istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/config/kube/gateway/testdata/route-binding.yaml (about) 1 apiVersion: gateway.networking.k8s.io/v1beta1 2 kind: GatewayClass 3 metadata: 4 name: istio 5 spec: 6 controllerName: istio.io/gateway-controller 7 --- 8 apiVersion: gateway.networking.k8s.io/v1beta1 9 kind: Gateway 10 metadata: 11 name: gateway 12 namespace: istio-system 13 spec: 14 addresses: 15 - value: istio-ingressgateway 16 type: Hostname 17 gatewayClassName: istio 18 listeners: 19 - name: default 20 hostname: "*.domain.example" 21 port: 80 22 protocol: HTTP 23 allowedRoutes: 24 namespaces: 25 from: All 26 - name: foobar 27 hostname: "*.foobar.example" 28 port: 80 29 protocol: HTTP 30 allowedRoutes: 31 namespaces: 32 from: All 33 kinds: 34 - kind: HTTPRoute 35 - name: same-namespace 36 hostname: "*.same-namespace.example" 37 port: 80 38 protocol: HTTP 39 - name: scope-route 40 hostname: "*.scope-route.example" 41 port: 80 42 protocol: HTTP 43 allowedRoutes: 44 namespaces: 45 from: All 46 kinds: 47 - kind: TCPRoute 48 - name: slctr-labels 49 hostname: "*.slctr-labels.example" 50 port: 80 51 protocol: HTTP 52 allowedRoutes: 53 namespaces: 54 from: Selector 55 selector: 56 matchLabels: 57 istio.io/test-name-part: group 58 - name: slctr-expr-in-yes 59 hostname: "*.slctr-expr-in-yes.example" 60 port: 80 61 protocol: HTTP 62 allowedRoutes: 63 namespaces: 64 from: Selector 65 selector: 66 matchExpressions: 67 - key: istio.io/test-name-part 68 operator: In 69 values: 70 - group 71 - name: slctr-expr-in-no 72 hostname: "*.slctr-expr-in-no.example" 73 port: 80 74 protocol: HTTP 75 allowedRoutes: 76 namespaces: 77 from: Selector 78 selector: 79 matchExpressions: 80 - key: istio.io/test-name-part 81 operator: In 82 values: 83 - public 84 - name: slctr-expr-notin-yes 85 hostname: "*.slctr-expr-notin-yes.example" 86 port: 80 87 protocol: HTTP 88 allowedRoutes: 89 namespaces: 90 from: Selector 91 selector: 92 matchExpressions: 93 - key: istio.io/test-name-part 94 operator: NotIn 95 values: 96 - private 97 - key: istio.io/test-label-not-found 98 operator: NotIn 99 values: 100 - irrelevant 101 - name: slctr-expr-notin-no 102 hostname: "*.slctr-expr-notin-no.example" 103 port: 80 104 protocol: HTTP 105 allowedRoutes: 106 namespaces: 107 from: Selector 108 selector: 109 matchExpressions: 110 - key: istio.io/test-name-part 111 operator: NotIn 112 values: 113 - group 114 - key: istio.io/test-label-not-found 115 operator: NotIn 116 values: 117 - irrelevant 118 - name: slctr-expr-exists-yes 119 hostname: "*.slctr-expr-exists-yes.example" 120 port: 80 121 protocol: HTTP 122 allowedRoutes: 123 namespaces: 124 from: Selector 125 selector: 126 matchExpressions: 127 - key: istio.io/test-name-part 128 operator: Exists 129 - name: slctr-expr-exists-no 130 hostname: "*.slctr-expr-exists-no.example" 131 port: 80 132 protocol: HTTP 133 allowedRoutes: 134 namespaces: 135 from: Selector 136 selector: 137 matchExpressions: 138 - key: istio.io/test-name-public 139 operator: Exists 140 - name: slctr-expr-dne-yes 141 hostname: "*.slctr-expr-dne-yes.example" 142 port: 80 143 protocol: HTTP 144 allowedRoutes: 145 namespaces: 146 from: Selector 147 selector: 148 matchExpressions: 149 - key: istio.io/test-label-not-found 150 operator: DoesNotExist 151 - name: slctr-expr-dne-no 152 hostname: "*.slctr-expr-dne-no.example" 153 port: 80 154 protocol: HTTP 155 allowedRoutes: 156 namespaces: 157 from: Selector 158 selector: 159 matchExpressions: 160 - key: istio.io/test-name-part 161 operator: DoesNotExist 162 - name: slctr-combined-yes 163 hostname: "*.slctr-combined-yes.example" 164 port: 80 165 protocol: HTTP 166 allowedRoutes: 167 namespaces: 168 from: Selector 169 selector: 170 matchLabels: 171 istio.io/test-name-part: group 172 matchExpressions: 173 - key: istio.io/test-name-part 174 operator: In 175 values: 176 - group 177 - name: slctr-combined-no 178 hostname: "*.slctr-combined-no.example" 179 port: 80 180 protocol: HTTP 181 allowedRoutes: 182 namespaces: 183 from: Selector 184 selector: 185 matchLabels: 186 istio.io/test-name-part: public 187 matchExpressions: 188 - key: istio.io/test-name-part 189 operator: In 190 values: 191 - group 192 --- 193 apiVersion: gateway.networking.k8s.io/v1beta1 194 kind: HTTPRoute 195 metadata: 196 name: section-name-cross-namespace 197 namespace: default 198 spec: 199 parentRefs: 200 - name: gateway 201 namespace: istio-system 202 sectionName: foobar 203 hostnames: ["alpha.foobar.example"] 204 rules: 205 - backendRefs: 206 - name: httpbin 207 port: 80 208 --- 209 apiVersion: gateway.networking.k8s.io/v1beta1 210 kind: HTTPRoute 211 metadata: 212 name: same-namespace-valid 213 namespace: istio-system 214 spec: 215 parentRefs: 216 - name: gateway 217 namespace: istio-system 218 sectionName: foobar 219 - name: gateway 220 namespace: istio-system 221 sectionName: same-namespace 222 rules: 223 - backendRefs: 224 - name: httpbin 225 port: 81 226 --- 227 apiVersion: gateway.networking.k8s.io/v1beta1 228 kind: HTTPRoute 229 metadata: 230 name: same-namespace-invalid 231 namespace: default 232 spec: 233 parentRefs: 234 - kind: Gateway 235 name: gateway 236 namespace: istio-system 237 sectionName: same-namespace 238 hostnames: ["foo.same.example"] 239 rules: 240 - backendRefs: 241 - name: echo 242 port: 80 243 --- 244 apiVersion: gateway.networking.k8s.io/v1alpha2 245 kind: TCPRoute 246 metadata: 247 # Should not generate anything, the protocol is HTTP 248 name: wrong-protocol 249 namespace: default 250 spec: 251 parentRefs: 252 - name: gateway 253 namespace: istio-system 254 sectionName: foobar 255 rules: 256 - backendRefs: 257 - name: httpbin 258 port: 82 259 --- 260 apiVersion: gateway.networking.k8s.io/v1beta1 261 kind: HTTPRoute 262 metadata: 263 name: host-mismatch 264 namespace: default 265 spec: 266 parentRefs: 267 - name: gateway 268 namespace: istio-system 269 sectionName: foobar 270 hostnames: ["no.match.example"] 271 rules: 272 - backendRefs: 273 - name: httpbin 274 port: 84 275 --- 276 apiVersion: gateway.networking.k8s.io/v1beta1 277 kind: HTTPRoute 278 metadata: 279 name: bind-all 280 namespace: default 281 spec: 282 parentRefs: 283 - name: gateway 284 namespace: istio-system 285 rules: 286 - backendRefs: 287 - name: httpbin 288 port: 85 289 --- 290 apiVersion: gateway.networking.k8s.io/v1beta1 291 kind: HTTPRoute 292 metadata: 293 name: bind-cross-namespace 294 namespace: group-namespace1 295 spec: 296 parentRefs: 297 - name: gateway 298 namespace: istio-system 299 sectionName: slctr-labels 300 - name: gateway 301 namespace: istio-system 302 sectionName: slctr-expr-in-yes 303 - name: gateway 304 namespace: istio-system 305 sectionName: slctr-expr-in-no 306 - name: gateway 307 namespace: istio-system 308 sectionName: slctr-expr-notin-yes 309 - name: gateway 310 namespace: istio-system 311 sectionName: slctr-expr-notin-no 312 - name: gateway 313 namespace: istio-system 314 sectionName: slctr-expr-exists-yes 315 - name: gateway 316 namespace: istio-system 317 sectionName: slctr-expr-exists-no 318 - name: gateway 319 namespace: istio-system 320 sectionName: slctr-expr-dne-yes 321 - name: gateway 322 namespace: istio-system 323 sectionName: slctr-expr-dne-no 324 - name: gateway 325 namespace: istio-system 326 sectionName: slctr-combined-yes 327 - name: gateway 328 namespace: istio-system 329 sectionName: slctr-combined-no 330 rules: 331 - backendRefs: 332 - name: httpbin 333 port: 86 334 --- 335 apiVersion: gateway.networking.k8s.io/v1beta1 336 kind: HTTPRoute 337 metadata: 338 name: bind-cross-namespace 339 namespace: group-namespace2 340 spec: 341 parentRefs: 342 - name: gateway 343 namespace: istio-system 344 sectionName: slctr-labels 345 rules: 346 - backendRefs: 347 - name: httpbin 348 port: 87 349 --- 350 apiVersion: gateway.networking.k8s.io/v1beta1 351 kind: HTTPRoute 352 metadata: 353 name: invalid-bind-cross-namespace 354 namespace: default 355 spec: 356 parentRefs: 357 - name: gateway 358 namespace: istio-system 359 sectionName: slctr-labels 360 rules: 361 - backendRefs: 362 - name: httpbin 363 port: 87 364