoint", 271 "deprecated": true, 272 "parameters": [ 273 { 274 "$ref": "#/parameters/endpoint-id" 275 }, 276 { 277 "$ref": "#/parameters/endpoint-change-request" 278 } 279 ], 280 "responses": { 281 "200": { 282 "description": "Success" 283 }, 284 "400": { 285 "description": "Invalid modify endpoint request", 286 "schema": { 287 "$ref": "#/definitions/Error" 288 }, 289 "x-go-name": "Invalid" 290 }, 291 "404": { 292 "description": "Endpoint does not exist" 293 }, 294 "500": { 295 "description": "Endpoint update failed", 296 "schema": { 297 "$ref": "#/definitions/Error" 298 }, 299 "x-go-name": "Failed" 300 } 301 } 302 } 303 }, 304 "/endpoint/{id}/config": { 305 "get": { 306 "description": "Retrieves the configuration of the specified endpoint.\n", 307 "tags": [ 308 "endpoint" 309 ], 310 "summary": "Retrieve endpoint configuration", 311 "parameters": [ 312 { 313 "$ref": "#/parameters/endpoint-id" 314 } 315 ], 316 "responses": { 317 "200": { 318 "description": "Success", 319 "schema": { 320 "$ref": "#/definitions/EndpointConfigurationStatus" 321 } 322 }, 323 "404": { 324 "description": "Endpoint not found" 325 } 326 } 327 }, 328 "patch": { 329 "description": "Update the configuration of an existing endpoint and regenerates \u0026\nrecompiles the corresponding programs automatically.\n", 330 "tags": [ 331 "endpoint" 332 ], 333 "summary": "Modify mutable endpoint configuration", 334 "parameters": [ 335 { 336 "$ref": "#/parameters/endpoint-id" 337 }, 338 { 339 "name": "endpoint-configuration", 340 "in": "body", 341 "required": true, 342 "schema": { 343 "$ref": "#/definitions/EndpointConfigurationSpec" 344 } 345 } 346 ], 347 "responses": { 348 "200": { 349 "description": "Success" 350 }, 351 "400": { 352 "description": "Invalid configuration request", 353 "x-go-name": "Invalid" 354 }, 355 "404": { 356 "description": "Endpoint not found" 357 }, 358 "500": { 359 "description": "Update failed. Details in message.", 360 "schema": { 361 "$ref": "#/definitions/Error" 362 }, 363 "x-go-name": "Failed" 364 } 365 } 366 } 367 }, 368 "/endpoint/{id}/healthz": { 369 "get": { 370 "tags": [ 371 "endpoint" 372 ], 373 "summary": "Retrieves the status logs associated with this endpoint.", 374 "parameters": [ 375 { 376 "$ref": "#/parameters/endpoint-id" 377 } 378 ], 379 "responses": { 380 "200": { 381 "description": "Success", 382 "schema": { 383 "$ref": "#/definitions/EndpointHealth" 384 } 385 }, 386 "400": { 387 "description": "Invalid identity provided", 388 "x-go-name": "Invalid" 389 }, 390 "404": { 391 "description": "Endpoint not found" 392 } 393 } 394 } 395 }, 396 "/endpoint/{id}/labels": { 397 "get": { 398 "tags": [ 399 "endpoint" 400 ], 401 "summary": "Retrieves the list of labels associated with an endpoint.", 402 "parameters": [ 403 { 404 "$ref": "#/parameters/endpoint-id" 405 } 406 ], 407 "responses": { 408 "200": { 409 "description": "Success", 410 "schema": { 411 "$ref": "#/definitions/LabelConfiguration" 412 } 413 }, 414 "404": { 415 "description": "Endpoint not found" 416 } 417 } 418 }, 419 "patch": { 420 "description": "Sets labels associated with an endpoint. These can be user provided or\nderived from the orchestration system.\n", 421 "tags": [ 422 "endpoint" 423 ], 424 "summary": "Set label configuration of endpoint", 425 "parameters": [ 426 { 427 "$ref": "#/parameters/endpoint-id" 428 }, 429 { 430 "name": "configuration", 431 "in": "body", 432 "required": true, 433 "schema": { 434 "$ref": "#/definitions/LabelConfigurationSpec" 435 } 436 } 437 ], 438 "responses": { 439 "200": { 440 "description": "Success" 441 }, 442 "404": { 443 "description": "Endpoint not found" 444 }, 445 "500": { 446 "description": "Error while updating labels", 447 "schema": { 448 "$ref": "#/definitions/Error" 449 }, 450 "x-go-name": "UpdateFailed" 451 } 452 } 453 } 454 }, 455 "/endpoint/{id}/log": { 456 "get": { 457 "tags": [ 458 "endpoint" 459 ], 460 "summary": "Retrieves the status logs associated with this endpoint.", 461 "parameters": [ 462 { 463 "$ref": "#/parameters/endpoint-id" 464 } 465 ], 466 "responses": { 467 "200": { 468 "description": "Success", 469 "schema": { 470 "$ref": "#/definitions/EndpointStatusLog" 471 } 472 }, 473 "400": { 474 "description": "Invalid identity provided", 475 "x-go-name": "Invalid" 476 }, 477 "404": { 478 "description": "Endpoint not found" 479 } 480 } 481 } 482 }, 483 "/fqdn/cache": { 484 "get": { 485 "description": "Retrieves the list of DNS lookups intercepted from endpoints,\noptionally filtered by endpoint id, DNS name, or CIDR IP range.\n", 486 "tags": [ 487 "policy" 488 ], 489 "summary": "Retrieves the list of DNS lookups intercepted from all endpoints.", 490 "parameters": [ 491 { 492 "$ref": "#/parameters/matchpattern" 493 }, 494 { 495 "$ref": "#/parameters/cidr" 496 } 497 ], 498 "responses": { 499 "200": { 500 "description": "Success", 501 "schema": { 502 "type": "array", 503 "items": { 504 "$ref": "#/definitions/DNSLookup" 505 } 506 } 507 }, 508 "400": { 509 "description": "Invalid request (error parsing parameters)", 510 "schema": { 511 "$ref": "#/definitions/Error" 512 } 513 }, 514 "404": { 515 "description": "No DNS data with provided parameters found" 516 } 517 } 518 }, 519 "delete": { 520 "description": "Deletes matching DNS lookups from the cache, optionally restricted by\nDNS name. The removed IP data will no longer be used in generated\npolicies.\n", 521 "tags": [ 522 "policy" 523 ], 524 "summary": "Deletes matching DNS lookups from the policy-generation cache.", 525 "parameters": [ 526 { 527 "$ref": "#/parameters/matchpattern" 528 } 529 ], 530 "responses": { 531 "200": { 532 "description": "Success" 533 }, 534 "400": { 535 "description": "Invalid request (error parsing parameters)", 536 "schema": { 537 "$ref": "#/definitions/Error" 538 } 539 } 540 } 541 } 542 }, 543 "/fqdn/cache/{id}": { 544 "get": { 545 "description": "Retrieves the list of DNS lookups intercepted from endpoints,\noptionally filtered by endpoint id, DNS name, or CIDR IP range.\n", 546 "tags": [ 547 "policy" 548 ], 549 "summary": "Retrieves the list of DNS lookups intercepted from an endpoint.", 550 "parameters": [ 551 { 552 "$ref": "#/parameters/endpoint-id" 553 }, 554 { 555 "$ref": "#/parameters/matchpattern" 556 }, 557 { 558 "$ref": "#/parameters/cidr" 559 } 560 ], 561 "responses": { 562 "200": { 563 "description": "Success", 564 "schema": { 565 "type": "array", 566 "items": { 567 "$ref": "#/definitions/DNSLookup" 568 } 569 } 570 }, 571 "400": { 572 "description": "Invalid request (error parsing parameters)", 573 "schema": { 574 "$ref": "#/definitions/Error" 575 } 576 }, 577 "404": { 578 "description": "No DNS data with provided parameters found" 579 } 580 } 581 } 582 }, 583 "/healthz": { 584 "get": { 585 "description": "Returns health and status information of the Cilium daemon and related\ncomponents such as the local container runtime, connected datastore,\nKubernetes integration.\n", 586 "tags": [ 587 "daemon" 588 ], 589 "summary": "Get health of Cilium daemon", 590 "parameters": [ 591 { 592 "type": "boolean", 593 "description": "Brief will return a brief representation of the Cilium status.\n", 594 "name": "brief", 595 "in": "header" 596 } 597 ], 598 "responses": { 599 "200": { 600 "description": "Success", 601 "schema": { 602 "$ref": "#/definitions/StatusResponse" 603 } 604 } 605 } 606 } 607 }, 608 "/identity": { 609 "get": { 610 "description": "Retrieves a list of identities that have metadata matching the provided parameters, or all identities if no parameters are provided.\n", 611 "tags": [ 612 "policy" 613 ], 614 "summary": "Retrieves a list of identities that have metadata matching the provided parameters.", 615 "parameters": [ 616 { 617 "$ref": "#/parameters/labels" 618 } 619 ], 620 "responses": { 621 "200": { 622 "description": "Success", 623 "schema": { 624 "type": "array", 625 "items": { 626 "$ref": "#/definitions/Identity" 627 } 628 } 629 }, 630 "404": { 631 "description": "Identities with provided parameters not found" 632 }, 633 "520": { 634 "description": "Identity storage unreachable. Likely a network problem.", 635 "schema": { 636 "$ref": "#/definitions/Error" 637 }, 638 "x-go-name": "Unreachable" 639 }, 640 "521": { 641 "description": "Invalid identity format in storage", 642 "schema": { 643 "$ref": "#/definitions/Error" 644 }, 645 "x-go-name": "InvalidStorageFormat" 646 } 647 } 648 } 649 }, 650 "/identity/endpoints": { 651 "get": { 652 "tags": [ 653 "policy" 654 ], 655 "summary": "Retrieve identities which are being used by local endpoints", 656 "responses": { 657 "200": { 658 "description": "Success", 659 "schema": { 660 "type": "array", 661 "items": { 662 "$ref": "#/definitions/IdentityEndpoints" 663 } 664 } 665 }, 666 "404": { 667 "description": "Set of identities which are being used by local endpoints could not be found." 668 } 669 } 670 } 671 }, 672 "/identity/{id}": { 673 "get": { 674 "tags": [ 675 "policy" 676 ], 677 "summary": "Retrieve identity", 678 "parameters": [ 679 { 680 "$ref": "#/parameters/identity-id" 681 } 682 ], 683 "responses": { 684 "200": { 685 "description": "Success", 686 "schema": { 687 "$ref": "#/definitions/Identity" 688 } 689 }, 690 "400": { 691 "description": "Invalid identity provided" 692 }, 693 "404": { 694 "description": "Identity not found" 695 }, 696 "520": { 697 "description": "Identity storage unreachable. Likely a network problem.", 698 "schema": { 699 "$ref": "#/definitions/Error" 700 }, 701 "x-go-name": "Unreachable" 702 }, 703 "521": { 704 "description": "Invalid identity format in storage", 705 "schema": { 706 "$ref": "#/definitions/Error" 707 }, 708 "x-go-name": "InvalidStorageFormat" 709 } 710 } 711 } 712 }, 713 "/ipam": { 714 "post": { 715 "tags": [ 716 "ipam" 717 ], 718 "summary": "Allocate an IP address", 719 "parameters": [ 720 { 721 "$ref": "#/parameters/ipam-family" 722 }, 723 { 724 "$ref": "#/parameters/ipam-owner" 725 }, 726 { 727 "$ref": "#/parameters/ipam-expiration" 728 } 729 ], 730 "responses": { 731 "201": { 732 "description": "Success", 733 "schema": { 734 "$ref": "#/definitions/IPAMResponse" 735 } 736 }, 737 "502": { 738 "description": "Allocation failure", 739 "schema": { 740 "$ref": "#/definitions/Error" 741 }, 742 "x-go-name": "Failure" 743 } 744 } 745 } 746 }, 747 "/ipam/{ip}": { 748 "post": { 749 "tags": [ 750 "ipam" 751 ], 752 "summary": "Allocate an IP address", 753 "parameters": [ 754 { 755 "$ref": "#/parameters/ipam-ip" 756 }, 757 { 758 "$ref": "#/parameters/ipam-owner" 759 } 760 ], 761 "responses": { 762 "200": { 763 "description": "Success" 764 }, 765 "400": { 766 "description": "Invalid IP address", 767 "x-go-name": "Invalid" 768 }, 769 "409": { 770 "description": "IP already allocated", 771 "x-go-name": "Exists" 772 }, 773 "500": { 774 "description": "IP allocation failure. Details in message.", 775 "schema": { 776 "$ref": "#/definitions/Error" 777 }, 778 "x-go-name": "Failure" 779 }, 780 "501": { 781 "description": "Allocation for address family disabled", 782 "x-go-name": "Disabled" 783 } 784 } 785 }, 786 "delete": { 787 "tags": [ 788 "ipam" 789 ], 790 "summary": "Release an allocated IP address", 791 "parameters": [ 792 { 793 "$ref": "#/parameters/ipam-release-arg" 794 } 795 ], 796 "responses": { 797 "200": { 798 "description": "Success" 799 }, 800 "400": { 801 "description": "Invalid IP address", 802 "x-go-name": "Invalid" 803 }, 804 "404": { 805 "description": "IP address not found" 806 }, 807 "500": { 808 "description": "Address release failure", 809 "schema": { 810 "$ref": "#/definitions/Error" 811 }, 812 "x-go-name": "Failure" 813 }, 814 "501": { 815 "description": "Allocation for address family disabled", 816 "x-go-name": "Disabled" 817 } 818 } 819 } 820 }, 821 "/map": { 822 "get": { 823 "tags": [ 824 "daemon" 825 ], 826 "summary": "List all open maps", 827 "responses": { 828 "200": { 829 "description": "Success", 830 "schema": { 831 "$ref": "#/definitions/BPFMapList" 832 } 833 } 834 } 835 } 836 }, 837 "/map/{name}": { 838 "get": { 839 "tags": [ 840 "daemon" 841 ], 842 "summary": "Retrieve contents of BPF map", 843 "parameters": [ 844 { 845 "$ref": "#/parameters/map-name" 846 } 847 ], 848 "responses": { 849 "200": { 850 "description": "Success", 851 "schema": { 852 "$ref": "#/definitions/BPFMap" 853 } 854 }, 855 "404": { 856 "description": "Map not found" 857 } 858 } 859 } 860 }, 861 "/metrics/": { 862 "get": { 863 "tags": [ 864 "metrics" 865 ], 866 "summary": "Retrieve cilium metrics", 867 "responses": { 868 "200": { 869 "description": "Success", 870 "schema": { 871 "type": "array", 872 "items": { 873 "$ref": "#/definitions/Metric" 874 } 875 } 876 }, 877 "500": { 878 "description": "Metrics cannot be retrieved" 879 } 880 } 881 } 882 }, 883 "/policy": { 884 "get": { 885 "description": "Returns the entire policy tree with all children.\n", 886 "tags": [ 887 "policy" 888 ], 889 "summary": "Retrieve entire policy tree", 890 "parameters": [ 891 { 892 "name": "labels", 893 "in": "body", 894 "schema": { 895 "$ref": "#/definitions/Labels" 896 } 897 } 898 ], 899 "responses": { 900 "200": { 901 "description": "Success", 902 "schema": { 903 "$ref": "#/definitions/Policy" 904 } 905 }, 906 "404": { 907 "description": "No policy rules found" 908 } 909 } 910 }, 911 "put": { 912 "tags": [ 913 "policy" 914 ], 915 "summary": "Create or update a policy (sub)tree", 916 "parameters": [ 917 { 918 "$ref": "#/parameters/policy-rules" 919 } 920 ], 921 "responses": { 922 "200": { 923 "description": "Success", 924 "schema": { 925 "$ref": "#/definitions/Policy" 926 } 927 }, 928 "400": { 929 "description": "Invalid policy", 930 "schema": { 931 "$ref": "#/definitions/Error" 932 }, 933 "x-go-name": "InvalidPolicy" 934 }, 935 "460": { 936 "description": "Invalid path", 937 "schema": { 938 "$ref": "#/definitions/Error" 939 }, 940 "x-go-name": "InvalidPath" 941 }, 942 "500": { 943 "description": "Policy import failed", 944 "schema": { 945 "$ref": "#/definitions/Error" 946 }, 947 "x-go-name": "Failure" 948 } 949 } 950 }, 951 "delete": { 952 "tags": [ 953 "policy" 954 ], 955 "summary": "Delete a policy (sub)tree", 956 "parameters": [ 957 { 958 "name": "labels", 959 "in": "body", 960 "schema": { 961 "$ref": "#/definitions/Labels" 962 } 963 } 964 ], 965 "responses": { 966 "200": { 967 "description": "Success", 968 "schema": { 969 "$ref": "#/definitions/Policy" 970 } 971 }, 972 "400": { 973 "description": "Invalid request", 974 "schema": { 975 "$ref": "#/definitions/Error" 976 }, 977 "x-go-name": "Invalid" 978 }, 979 "404": { 980 "description": "Policy not found" 981 }, 982 "500": { 983 "description": "Error while deleting policy", 984 "schema": { 985 "$ref": "#/definitions/Error" 986 }, 987 "x-go-name": "Failure" 988 } 989 } 990 } 991 }, 992 "/policy/resolve": { 993 "get": { 994 "tags": [ 995 "policy" 996 ], 997 "summary": "Resolve policy for an identity context", 998 "parameters": [ 999 { 1000 "$ref": "#/parameters/trace-selector" 1001 } 1002 ], 1003 "responses": { 1004 "200": { 1005 "description": "Success", 1006 "schema": { 1007 "$ref": "#/definitions/PolicyTraceResult" 1008 } 1009 } 1010 } 1011 } 1012 }, 1013 "/policy/selectors": { 1014 "get": { 1015 "tags": [ 1016 "policy" 1017 ], 1018 "summary": "See what selectors match which identities", 1019 "responses": { 1020 "200": { 1021 "description": "Success", 1022 "schema": { 1023 "$ref": "#/definitions/SelectorCache" 1024 } 1025 } 1026 } 1027 } 1028 }, 1029 "/prefilter": { 1030 "get": { 1031 "tags": [ 1032 "prefilter" 1033 ], 1034 "summary": "Retrieve list of CIDRs", 1035 "responses": { 1036 "200": { 1037 "description": "Success", 1038 "schema": { 1039 "$ref": "#/definitions/Prefilter" 1040 } 1041 }, 1042 "500": { 1043 "description": "Prefilter get failed", 1044 "schema": { 1045 "$ref": "#/definitions/Error" 1046 }, 1047 "x-go-name": "Failure" 1048 } 1049 } 1050 }, 1051 "delete": { 1052 "tags": [ 1053 "prefilter" 1054 ], 1055 "summary": "Delete list of CIDRs", 1056 "parameters": [ 1057 { 1058 "$ref": "#/parameters/prefilter-spec" 1059 } 1060 ], 1061 "responses": { 1062 "200": { 1063 "description": "Deleted", 1064 "schema": { 1065 "$ref": "#/definitions/Prefilter" 1066 } 1067 }, 1068 "461": { 1069 "description": "Invalid CIDR prefix", 1070 "schema": { 1071 "$ref": "#/definitions/Error" 1072 }, 1073 "x-go-name": "InvalidCIDR" 1074 }, 1075 "500": { 1076 "description": "Prefilter delete failed", 1077 "schema": { 1078 "$ref": "#/definitions/Error" 1079 }, 1080 "x-go-name": "Failure" 1081 } 1082 } 1083 }, 1084 "patch": { 1085 "tags": [ 1086 "prefilter" 1087 ], 1088 "summary": "Update list of CIDRs", 1089 "parameters": [ 1090 { 1091 "$ref": "#/parameters/prefilter-spec" 1092 } 1093 ], 1094 "responses": { 1095 "200": { 1096 "description": "Updated", 1097 "schema": { 1098 "$ref": "#/definitions/Prefilter" 1099 } 1100 }, 1101 "461": { 1102 "description": "Invalid CIDR prefix", 1103 "schema": { 1104 "$ref": "#/definitions/Error" 1105 }, 1106 "x-go-name": "InvalidCIDR" 1107 }, 1108 "500": { 1109 "description": "Prefilter update failed", 1110 "schema": { 1111 "$ref": "#/definitions/Error" 1112 }, 1113 "x-go-name": "Failure" 1114 } 1115 } 1116 } 1117 }, 1118 "/service": { 1119 "get": { 1120 "tags": [ 1121 "service" 1122 ], 1123 "summary": "Retrieve list of all services", 1124 "responses": { 1125 "200": { 1126 "description": "Success", 1127 "schema": { 1128 "type": "array", 1129 "items": { 1130 "$ref": "#/definitions/Service" 1131 } 1132 } 1133 } 1134 } 1135 } 1136 }, 1137 "/service/{id}": { 1138 "get": { 1139 "tags": [ 1140 "service" 1141 ], 1142 "summary": "Retrieve configuration of a service", 1143 "parameters": [ 1144 { 1145 "$ref": "#/parameters/service-id" 1146 } 1147 ], 1148 "responses": { 1149 "200": { 1150 "description": "Success", 1151 "schema": { 1152 "$ref": "#/definitions/Service" 1153 } 1154 }, 1155 "404": { 1156 "description": "Service not found" 1157 } 1158 } 1159 }, 1160 "put": { 1161 "tags": [ 1162 "service" 1163 ], 1164 "summary": "Create or update service", 1165 "parameters": [ 1166 { 1167 "$ref": "#/parameters/service-id" 1168 }, 1169 { 1170 "$ref": "#/parameters/service-config" 1171 } 1172 ], 1173 "responses": { 1174 "200": { 1175 "description": "Updated" 1176 }, 1177 "201": { 1178 "description": "Created" 1179 }, 1180 "460": { 1181 "description": "Invalid frontend in service configuration", 1182 "schema": { 1183 "$ref": "#/definitions/Error" 1184 }, 1185 "x-go-name": "InvalidFrontend" 1186 }, 1187 "461": { 1188 "description": "Invalid backend in service configuration", 1189 "schema": { 1190 "$ref": "#/definitions/Error" 1191 }, 1192 "x-go-name": "InvalidBackend" 1193 }, 1194 "500": { 1195 "description": "Error while creating service", 1196 "schema": { 1197 "$ref": "#/definitions/Error" 1198 }, 1199 "x-go-name": "Failure" 1200 } 1201 } 1202 }, 1203 "delete": { 1204 "tags": [ 1205 "service" 1206 ], 1207 "summary": "Delete a service", 1208 "parameters": [ 1209 { 1210 "$ref": "#/parameters/service-id" 1211 } 1212 ], 1213 "responses": { 1214 "200": { 1215 "description": "Success" 1216 }, 1217 "404": { 1218 "description": "Service not found" 1219 }, 1220 "500": { 1221 "description": "Service deletion failed", 1222 "schema": { 1223 "$ref": "#/definitions/Error" 1224 }, 1225 "x-go-name": "Failure" 1226 } 1227 } 1228 } 1229 } 1230 }, 1231 "definitions": { 1232 "Address": { 1233 "description": "IP address", 1234 "type": "string" 1235 }, 1236 "AddressPair": { 1237 "description": "Addressing information of an endpoint", 1238 "type": "object", 1239 "properties": { 1240 "ipv4": { 1241 "description": "IPv4 address", 1242 "type": "string" 1243 }, 1244 "ipv4-expiration-uuid": { 1245 "description": "UUID of IPv4 expiration timer", 1246 "type": "string" 1247 }, 1248 "ipv6": { 1249 "description": "IPv6 address", 1250 "type": "string" 1251 }, 1252 "ipv6-expiration-uuid": { 1253 "description": "UUID of IPv6 expiration timer", 1254 "type": "string" 1255 } 1256 } 1257 }, 1258 "AllocationMap": { 1259 "description": "Map of allocated IPs\n", 1260 "type": "object", 1261 "additionalProperties": { 1262 "type": "string" 1263 } 1264 }, 1265 "BPFMap": { 1266 "description": "BPF map definition and content", 1267 "type": "object", 1268 "properties": { 1269 "cache": { 1270 "description": "Contents of cache", 1271 "type": "array", 1272 "items": { 1273 "$ref": "#/definitions/BPFMapEntry" 1274 } 1275 }, 1276 "path": { 1277 "description": "Path to BPF map", 1278 "type": "string" 1279 } 1280 } 1281 }, 1282 "BPFMapEntry": { 1283 "description": "BPF map cache entry\"", 1284 "type": "object", 1285 "properties": { 1286 "desired-action": { 1287 "description": "Desired action to be performed", 1288 "type": "string", 1289 "enum": [ 1290 "ok", 1291 "insert", 1292 "delete" 1293 ] 1294 }, 1295 "key": { 1296 "description": "Key of map entry", 1297 "type": "string" 1298 }, 1299 "last-error": { 1300 "description": "Last error seen while performing desired action", 1301 "type": "string" 1302 }, 1303 "value": { 1304 "description": "Value of map entry", 1305 "type": "string" 1306 } 1307 } 1308 }, 1309 "BPFMapList": { 1310 "description": "List of BPF Maps", 1311 "type": "object", 1312 "properties": { 1313 "maps": { 1314 "description": "Array of open BPF map lists", 1315 "type": "array", 1316 "items": { 1317 "$ref": "#/definitions/BPFMap" 1318 } 1319 } 1320 } 1321 }, 1322 "BackendAddress": { 1323 "description": "Service backend address", 1324 "type": "object", 1325 "required": [ 1326 "ip" 1327 ], 1328 "properties": { 1329 "ip": { 1330 "description": "Layer 3 address", 1331 "type": "string" 1332 }, 1333 "port": { 1334 "description": "Layer 4 port number", 1335 "type": "integer", 1336 "format": "uint16" 1337 }, 1338 "weight": { 1339 "description": "Weight for Round Robin", 1340 "type": "integer", 1341 "format": "uint16" 1342 } 1343 } 1344 }, 1345 "CIDRList": { 1346 "description": "List of CIDRs", 1347 "type": "object", 1348 "properties": { 1349 "list": { 1350 "type": "array", 1351 "items": { 1352 "type": "string" 1353 } 1354 }, 1355 "revision": { 1356 "type": "integer" 1357 } 1358 } 1359 }, 1360 "CIDRPolicy": { 1361 "description": "CIDR endpoint policy", 1362 "type": "object", 1363 "properties": { 1364 "egress": { 1365 "description": "List of CIDR egress rules", 1366 "type": "array", 1367 "items": { 1368 "$ref": "#/definitions/PolicyRule" 1369 } 1370 }, 1371 "ingress": { 1372 "description": "List of CIDR ingress rules", 1373 "type": "array", 1374 "items": { 1375 "$ref": "#/definitions/PolicyRule" 1376 } 1377 } 1378 } 1379 }, 1380 "ClusterNodeStatus": { 1381 "description": "Status of cluster", 1382 "properties": { 1383 "client-id": { 1384 "description": "ID that should be used by the client to receive a diff from the previous request", 1385 "type": "integer" 1386 }, 1387 "nodes-added": { 1388 "description": "List of known nodes", 1389 "type": "array", 1390 "items": { 1391 "$ref": "#/definitions/NodeElement" 1392 } 1393 }, 1394 "nodes-removed": { 1395 "description": "List of known nodes", 1396 "type": "array", 1397 "items": { 1398 "$ref": "#/definitions/NodeElement" 1399 } 1400 }, 1401 "self": { 1402 "description": "Name of local node (if available)", 1403 "type": "string" 1404 } 1405 } 1406 }, 1407 "ClusterNodesResponse": { 1408 "properties": { 1409 "nodes": { 1410 "description": "List of known nodes", 1411 "type": "array", 1412 "items": { 1413 "$ref": "#/definitions/NodeElement" 1414 } 1415 }, 1416 "self": { 1417 "description": "Name of local node (if available)", 1418 "type": "string" 1419 } 1420 } 1421 }, 1422 "ClusterStatus": { 1423 "description": "Status of cluster", 1424 "properties": { 1425 "ciliumHealth": { 1426 "description": "Status of local cilium-health daemon", 1427 "$ref": "#/definitions/Status" 1428 }, 1429 "nodes": { 1430 "description": "List of known nodes", 1431 "type": "array", 1432 "items": { 1433 "$ref": "#/definitions/NodeElement" 1434 } 1435 }, 1436 "self": { 1437 "description": "Name of local node (if available)", 1438 "type": "string" 1439 } 1440 } 1441 }, 1442 "ConfigurationMap": { 1443 "description": "Map of configuration key/value pairs.\n", 1444 "type": "object", 1445 "additionalProperties": { 1446 "type": "string" 1447 } 1448 }, 1449 "ControllerStatus": { 1450 "description": "Status of a controller", 1451 "type": "object", 1452 "properties": { 1453 "configuration": { 1454 "description": "Configuration of controller", 1455 "type": "object", 1456 "properties": { 1457 "error-retry": { 1458 "description": "Retry on error", 1459 "type": "boolean" 1460 }, 1461 "error-retry-base": { 1462 "description": "Base error retry back-off time", 1463 "type": "string", 1464 "format": "duration" 1465 }, 1466 "interval": { 1467 "description": "Regular synchronization interval", 1468 "type": "string", 1469 "format": "duration" 1470 } 1471 } 1472 }, 1473 "name": { 1474 "description": "Name of controller", 1475 "type": "string" 1476 }, 1477 "status": { 1478 "description": "Current status of controller", 1479 "type": "object", 1480 "properties": { 1481 "consecutive-failure-count": { 1482 "description": "Number of consecutive errors since last success", 1483 "type": "integer" 1484 }, 1485 "failure-count": { 1486 "description": "Total number of failed runs", 1487 "type": "integer" 1488 }, 1489 "last-failure-msg": { 1490 "description": "Error message of last failed run", 1491 "type": "string" 1492 }, 1493 "last-failure-timestamp": { 1494 "description": "Timestamp of last error", 1495 "type": "string", 1496 "format": "date-time" 1497 }, 1498 "last-success-timestamp": { 1499 "description": "Timestamp of last success", 1500 "type": "string", 1501 "format": "date-time" 1502 }, 1503 "success-count": { 1504 "description": "Total number of successful runs", 1505 "type": "integer" 1506 } 1507 } 1508 }, 1509 "uuid": { 1510 "description": "UUID of controller", 1511 "type": "string", 1512 "format": "uuid" 1513 } 1514 } 1515 }, 1516 "ControllerStatuses": { 1517 "description": "Collection of controller statuses", 1518 "type": "array", 1519 "items": { 1520 "$ref": "#/definitions/ControllerStatus" 1521 } 1522 }, 1523 "DNSLookup": { 1524 "description": "An IP -\u003e DNS mapping, with metadata", 1525 "type": "object", 1526 "properties": { 1527 "endpoint-id": { 1528 "description": "The endpoint that made this lookup, or 0 for the agent itself.", 1529 "type": "integer" 1530 }, 1531 "expiration-time": { 1532 "description": "The absolute time when this data will expire in this cache", 1533 "type": "string", 1534 "format": "date-time" 1535 }, 1536 "fqdn": { 1537 "description": "DNS name", 1538 "type": "string" 1539 }, 1540 "ips": { 1541 "description": "IP addresses returned in this lookup", 1542 "type": "array", 1543 "items": { 1544 "type": "string" 1545 } 1546 }, 1547 "lookup-time": { 1548 "description": "The absolute time when this data was recieved", 1549 "type": "string", 1550 "format": "date-time" 1551 }, 1552 "ttl": { 1553 "description": "The TTL in the DNS response", 1554 "type": "integer" 1555 } 1556 } 1557 }, 1558 "DaemonConfiguration": { 1559 "description": "Response to a daemon configuration request.\n", 1560 "type": "object", 1561 "properties": { 1562 "spec": { 1563 "description": "Changeable configuration", 1564 "$ref": "#/definitions/DaemonConfigurationSpec" 1565 }, 1566 "status": { 1567 "description": "Current daemon configuration related status.Contains the addressing\ninformation, k8s, node monitor and immutable and mutable\nconfiguration settings.\n", 1568 "$ref": "#/definitions/DaemonConfigurationStatus" 1569 } 1570 } 1571 }, 1572 "DaemonConfigurationSpec": { 1573 "description": "The controllable configuration of the daemon.", 1574 "type": "object", 1575 "properties": { 1576 "options": { 1577 "description": "Changeable configuration", 1578 "$ref": "#/definitions/ConfigurationMap" 1579 }, 1580 "policy-enforcement": { 1581 "description": "The policy-enforcement mode", 1582 "type": "string", 1583 "enum": [ 1584 "default", 1585 "always", 1586 "never" 1587 ] 1588 } 1589 } 1590 }, 1591 "DaemonConfigurationStatus": { 1592 "description": "Response to a daemon configuration request. Contains the addressing\ninformation, k8s, node monitor and immutable and mutable configuration\nsettings.\n", 1593 "type": "object", 1594 "properties": { 1595 "addressing": { 1596 "$ref": "#/definitions/NodeAddressing" 1597 }, 1598 "datapathMode": { 1599 "$ref": "#/definitions/DatapathMode" 1600 }, 1601 "deviceMTU": { 1602 "description": "MTU on workload facing devices", 1603 "type": "integer" 1604 }, 1605 "immutable": { 1606 "description": "Immutable configuration (read-only)", 1607 "$ref": "#/definitions/ConfigurationMap" 1608 }, 1609 "ipam-mode": { 1610 "description": "Configured IPAM mode", 1611 "type": "string" 1612 }, 1613 "ipvlanConfiguration": { 1614 "$ref": "#/definitions/IpvlanConfiguration" 1615 }, 1616 "k8s-configuration": { 1617 "type": "string" 1618 }, 1619 "k8s-endpoint": { 1620 "type": "string" 1621 }, 1622 "kvstoreConfiguration": { 1623 "$ref": "#/definitions/KVstoreConfiguration" 1624 }, 1625 "masquerade": { 1626 "description": "Status of masquerading feature", 1627 "type": "boolean" 1628 }, 1629 "nodeMonitor": { 1630 "description": "Status of the node monitor", 1631 "$ref": "#/definitions/MonitorStatus" 1632 }, 1633 "realized": { 1634 "description": "Currently applied configuration", 1635 "$ref": "#/definitions/DaemonConfigurationSpec" 1636 }, 1637 "routeMTU": { 1638 "description": "MTU for network facing routes", 1639 "type": "integer" 1640 } 1641 } 1642 }, 1643 "DatapathMode": { 1644 "description": "Datapath mode", 1645 "type": "string", 1646 "enum": [ 1647 "veth", 1648 "ipvlan" 1649 ] 1650 }, 1651 "DebugInfo": { 1652 "description": "groups some debugging related information on the agent", 1653 "type": "object", 1654 "properties": { 1655 "cilium-memory-map": { 1656 "type": "string" 1657 }, 1658 "cilium-nodemonitor-memory-map": { 1659 "type": "string" 1660 }, 1661 "cilium-status": { 1662 "$ref": "#/definitions/StatusResponse" 1663 }, 1664 "cilium-version": { 1665 "type": "string" 1666 }, 1667 "endpoint-list": { 1668 "type": "array", 1669 "items": { 1670 "$ref": "#/definitions/Endpoint" 1671 } 1672 }, 1673 "environment-variables": { 1674 "type": "array", 1675 "items": { 1676 "type": "string" 1677 } 1678 }, 1679 "kernel-version": { 1680 "type": "string" 1681 }, 1682 "policy": { 1683 "$ref": "#/definitions/Policy" 1684 }, 1685 "service-list": { 1686 "type": "array", 1687 "items": { 1688 "$ref": "#/definitions/Service" 1689 } 1690 }, 1691 "subsystem": { 1692 "type": "object", 1693 "additionalProperties": { 1694 "type": "string" 1695 } 1696 } 1697 } 1698 }, 1699 "Endpoint": { 1700 "description": "An endpoint is a namespaced network interface to which cilium applies policies", 1701 "type": "object", 1702 "properties": { 1703 "id": { 1704 "description": "The cilium-agent-local ID of the endpoint", 1705 "type": "integer" 1706 }, 1707 "spec": { 1708 "description": "The desired configuration state of the endpoint", 1709 "$ref": "#/definitions/EndpointConfigurationSpec" 1710 }, 1711 "status": { 1712 "description": "The desired and realized configuration state of the endpoint", 1713 "$ref": "#/definitions/EndpointStatus" 1714 } 1715 } 1716 }, 1717 "EndpointChangeRequest": { 1718 "description": "Structure which contains the mutable elements of an Endpoint.\n", 1719 "type": "object", 1720 "required": [ 1721 "state" 1722 ], 1723 "properties": { 1724 "addressing": { 1725 "$ref": "#/definitions/AddressPair" 1726 }, 1727 "container-id": { 1728 "description": "ID assigned by container runtime", 1729 "type": "string" 1730 }, 1731 "container-name": { 1732 "description": "Name assigned to container", 1733 "type": "string" 1734 }, 1735 "datapath-configuration": { 1736 "$ref": "#/definitions/EndpointDatapathConfiguration" 1737 }, 1738 "datapath-map-id": { 1739 "description": "ID of datapath tail call map", 1740 "type": "integer" 1741 }, 1742 "docker-endpoint-id": { 1743 "description": "Docker endpoint ID", 1744 "type": "string" 1745 }, 1746 "docker-network-id": { 1747 "description": "Docker network ID", 1748 "type": "string" 1749 }, 1750 "host-mac": { 1751 "description": "MAC address", 1752 "type": "string" 1753 }, 1754 "id": { 1755 "description": "Local endpoint ID", 1756 "type": "integer" 1757 }, 1758 "interface-index": { 1759 "description": "Index of network device", 1760 "type": "integer" 1761 }, 1762 "interface-name": { 1763 "description": "Name of network device", 1764 "type": "string" 1765 }, 1766 "k8s-namespace": { 1767 "description": "Kubernetes namespace name", 1768 "type": "string" 1769 }, 1770 "k8s-pod-name": { 1771 "description": "Kubernetes pod name", 1772 "type": "string" 1773 }, 1774 "labels": { 1775 "description": "Labels describing the identity", 1776 "$ref": "#/definitions/Labels" 1777 }, 1778 "mac": { 1779 "description": "MAC address", 1780 "type": "string" 1781 }, 1782 "pid": { 1783 "description": "Process ID of the workload belonging to this endpoint", 1784 "type": "integer" 1785 }, 1786 "policy-enabled": { 1787 "description": "Whether policy enforcement is enabled or not", 1788 "type": "boolean" 1789 }, 1790 "state": { 1791 "description": "Current state of endpoint", 1792 "$ref": "#/definitions/EndpointState" 1793 }, 1794 "sync-build-endpoint": { 1795 "description": "Whether to build an endpoint synchronously\n", 1796 "type": "boolean" 1797 } 1798 } 1799 }, 1800 "EndpointConfigurationSpec": { 1801 "description": "An endpoint's configuration", 1802 "type": "object", 1803 "properties": { 1804 "label-configuration": { 1805 "description": "the endpoint's labels", 1806 "$ref": "#/definitions/LabelConfigurationSpec" 1807 }, 1808 "options": { 1809 "description": "Changeable configuration", 1810 "$ref": "#/definitions/ConfigurationMap" 1811 } 1812 } 1813 }, 1814 "EndpointConfigurationStatus": { 1815 "description": "An endpoint's configuration", 1816 "type": "object", 1817 "properties": { 1818 "error": { 1819 "description": "Most recent error, if applicable", 1820 "$ref": "#/definitions/Error" 1821 }, 1822 "immutable": { 1823 "description": "Immutable configuration (read-only)", 1824 "$ref": "#/definitions/ConfigurationMap" 1825 }, 1826 "realized": { 1827 "description": "currently applied changeable configuration", 1828 "$ref": "#/definitions/EndpointConfigurationSpec" 1829 } 1830 } 1831 }, 1832 "EndpointDatapathConfiguration": { 1833 "description": "Datapath configuration to be used for the endpoint", 1834 "type": "object", 1835 "properties": { 1836 "external-ipam": { 1837 "description": "Indicates that IPAM is done external to Cilium. This will prevent the IP from being released and re-allocation of the IP address is skipped on restore.\n", 1838 "type": "boolean" 1839 }, 1840 "install-endpoint-route": { 1841 "description": "Installs a route in the Linux routing table pointing to the device of the endpoint's interface.\n", 1842 "type": "boolean" 1843 }, 1844 "require-arp-passthrough": { 1845 "description": "Enable ARP passthrough mode", 1846 "type": "boolean" 1847 }, 1848 "require-egress-prog": { 1849 "description": "Endpoint requires a host-facing egress program to be attached to implement ingress policy and reverse NAT.\n", 1850 "type": "boolean" 1851 }, 1852 "require-routing": { 1853 "description": "Endpoint requires BPF routing to be enabled, when disabled, routing is delegated to Linux routing.\n", 1854 "type": "boolean", 1855 "default": true 1856 } 1857 } 1858 }, 1859 "EndpointHealth": { 1860 "description": "Health of the endpoint", 1861 "type": "object", 1862 "properties": { 1863 "bpf": { 1864 "$ref": "#/definitions/EndpointHealthStatus" 1865 }, 1866 "connected": { 1867 "description": "Is this endpoint reachable", 1868 "type": "boolean" 1869 }, 1870 "overallHealth": { 1871 "$ref": "#/definitions/EndpointHealthStatus" 1872 }, 1873 "policy": { 1874 "$ref": "#/definitions/EndpointHealthStatus" 1875 } 1876 } 1877 }, 1878 "EndpointHealthStatus": { 1879 "description": "A common set of statuses for endpoint health * ` + "`" + `` + "`" + `OK` + "`" + `` + "`" + ` = All components operational * ` + "`" + `` + "`" + `Bootstrap` + "`" + `` + "`" + ` = This component is being created * ` + "`" + `` + "`" + `Pending` + "`" + `` + "`" + ` = A change is being processed to be applied * ` + "`" + `` + "`" + `Warning` + "`" + `` + "`" + ` = This component is not applying up-to-date policies (but is still applying the previous version) * ` + "`" + `` + "`" + `Failure` + "`" + `` + "`" + ` = An error has occurred and no policy is being applied * ` + "`" + `` + "`" + `Disabled` + "`" + `` + "`" + ` = This endpoint is disabled and will not handle traffic\n", 1880 "type": "string", 1881 "enum": [ 1882 "OK", 1883 "Bootstrap", 1884 "Pending", 1885 "Warning", 1886 "Failure", 1887 "Disabled" 1888 ] 1889 }, 1890 "EndpointIdentifiers": { 1891 "description": "Unique identifiers for this endpoint from outside cilium", 1892 "type": "object", 1893 "properties": { 1894 "container-id": { 1895 "description": "ID assigned by container runtime", 1896 "type": "string" 1897 }, 1898 "container-name": { 1899 "description": "Name assigned to container", 1900 "type": "string" 1901 }, 1902 "docker-endpoint-id": { 1903 "description": "Docker endpoint ID", 1904 "type": "string" 1905 }, 1906 "docker-network-id": { 1907 "description": "Docker network ID", 1908 "type": "string" 1909 }, 1910 "pod-name": { 1911 "description": "K8s pod for this endpoint", 1912 "type": "string" 1913 } 1914 } 1915 }, 1916 "EndpointNetworking": { 1917 "description": "Unique identifiers for this endpoint from outside cilium", 1918 "type": "object", 1919 "properties": { 1920 "addressing": { 1921 "description": "IP4/6 addresses assigned to this Endpoint", 1922 "type": "array", 1923 "items": { 1924 "$ref": "#/definitions/AddressPair" 1925 } 1926 }, 1927 "host-addressing": { 1928 "$ref": "#/definitions/NodeAddressing" 1929 }, 1930 "host-mac": { 1931 "description": "MAC address", 1932 "type": "string" 1933 }, 1934 "interface-index": { 1935 "description": "Index of network device", 1936 "type": "integer" 1937 }, 1938 "interface-name": { 1939 "description": "Name of network device", 1940 "type": "string" 1941 }, 1942 "mac": { 1943 "description": "MAC address", 1944 "type": "string" 1945 } 1946 } 1947 }, 1948 "EndpointPolicy": { 1949 "description": "Policy information of an endpoint", 1950 "type": "object", 1951 "properties": { 1952 "allowed-egress-identities": { 1953 "description": "List of identities to which this endpoint is allowed to communicate\n", 1954 "type": "array", 1955 "items": { 1956 "type": "integer" 1957 } 1958 }, 1959 "allowed-ingress-identities": { 1960 "description": "List of identities allowed to communicate to this endpoint\n", 1961 "type": "array", 1962 "items": { 1963 "type": "integer" 1964 } 1965 }, 1966 "build": { 1967 "description": "Build number of calculated policy in use", 1968 "type": "integer" 1969 }, 1970 "cidr-policy": { 1971 "$ref": "#/definitions/CIDRPolicy" 1972 }, 1973 "id": { 1974 "description": "Own identity of endpoint", 1975 "type": "integer" 1976 }, 1977 "l4": { 1978 "$ref": "#/definitions/L4Policy" 1979 }, 1980 "policy-enabled": { 1981 "description": "Whether policy enforcement is enabled (ingress, egress, both or none)", 1982 "$ref": "#/definitions/EndpointPolicyEnabled" 1983 }, 1984 "policy-revision": { 1985 "description": "The agent-local policy revision", 1986 "type": "integer" 1987 } 1988 } 1989 }, 1990 "EndpointPolicyEnabled": { 1991 "description": "Whether policy enforcement is enabled (ingress, egress, both or none)", 1992 "type": "string", 1993 "enum": [ 1994 "none", 1995 "ingress", 1996 "egress", 1997 "both" 1998 ] 1999 }, 2000 "EndpointPolicyStatus": { 2001 "description": "Policy information of an endpoint", 2002 "type": "object", 2003 "properties": { 2004 "proxy-policy-revision": { 2005 "description": "The policy revision currently enforced in the proxy for this endpoint", 2006 "type": "integer" 2007 }, 2008 "proxy-statistics": { 2009 "description": "Statistics of the proxy redirects configured for this endpoint", 2010 "type": "array", 2011 "items": { 2012 "$ref": "#/definitions/ProxyStatistics" 2013 } 2014 }, 2015 "realized": { 2016 "description": "The policy in the datapath for this endpoint", 2017 "$ref": "#/definitions/EndpointPolicy" 2018 }, 2019 "spec": { 2020 "description": "The policy that should apply to this endpoint", 2021 "$ref": "#/definitions/EndpointPolicy" 2022 } 2023 } 2024 }, 2025 "EndpointState": { 2026 "description": "State of endpoint", 2027 "type": "string", 2028 "enum": [ 2029 "creating", 2030 "waiting-for-identity", 2031 "not-ready", 2032 "waiting-to-regenerate", 2033 "regenerating", 2034 "restoring", 2035 "ready", 2036 "disconnecting", 2037 "disconnected", 2038 "invalid" 2039 ] 2040 }, 2041 "EndpointStatus": { 2042 "description": "The current state and configuration of the endpoint, its policy \u0026 datapath, and subcomponents", 2043 "type": "object", 2044 "required": [ 2045 "state" 2046 ], 2047 "properties": { 2048 "controllers": { 2049 "description": "Status of internal controllers attached to this endpoint", 2050 "$ref": "#/definitions/ControllerStatuses" 2051 }, 2052 "external-identifiers": { 2053 "description": "Unique identifiers for this endpoint from outside cilium", 2054 "$ref": "#/definitions/EndpointIdentifiers" 2055 }, 2056 "health": { 2057 "description": "Summary overall endpoint \u0026 subcomponent health", 2058 "$ref": "#/definitions/EndpointHealth" 2059 }, 2060 "identity": { 2061 "description": "The security identity for this endpoint", 2062 "$ref": "#/definitions/Identity" 2063 }, 2064 "labels": { 2065 "description": "Labels applied to this endpoint", 2066 "$ref": "#/definitions/LabelConfigurationStatus" 2067 }, 2068 "log": { 2069 "description": "Most recent status log. See endpoint/{id}/log for the complete log.", 2070 "$ref": "#/definitions/EndpointStatusLog" 2071 }, 2072 "networking": { 2073 "description": "Networking properties of the endpoint", 2074 "$ref": "#/definitions/EndpointNetworking" 2075 }, 2076 "policy": { 2077 "description": "The policy applied to this endpoint from the policy repository", 2078 "$ref": "#/definitions/EndpointPolicyStatus" 2079 }, 2080 "realized": { 2081 "description": "The configuration in effect on this endpoint", 2082 "$ref": "#/definitions/EndpointConfigurationSpec" 2083 }, 2084 "state": { 2085 "description": "Current state of endpoint", 2086 "$ref": "#/definitions/EndpointState" 2087 } 2088 } 2089 }, 2090 "EndpointStatusChange": { 2091 "description": "Indication of a change of status", 2092 "type": "object", 2093 "properties": { 2094 "code": { 2095 "description": "Code indicate type of status change", 2096 "type": "string", 2097 "enum": [ 2098 "ok", 2099 "failed" 2100 ] 2101 }, 2102 "message": { 2103 "description": "Status message", 2104 "type": "string" 2105 }, 2106 "state": { 2107 "$ref": "#/definitions/EndpointState" 2108 }, 2109 "timestamp": { 2110 "description": "Timestamp when status change occurred", 2111 "type": "string" 2112 } 2113 } 2114 }, 2115 "EndpointStatusLog": { 2116 "description": "Status log of endpoint", 2117 "type": "array", 2118 "items": { 2119 "$ref": "#/definitions/EndpointStatusChange" 2120 } 2121 }, 2122 "Error": { 2123 "type": "string" 2124 }, 2125 "FrontendAddress": { 2126 "description": "Layer 4 address. The protocol is currently ignored, all services will\nbehave as if protocol any is specified. To restrict to a particular\nprotocol, use policy.\n", 2127 "type": "object", 2128 "properties": { 2129 "ip": { 2130 "description": "Layer 3 address", 2131 "type": "string" 2132 }, 2133 "port": { 2134 "description": "Layer 4 port number", 2135 "type": "integer", 2136 "format": "uint16" 2137 }, 2138 "protocol": { 2139 "description": "Layer 4 protocol", 2140 "type": "string", 2141 "enum": [ 2142 "tcp", 2143 "udp", 2144 "any" 2145 ] 2146 } 2147 } 2148 }, 2149 "IPAMAddressResponse": { 2150 "description": "IPAM configuration of an individual address family", 2151 "type": "object", 2152 "properties": { 2153 "cidrs": { 2154 "description": "List of CIDRs out of which IPs are allocated", 2155 "type": "array", 2156 "items": { 2157 "type": "string" 2158 } 2159 }, 2160 "expiration-uuid": { 2161 "description": "The UUID for the expiration timer. Set when expiration has been\nenabled while allocating.\n", 2162 "type": "string" 2163 }, 2164 "gateway": { 2165 "description": "IP of gateway", 2166 "type": "string" 2167 }, 2168 "ip": { 2169 "description": "Allocated IP for endpoint", 2170 "type": "string" 2171 }, 2172 "master-mac": { 2173 "description": "MAC of master interface if address is a slave/secondary of a master interface", 2174 "type": "string" 2175 } 2176 } 2177 }, 2178 "IPAMResponse": { 2179 "description": "IPAM configuration of an endpoint", 2180 "type": "object", 2181 "required": [ 2182 "address", 2183 "host-addressing" 2184 ], 2185 "properties": { 2186 "address": { 2187 "$ref": "#/definitions/AddressPair" 2188 }, 2189 "host-addressing": { 2190 "$ref": "#/definitions/NodeAddressing" 2191 }, 2192 "ipv4": { 2193 "$ref": "#/definitions/IPAMAddressResponse" 2194 }, 2195 "ipv6": { 2196 "$ref": "#/definitions/IPAMAddressResponse" 2197 } 2198 } 2199 }, 2200 "IPAMStatus": { 2201 "description": "Status of IP address management", 2202 "properties": { 2203 "allocations": { 2204 "$ref": "#/definitions/AllocationMap" 2205 }, 2206 "ipv4": { 2207 "type": "array", 2208 "items": { 2209 "type": "string" 2210 } 2211 }, 2212 "ipv6": { 2213 "type": "array", 2214 "items": { 2215 "type": "string" 2216 } 2217 }, 2218 "status": { 2219 "type": "string" 2220 } 2221 } 2222 }, 2223 "Identity": { 2224 "description": "Security identity", 2225 "type": "object", 2226 "properties": { 2227 "id": { 2228 "description": "Unique identifier", 2229 "type": "integer" 2230 }, 2231 "labels": { 2232 "description": "Labels describing the identity", 2233 "$ref": "#/definitions/Labels" 2234 }, 2235 "labelsSHA256": { 2236 "description": "SHA256 of labels", 2237 "type": "string" 2238 } 2239 } 2240 }, 2241 "IdentityEndpoints": { 2242 "description": "Security identities owned by endpoints on the local node", 2243 "type": "object", 2244 "properties": { 2245 "identity": { 2246 "description": "Security identity", 2247 "$ref": "#/definitions/Identity" 2248 }, 2249 "refCount": { 2250 "description": "number of endpoints consuming this identity locally (should always be \u003e 0)", 2251 "type": "integer" 2252 } 2253 } 2254 }, 2255 "IpvlanConfiguration": { 2256 "description": "Setup for datapath when operating in ipvlan mode.", 2257 "type": "object", 2258 "properties": { 2259 "masterDeviceIndex": { 2260 "description": "Workload facing ipvlan master device ifindex.", 2261 "type": "integer" 2262 }, 2263 "operationMode": { 2264 "description": "Mode in which ipvlan setup operates.", 2265 "type": "string", 2266 "enum": [ 2267 "L3", 2268 "L3S" 2269 ] 2270 } 2271 } 2272 }, 2273 "K8sStatus": { 2274 "description": "Status of Kubernetes integration", 2275 "type": "object", 2276 "properties": { 2277 "k8s-api-versions": { 2278 "type": "array", 2279 "items": { 2280 "type": "string" 2281 } 2282 }, 2283 "msg": { 2284 "description": "Human readable status/error/warning message", 2285 "type": "string" 2286 }, 2287 "state": { 2288 "description": "State the component is in", 2289 "type": "string", 2290 "enum": [ 2291 "Ok", 2292 "Warning", 2293 "Failure", 2294 "Disabled" 2295 ] 2296 } 2297 } 2298 }, 2299 "KVstoreConfiguration": { 2300 "description": "Configuration used for the kvstore", 2301 "properties": { 2302 "options": { 2303 "description": "Configuration options", 2304 "type": "object", 2305 "additionalProperties": { 2306 "type": "string" 2307 } 2308 }, 2309 "type": { 2310 "description": "Type of kvstore", 2311 "type": "string" 2312 } 2313 } 2314 }, 2315 "L4Policy": { 2316 "description": "L4 endpoint policy", 2317 "type": "object", 2318 "properties": { 2319 "egress": { 2320 "description": "List of L4 egress rules", 2321 "type": "array", 2322 "items": { 2323 "$ref": "#/definitions/PolicyRule" 2324 } 2325 }, 2326 "ingress": { 2327 "description": "List of L4 ingress rules", 2328 "type": "array", 2329 "items": { 2330 "$ref": "#/definitions/PolicyRule" 2331 } 2332 } 2333 } 2334 }, 2335 "LabelConfiguration": { 2336 "description": "Label configuration of an endpoint", 2337 "type": "object", 2338 "properties": { 2339 "spec": { 2340 "description": "The user provided desired configuration", 2341 "$ref": "#/definitions/LabelConfigurationSpec" 2342 }, 2343 "status": { 2344 "description": "The current configuration", 2345 "$ref": "#/definitions/LabelConfigurationStatus" 2346 } 2347 } 2348 }, 2349 "LabelConfigurationSpec": { 2350 "description": "User desired Label configuration of an endpoint", 2351 "type": "object", 2352 "properties": { 2353 "user": { 2354 "description": "Custom labels in addition to orchestration system labels.", 2355 "$ref": "#/definitions/Labels" 2356 } 2357 } 2358 }, 2359 "LabelConfigurationStatus": { 2360 "description": "Labels and label configuration of an endpoint", 2361 "type": "object", 2362 "properties": { 2363 "derived": { 2364 "description": "All labels derived from the orchestration system", 2365 "$ref": "#/definitions/Labels" 2366 }, 2367 "disabled": { 2368 "description": "Labels derived from orchestration system which have been disabled.", 2369 "$ref": "#/definitions/Labels" 2370 }, 2371 "realized": { 2372 "description": "The current configuration", 2373 "$ref": "#/definitions/LabelConfigurationSpec" 2374 }, 2375 "security-relevant": { 2376 "description": "Labels derived from orchestration system that are used in computing a security identity", 2377 "$ref": "#/definitions/Labels" 2378 } 2379 } 2380 }, 2381 "Labels": { 2382 "description": "Set of labels", 2383 "type": "array", 2384 "items": { 2385 "type": "string" 2386 } 2387 }, 2388 "MessageForwardingStatistics": { 2389 "description": "Statistics of a message forwarding entity", 2390 "type": "object", 2391 "properties": { 2392 "denied": { 2393 "description": "Number of messages denied", 2394 "type": "integer" 2395 }, 2396 "error": { 2397 "description": "Number of errors while parsing messages", 2398 "type": "integer" 2399 }, 2400 "forwarded": { 2401 "description": "Number of messages forwarded", 2402 "type": "integer" 2403 }, 2404 "received": { 2405 "description": "Number of messages received", 2406 "type": "integer" 2407 } 2408 } 2409 }, 2410 "Metric": { 2411 "description": "Metric information", 2412 "type": "object", 2413 "properties": { 2414 "labels": { 2415 "description": "Labels of the metric", 2416 "type": "object", 2417 "additionalProperties": { 2418 "type": "string" 2419 } 2420 }, 2421 "name": { 2422 "description": "Name of the metric", 2423 "type": "string" 2424 }, 2425 "value": { 2426 "description": "Value of the metric", 2427 "type": "number" 2428 } 2429 } 2430 }, 2431 "MonitorStatus": { 2432 "description": "Status of the node monitor", 2433 "properties": { 2434 "cpus": { 2435 "description": "Number of CPUs to listen on for events.", 2436 "type": "integer" 2437 }, 2438 "lost": { 2439 "description": "Number of samples lost by perf.", 2440 "type": "integer" 2441 }, 2442 "npages": { 2443 "description": "Number of pages used for the perf ring buffer.", 2444 "type": "integer" 2445 }, 2446 "pagesize": { 2447 "description": "Pages size used for the perf ring buffer.", 2448 "type": "integer" 2449 }, 2450 "unknown": { 2451 "description": "Number of unknown samples.", 2452 "type": "integer" 2453 } 2454 } 2455 }, 2456 "NodeAddressing": { 2457 "description": "Addressing information of a node for all address families", 2458 "type": "object", 2459 "properties": { 2460 "ipv4": { 2461 "$ref": "#/definitions/NodeAddressingElement" 2462 }, 2463 "ipv6": { 2464 "$ref": "#/definitions/NodeAddressingElement" 2465 } 2466 } 2467 }, 2468 "NodeAddressingElement": { 2469 "description": "Addressing information", 2470 "type": "object", 2471 "properties": { 2472 "address-type": { 2473 "description": "Node address type, one of HostName, ExternalIP or InternalIP", 2474 "type": "string" 2475 }, 2476 "alloc-range": { 2477 "description": "Address pool to be used for local endpoints", 2478 "type": "string" 2479 }, 2480 "enabled": { 2481 "description": "True if address family is enabled", 2482 "type": "boolean" 2483 }, 2484 "ip": { 2485 "description": "IP address of node", 2486 "type": "string" 2487 } 2488 } 2489 }, 2490 "NodeElement": { 2491 "description": "Known node in the cluster", 2492 "properties": { 2493 "health-endpoint-address": { 2494 "description": "Address used for probing cluster connectivity", 2495 "$ref": "#/definitions/NodeAddressing" 2496 }, 2497 "name": { 2498 "description": "Name of the node including the cluster association. This is typically\n\u003cclustername\u003e/\u003chostname\u003e.\n", 2499 "type": "string" 2500 }, 2501 "primary-address": { 2502 "description": "Primary address used for intra-cluster communication", 2503 "$ref": "#/definitions/NodeAddressing" 2504 }, 2505 "secondary-addresses": { 2506 "description": "Alternative addresses assigned to the node", 2507 "type": "array", 2508 "items": { 2509 "$ref": "#/definitions/NodeAddressingElement" 2510 } 2511 } 2512 } 2513 }, 2514 "Policy": { 2515 "description": "Policy definition", 2516 "type": "object", 2517 "properties": { 2518 "policy": { 2519 "description": "Policy definition as JSON.", 2520 "type": "string" 2521 }, 2522 "revision": { 2523 "description": "Revision number of the policy. Incremented each time the policy is\nchanged in the agent's repository\n", 2524 "type": "integer" 2525 } 2526 } 2527 }, 2528 "PolicyRule": { 2529 "description": "A policy rule including the rule labels it derives from", 2530 "properties": { 2531 "derived-from-rules": { 2532 "description": "The policy rule labels identifying the policy rules this rule derives from", 2533 "type": "array", 2534 "items": { 2535 "type": "array", 2536 "items": { 2537 "type": "string" 2538 } 2539 } 2540 }, 2541 "rule": { 2542 "description": "The policy rule as json", 2543 "type": "string" 2544 } 2545 } 2546 }, 2547 "PolicyTraceResult": { 2548 "description": "Response to a policy resolution process", 2549 "type": "object", 2550 "properties": { 2551 "log": { 2552 "type": "string" 2553 }, 2554 "verdict": { 2555 "type": "string" 2556 } 2557 } 2558 }, 2559 "Port": { 2560 "description": "Layer 4 port / protocol pair", 2561 "type": "object", 2562 "properties": { 2563 "port": { 2564 "description": "Layer 4 port number", 2565 "type": "integer", 2566 "format": "uint16" 2567 }, 2568 "protocol": { 2569 "description": "Layer 4 protocol", 2570 "type": "string", 2571 "enum": [ 2572 "TCP", 2573 "UDP", 2574 "ANY" 2575 ] 2576 } 2577 } 2578 }, 2579 "Prefilter": { 2580 "description": "Collection of endpoints to be served", 2581 "type": "object", 2582 "properties": { 2583 "spec": { 2584 "$ref": "#/definitions/PrefilterSpec" 2585 }, 2586 "status": { 2587 "$ref": "#/definitions/PrefilterStatus" 2588 } 2589 } 2590 }, 2591 "PrefilterSpec": { 2592 "description": "CIDR ranges implemented in the Prefilter", 2593 "type": "object", 2594 "properties": { 2595 "deny": { 2596 "type": "array", 2597 "items": { 2598 "type": "string" 2599 } 2600 }, 2601 "revision": { 2602 "type": "integer" 2603 } 2604 } 2605 }, 2606 "PrefilterStatus": { 2607 "description": "CIDR ranges implemented in the Prefilter", 2608 "type": "object", 2609 "properties": { 2610 "realized": { 2611 "$ref": "#/definitions/PrefilterSpec" 2612 } 2613 } 2614 }, 2615 "ProxyStatistics": { 2616 "description": "Statistics of a set of proxy redirects for an endpoint", 2617 "type": "object", 2618 "properties": { 2619 "allocated-proxy-port": { 2620 "description": "The port the proxy is listening on", 2621 "type": "integer" 2622 }, 2623 "location": { 2624 "description": "Location of where the redirect is installed", 2625 "type": "string", 2626 "enum": [ 2627 "ingress", 2628 "egress" 2629 ] 2630 }, 2631 "port": { 2632 "description": "The port subject to the redirect", 2633 "type": "integer" 2634 }, 2635 "protocol": { 2636 "description": "Name of the L7 protocol", 2637 "type": "string" 2638 }, 2639 "statistics": { 2640 "description": "Statistics of this set of proxy redirect", 2641 "$ref": "#/definitions/RequestResponseStatistics" 2642 } 2643 } 2644 }, 2645 "ProxyStatus": { 2646 "description": "Status of proxy", 2647 "type": "object", 2648 "properties": { 2649 "ip": { 2650 "description": "IP address that the proxy listens on", 2651 "type": "string" 2652 }, 2653 "port-range": { 2654 "description": "Port range used for proxying", 2655 "type": "string" 2656 } 2657 } 2658 }, 2659 "RequestResponseStatistics": { 2660 "description": "Statistics of a proxy redirect", 2661 "type": "object", 2662 "properties": { 2663 "requests": { 2664 "$ref": "#/definitions/MessageForwardingStatistics" 2665 }, 2666 "responses": { 2667 "$ref": "#/definitions/MessageForwardingStatistics" 2668 } 2669 } 2670 }, 2671 "SelectorCache": { 2672 "description": "cache of which identities match selectors in the policy repository", 2673 "type": "array", 2674 "items": { 2675 "$ref": "#/definitions/SelectorIdentityMapping" 2676 } 2677 }, 2678 "SelectorIdentityMapping": { 2679 "description": "mapping of selector to identities which match it", 2680 "type": "object", 2681 "properties": { 2682 "identities": { 2683 "description": "identities mapping to this selector", 2684 "type": "array", 2685 "items": { 2686 "type": "integer" 2687 } 2688 }, 2689 "selector": { 2690 "description": "string form of selector", 2691 "type": "string" 2692 }, 2693 "users": { 2694 "description": "number of users of this selector in the cache", 2695 "type": "integer" 2696 } 2697 } 2698 }, 2699 "Service": { 2700 "description": "Collection of endpoints to be served", 2701 "type": "object", 2702 "properties": { 2703 "spec": { 2704 "$ref": "#/definitions/ServiceSpec" 2705 }, 2706 "status": { 2707 "$ref": "#/definitions/ServiceStatus" 2708 } 2709 } 2710 }, 2711 "ServiceSpec": { 2712 "description": "Configuration of a service", 2713 "type": "object", 2714 "required": [ 2715 "frontend-address" 2716 ], 2717 "properties": { 2718 "backend-addresses": { 2719 "description": "List of backend addresses", 2720 "type": "array", 2721 "items": { 2722 "$ref": "#/definitions/BackendAddress" 2723 } 2724 }, 2725 "flags": { 2726 "description": "Optional service configuration flags", 2727 "type": "object", 2728 "properties": { 2729 "active-frontend": { 2730 "description": "Frontend to backend translation activated", 2731 "type": "boolean" 2732 }, 2733 "direct-server-return": { 2734 "description": "Perform direct server return", 2735 "type": "boolean" 2736 }, 2737 "node-port": { 2738 "description": "Service is of Nodeport type", 2739 "type": "boolean" 2740 } 2741 } 2742 }, 2743 "frontend-address": { 2744 "description": "Frontend address", 2745 "$ref": "#/definitions/FrontendAddress" 2746 }, 2747 "id": { 2748 "description": "Unique identification", 2749 "type": "integer" 2750 } 2751 } 2752 }, 2753 "ServiceStatus": { 2754 "description": "Configuration of a service", 2755 "type": "object", 2756 "properties": { 2757 "realized": { 2758 "$ref": "#/definitions/ServiceSpec" 2759 } 2760 } 2761 }, 2762 "Status": { 2763 "description": "Status of an individual component", 2764 "type": "object", 2765 "properties": { 2766 "msg": { 2767 "description": "Human readable status/error/warning message", 2768 "type": "string" 2769 }, 2770 "state": { 2771 "description": "State the component is in", 2772 "type": "string", 2773 "enum": [ 2774 "Ok", 2775 "Warning", 2776 "Failure", 2777 "Disabled" 2778 ] 2779 } 2780 } 2781 }, 2782 "StatusResponse": { 2783 "description": "Health and status information of daemon", 2784 "type": "object", 2785 "properties": { 2786 "cilium": { 2787 "description": "Status of Cilium daemon", 2788 "$ref": "#/definitions/Status" 2789 }, 2790 "client-id": { 2791 "description": "When supported by the API, this client ID should be used by the\nclient when making another request to the server.\nSee for example \"/cluster/nodes\".\n", 2792 "type": "integer" 2793 }, 2794 "cluster": { 2795 "description": "Status of cluster", 2796 "$ref": "#/definitions/ClusterStatus" 2797 }, 2798 "container-runtime": { 2799 "description": "Status of local container runtime", 2800 "$ref": "#/definitions/Status" 2801 }, 2802 "controllers": { 2803 "description": "Status of all endpoint controllers", 2804 "$ref": "#/definitions/ControllerStatuses" 2805 }, 2806 "ipam": { 2807 "description": "Status of IP address management", 2808 "$ref": "#/definitions/IPAMStatus" 2809 }, 2810 "kubernetes": { 2811 "description": "Status of Kubernetes integration", 2812 "$ref": "#/definitions/K8sStatus" 2813 }, 2814 "kvstore": { 2815 "description": "Status of key/value datastore", 2816 "$ref": "#/definitions/Status" 2817 }, 2818 "nodeMonitor": { 2819 "description": "Status of the node monitor", 2820 "$ref": "#/definitions/MonitorStatus" 2821 }, 2822 "proxy": { 2823 "description": "Status of proxy", 2824 "$ref": "#/definitions/ProxyStatus" 2825 }, 2826 "stale": { 2827 "description": "List of stale information in the status", 2828 "type": "object", 2829 "additionalProperties": { 2830 "description": "Timestamp when the probe was started", 2831 "type": "string", 2832 "format": "date-time" 2833 } 2834 } 2835 } 2836 }, 2837 "TraceFrom": { 2838 "type": "object", 2839 "properties": { 2840 "labels": { 2841 "$ref": "#/definitions/Labels" 2842 } 2843 } 2844 }, 2845 "TraceSelector": { 2846 "description": "Context describing a pair of source and destination identity", 2847 "type": "object", 2848 "properties": { 2849 "from": { 2850 "$ref": "#/definitions/TraceFrom" 2851 }, 2852 "to": { 2853 "$ref": "#/definitions/TraceTo" 2854 }, 2855 "verbose": { 2856 "description": "Enable verbose tracing.\n", 2857 "type": "boolean" 2858 } 2859 } 2860 }, 2861 "TraceTo": { 2862 "type": "object", 2863 "properties": { 2864 "dports": { 2865 "description": "List of Layer 4 port and protocol pairs which will be used in communication\nfrom the source identity to the destination identity.\n", 2866 "type": "array", 2867 "items": { 2868 "$ref": "#/definitions/Port" 2869 } 2870 }, 2871 "labels": { 2872 "$ref": "#/definitions/Labels" 2873 } 2874 } 2875 } 2876 }, 2877 "parameters": { 2878 "cidr": { 2879 "type": "string", 2880 "description": "A CIDR range of IPs", 2881 "name": "cidr", 2882 "in": "query" 2883 }, 2884 "endpoint-change-request": { 2885 "name": "endpoint", 2886 "in": "body", 2887 "required": true, 2888 "schema": { 2889 "$ref": "#/definitions/EndpointChangeRequest" 2890 } 2891 }, 2892 "endpoint-id": { 2893 "type": "string", 2894 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 2895 "name": "id", 2896 "in": "path", 2897 "required": true 2898 }, 2899 "identity-id": { 2900 "type": "string", 2901 "description": "Cluster wide unique identifier of a security identity.\n", 2902 "name": "id", 2903 "in": "path", 2904 "required": true 2905 }, 2906 "ipam-expiration": { 2907 "type": "boolean", 2908 "name": "expiration", 2909 "in": "header" 2910 }, 2911 "ipam-family": { 2912 "enum": [ 2913 "ipv4", 2914 "ipv6" 2915 ], 2916 "type": "string", 2917 "name": "family", 2918 "in": "query" 2919 }, 2920 "ipam-ip": { 2921 "type": "string", 2922 "description": "IP address", 2923 "name": "ip", 2924 "in": "path", 2925 "required": true 2926 }, 2927 "ipam-owner": { 2928 "type": "string", 2929 "name": "owner", 2930 "in": "query" 2931 }, 2932 "ipam-release-arg": { 2933 "type": "string", 2934 "description": "IP address or owner name", 2935 "name": "ip", 2936 "in": "path", 2937 "required": true 2938 }, 2939 "labels": { 2940 "description": "List of labels\n", 2941 "name": "labels", 2942 "in": "body", 2943 "schema": { 2944 "$ref": "#/definitions/Labels" 2945 } 2946 }, 2947 "map-name": { 2948 "type": "string", 2949 "description": "Name of map", 2950 "name": "name", 2951 "in": "path", 2952 "required": true 2953 }, 2954 "matchpattern": { 2955 "type": "string", 2956 "description": "A toFQDNs compatible matchPattern expression", 2957 "name": "matchpattern", 2958 "in": "query" 2959 }, 2960 "pod-name": { 2961 "type": "string", 2962 "description": "K8s pod name\n", 2963 "name": "pod", 2964 "in": "path", 2965 "required": true 2966 }, 2967 "policy-rules": { 2968 "description": "Policy rules", 2969 "name": "policy", 2970 "in": "body", 2971 "required": true, 2972 "schema": { 2973 "type": "string" 2974 } 2975 }, 2976 "prefilter-spec": { 2977 "description": "List of CIDR ranges for filter table", 2978 "name": "prefilter-spec", 2979 "in": "body", 2980 "required": true, 2981 "schema": { 2982 "$ref": "#/definitions/PrefilterSpec" 2983 } 2984 }, 2985 "service-address": { 2986 "description": "Service address configuration", 2987 "name": "address", 2988 "in": "body", 2989 "schema": { 2990 "$ref": "#/definitions/FrontendAddress" 2991 } 2992 }, 2993 "service-config": { 2994 "description": "Service configuration", 2995 "name": "config", 2996 "in": "body", 2997 "required": true, 2998 "schema": { 2999 "$ref": "#/definitions/ServiceSpec" 3000 } 3001 }, 3002 "service-id": { 3003 "type": "integer", 3004 "description": "ID of service", 3005 "name": "id", 3006 "in": "path", 3007 "required": true 3008 }, 3009 "trace-selector": { 3010 "description": "Context to provide policy evaluation on", 3011 "name": "trace-selector", 3012 "in": "body", 3013 "schema": { 3014 "$ref": "#/definitions/TraceSelector" 3015 } 3016 } 3017 }, 3018 "x-schemes": [ 3019 "unix" 3020 ] 3021 }`)) 3022 FlatSwaggerJSON = json.RawMessage([]byte(`{ 3023 "consumes": [ 3024 "application/json" 3025 ], 3026 "produces": [ 3027 "application/json" 3028 ], 3029 "swagger": "2.0", 3030 "info": { 3031 "description": "Cilium", 3032 "title": "Cilium API", 3033 "version": "v1beta" 3034 }, 3035 "basePath": "/v1", 3036 "paths": { 3037 "/cluster/nodes": { 3038 "get": { 3039 "tags": [ 3040 "daemon" 3041 ], 3042 "summary": "Get nodes information stored in the cilium-agent", 3043 "parameters": [ 3044 { 3045 "type": "integer", 3046 "description": "Client UUID should be used when the client wants to request\na diff of nodes added and / or removed since the last time\nthat client has made a request.\n", 3047 "name": "client-id", 3048 "in": "header" 3049 } 3050 ], 3051 "responses": { 3052 "200": { 3053 "description": "Success", 3054 "schema": { 3055 "$ref": "#/definitions/ClusterNodeStatus" 3056 } 3057 } 3058 } 3059 } 3060 }, 3061 "/config": { 3062 "get": { 3063 "description": "Returns the configuration of the Cilium daemon.\n", 3064 "tags": [ 3065 "daemon" 3066 ], 3067 "summary": "Get configuration of Cilium daemon", 3068 "responses": { 3069 "200": { 3070 "description": "Success", 3071 "schema": { 3072 "$ref": "#/definitions/DaemonConfiguration" 3073 } 3074 } 3075 } 3076 }, 3077 "patch": { 3078 "description": "Updates the daemon configuration by applying the provided\nConfigurationMap and regenerates \u0026 recompiles all required datapath\ncomponents.\n", 3079 "tags": [ 3080 "daemon" 3081 ], 3082 "summary": "Modify daemon configuration", 3083 "parameters": [ 3084 { 3085 "name": "configuration", 3086 "in": "body", 3087 "required": true, 3088 "schema": { 3089 "$ref": "#/definitions/DaemonConfigurationSpec" 3090 } 3091 } 3092 ], 3093 "responses": { 3094 "200": { 3095 "description": "Success" 3096 }, 3097 "400": { 3098 "description": "Bad configuration parameters", 3099 "schema": { 3100 "$ref": "#/definitions/Error" 3101 } 3102 }, 3103 "500": { 3104 "description": "Recompilation failed", 3105 "schema": { 3106 "$ref": "#/definitions/Error" 3107 }, 3108 "x-go-name": "Failure" 3109 } 3110 } 3111 } 3112 }, 3113 "/debuginfo": { 3114 "get": { 3115 "tags": [ 3116 "daemon" 3117 ], 3118 "summary": "Retrieve information about the agent and evironment for debugging", 3119 "responses": { 3120 "200": { 3121 "description": "Success", 3122 "schema": { 3123 "$ref": "#/definitions/DebugInfo" 3124 } 3125 }, 3126 "500": { 3127 "description": "DebugInfo get failed", 3128 "schema": { 3129 "$ref": "#/definitions/Error" 3130 }, 3131 "x-go-name": "Failure" 3132 } 3133 } 3134 } 3135 }, 3136 "/endpoint": { 3137 "get": { 3138 "description": "Retrieves a list of endpoints that have metadata matching the provided parameters, or all endpoints if no parameters provided.\n", 3139 "tags": [ 3140 "endpoint" 3141 ], 3142 "summary": "Retrieves a list of endpoints that have metadata matching the provided parameters.", 3143 "parameters": [ 3144 { 3145 "description": "List of labels\n", 3146 "name": "labels", 3147 "in": "body", 3148 "schema": { 3149 "$ref": "#/definitions/Labels" 3150 } 3151 } 3152 ], 3153 "responses": { 3154 "200": { 3155 "description": "Success", 3156 "schema": { 3157 "type": "array", 3158 "items": { 3159 "$ref": "#/definitions/Endpoint" 3160 } 3161 } 3162 }, 3163 "404": { 3164 "description": "Endpoints with provided parameters not found" 3165 } 3166 } 3167 } 3168 }, 3169 "/endpoint/{id}": { 3170 "get": { 3171 "description": "Returns endpoint information\n", 3172 "tags": [ 3173 "endpoint" 3174 ], 3175 "summary": "Get endpoint by endpoint ID", 3176 "parameters": [ 3177 { 3178 "type": "string", 3179 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3180 "name": "id", 3181 "in": "path", 3182 "required": true 3183 } 3184 ], 3185 "responses": { 3186 "200": { 3187 "description": "Success", 3188 "schema": { 3189 "$ref": "#/definitions/Endpoint" 3190 } 3191 }, 3192 "400": { 3193 "description": "Invalid endpoint ID format for specified type", 3194 "schema": { 3195 "$ref": "#/definitions/Error" 3196 }, 3197 "x-go-name": "Invalid" 3198 }, 3199 "404": { 3200 "description": "Endpoint not found" 3201 } 3202 } 3203 }, 3204 "put": { 3205 "description": "Creates a new endpoint\n", 3206 "tags": [ 3207 "endpoint" 3208 ], 3209 "summary": "Create endpoint", 3210 "parameters": [ 3211 { 3212 "type": "string", 3213 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3214 "name": "id", 3215 "in": "path", 3216 "required": true 3217 }, 3218 { 3219 "name": "endpoint", 3220 "in": "body", 3221 "required": true, 3222 "schema": { 3223 "$ref": "#/definitions/EndpointChangeRequest" 3224 } 3225 } 3226 ], 3227 "responses": { 3228 "201": { 3229 "description": "Created" 3230 }, 3231 "400": { 3232 "description": "Invalid endpoint in request", 3233 "schema": { 3234 "$ref": "#/definitions/Error" 3235 }, 3236 "x-go-name": "Invalid" 3237 }, 3238 "409": { 3239 "description": "Endpoint already exists", 3240 "x-go-name": "Exists" 3241 }, 3242 "500": { 3243 "description": "Endpoint creation failed", 3244 "schema": { 3245 "$ref": "#/definitions/Error" 3246 }, 3247 "x-go-name": "Failed" 3248 } 3249 } 3250 }, 3251 "delete": { 3252 "description": "Deletes the endpoint specified by the ID. Deletion is imminent and\natomic, if the deletion request is valid and the endpoint exists,\ndeletion will occur even if errors are encountered in the process. If\nerrors have been encountered, the code 202 will be returned, otherwise\n200 on success.\n\nAll resources associated with the endpoint will be freed and the\nworkload represented by the endpoint will be disconnected.It will no\nlonger be able to initiate or receive communications of any sort.\n", 3253 "tags": [ 3254 "endpoint" 3255 ], 3256 "summary": "Delete endpoint", 3257 "parameters": [ 3258 { 3259 "type": "string", 3260 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3261 "name": "id", 3262 "in": "path", 3263 "required": true 3264 } 3265 ], 3266 "responses": { 3267 "200": { 3268 "description": "Success" 3269 }, 3270 "206": { 3271 "description": "Deleted with a number of errors encountered", 3272 "schema": { 3273 "type": "integer" 3274 }, 3275 "x-go-name": "Errors" 3276 }, 3277 "400": { 3278 "description": "Invalid endpoint ID format for specified type. Details in error\nmessage\n", 3279 "schema": { 3280 "$ref": "#/definitions/Error" 3281 }, 3282 "x-go-name": "Invalid" 3283 }, 3284 "404": { 3285 "description": "Endpoint not found" 3286 } 3287 } 3288 }, 3289 "patch": { 3290 "description": "Applies the endpoint change request to an existing endpoint\n", 3291 "tags": [ 3292 "endpoint" 3293 ], 3294 "summary": "Modify existing endpoint", 3295 "deprecated": true, 3296 "parameters": [ 3297 { 3298 "type": "string", 3299 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3300 "name": "id", 3301 "in": "path", 3302 "required": true 3303 }, 3304 { 3305 "name": "endpoint", 3306 "in": "body", 3307 "required": true, 3308 "schema": { 3309 "$ref": "#/definitions/EndpointChangeRequest" 3310 } 3311 } 3312 ], 3313 "responses": { 3314 "200": { 3315 "description": "Success" 3316 }, 3317 "400": { 3318 "description": "Invalid modify endpoint request", 3319 "schema": { 3320 "$ref": "#/definitions/Error" 3321 }, 3322 "x-go-name": "Invalid" 3323 }, 3324 "404": { 3325 "description": "Endpoint does not exist" 3326 }, 3327 "500": { 3328 "description": "Endpoint update failed", 3329 "schema": { 3330 "$ref": "#/definitions/Error" 3331 }, 3332 "x-go-name": "Failed" 3333 } 3334 } 3335 } 3336 }, 3337 "/endpoint/{id}/config": { 3338 "get": { 3339 "description": "Retrieves the configuration of the specified endpoint.\n", 3340 "tags": [ 3341 "endpoint" 3342 ], 3343 "summary": "Retrieve endpoint configuration", 3344 "parameters": [ 3345 { 3346 "type": "string", 3347 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3348 "name": "id", 3349 "in": "path", 3350 "required": true 3351 } 3352 ], 3353 "responses": { 3354 "200": { 3355 "description": "Success", 3356 "schema": { 3357 "$ref": "#/definitions/EndpointConfigurationStatus" 3358 } 3359 }, 3360 "404": { 3361 "description": "Endpoint not found" 3362 } 3363 } 3364 }, 3365 "patch": { 3366 "description": "Update the configuration of an existing endpoint and regenerates \u0026\nrecompiles the corresponding programs automatically.\n", 3367 "tags": [ 3368 "endpoint" 3369 ], 3370 "summary": "Modify mutable endpoint configuration", 3371 "parameters": [ 3372 { 3373 "type": "string", 3374 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3375 "name": "id", 3376 "in": "path", 3377 "required": true 3378 }, 3379 { 3380 "name": "endpoint-configuration", 3381 "in": "body", 3382 "required": true, 3383 "schema": { 3384 "$ref": "#/definitions/EndpointConfigurationSpec" 3385 } 3386 } 3387 ], 3388 "responses": { 3389 "200": { 3390 "description": "Success" 3391 }, 3392 "400": { 3393 "description": "Invalid configuration request", 3394 "x-go-name": "Invalid" 3395 }, 3396 "404": { 3397 "description": "Endpoint not found" 3398 }, 3399 "500": { 3400 "description": "Update failed. Details in message.", 3401 "schema": { 3402 "$ref": "#/definitions/Error" 3403 }, 3404 "x-go-name": "Failed" 3405 } 3406 } 3407 } 3408 }, 3409 "/endpoint/{id}/healthz": { 3410 "get": { 3411 "tags": [ 3412 "endpoint" 3413 ], 3414 "summary": "Retrieves the status logs associated with this endpoint.", 3415 "parameters": [ 3416 { 3417 "type": "string", 3418 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3419 "name": "id", 3420 "in": "path", 3421 "required": true 3422 } 3423 ], 3424 "responses": { 3425 "200": { 3426 "description": "Success", 3427 "schema": { 3428 "$ref": "#/definitions/EndpointHealth" 3429 } 3430 }, 3431 "400": { 3432 "description": "Invalid identity provided", 3433 "x-go-name": "Invalid" 3434 }, 3435 "404": { 3436 "description": "Endpoint not found" 3437 } 3438 } 3439 } 3440 }, 3441 "/endpoint/{id}/labels": { 3442 "get": { 3443 "tags": [ 3444 "endpoint" 3445 ], 3446 "summary": "Retrieves the list of labels associated with an endpoint.", 3447 "parameters": [ 3448 { 3449 "type": "string", 3450 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3451 "name": "id", 3452 "in": "path", 3453 "required": true 3454 } 3455 ], 3456 "responses": { 3457 "200": { 3458 "description": "Success", 3459 "schema": { 3460 "$ref": "#/definitions/LabelConfiguration" 3461 } 3462 }, 3463 "404": { 3464 "description": "Endpoint not found" 3465 } 3466 } 3467 }, 3468 "patch": { 3469 "description": "Sets labels associated with an endpoint. These can be user provided or\nderived from the orchestration system.\n", 3470 "tags": [ 3471 "endpoint" 3472 ], 3473 "summary": "Set label configuration of endpoint", 3474 "parameters": [ 3475 { 3476 "type": "string", 3477 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3478 "name": "id", 3479 "in": "path", 3480 "required": true 3481 }, 3482 { 3483 "name": "configuration", 3484 "in": "body", 3485 "required": true, 3486 "schema": { 3487 "$ref": "#/definitions/LabelConfigurationSpec" 3488 } 3489 } 3490 ], 3491 "responses": { 3492 "200": { 3493 "description": "Success" 3494 }, 3495 "404": { 3496 "description": "Endpoint not found" 3497 }, 3498 "500": { 3499 "description": "Error while updating labels", 3500 "schema": { 3501 "$ref": "#/definitions/Error" 3502 }, 3503 "x-go-name": "UpdateFailed" 3504 } 3505 } 3506 } 3507 }, 3508 "/endpoint/{id}/log": { 3509 "get": { 3510 "tags": [ 3511 "endpoint" 3512 ], 3513 "summary": "Retrieves the status logs associated with this endpoint.", 3514 "parameters": [ 3515 { 3516 "type": "string", 3517 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3518 "name": "id", 3519 "in": "path", 3520 "required": true 3521 } 3522 ], 3523 "responses": { 3524 "200": { 3525 "description": "Success", 3526 "schema": { 3527 "$ref": "#/definitions/EndpointStatusLog" 3528 } 3529 }, 3530 "400": { 3531 "description": "Invalid identity provided", 3532 "x-go-name": "Invalid" 3533 }, 3534 "404": { 3535 "description": "Endpoint not found" 3536 } 3537 } 3538 } 3539 }, 3540 "/fqdn/cache": { 3541 "get": { 3542 "description": "Retrieves the list of DNS lookups intercepted from endpoints,\noptionally filtered by endpoint id, DNS name, or CIDR IP range.\n", 3543 "tags": [ 3544 "policy" 3545 ], 3546 "summary": "Retrieves the list of DNS lookups intercepted from all endpoints.", 3547 "parameters": [ 3548 { 3549 "type": "string", 3550 "description": "A toFQDNs compatible matchPattern expression", 3551 "name": "matchpattern", 3552 "in": "query" 3553 }, 3554 { 3555 "type": "string", 3556 "description": "A CIDR range of IPs", 3557 "name": "cidr", 3558 "in": "query" 3559 } 3560 ], 3561 "responses": { 3562 "200": { 3563 "description": "Success", 3564 "schema": { 3565 "type": "array", 3566 "items": { 3567 "$ref": "#/definitions/DNSLookup" 3568 } 3569 } 3570 }, 3571 "400": { 3572 "description": "Invalid request (error parsing parameters)", 3573 "schema": { 3574 "$ref": "#/definitions/Error" 3575 } 3576 }, 3577 "404": { 3578 "description": "No DNS data with provided parameters found" 3579 } 3580 } 3581 }, 3582 "delete": { 3583 "description": "Deletes matching DNS lookups from the cache, optionally restricted by\nDNS name. The removed IP data will no longer be used in generated\npolicies.\n", 3584 "tags": [ 3585 "policy" 3586 ], 3587 "summary": "Deletes matching DNS lookups from the policy-generation cache.", 3588 "parameters": [ 3589 { 3590 "type": "string", 3591 "description": "A toFQDNs compatible matchPattern expression", 3592 "name": "matchpattern", 3593 "in": "query" 3594 } 3595 ], 3596 "responses": { 3597 "200": { 3598 "description": "Success" 3599 }, 3600 "400": { 3601 "description": "Invalid request (error parsing parameters)", 3602 "schema": { 3603 "$ref": "#/definitions/Error" 3604 } 3605 } 3606 } 3607 } 3608 }, 3609 "/fqdn/cache/{id}": { 3610 "get": { 3611 "description": "Retrieves the list of DNS lookups intercepted from endpoints,\noptionally filtered by endpoint id, DNS name, or CIDR IP range.\n", 3612 "tags": [ 3613 "policy" 3614 ], 3615 "summary": "Retrieves the list of DNS lookups intercepted from an endpoint.", 3616 "parameters": [ 3617 { 3618 "type": "string", 3619 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 3620 "name": "id", 3621 "in": "path", 3622 "required": true 3623 }, 3624 { 3625 "type": "string", 3626 "description": "A toFQDNs compatible matchPattern expression", 3627 "name": "matchpattern", 3628 "in": "query" 3629 }, 3630 { 3631 "type": "string", 3632 "description": "A CIDR range of IPs", 3633 "name": "cidr", 3634 "in": "query" 3635 } 3636 ], 3637 "responses": { 3638 "200": { 3639 "description": "Success", 3640 "schema": { 3641 "type": "array", 3642 "items": { 3643 "$ref": "#/definitions/DNSLookup" 3644 } 3645 } 3646 }, 3647 "400": { 3648 "description": "Invalid request (error parsing parameters)", 3649 "schema": { 3650 "$ref": "#/definitions/Error" 3651 } 3652 }, 3653 "404": { 3654 "description": "No DNS data with provided parameters found" 3655 } 3656 } 3657 } 3658 }, 3659 "/healthz": { 3660 "get": { 3661 "description": "Returns health and status information of the Cilium daemon and related\ncomponents such as the local container runtime, connected datastore,\nKubernetes integration.\n", 3662 "tags": [ 3663 "daemon" 3664 ], 3665 "summary": "Get health of Cilium daemon", 3666 "parameters": [ 3667 { 3668 "type": "boolean", 3669 "description": "Brief will return a brief representation of the Cilium status.\n", 3670 "name": "brief", 3671 "in": "header" 3672 } 3673 ], 3674 "responses": { 3675 "200": { 3676 "description": "Success", 3677 "schema": { 3678 "$ref": "#/definitions/StatusResponse" 3679 } 3680 } 3681 } 3682 } 3683 }, 3684 "/identity": { 3685 "get": { 3686 "description": "Retrieves a list of identities that have metadata matching the provided parameters, or all identities if no parameters are provided.\n", 3687 "tags": [ 3688 "policy" 3689 ], 3690 "summary": "Retrieves a list of identities that have metadata matching the provided parameters.", 3691 "parameters": [ 3692 { 3693 "description": "List of labels\n", 3694 "name": "labels", 3695 "in": "body", 3696 "schema": { 3697 "$ref": "#/definitions/Labels" 3698 } 3699 } 3700 ], 3701 "responses": { 3702 "200": { 3703 "description": "Success", 3704 "schema": { 3705 "type": "array", 3706 "items": { 3707 "$ref": "#/definitions/Identity" 3708 } 3709 } 3710 }, 3711 "404": { 3712 "description": "Identities with provided parameters not found" 3713 }, 3714 "520": { 3715 "description": "Identity storage unreachable. Likely a network problem.", 3716 "schema": { 3717 "$ref": "#/definitions/Error" 3718 }, 3719 "x-go-name": "Unreachable" 3720 }, 3721 "521": { 3722 "description": "Invalid identity format in storage", 3723 "schema": { 3724 "$ref": "#/definitions/Error" 3725 }, 3726 "x-go-name": "InvalidStorageFormat" 3727 } 3728 } 3729 } 3730 }, 3731 "/identity/endpoints": { 3732 "get": { 3733 "tags": [ 3734 "policy" 3735 ], 3736 "summary": "Retrieve identities which are being used by local endpoints", 3737 "responses": { 3738 "200": { 3739 "description": "Success", 3740 "schema": { 3741 "type": "array", 3742 "items": { 3743 "$ref": "#/definitions/IdentityEndpoints" 3744 } 3745 } 3746 }, 3747 "404": { 3748 "description": "Set of identities which are being used by local endpoints could not be found." 3749 } 3750 } 3751 } 3752 }, 3753 "/identity/{id}": { 3754 "get": { 3755 "tags": [ 3756 "policy" 3757 ], 3758 "summary": "Retrieve identity", 3759 "parameters": [ 3760 { 3761 "type": "string", 3762 "description": "Cluster wide unique identifier of a security identity.\n", 3763 "name": "id", 3764 "in": "path", 3765 "required": true 3766 } 3767 ], 3768 "responses": { 3769 "200": { 3770 "description": "Success", 3771 "schema": { 3772 "$ref": "#/definitions/Identity" 3773 } 3774 }, 3775 "400": { 3776 "description": "Invalid identity provided" 3777 }, 3778 "404": { 3779 "description": "Identity not found" 3780 }, 3781 "520": { 3782 "description": "Identity storage unreachable. Likely a network problem.", 3783 "schema": { 3784 "$ref": "#/definitions/Error" 3785 }, 3786 "x-go-name": "Unreachable" 3787 }, 3788 "521": { 3789 "description": "Invalid identity format in storage", 3790 "schema": { 3791 "$ref": "#/definitions/Error" 3792 }, 3793 "x-go-name": "InvalidStorageFormat" 3794 } 3795 } 3796 } 3797 }, 3798 "/ipam": { 3799 "post": { 3800 "tags": [ 3801 "ipam" 3802 ], 3803 "summary": "Allocate an IP address", 3804 "parameters": [ 3805 { 3806 "enum": [ 3807 "ipv4", 3808 "ipv6" 3809 ], 3810 "type": "string", 3811 "name": "family", 3812 "in": "query" 3813 }, 3814 { 3815 "type": "string", 3816 "name": "owner", 3817 "in": "query" 3818 }, 3819 { 3820 "type": "boolean", 3821 "name": "expiration", 3822 "in": "header" 3823 } 3824 ], 3825 "responses": { 3826 "201": { 3827 "description": "Success", 3828 "schema": { 3829 "$ref": "#/definitions/IPAMResponse" 3830 } 3831 }, 3832 "502": { 3833 "description": "Allocation failure", 3834 "schema": { 3835 "$ref": "#/definitions/Error" 3836 }, 3837 "x-go-name": "Failure" 3838 } 3839 } 3840 } 3841 }, 3842 "/ipam/{ip}": { 3843 "post": { 3844 "tags": [ 3845 "ipam" 3846 ], 3847 "summary": "Allocate an IP address", 3848 "parameters": [ 3849 { 3850 "type": "string", 3851 "description": "IP address", 3852 "name": "ip", 3853 "in": "path", 3854 "required": true 3855 }, 3856 { 3857 "type": "string", 3858 "name": "owner", 3859 "in": "query" 3860 } 3861 ], 3862 "responses": { 3863 "200": { 3864 "description": "Success" 3865 }, 3866 "400": { 3867 "description": "Invalid IP address", 3868 "x-go-name": "Invalid" 3869 }, 3870 "409": { 3871 "description": "IP already allocated", 3872 "x-go-name": "Exists" 3873 }, 3874 "500": { 3875 "description": "IP allocation failure. Details in message.", 3876 "schema": { 3877 "$ref": "#/definitions/Error" 3878 }, 3879 "x-go-name": "Failure" 3880 }, 3881 "501": { 3882 "description": "Allocation for address family disabled", 3883 "x-go-name": "Disabled" 3884 } 3885 } 3886 }, 3887 "delete": { 3888 "tags": [ 3889 "ipam" 3890 ], 3891 "summary": "Release an allocated IP address", 3892 "parameters": [ 3893 { 3894 "type": "string", 3895 "description": "IP address or owner name", 3896 "name": "ip", 3897 "in": "path", 3898 "required": true 3899 } 3900 ], 3901 "responses": { 3902 "200": { 3903 "description": "Success" 3904 }, 3905 "400": { 3906 "description": "Invalid IP address", 3907 "x-go-name": "Invalid" 3908 }, 3909 "404": { 3910 "description": "IP address not found" 3911 }, 3912 "500": { 3913 "description": "Address release failure", 3914 "schema": { 3915 "$ref": "#/definitions/Error" 3916 }, 3917 "x-go-name": "Failure" 3918 }, 3919 "501": { 3920 "description": "Allocation for address family disabled", 3921 "x-go-name": "Disabled" 3922 } 3923 } 3924 } 3925 }, 3926 "/map": { 3927 "get": { 3928 "tags": [ 3929 "daemon" 3930 ], 3931 "summary": "List all open maps", 3932 "responses": { 3933 "200": { 3934 "description": "Success", 3935 "schema": { 3936 "$ref": "#/definitions/BPFMapList" 3937 } 3938 } 3939 } 3940 } 3941 }, 3942 "/map/{name}": { 3943 "get": { 3944 "tags": [ 3945 "daemon" 3946 ], 3947 "summary": "Retrieve contents of BPF map", 3948 "parameters": [ 3949 { 3950 "type": "string", 3951 "description": "Name of map", 3952 "name": "name", 3953 "in": "path", 3954 "required": true 3955 } 3956 ], 3957 "responses": { 3958 "200": { 3959 "description": "Success", 3960 "schema": { 3961 "$ref": "#/definitions/BPFMap" 3962 } 3963 }, 3964 "404": { 3965 "description": "Map not found" 3966 } 3967 } 3968 } 3969 }, 3970 "/metrics/": { 3971 "get": { 3972 "tags": [ 3973 "metrics" 3974 ], 3975 "summary": "Retrieve cilium metrics", 3976 "responses": { 3977 "200": { 3978 "description": "Success", 3979 "schema": { 3980 "type": "array", 3981 "items": { 3982 "$ref": "#/definitions/Metric" 3983 } 3984 } 3985 }, 3986 "500": { 3987 "description": "Metrics cannot be retrieved" 3988 } 3989 } 3990 } 3991 }, 3992 "/policy": { 3993 "get": { 3994 "description": "Returns the entire policy tree with all children.\n", 3995 "tags": [ 3996 "policy" 3997 ], 3998 "summary": "Retrieve entire policy tree", 3999 "parameters": [ 4000 { 4001 "name": "labels", 4002 "in": "body", 4003 "schema": { 4004 "$ref": "#/definitions/Labels" 4005 } 4006 } 4007 ], 4008 "responses": { 4009 "200": { 4010 "description": "Success", 4011 "schema": { 4012 "$ref": "#/definitions/Policy" 4013 } 4014 }, 4015 "404": { 4016 "description": "No policy rules found" 4017 } 4018 } 4019 }, 4020 "put": { 4021 "tags": [ 4022 "policy" 4023 ], 4024 "summary": "Create or update a policy (sub)tree", 4025 "parameters": [ 4026 { 4027 "description": "Policy rules", 4028 "name": "policy", 4029 "in": "body", 4030 "required": true, 4031 "schema": { 4032 "type": "string" 4033 } 4034 } 4035 ], 4036 "responses": { 4037 "200": { 4038 "description": "Success", 4039 "schema": { 4040 "$ref": "#/definitions/Policy" 4041 } 4042 }, 4043 "400": { 4044 "description": "Invalid policy", 4045 "schema": { 4046 "$ref": "#/definitions/Error" 4047 }, 4048 "x-go-name": "InvalidPolicy" 4049 }, 4050 "460": { 4051 "description": "Invalid path", 4052 "schema": { 4053 "$ref": "#/definitions/Error" 4054 }, 4055 "x-go-name": "InvalidPath" 4056 }, 4057 "500": { 4058 "description": "Policy import failed", 4059 "schema": { 4060 "$ref": "#/definitions/Error" 4061 }, 4062 "x-go-name": "Failure" 4063 } 4064 } 4065 }, 4066 "delete": { 4067 "tags": [ 4068 "policy" 4069 ], 4070 "summary": "Delete a policy (sub)tree", 4071 "parameters": [ 4072 { 4073 "name": "labels", 4074 "in": "body", 4075 "schema": { 4076 "$ref": "#/definitions/Labels" 4077 } 4078 } 4079 ], 4080 "responses": { 4081 "200": { 4082 "description": "Success", 4083 "schema": { 4084 "$ref": "#/definitions/Policy" 4085 } 4086 }, 4087 "400": { 4088 "description": "Invalid request", 4089 "schema": { 4090 "$ref": "#/definitions/Error" 4091 }, 4092 "x-go-name": "Invalid" 4093 }, 4094 "404": { 4095 "description": "Policy not found" 4096 }, 4097 "500": { 4098 "description": "Error while deleting policy", 4099 "schema": { 4100 "$ref": "#/definitions/Error" 4101 }, 4102 "x-go-name": "Failure" 4103 } 4104 } 4105 } 4106 }, 4107 "/policy/resolve": { 4108 "get": { 4109 "tags": [ 4110 "policy" 4111 ], 4112 "summary": "Resolve policy for an identity context", 4113 "parameters": [ 4114 { 4115 "description": "Context to provide policy evaluation on", 4116 "name": "trace-selector", 4117 "in": "body", 4118 "schema": { 4119 "$ref": "#/definitions/TraceSelector" 4120 } 4121 } 4122 ], 4123 "responses": { 4124 "200": { 4125 "description": "Success", 4126 "schema": { 4127 "$ref": "#/definitions/PolicyTraceResult" 4128 } 4129 } 4130 } 4131 } 4132 }, 4133 "/policy/selectors": { 4134 "get": { 4135 "tags": [ 4136 "policy" 4137 ], 4138 "summary": "See what selectors match which identities", 4139 "responses": { 4140 "200": { 4141 "description": "Success", 4142 "schema": { 4143 "$ref": "#/definitions/SelectorCache" 4144 } 4145 } 4146 } 4147 } 4148 }, 4149 "/prefilter": { 4150 "get": { 4151 "tags": [ 4152 "prefilter" 4153 ], 4154 "summary": "Retrieve list of CIDRs", 4155 "responses": { 4156 "200": { 4157 "description": "Success", 4158 "schema": { 4159 "$ref": "#/definitions/Prefilter" 4160 } 4161 }, 4162 "500": { 4163 "description": "Prefilter get failed", 4164 "schema": { 4165 "$ref": "#/definitions/Error" 4166 }, 4167 "x-go-name": "Failure" 4168 } 4169 } 4170 }, 4171 "delete": { 4172 "tags": [ 4173 "prefilter" 4174 ], 4175 "summary": "Delete list of CIDRs", 4176 "parameters": [ 4177 { 4178 "description": "List of CIDR ranges for filter table", 4179 "name": "prefilter-spec", 4180 "in": "body", 4181 "required": true, 4182 "schema": { 4183 "$ref": "#/definitions/PrefilterSpec" 4184 } 4185 } 4186 ], 4187 "responses": { 4188 "200": { 4189 "description": "Deleted", 4190 "schema": { 4191 "$ref": "#/definitions/Prefilter" 4192 } 4193 }, 4194 "461": { 4195 "description": "Invalid CIDR prefix", 4196 "schema": { 4197 "$ref": "#/definitions/Error" 4198 }, 4199 "x-go-name": "InvalidCIDR" 4200 }, 4201 "500": { 4202 "description": "Prefilter delete failed", 4203 "schema": { 4204 "$ref": "#/definitions/Error" 4205 }, 4206 "x-go-name": "Failure" 4207 } 4208 } 4209 }, 4210 "patch": { 4211 "tags": [ 4212 "prefilter" 4213 ], 4214 "summary": "Update list of CIDRs", 4215 "parameters": [ 4216 { 4217 "description": "List of CIDR ranges for filter table", 4218 "name": "prefilter-spec", 4219 "in": "body", 4220 "required": true, 4221 "schema": { 4222 "$ref": "#/definitions/PrefilterSpec" 4223 } 4224 } 4225 ], 4226 "responses": { 4227 "200": { 4228 "description": "Updated", 4229 "schema": { 4230 "$ref": "#/definitions/Prefilter" 4231 } 4232 }, 4233 "461": { 4234 "description": "Invalid CIDR prefix", 4235 "schema": { 4236 "$ref": "#/definitions/Error" 4237 }, 4238 "x-go-name": "InvalidCIDR" 4239 }, 4240 "500": { 4241 "description": "Prefilter update failed", 4242 "schema": { 4243 "$ref": "#/definitions/Error" 4244 }, 4245 "x-go-name": "Failure" 4246 } 4247 } 4248 } 4249 }, 4250 "/service": { 4251 "get": { 4252 "tags": [ 4253 "service" 4254 ], 4255 "summary": "Retrieve list of all services", 4256 "responses": { 4257 "200": { 4258 "description": "Success", 4259 "schema": { 4260 "type": "array", 4261 "items": { 4262 "$ref": "#/definitions/Service" 4263 } 4264 } 4265 } 4266 } 4267 } 4268 }, 4269 "/service/{id}": { 4270 "get": { 4271 "tags": [ 4272 "service" 4273 ], 4274 "summary": "Retrieve configuration of a service", 4275 "parameters": [ 4276 { 4277 "type": "integer", 4278 "description": "ID of service", 4279 "name": "id", 4280 "in": "path", 4281 "required": true 4282 } 4283 ], 4284 "responses": { 4285 "200": { 4286 "description": "Success", 4287 "schema": { 4288 "$ref": "#/definitions/Service" 4289 } 4290 }, 4291 "404": { 4292 "description": "Service not found" 4293 } 4294 } 4295 }, 4296 "put": { 4297 "tags": [ 4298 "service" 4299 ], 4300 "summary": "Create or update service", 4301 "parameters": [ 4302 { 4303 "type": "integer", 4304 "description": "ID of service", 4305 "name": "id", 4306 "in": "path", 4307 "required": true 4308 }, 4309 { 4310 "description": "Service configuration", 4311 "name": "config", 4312 "in": "body", 4313 "required": true, 4314 "schema": { 4315 "$ref": "#/definitions/ServiceSpec" 4316 } 4317 } 4318 ], 4319 "responses": { 4320 "200": { 4321 "description": "Updated" 4322 }, 4323 "201": { 4324 "description": "Created" 4325 }, 4326 "460": { 4327 "description": "Invalid frontend in service configuration", 4328 "schema": { 4329 "$ref": "#/definitions/Error" 4330 }, 4331 "x-go-name": "InvalidFrontend" 4332 }, 4333 "461": { 4334 "description": "Invalid backend in service configuration", 4335 "schema": { 4336 "$ref": "#/definitions/Error" 4337 }, 4338 "x-go-name": "InvalidBackend" 4339 }, 4340 "500": { 4341 "description": "Error while creating service", 4342 "schema": { 4343 "$ref": "#/definitions/Error" 4344 }, 4345 "x-go-name": "Failure" 4346 } 4347 } 4348 }, 4349 "delete": { 4350 "tags": [ 4351 "service" 4352 ], 4353 "summary": "Delete a service", 4354 "parameters": [ 4355 { 4356 "type": "integer", 4357 "description": "ID of service", 4358 "name": "id", 4359 "in": "path", 4360 "required": true 4361 } 4362 ], 4363 "responses": { 4364 "200": { 4365 "description": "Success" 4366 }, 4367 "404": { 4368 "description": "Service not found" 4369 }, 4370 "500": { 4371 "description": "Service deletion failed", 4372 "schema": { 4373 "$ref": "#/definitions/Error" 4374 }, 4375 "x-go-name": "Failure" 4376 } 4377 } 4378 } 4379 } 4380 }, 4381 "definitions": { 4382 "Address": { 4383 "description": "IP address", 4384 "type": "string" 4385 }, 4386 "AddressPair": { 4387 "description": "Addressing information of an endpoint", 4388 "type": "object", 4389 "properties": { 4390 "ipv4": { 4391 "description": "IPv4 address", 4392 "type": "string" 4393 }, 4394 "ipv4-expiration-uuid": { 4395 "description": "UUID of IPv4 expiration timer", 4396 "type": "string" 4397 }, 4398 "ipv6": { 4399 "description": "IPv6 address", 4400 "type": "string" 4401 }, 4402 "ipv6-expiration-uuid": { 4403 "description": "UUID of IPv6 expiration timer", 4404 "type": "string" 4405 } 4406 } 4407 }, 4408 "AllocationMap": { 4409 "description": "Map of allocated IPs\n", 4410 "type": "object", 4411 "additionalProperties": { 4412 "type": "string" 4413 } 4414 }, 4415 "BPFMap": { 4416 "description": "BPF map definition and content", 4417 "type": "object", 4418 "properties": { 4419 "cache": { 4420 "description": "Contents of cache", 4421 "type": "array", 4422 "items": { 4423 "$ref": "#/definitions/BPFMapEntry" 4424 } 4425 }, 4426 "path": { 4427 "description": "Path to BPF map", 4428 "type": "string" 4429 } 4430 } 4431 }, 4432 "BPFMapEntry": { 4433 "description": "BPF map cache entry\"", 4434 "type": "object", 4435 "properties": { 4436 "desired-action": { 4437 "description": "Desired action to be performed", 4438 "type": "string", 4439 "enum": [ 4440 "ok", 4441 "insert", 4442 "delete" 4443 ] 4444 }, 4445 "key": { 4446 "description": "Key of map entry", 4447 "type": "string" 4448 }, 4449 "last-error": { 4450 "description": "Last error seen while performing desired action", 4451 "type": "string" 4452 }, 4453 "value": { 4454 "description": "Value of map entry", 4455 "type": "string" 4456 } 4457 } 4458 }, 4459 "BPFMapList": { 4460 "description": "List of BPF Maps", 4461 "type": "object", 4462 "properties": { 4463 "maps": { 4464 "description": "Array of open BPF map lists", 4465 "type": "array", 4466 "items": { 4467 "$ref": "#/definitions/BPFMap" 4468 } 4469 } 4470 } 4471 }, 4472 "BackendAddress": { 4473 "description": "Service backend address", 4474 "type": "object", 4475 "required": [ 4476 "ip" 4477 ], 4478 "properties": { 4479 "ip": { 4480 "description": "Layer 3 address", 4481 "type": "string" 4482 }, 4483 "port": { 4484 "description": "Layer 4 port number", 4485 "type": "integer", 4486 "format": "uint16" 4487 }, 4488 "weight": { 4489 "description": "Weight for Round Robin", 4490 "type": "integer", 4491 "format": "uint16" 4492 } 4493 } 4494 }, 4495 "CIDRList": { 4496 "description": "List of CIDRs", 4497 "type": "object", 4498 "properties": { 4499 "list": { 4500 "type": "array", 4501 "items": { 4502 "type": "string" 4503 } 4504 }, 4505 "revision": { 4506 "type": "integer" 4507 } 4508 } 4509 }, 4510 "CIDRPolicy": { 4511 "description": "CIDR endpoint policy", 4512 "type": "object", 4513 "properties": { 4514 "egress": { 4515 "description": "List of CIDR egress rules", 4516 "type": "array", 4517 "items": { 4518 "$ref": "#/definitions/PolicyRule" 4519 } 4520 }, 4521 "ingress": { 4522 "description": "List of CIDR ingress rules", 4523 "type": "array", 4524 "items": { 4525 "$ref": "#/definitions/PolicyRule" 4526 } 4527 } 4528 } 4529 }, 4530 "ClusterNodeStatus": { 4531 "description": "Status of cluster", 4532 "properties": { 4533 "client-id": { 4534 "description": "ID that should be used by the client to receive a diff from the previous request", 4535 "type": "integer" 4536 }, 4537 "nodes-added": { 4538 "description": "List of known nodes", 4539 "type": "array", 4540 "items": { 4541 "$ref": "#/definitions/NodeElement" 4542 } 4543 }, 4544 "nodes-removed": { 4545 "description": "List of known nodes", 4546 "type": "array", 4547 "items": { 4548 "$ref": "#/definitions/NodeElement" 4549 } 4550 }, 4551 "self": { 4552 "description": "Name of local node (if available)", 4553 "type": "string" 4554 } 4555 } 4556 }, 4557 "ClusterNodesResponse": { 4558 "properties": { 4559 "nodes": { 4560 "description": "List of known nodes", 4561 "type": "array", 4562 "items": { 4563 "$ref": "#/definitions/NodeElement" 4564 } 4565 }, 4566 "self": { 4567 "description": "Name of local node (if available)", 4568 "type": "string" 4569 } 4570 } 4571 }, 4572 "ClusterStatus": { 4573 "description": "Status of cluster", 4574 "properties": { 4575 "ciliumHealth": { 4576 "description": "Status of local cilium-health daemon", 4577 "$ref": "#/definitions/Status" 4578 }, 4579 "nodes": { 4580 "description": "List of known nodes", 4581 "type": "array", 4582 "items": { 4583 "$ref": "#/definitions/NodeElement" 4584 } 4585 }, 4586 "self": { 4587 "description": "Name of local node (if available)", 4588 "type": "string" 4589 } 4590 } 4591 }, 4592 "ConfigurationMap": { 4593 "description": "Map of configuration key/value pairs.\n", 4594 "type": "object", 4595 "additionalProperties": { 4596 "type": "string" 4597 } 4598 }, 4599 "ControllerStatus": { 4600 "description": "Status of a controller", 4601 "type": "object", 4602 "properties": { 4603 "configuration": { 4604 "description": "Configuration of controller", 4605 "type": "object", 4606 "properties": { 4607 "error-retry": { 4608 "description": "Retry on error", 4609 "type": "boolean" 4610 }, 4611 "error-retry-base": { 4612 "description": "Base error retry back-off time", 4613 "type": "string", 4614 "format": "duration" 4615 }, 4616 "interval": { 4617 "description": "Regular synchronization interval", 4618 "type": "string", 4619 "format": "duration" 4620 } 4621 } 4622 }, 4623 "name": { 4624 "description": "Name of controller", 4625 "type": "string" 4626 }, 4627 "status": { 4628 "description": "Current status of controller", 4629 "type": "object", 4630 "properties": { 4631 "consecutive-failure-count": { 4632 "description": "Number of consecutive errors since last success", 4633 "type": "integer" 4634 }, 4635 "failure-count": { 4636 "description": "Total number of failed runs", 4637 "type": "integer" 4638 }, 4639 "last-failure-msg": { 4640 "description": "Error message of last failed run", 4641 "type": "string" 4642 }, 4643 "last-failure-timestamp": { 4644 "description": "Timestamp of last error", 4645 "type": "string", 4646 "format": "date-time" 4647 }, 4648 "last-success-timestamp": { 4649 "description": "Timestamp of last success", 4650 "type": "string", 4651 "format": "date-time" 4652 }, 4653 "success-count": { 4654 "description": "Total number of successful runs", 4655 "type": "integer" 4656 } 4657 } 4658 }, 4659 "uuid": { 4660 "description": "UUID of controller", 4661 "type": "string", 4662 "format": "uuid" 4663 } 4664 } 4665 }, 4666 "ControllerStatuses": { 4667 "description": "Collection of controller statuses", 4668 "type": "array", 4669 "items": { 4670 "$ref": "#/definitions/ControllerStatus" 4671 } 4672 }, 4673 "DNSLookup": { 4674 "description": "An IP -\u003e DNS mapping, with metadata", 4675 "type": "object", 4676 "properties": { 4677 "endpoint-id": { 4678 "description": "The endpoint that made this lookup, or 0 for the agent itself.", 4679 "type": "integer" 4680 }, 4681 "expiration-time": { 4682 "description": "The absolute time when this data will expire in this cache", 4683 "type": "string", 4684 "format": "date-time" 4685 }, 4686 "fqdn": { 4687 "description": "DNS name", 4688 "type": "string" 4689 }, 4690 "ips": { 4691 "description": "IP addresses returned in this lookup", 4692 "type": "array", 4693 "items": { 4694 "type": "string" 4695 } 4696 }, 4697 "lookup-time": { 4698 "description": "The absolute time when this data was recieved", 4699 "type": "string", 4700 "format": "date-time" 4701 }, 4702 "ttl": { 4703 "description": "The TTL in the DNS response", 4704 "type": "integer" 4705 } 4706 } 4707 }, 4708 "DaemonConfiguration": { 4709 "description": "Response to a daemon configuration request.\n", 4710 "type": "object", 4711 "properties": { 4712 "spec": { 4713 "description": "Changeable configuration", 4714 "$ref": "#/definitions/DaemonConfigurationSpec" 4715 }, 4716 "status": { 4717 "description": "Current daemon configuration related status.Contains the addressing\ninformation, k8s, node monitor and immutable and mutable\nconfiguration settings.\n", 4718 "$ref": "#/definitions/DaemonConfigurationStatus" 4719 } 4720 } 4721 }, 4722 "DaemonConfigurationSpec": { 4723 "description": "The controllable configuration of the daemon.", 4724 "type": "object", 4725 "properties": { 4726 "options": { 4727 "description": "Changeable configuration", 4728 "$ref": "#/definitions/ConfigurationMap" 4729 }, 4730 "policy-enforcement": { 4731 "description": "The policy-enforcement mode", 4732 "type": "string", 4733 "enum": [ 4734 "default", 4735 "always", 4736 "never" 4737 ] 4738 } 4739 } 4740 }, 4741 "DaemonConfigurationStatus": { 4742 "description": "Response to a daemon configuration request. Contains the addressing\ninformation, k8s, node monitor and immutable and mutable configuration\nsettings.\n", 4743 "type": "object", 4744 "properties": { 4745 "addressing": { 4746 "$ref": "#/definitions/NodeAddressing" 4747 }, 4748 "datapathMode": { 4749 "$ref": "#/definitions/DatapathMode" 4750 }, 4751 "deviceMTU": { 4752 "description": "MTU on workload facing devices", 4753 "type": "integer" 4754 }, 4755 "immutable": { 4756 "description": "Immutable configuration (read-only)", 4757 "$ref": "#/definitions/ConfigurationMap" 4758 }, 4759 "ipam-mode": { 4760 "description": "Configured IPAM mode", 4761 "type": "string" 4762 }, 4763 "ipvlanConfiguration": { 4764 "$ref": "#/definitions/IpvlanConfiguration" 4765 }, 4766 "k8s-configuration": { 4767 "type": "string" 4768 }, 4769 "k8s-endpoint": { 4770 "type": "string" 4771 }, 4772 "kvstoreConfiguration": { 4773 "$ref": "#/definitions/KVstoreConfiguration" 4774 }, 4775 "masquerade": { 4776 "description": "Status of masquerading feature", 4777 "type": "boolean" 4778 }, 4779 "nodeMonitor": { 4780 "description": "Status of the node monitor", 4781 "$ref": "#/definitions/MonitorStatus" 4782 }, 4783 "realized": { 4784 "description": "Currently applied configuration", 4785 "$ref": "#/definitions/DaemonConfigurationSpec" 4786 }, 4787 "routeMTU": { 4788 "description": "MTU for network facing routes", 4789 "type": "integer" 4790 } 4791 } 4792 }, 4793 "DatapathMode": { 4794 "description": "Datapath mode", 4795 "type": "string", 4796 "enum": [ 4797 "veth", 4798 "ipvlan" 4799 ] 4800 }, 4801 "DebugInfo": { 4802 "description": "groups some debugging related information on the agent", 4803 "type": "object", 4804 "properties": { 4805 "cilium-memory-map": { 4806 "type": "string" 4807 }, 4808 "cilium-nodemonitor-memory-map": { 4809 "type": "string" 4810 }, 4811 "cilium-status": { 4812 "$ref": "#/definitions/StatusResponse" 4813 }, 4814 "cilium-version": { 4815 "type": "string" 4816 }, 4817 "endpoint-list": { 4818 "type": "array", 4819 "items": { 4820 "$ref": "#/definitions/Endpoint" 4821 } 4822 }, 4823 "environment-variables": { 4824 "type": "array", 4825 "items": { 4826 "type": "string" 4827 } 4828 }, 4829 "kernel-version": { 4830 "type": "string" 4831 }, 4832 "policy": { 4833 "$ref": "#/definitions/Policy" 4834 }, 4835 "service-list": { 4836 "type": "array", 4837 "items": { 4838 "$ref": "#/definitions/Service" 4839 } 4840 }, 4841 "subsystem": { 4842 "type": "object", 4843 "additionalProperties": { 4844 "type": "string" 4845 } 4846 } 4847 } 4848 }, 4849 "Endpoint": { 4850 "description": "An endpoint is a namespaced network interface to which cilium applies policies", 4851 "type": "object", 4852 "properties": { 4853 "id": { 4854 "description": "The cilium-agent-local ID of the endpoint", 4855 "type": "integer" 4856 }, 4857 "spec": { 4858 "description": "The desired configuration state of the endpoint", 4859 "$ref": "#/definitions/EndpointConfigurationSpec" 4860 }, 4861 "status": { 4862 "description": "The desired and realized configuration state of the endpoint", 4863 "$ref": "#/definitions/EndpointStatus" 4864 } 4865 } 4866 }, 4867 "EndpointChangeRequest": { 4868 "description": "Structure which contains the mutable elements of an Endpoint.\n", 4869 "type": "object", 4870 "required": [ 4871 "state" 4872 ], 4873 "properties": { 4874 "addressing": { 4875 "$ref": "#/definitions/AddressPair" 4876 }, 4877 "container-id": { 4878 "description": "ID assigned by container runtime", 4879 "type": "string" 4880 }, 4881 "container-name": { 4882 "description": "Name assigned to container", 4883 "type": "string" 4884 }, 4885 "datapath-configuration": { 4886 "$ref": "#/definitions/EndpointDatapathConfiguration" 4887 }, 4888 "datapath-map-id": { 4889 "description": "ID of datapath tail call map", 4890 "type": "integer" 4891 }, 4892 "docker-endpoint-id": { 4893 "description": "Docker endpoint ID", 4894 "type": "string" 4895 }, 4896 "docker-network-id": { 4897 "description": "Docker network ID", 4898 "type": "string" 4899 }, 4900 "host-mac": { 4901 "description": "MAC address", 4902 "type": "string" 4903 }, 4904 "id": { 4905 "description": "Local endpoint ID", 4906 "type": "integer" 4907 }, 4908 "interface-index": { 4909 "description": "Index of network device", 4910 "type": "integer" 4911 }, 4912 "interface-name": { 4913 "description": "Name of network device", 4914 "type": "string" 4915 }, 4916 "k8s-namespace": { 4917 "description": "Kubernetes namespace name", 4918 "type": "string" 4919 }, 4920 "k8s-pod-name": { 4921 "description": "Kubernetes pod name", 4922 "type": "string" 4923 }, 4924 "labels": { 4925 "description": "Labels describing the identity", 4926 "$ref": "#/definitions/Labels" 4927 }, 4928 "mac": { 4929 "description": "MAC address", 4930 "type": "string" 4931 }, 4932 "pid": { 4933 "description": "Process ID of the workload belonging to this endpoint", 4934 "type": "integer" 4935 }, 4936 "policy-enabled": { 4937 "description": "Whether policy enforcement is enabled or not", 4938 "type": "boolean" 4939 }, 4940 "state": { 4941 "description": "Current state of endpoint", 4942 "$ref": "#/definitions/EndpointState" 4943 }, 4944 "sync-build-endpoint": { 4945 "description": "Whether to build an endpoint synchronously\n", 4946 "type": "boolean" 4947 } 4948 } 4949 }, 4950 "EndpointConfigurationSpec": { 4951 "description": "An endpoint's configuration", 4952 "type": "object", 4953 "properties": { 4954 "label-configuration": { 4955 "description": "the endpoint's labels", 4956 "$ref": "#/definitions/LabelConfigurationSpec" 4957 }, 4958 "options": { 4959 "description": "Changeable configuration", 4960 "$ref": "#/definitions/ConfigurationMap" 4961 } 4962 } 4963 }, 4964 "EndpointConfigurationStatus": { 4965 "description": "An endpoint's configuration", 4966 "type": "object", 4967 "properties": { 4968 "error": { 4969 "description": "Most recent error, if applicable", 4970 "$ref": "#/definitions/Error" 4971 }, 4972 "immutable": { 4973 "description": "Immutable configuration (read-only)", 4974 "$ref": "#/definitions/ConfigurationMap" 4975 }, 4976 "realized": { 4977 "description": "currently applied changeable configuration", 4978 "$ref": "#/definitions/EndpointConfigurationSpec" 4979 } 4980 } 4981 }, 4982 "EndpointDatapathConfiguration": { 4983 "description": "Datapath configuration to be used for the endpoint", 4984 "type": "object", 4985 "properties": { 4986 "external-ipam": { 4987 "description": "Indicates that IPAM is done external to Cilium. This will prevent the IP from being released and re-allocation of the IP address is skipped on restore.\n", 4988 "type": "boolean" 4989 }, 4990 "install-endpoint-route": { 4991 "description": "Installs a route in the Linux routing table pointing to the device of the endpoint's interface.\n", 4992 "type": "boolean" 4993 }, 4994 "require-arp-passthrough": { 4995 "description": "Enable ARP passthrough mode", 4996 "type": "boolean" 4997 }, 4998 "require-egress-prog": { 4999 "description": "Endpoint requires a host-facing egress program to be attached to implement ingress policy and reverse NAT.\n", 5000 "type": "boolean" 5001 }, 5002 "require-routing": { 5003 "description": "Endpoint requires BPF routing to be enabled, when disabled, routing is delegated to Linux routing.\n", 5004 "type": "boolean", 5005 "default": true 5006 } 5007 } 5008 }, 5009 "EndpointHealth": { 5010 "description": "Health of the endpoint", 5011 "type": "object", 5012 "properties": { 5013 "bpf": { 5014 "$ref": "#/definitions/EndpointHealthStatus" 5015 }, 5016 "connected": { 5017 "description": "Is this endpoint reachable", 5018 "type": "boolean" 5019 }, 5020 "overallHealth": { 5021 "$ref": "#/definitions/EndpointHealthStatus" 5022 }, 5023 "policy": { 5024 "$ref": "#/definitions/EndpointHealthStatus" 5025 } 5026 } 5027 }, 5028 "EndpointHealthStatus": { 5029 "description": "A common set of statuses for endpoint health * ` + "`" + `` + "`" + `OK` + "`" + `` + "`" + ` = All components operational * ` + "`" + `` + "`" + `Bootstrap` + "`" + `` + "`" + ` = This component is being created * ` + "`" + `` + "`" + `Pending` + "`" + `` + "`" + ` = A change is being processed to be applied * ` + "`" + `` + "`" + `Warning` + "`" + `` + "`" + ` = This component is not applying up-to-date policies (but is still applying the previous version) * ` + "`" + `` + "`" + `Failure` + "`" + `` + "`" + ` = An error has occurred and no policy is being applied * ` + "`" + `` + "`" + `Disabled` + "`" + `` + "`" + ` = This endpoint is disabled and will not handle traffic\n", 5030 "type": "string", 5031 "enum": [ 5032 "OK", 5033 "Bootstrap", 5034 "Pending", 5035 "Warning", 5036 "Failure", 5037 "Disabled" 5038 ] 5039 }, 5040 "EndpointIdentifiers": { 5041 "description": "Unique identifiers for this endpoint from outside cilium", 5042 "type": "object", 5043 "properties": { 5044 "container-id": { 5045 "description": "ID assigned by container runtime", 5046 "type": "string" 5047 }, 5048 "container-name": { 5049 "description": "Name assigned to container", 5050 "type": "string" 5051 }, 5052 "docker-endpoint-id": { 5053 "description": "Docker endpoint ID", 5054 "type": "string" 5055 }, 5056 "docker-network-id": { 5057 "description": "Docker network ID", 5058 "type": "string" 5059 }, 5060 "pod-name": { 5061 "description": "K8s pod for this endpoint", 5062 "type": "string" 5063 } 5064 } 5065 }, 5066 "EndpointNetworking": { 5067 "description": "Unique identifiers for this endpoint from outside cilium", 5068 "type": "object", 5069 "properties": { 5070 "addressing": { 5071 "description": "IP4/6 addresses assigned to this Endpoint", 5072 "type": "array", 5073 "items": { 5074 "$ref": "#/definitions/AddressPair" 5075 } 5076 }, 5077 "host-addressing": { 5078 "$ref": "#/definitions/NodeAddressing" 5079 }, 5080 "host-mac": { 5081 "description": "MAC address", 5082 "type": "string" 5083 }, 5084 "interface-index": { 5085 "description": "Index of network device", 5086 "type": "integer" 5087 }, 5088 "interface-name": { 5089 "description": "Name of network device", 5090 "type": "string" 5091 }, 5092 "mac": { 5093 "description": "MAC address", 5094 "type": "string" 5095 } 5096 } 5097 }, 5098 "EndpointPolicy": { 5099 "description": "Policy information of an endpoint", 5100 "type": "object", 5101 "properties": { 5102 "allowed-egress-identities": { 5103 "description": "List of identities to which this endpoint is allowed to communicate\n", 5104 "type": "array", 5105 "items": { 5106 "type": "integer" 5107 } 5108 }, 5109 "allowed-ingress-identities": { 5110 "description": "List of identities allowed to communicate to this endpoint\n", 5111 "type": "array", 5112 "items": { 5113 "type": "integer" 5114 } 5115 }, 5116 "build": { 5117 "description": "Build number of calculated policy in use", 5118 "type": "integer" 5119 }, 5120 "cidr-policy": { 5121 "$ref": "#/definitions/CIDRPolicy" 5122 }, 5123 "id": { 5124 "description": "Own identity of endpoint", 5125 "type": "integer" 5126 }, 5127 "l4": { 5128 "$ref": "#/definitions/L4Policy" 5129 }, 5130 "policy-enabled": { 5131 "description": "Whether policy enforcement is enabled (ingress, egress, both or none)", 5132 "$ref": "#/definitions/EndpointPolicyEnabled" 5133 }, 5134 "policy-revision": { 5135 "description": "The agent-local policy revision", 5136 "type": "integer" 5137 } 5138 } 5139 }, 5140 "EndpointPolicyEnabled": { 5141 "description": "Whether policy enforcement is enabled (ingress, egress, both or none)", 5142 "type": "string", 5143 "enum": [ 5144 "none", 5145 "ingress", 5146 "egress", 5147 "both" 5148 ] 5149 }, 5150 "EndpointPolicyStatus": { 5151 "description": "Policy information of an endpoint", 5152 "type": "object", 5153 "properties": { 5154 "proxy-policy-revision": { 5155 "description": "The policy revision currently enforced in the proxy for this endpoint", 5156 "type": "integer" 5157 }, 5158 "proxy-statistics": { 5159 "description": "Statistics of the proxy redirects configured for this endpoint", 5160 "type": "array", 5161 "items": { 5162 "$ref": "#/definitions/ProxyStatistics" 5163 } 5164 }, 5165 "realized": { 5166 "description": "The policy in the datapath for this endpoint", 5167 "$ref": "#/definitions/EndpointPolicy" 5168 }, 5169 "spec": { 5170 "description": "The policy that should apply to this endpoint", 5171 "$ref": "#/definitions/EndpointPolicy" 5172 } 5173 } 5174 }, 5175 "EndpointState": { 5176 "description": "State of endpoint", 5177 "type": "string", 5178 "enum": [ 5179 "creating", 5180 "waiting-for-identity", 5181 "not-ready", 5182 "waiting-to-regenerate", 5183 "regenerating", 5184 "restoring", 5185 "ready", 5186 "disconnecting", 5187 "disconnected", 5188 "invalid" 5189 ] 5190 }, 5191 "EndpointStatus": { 5192 "description": "The current state and configuration of the endpoint, its policy \u0026 datapath, and subcomponents", 5193 "type": "object", 5194 "required": [ 5195 "state" 5196 ], 5197 "properties": { 5198 "controllers": { 5199 "description": "Status of internal controllers attached to this endpoint", 5200 "$ref": "#/definitions/ControllerStatuses" 5201 }, 5202 "external-identifiers": { 5203 "description": "Unique identifiers for this endpoint from outside cilium", 5204 "$ref": "#/definitions/EndpointIdentifiers" 5205 }, 5206 "health": { 5207 "description": "Summary overall endpoint \u0026 subcomponent health", 5208 "$ref": "#/definitions/EndpointHealth" 5209 }, 5210 "identity": { 5211 "description": "The security identity for this endpoint", 5212 "$ref": "#/definitions/Identity" 5213 }, 5214 "labels": { 5215 "description": "Labels applied to this endpoint", 5216 "$ref": "#/definitions/LabelConfigurationStatus" 5217 }, 5218 "log": { 5219 "description": "Most recent status log. See endpoint/{id}/log for the complete log.", 5220 "$ref": "#/definitions/EndpointStatusLog" 5221 }, 5222 "networking": { 5223 "description": "Networking properties of the endpoint", 5224 "$ref": "#/definitions/EndpointNetworking" 5225 }, 5226 "policy": { 5227 "description": "The policy applied to this endpoint from the policy repository", 5228 "$ref": "#/definitions/EndpointPolicyStatus" 5229 }, 5230 "realized": { 5231 "description": "The configuration in effect on this endpoint", 5232 "$ref": "#/definitions/EndpointConfigurationSpec" 5233 }, 5234 "state": { 5235 "description": "Current state of endpoint", 5236 "$ref": "#/definitions/EndpointState" 5237 } 5238 } 5239 }, 5240 "EndpointStatusChange": { 5241 "description": "Indication of a change of status", 5242 "type": "object", 5243 "properties": { 5244 "code": { 5245 "description": "Code indicate type of status change", 5246 "type": "string", 5247 "enum": [ 5248 "ok", 5249 "failed" 5250 ] 5251 }, 5252 "message": { 5253 "description": "Status message", 5254 "type": "string" 5255 }, 5256 "state": { 5257 "$ref": "#/definitions/EndpointState" 5258 }, 5259 "timestamp": { 5260 "description": "Timestamp when status change occurred", 5261 "type": "string" 5262 } 5263 } 5264 }, 5265 "EndpointStatusLog": { 5266 "description": "Status log of endpoint", 5267 "type": "array", 5268 "items": { 5269 "$ref": "#/definitions/EndpointStatusChange" 5270 } 5271 }, 5272 "Error": { 5273 "type": "string" 5274 }, 5275 "FrontendAddress": { 5276 "description": "Layer 4 address. The protocol is currently ignored, all services will\nbehave as if protocol any is specified. To restrict to a particular\nprotocol, use policy.\n", 5277 "type": "object", 5278 "properties": { 5279 "ip": { 5280 "description": "Layer 3 address", 5281 "type": "string" 5282 }, 5283 "port": { 5284 "description": "Layer 4 port number", 5285 "type": "integer", 5286 "format": "uint16" 5287 }, 5288 "protocol": { 5289 "description": "Layer 4 protocol", 5290 "type": "string", 5291 "enum": [ 5292 "tcp", 5293 "udp", 5294 "any" 5295 ] 5296 } 5297 } 5298 }, 5299 "IPAMAddressResponse": { 5300 "description": "IPAM configuration of an individual address family", 5301 "type": "object", 5302 "properties": { 5303 "cidrs": { 5304 "description": "List of CIDRs out of which IPs are allocated", 5305 "type": "array", 5306 "items": { 5307 "type": "string" 5308 } 5309 }, 5310 "expiration-uuid": { 5311 "description": "The UUID for the expiration timer. Set when expiration has been\nenabled while allocating.\n", 5312 "type": "string" 5313 }, 5314 "gateway": { 5315 "description": "IP of gateway", 5316 "type": "string" 5317 }, 5318 "ip": { 5319 "description": "Allocated IP for endpoint", 5320 "type": "string" 5321 }, 5322 "master-mac": { 5323 "description": "MAC of master interface if address is a slave/secondary of a master interface", 5324 "type": "string" 5325 } 5326 } 5327 }, 5328 "IPAMResponse": { 5329 "description": "IPAM configuration of an endpoint", 5330 "type": "object", 5331 "required": [ 5332 "address", 5333 "host-addressing" 5334 ], 5335 "properties": { 5336 "address": { 5337 "$ref": "#/definitions/AddressPair" 5338 }, 5339 "host-addressing": { 5340 "$ref": "#/definitions/NodeAddressing" 5341 }, 5342 "ipv4": { 5343 "$ref": "#/definitions/IPAMAddressResponse" 5344 }, 5345 "ipv6": { 5346 "$ref": "#/definitions/IPAMAddressResponse" 5347 } 5348 } 5349 }, 5350 "IPAMStatus": { 5351 "description": "Status of IP address management", 5352 "properties": { 5353 "allocations": { 5354 "$ref": "#/definitions/AllocationMap" 5355 }, 5356 "ipv4": { 5357 "type": "array", 5358 "items": { 5359 "type": "string" 5360 } 5361 }, 5362 "ipv6": { 5363 "type": "array", 5364 "items": { 5365 "type": "string" 5366 } 5367 }, 5368 "status": { 5369 "type": "string" 5370 } 5371 } 5372 }, 5373 "Identity": { 5374 "description": "Security identity", 5375 "type": "object", 5376 "properties": { 5377 "id": { 5378 "description": "Unique identifier", 5379 "type": "integer" 5380 }, 5381 "labels": { 5382 "description": "Labels describing the identity", 5383 "$ref": "#/definitions/Labels" 5384 }, 5385 "labelsSHA256": { 5386 "description": "SHA256 of labels", 5387 "type": "string" 5388 } 5389 } 5390 }, 5391 "IdentityEndpoints": { 5392 "description": "Security identities owned by endpoints on the local node", 5393 "type": "object", 5394 "properties": { 5395 "identity": { 5396 "description": "Security identity", 5397 "$ref": "#/definitions/Identity" 5398 }, 5399 "refCount": { 5400 "description": "number of endpoints consuming this identity locally (should always be \u003e 0)", 5401 "type": "integer" 5402 } 5403 } 5404 }, 5405 "IpvlanConfiguration": { 5406 "description": "Setup for datapath when operating in ipvlan mode.", 5407 "type": "object", 5408 "properties": { 5409 "masterDeviceIndex": { 5410 "description": "Workload facing ipvlan master device ifindex.", 5411 "type": "integer" 5412 }, 5413 "operationMode": { 5414 "description": "Mode in which ipvlan setup operates.", 5415 "type": "string", 5416 "enum": [ 5417 "L3", 5418 "L3S" 5419 ] 5420 } 5421 } 5422 }, 5423 "K8sStatus": { 5424 "description": "Status of Kubernetes integration", 5425 "type": "object", 5426 "properties": { 5427 "k8s-api-versions": { 5428 "type": "array", 5429 "items": { 5430 "type": "string" 5431 } 5432 }, 5433 "msg": { 5434 "description": "Human readable status/error/warning message", 5435 "type": "string" 5436 }, 5437 "state": { 5438 "description": "State the component is in", 5439 "type": "string", 5440 "enum": [ 5441 "Ok", 5442 "Warning", 5443 "Failure", 5444 "Disabled" 5445 ] 5446 } 5447 } 5448 }, 5449 "KVstoreConfiguration": { 5450 "description": "Configuration used for the kvstore", 5451 "properties": { 5452 "options": { 5453 "description": "Configuration options", 5454 "type": "object", 5455 "additionalProperties": { 5456 "type": "string" 5457 } 5458 }, 5459 "type": { 5460 "description": "Type of kvstore", 5461 "type": "string" 5462 } 5463 } 5464 }, 5465 "L4Policy": { 5466 "description": "L4 endpoint policy", 5467 "type": "object", 5468 "properties": { 5469 "egress": { 5470 "description": "List of L4 egress rules", 5471 "type": "array", 5472 "items": { 5473 "$ref": "#/definitions/PolicyRule" 5474 } 5475 }, 5476 "ingress": { 5477 "description": "List of L4 ingress rules", 5478 "type": "array", 5479 "items": { 5480 "$ref": "#/definitions/PolicyRule" 5481 } 5482 } 5483 } 5484 }, 5485 "LabelConfiguration": { 5486 "description": "Label configuration of an endpoint", 5487 "type": "object", 5488 "properties": { 5489 "spec": { 5490 "description": "The user provided desired configuration", 5491 "$ref": "#/definitions/LabelConfigurationSpec" 5492 }, 5493 "status": { 5494 "description": "The current configuration", 5495 "$ref": "#/definitions/LabelConfigurationStatus" 5496 } 5497 } 5498 }, 5499 "LabelConfigurationSpec": { 5500 "description": "User desired Label configuration of an endpoint", 5501 "type": "object", 5502 "properties": { 5503 "user": { 5504 "description": "Custom labels in addition to orchestration system labels.", 5505 "$ref": "#/definitions/Labels" 5506 } 5507 } 5508 }, 5509 "LabelConfigurationStatus": { 5510 "description": "Labels and label configuration of an endpoint", 5511 "type": "object", 5512 "properties": { 5513 "derived": { 5514 "description": "All labels derived from the orchestration system", 5515 "$ref": "#/definitions/Labels" 5516 }, 5517 "disabled": { 5518 "description": "Labels derived from orchestration system which have been disabled.", 5519 "$ref": "#/definitions/Labels" 5520 }, 5521 "realized": { 5522 "description": "The current configuration", 5523 "$ref": "#/definitions/LabelConfigurationSpec" 5524 }, 5525 "security-relevant": { 5526 "description": "Labels derived from orchestration system that are used in computing a security identity", 5527 "$ref": "#/definitions/Labels" 5528 } 5529 } 5530 }, 5531 "Labels": { 5532 "description": "Set of labels", 5533 "type": "array", 5534 "items": { 5535 "type": "string" 5536 } 5537 }, 5538 "MessageForwardingStatistics": { 5539 "description": "Statistics of a message forwarding entity", 5540 "type": "object", 5541 "properties": { 5542 "denied": { 5543 "description": "Number of messages denied", 5544 "type": "integer" 5545 }, 5546 "error": { 5547 "description": "Number of errors while parsing messages", 5548 "type": "integer" 5549 }, 5550 "forwarded": { 5551 "description": "Number of messages forwarded", 5552 "type": "integer" 5553 }, 5554 "received": { 5555 "description": "Number of messages received", 5556 "type": "integer" 5557 } 5558 } 5559 }, 5560 "Metric": { 5561 "description": "Metric information", 5562 "type": "object", 5563 "properties": { 5564 "labels": { 5565 "description": "Labels of the metric", 5566 "type": "object", 5567 "additionalProperties": { 5568 "type": "string" 5569 } 5570 }, 5571 "name": { 5572 "description": "Name of the metric", 5573 "type": "string" 5574 }, 5575 "value": { 5576 "description": "Value of the metric", 5577 "type": "number" 5578 } 5579 } 5580 }, 5581 "MonitorStatus": { 5582 "description": "Status of the node monitor", 5583 "properties": { 5584 "cpus": { 5585 "description": "Number of CPUs to listen on for events.", 5586 "type": "integer" 5587 }, 5588 "lost": { 5589 "description": "Number of samples lost by perf.", 5590 "type": "integer" 5591 }, 5592 "npages": { 5593 "description": "Number of pages used for the perf ring buffer.", 5594 "type": "integer" 5595 }, 5596 "pagesize": { 5597 "description": "Pages size used for the perf ring buffer.", 5598 "type": "integer" 5599 }, 5600 "unknown": { 5601 "description": "Number of unknown samples.", 5602 "type": "integer" 5603 } 5604 } 5605 }, 5606 "NodeAddressing": { 5607 "description": "Addressing information of a node for all address families", 5608 "type": "object", 5609 "properties": { 5610 "ipv4": { 5611 "$ref": "#/definitions/NodeAddressingElement" 5612 }, 5613 "ipv6": { 5614 "$ref": "#/definitions/NodeAddressingElement" 5615 } 5616 } 5617 }, 5618 "NodeAddressingElement": { 5619 "description": "Addressing information", 5620 "type": "object", 5621 "properties": { 5622 "address-type": { 5623 "description": "Node address type, one of HostName, ExternalIP or InternalIP", 5624 "type": "string" 5625 }, 5626 "alloc-range": { 5627 "description": "Address pool to be used for local endpoints", 5628 "type": "string" 5629 }, 5630 "enabled": { 5631 "description": "True if address family is enabled", 5632 "type": "boolean" 5633 }, 5634 "ip": { 5635 "description": "IP address of node", 5636 "type": "string" 5637 } 5638 } 5639 }, 5640 "NodeElement": { 5641 "description": "Known node in the cluster", 5642 "properties": { 5643 "health-endpoint-address": { 5644 "description": "Address used for probing cluster connectivity", 5645 "$ref": "#/definitions/NodeAddressing" 5646 }, 5647 "name": { 5648 "description": "Name of the node including the cluster association. This is typically\n\u003cclustername\u003e/\u003chostname\u003e.\n", 5649 "type": "string" 5650 }, 5651 "primary-address": { 5652 "description": "Primary address used for intra-cluster communication", 5653 "$ref": "#/definitions/NodeAddressing" 5654 }, 5655 "secondary-addresses": { 5656 "description": "Alternative addresses assigned to the node", 5657 "type": "array", 5658 "items": { 5659 "$ref": "#/definitions/NodeAddressingElement" 5660 } 5661 } 5662 } 5663 }, 5664 "Policy": { 5665 "description": "Policy definition", 5666 "type": "object", 5667 "properties": { 5668 "policy": { 5669 "description": "Policy definition as JSON.", 5670 "type": "string" 5671 }, 5672 "revision": { 5673 "description": "Revision number of the policy. Incremented each time the policy is\nchanged in the agent's repository\n", 5674 "type": "integer" 5675 } 5676 } 5677 }, 5678 "PolicyRule": { 5679 "description": "A policy rule including the rule labels it derives from", 5680 "properties": { 5681 "derived-from-rules": { 5682 "description": "The policy rule labels identifying the policy rules this rule derives from", 5683 "type": "array", 5684 "items": { 5685 "type": "array", 5686 "items": { 5687 "type": "string" 5688 } 5689 } 5690 }, 5691 "rule": { 5692 "description": "The policy rule as json", 5693 "type": "string" 5694 } 5695 } 5696 }, 5697 "PolicyTraceResult": { 5698 "description": "Response to a policy resolution process", 5699 "type": "object", 5700 "properties": { 5701 "log": { 5702 "type": "string" 5703 }, 5704 "verdict": { 5705 "type": "string" 5706 } 5707 } 5708 }, 5709 "Port": { 5710 "description": "Layer 4 port / protocol pair", 5711 "type": "object", 5712 "properties": { 5713 "port": { 5714 "description": "Layer 4 port number", 5715 "type": "integer", 5716 "format": "uint16" 5717 }, 5718 "protocol": { 5719 "description": "Layer 4 protocol", 5720 "type": "string", 5721 "enum": [ 5722 "TCP", 5723 "UDP", 5724 "ANY" 5725 ] 5726 } 5727 } 5728 }, 5729 "Prefilter": { 5730 "description": "Collection of endpoints to be served", 5731 "type": "object", 5732 "properties": { 5733 "spec": { 5734 "$ref": "#/definitions/PrefilterSpec" 5735 }, 5736 "status": { 5737 "$ref": "#/definitions/PrefilterStatus" 5738 } 5739 } 5740 }, 5741 "PrefilterSpec": { 5742 "description": "CIDR ranges implemented in the Prefilter", 5743 "type": "object", 5744 "properties": { 5745 "deny": { 5746 "type": "array", 5747 "items": { 5748 "type": "string" 5749 } 5750 }, 5751 "revision": { 5752 "type": "integer" 5753 } 5754 } 5755 }, 5756 "PrefilterStatus": { 5757 "description": "CIDR ranges implemented in the Prefilter", 5758 "type": "object", 5759 "properties": { 5760 "realized": { 5761 "$ref": "#/definitions/PrefilterSpec" 5762 } 5763 } 5764 }, 5765 "ProxyStatistics": { 5766 "description": "Statistics of a set of proxy redirects for an endpoint", 5767 "type": "object", 5768 "properties": { 5769 "allocated-proxy-port": { 5770 "description": "The port the proxy is listening on", 5771 "type": "integer" 5772 }, 5773 "location": { 5774 "description": "Location of where the redirect is installed", 5775 "type": "string", 5776 "enum": [ 5777 "ingress", 5778 "egress" 5779 ] 5780 }, 5781 "port": { 5782 "description": "The port subject to the redirect", 5783 "type": "integer" 5784 }, 5785 "protocol": { 5786 "description": "Name of the L7 protocol", 5787 "type": "string" 5788 }, 5789 "statistics": { 5790 "description": "Statistics of this set of proxy redirect", 5791 "$ref": "#/definitions/RequestResponseStatistics" 5792 } 5793 } 5794 }, 5795 "ProxyStatus": { 5796 "description": "Status of proxy", 5797 "type": "object", 5798 "properties": { 5799 "ip": { 5800 "description": "IP address that the proxy listens on", 5801 "type": "string" 5802 }, 5803 "port-range": { 5804 "description": "Port range used for proxying", 5805 "type": "string" 5806 } 5807 } 5808 }, 5809 "RequestResponseStatistics": { 5810 "description": "Statistics of a proxy redirect", 5811 "type": "object", 5812 "properties": { 5813 "requests": { 5814 "$ref": "#/definitions/MessageForwardingStatistics" 5815 }, 5816 "responses": { 5817 "$ref": "#/definitions/MessageForwardingStatistics" 5818 } 5819 } 5820 }, 5821 "SelectorCache": { 5822 "description": "cache of which identities match selectors in the policy repository", 5823 "type": "array", 5824 "items": { 5825 "$ref": "#/definitions/SelectorIdentityMapping" 5826 } 5827 }, 5828 "SelectorIdentityMapping": { 5829 "description": "mapping of selector to identities which match it", 5830 "type": "object", 5831 "properties": { 5832 "identities": { 5833 "description": "identities mapping to this selector", 5834 "type": "array", 5835 "items": { 5836 "type": "integer" 5837 } 5838 }, 5839 "selector": { 5840 "description": "string form of selector", 5841 "type": "string" 5842 }, 5843 "users": { 5844 "description": "number of users of this selector in the cache", 5845 "type": "integer" 5846 } 5847 } 5848 }, 5849 "Service": { 5850 "description": "Collection of endpoints to be served", 5851 "type": "object", 5852 "properties": { 5853 "spec": { 5854 "$ref": "#/definitions/ServiceSpec" 5855 }, 5856 "status": { 5857 "$ref": "#/definitions/ServiceStatus" 5858 } 5859 } 5860 }, 5861 "ServiceSpec": { 5862 "description": "Configuration of a service", 5863 "type": "object", 5864 "required": [ 5865 "frontend-address" 5866 ], 5867 "properties": { 5868 "backend-addresses": { 5869 "description": "List of backend addresses", 5870 "type": "array", 5871 "items": { 5872 "$ref": "#/definitions/BackendAddress" 5873 } 5874 }, 5875 "flags": { 5876 "description": "Optional service configuration flags", 5877 "type": "object", 5878 "properties": { 5879 "active-frontend": { 5880 "description": "Frontend to backend translation activated", 5881 "type": "boolean" 5882 }, 5883 "direct-server-return": { 5884 "description": "Perform direct server return", 5885 "type": "boolean" 5886 }, 5887 "node-port": { 5888 "description": "Service is of Nodeport type", 5889 "type": "boolean" 5890 } 5891 } 5892 }, 5893 "frontend-address": { 5894 "description": "Frontend address", 5895 "$ref": "#/definitions/FrontendAddress" 5896 }, 5897 "id": { 5898 "description": "Unique identification", 5899 "type": "integer" 5900 } 5901 } 5902 }, 5903 "ServiceStatus": { 5904 "description": "Configuration of a service", 5905 "type": "object", 5906 "properties": { 5907 "realized": { 5908 "$ref": "#/definitions/ServiceSpec" 5909 } 5910 } 5911 }, 5912 "Status": { 5913 "description": "Status of an individual component", 5914 "type": "object", 5915 "properties": { 5916 "msg": { 5917 "description": "Human readable status/error/warning message", 5918 "type": "string" 5919 }, 5920 "state": { 5921 "description": "State the component is in", 5922 "type": "string", 5923 "enum": [ 5924 "Ok", 5925 "Warning", 5926 "Failure", 5927 "Disabled" 5928 ] 5929 } 5930 } 5931 }, 5932 "StatusResponse": { 5933 "description": "Health and status information of daemon", 5934 "type": "object", 5935 "properties": { 5936 "cilium": { 5937 "description": "Status of Cilium daemon", 5938 "$ref": "#/definitions/Status" 5939 }, 5940 "client-id": { 5941 "description": "When supported by the API, this client ID should be used by the\nclient when making another request to the server.\nSee for example \"/cluster/nodes\".\n", 5942 "type": "integer" 5943 }, 5944 "cluster": { 5945 "description": "Status of cluster", 5946 "$ref": "#/definitions/ClusterStatus" 5947 }, 5948 "container-runtime": { 5949 "description": "Status of local container runtime", 5950 "$ref": "#/definitions/Status" 5951 }, 5952 "controllers": { 5953 "description": "Status of all endpoint controllers", 5954 "$ref": "#/definitions/ControllerStatuses" 5955 }, 5956 "ipam": { 5957 "description": "Status of IP address management", 5958 "$ref": "#/definitions/IPAMStatus" 5959 }, 5960 "kubernetes": { 5961 "description": "Status of Kubernetes integration", 5962 "$ref": "#/definitions/K8sStatus" 5963 }, 5964 "kvstore": { 5965 "description": "Status of key/value datastore", 5966 "$ref": "#/definitions/Status" 5967 }, 5968 "nodeMonitor": { 5969 "description": "Status of the node monitor", 5970 "$ref": "#/definitions/MonitorStatus" 5971 }, 5972 "proxy": { 5973 "description": "Status of proxy", 5974 "$ref": "#/definitions/ProxyStatus" 5975 }, 5976 "stale": { 5977 "description": "List of stale information in the status", 5978 "type": "object", 5979 "additionalProperties": { 5980 "description": "Timestamp when the probe was started", 5981 "type": "string", 5982 "format": "date-time" 5983 } 5984 } 5985 } 5986 }, 5987 "TraceFrom": { 5988 "type": "object", 5989 "properties": { 5990 "labels": { 5991 "$ref": "#/definitions/Labels" 5992 } 5993 } 5994 }, 5995 "TraceSelector": { 5996 "description": "Context describing a pair of source and destination identity", 5997 "type": "object", 5998 "properties": { 5999 "from": { 6000 "$ref": "#/definitions/TraceFrom" 6001 }, 6002 "to": { 6003 "$ref": "#/definitions/TraceTo" 6004 }, 6005 "verbose": { 6006 "description": "Enable verbose tracing.\n", 6007 "type": "boolean" 6008 } 6009 } 6010 }, 6011 "TraceTo": { 6012 "type": "object", 6013 "properties": { 6014 "dports": { 6015 "description": "List of Layer 4 port and protocol pairs which will be used in communication\nfrom the source identity to the destination identity.\n", 6016 "type": "array", 6017 "items": { 6018 "$ref": "#/definitions/Port" 6019 } 6020 }, 6021 "labels": { 6022 "$ref": "#/definitions/Labels" 6023 } 6024 } 6025 } 6026 }, 6027 "parameters": { 6028 "cidr": { 6029 "type": "string", 6030 "description": "A CIDR range of IPs", 6031 "name": "cidr", 6032 "in": "query" 6033 }, 6034 "endpoint-change-request": { 6035 "name": "endpoint", 6036 "in": "body", 6037 "required": true, 6038 "schema": { 6039 "$ref": "#/definitions/EndpointChangeRequest" 6040 } 6041 }, 6042 "endpoint-id": { 6043 "type": "string", 6044 "description": "String describing an endpoint with the format ` + "`" + `` + "`" + `[prefix:]id` + "`" + `` + "`" + `. If no prefix\nis specified, a prefix of ` + "`" + `` + "`" + `cilium-local:` + "`" + `` + "`" + ` is assumed. Not all endpoints\nwill be addressable by all endpoint ID prefixes with the exception of the\nlocal Cilium UUID which is assigned to all endpoints.\n\nSupported endpoint id prefixes:\n - cilium-local: Local Cilium endpoint UUID, e.g. cilium-local:3389595\n - cilium-global: Global Cilium endpoint UUID, e.g. cilium-global:cluster1:nodeX:452343\n - container-id: Container runtime ID, e.g. container-id:22222\n - container-name: Container name, e.g. container-name:foobar\n - pod-name: pod name for this container if K8s is enabled, e.g. pod-name:default:foobar\n - docker-endpoint: Docker libnetwork endpoint ID, e.g. docker-endpoint:4444\n", 6045 "name": "id", 6046 "in": "path", 6047 "required": true 6048 }, 6049 "identity-id": { 6050 "type": "string", 6051 "description": "Cluster wide unique identifier of a security identity.\n", 6052 "name": "id", 6053 "in": "path", 6054 "required": true 6055 }, 6056 "ipam-expiration": { 6057 "type": "boolean", 6058 "name": "expiration", 6059 "in": "header" 6060 }, 6061 "ipam-family": { 6062 "enum": [ 6063 "ipv4", 6064 "ipv6" 6065 ], 6066 "type": "string", 6067 "name": "family", 6068 "in": "query" 6069 }, 6070 "ipam-ip": { 6071 "type": "string", 6072 "description": "IP address", 6073 "name": "ip", 6074 "in": "path", 6075 "required": true 6076 }, 6077 "ipam-owner": { 6078 "type": "string", 6079 "name": "owner", 6080 "in": "query" 6081 }, 6082 "ipam-release-arg": { 6083 "type": "string", 6084 "description": "IP address or owner name", 6085 "name": "ip", 6086 "in": "path", 6087 "required": true 6088 }, 6089 "labels": { 6090 "description": "List of labels\n", 6091 "name": "labels", 6092 "in": "body", 6093 "schema": { 6094 "$ref": "#/definitions/Labels" 6095 } 6096 }, 6097 "map-name": { 6098 "type": "string", 6099 "description": "Name of map", 6100 "name": "name", 6101 "in": "path", 6102 "required": true 6103 }, 6104 "matchpattern": { 6105 "type": "string", 6106 "description": "A toFQDNs compatible matchPattern expression", 6107 "name": "matchpattern", 6108 "in": "query" 6109 }, 6110 "pod-name": { 6111 "type": "string", 6112 "description": "K8s pod name\n", 6113 "name": "pod", 6114 "in": "path", 6115 "required": true 6116 }, 6117 "policy-rules": { 6118 "description": "Policy rules", 6119 "name": "policy", 6120 "in": "body", 6121 "required": true, 6122 "schema": { 6123 "type": "string" 6124 } 6125 }, 6126 "prefilter-spec": { 6127 "description": "List of CIDR ranges for filter table", 6128 "name": "prefilter-spec", 6129 "in": "body", 6130 "required": true, 6131 "schema": { 6132 "$ref": "#/definitions/PrefilterSpec" 6133 } 6134 }, 6135 "service-address": { 6136 "description": "Service address configuration", 6137 "name": "address", 6138 "in": "body", 6139 "schema": { 6140 "$ref": "#/definitions/FrontendAddress" 6141 } 6142 }, 6143 "service-config": { 6144 "description": "Service configuration", 6145 "name": "config", 6146 "in": "body", 6147 "required": true, 6148 "schema": { 6149 "$ref": "#/definitions/ServiceSpec" 6150 } 6151 }, 6152 "service-id": { 6153 "type": "integer", 6154 "description": "ID of service", 6155 "name": "id", 6156 "in": "path", 6157 "required": true 6158 }, 6159 "trace-selector": { 6160 "description": "Context to provide policy evaluation on", 6161 "name": "trace-selector", 6162 "in": "body", 6163 "schema": { 6164 "$ref": "#/definitions/TraceSelector" 6165 } 6166 } 6167 }, 6168 "x-schemes": [ 6169 "unix" 6170 ] 6171 }`)) 6172 }