Documentation

Packages:

ops.antrea.tanzu.vmware.com/v1alpha1

Resource Types:

    Destination

    (Appears on: TraceflowSpec)

    Destination describes the destination spec of the traceflow.

    Field Description
    namespace
    string

    Namespace is the destination namespace.

    pod
    string

    Pod is the destination pod, exclusive with destination service.

    service
    string

    Service is the destination service, exclusive with destination pod.

    ip
    string

    IP is the destination IP.

    ICMPEchoRequestHeader

    (Appears on: TransportHeader)

    ICMPEchoRequestHeader describes spec of an ICMP echo request header.

    Field Description
    id
    int32

    ID is the ICMPEchoRequestHeader ID.

    sequence
    int32

    Sequence is the ICMPEchoRequestHeader sequence.

    IPHeader

    (Appears on: Packet)

    IPHeader describes spec of an IPv4 header. IPv6 not supported yet.

    Field Description
    srcIP
    string

    SrcIP is the source IP.

    protocol
    int32

    Protocol is the IP protocol.

    ttl
    int32

    TTL is the IP TTL.

    flags
    int32

    Flags is the flags for IP.

    NodeResult

    (Appears on: TraceflowStatus)

    Field Description
    node
    string

    Node is the node of the observation.

    role
    string

    Role of the node like sender, receiver, etc.

    timestamp
    int64

    Timestamp is the timestamp of the observations on the node.

    observations
    []Observation

    Observations includes all observations from sender nodes, receiver ones, etc.

    Observation

    (Appears on: NodeResult)

    Observation describes those from sender nodes or receiver nodes.

    Field Description
    component
    TraceflowComponent

    Component is the observation component.

    componentInfo
    string

    ComponentInfo is the extension of Component field.

    action
    TraceflowAction

    Action is the action to the observation.

    pod
    string

    Pod is the combination of Pod name and Pod Namespace.

    dstMAC
    string

    DstMAC is the destination MAC.

    networkPolicy
    string

    NetworkPolicy is the combination of Namespace and NetworkPolicyName.

    ttl
    int32

    TTL is the observation TTL.

    translatedSrcIP
    string

    TranslatedSrcIP is the translated source IP.

    translatedDstIP
    string

    TranslatedSrcIP is the translated destination IP.

    tunnelDstIP
    string

    TunnelDstIP is the tunnel destination IP.

    Packet

    (Appears on: TraceflowSpec)

    Packet includes header info.

    Field Description
    ipHeader
    IPHeader
    transportHeader
    TransportHeader

    Source

    (Appears on: TraceflowSpec)

    Source describes the source spec of the traceflow.

    Field Description
    namespace
    string

    Namespace is the source namespace.

    pod
    string

    Pod is the source pod.

    TCPHeader

    (Appears on: TransportHeader)

    TCPHeader describes spec of a TCP header.

    Field Description
    srcPort
    int32

    SrcPort is the source port.

    dstPort
    int32

    DstPort is the destination port.

    flags
    int32

    Flags are flags in the header.

    Traceflow

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    TraceflowSpec


    source
    Source
    destination
    Destination
    packet
    Packet
    status
    TraceflowStatus

    TraceflowAction (string alias)

    (Appears on: Observation)

    TraceflowComponent (string alias)

    (Appears on: Observation)

    TraceflowPhase (string alias)

    (Appears on: TraceflowStatus)

    TraceflowSpec

    (Appears on: Traceflow)

    TraceflowSpec describes the spec of the traceflow.

    Field Description
    source
    Source
    destination
    Destination
    packet
    Packet

    TraceflowStatus

    (Appears on: Traceflow)

    TraceflowStatus describes current status of the traceflow.

    Field Description
    phase
    TraceflowPhase

    Phase is the Traceflow phase.

    reason
    string

    Reason is a message indicating the reason of the traceflow’s current phase.

    dataplaneTag
    byte

    DataplaneTag is a tag to identify a traceflow session across Nodes.

    results
    []NodeResult

    Results is the collection of all observations on different nodes.

    TransportHeader

    (Appears on: Packet)

    TransportHeader describes spec of a TransportHeader.

    Field Description
    icmp
    ICMPEchoRequestHeader
    udp
    UDPHeader
    tcp
    TCPHeader

    UDPHeader

    (Appears on: TransportHeader)

    UDPHeader describes spec of a UDP header.

    Field Description
    srcPort
    int32

    SrcPort is the source port.

    dstPort
    int32

    DstPort is the destination port.


    security.antrea.tanzu.vmware.com/v1alpha1

    Resource Types:

    ClusterNetworkPolicy

    Field Description
    apiVersion
    string
    security.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    ClusterNetworkPolicy
    metadata
    Kubernetes meta/v1.ObjectMeta

    Standard metadata of the object.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    ClusterNetworkPolicySpec

    Specification of the desired behavior of ClusterNetworkPolicy.



    tier
    string

    Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier’s Priority and the ClusterNetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom.

    priority
    float64

    Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies.

    appliedTo
    []NetworkPolicyPeer

    Select workloads on which the rules will be applied to.

    ingress
    []Rule
    (Optional)

    Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the From field but not the To field within a Rule.

    egress
    []Rule
    (Optional)

    Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the To field but not the From field within a Rule.

    NetworkPolicy

    Field Description
    apiVersion
    string
    security.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    NetworkPolicy
    metadata
    Kubernetes meta/v1.ObjectMeta

    Standard metadata of the object.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    NetworkPolicySpec

    Specification of the desired behavior of NetworkPolicy.



    tier
    string

    Tier specifies the tier to which this NetworkPolicy belongs to. The NetworkPolicy order will be determined based on the combination of the Tier’s Priority and the NetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom.

    priority
    float64

    Priority specfies the order of the NetworkPolicy relative to other NetworkPolicies.

    appliedTo
    []NetworkPolicyPeer

    Select workloads on which the rules will be applied to.

    ingress
    []Rule
    (Optional)

    Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the From field but not the To field within a Rule.

    egress
    []Rule
    (Optional)

    Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the To field but not the From field within a Rule.

    Tier

    Field Description
    apiVersion
    string
    security.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    Tier
    metadata
    Kubernetes meta/v1.ObjectMeta

    Standard metadata of the object.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    TierSpec

    Specification of the desired behavior of Tier.



    priority
    int32

    Priority specfies the order of the Tier relative to other Tiers.

    description
    string

    Description is an optional field to add more information regarding the purpose of this Tier.

    ClusterNetworkPolicySpec

    (Appears on: ClusterNetworkPolicy)

    ClusterNetworkPolicySpec defines the desired state for ClusterNetworkPolicy.

    Field Description
    tier
    string

    Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier’s Priority and the ClusterNetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom.

    priority
    float64

    Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies.

    appliedTo
    []NetworkPolicyPeer

    Select workloads on which the rules will be applied to.

    ingress
    []Rule
    (Optional)

    Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the From field but not the To field within a Rule.

    egress
    []Rule
    (Optional)

    Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the To field but not the From field within a Rule.

    IPBlock

    (Appears on: NetworkPolicyPeer)

    IPBlock describes a particular CIDR (Ex. “192.168.1.124”) that is allowed or denied to/from the workloads matched by a Spec.AppliedTo.

    Field Description
    cidr
    string

    CIDR is a string representing the IP Block Valid examples are “192.168.1.124”.

    NetworkPolicyPeer

    (Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec, Rule)

    NetworkPolicyPeer describes the grouping selector of workloads.

    Field Description
    ipBlock
    IPBlock
    (Optional)

    IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector.

    podSelector
    Kubernetes meta/v1.LabelSelector
    (Optional)

    Select Pods from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector.

    namespaceSelector
    Kubernetes meta/v1.LabelSelector
    (Optional)

    Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector.

    externalEntitySelector
    Kubernetes meta/v1.LabelSelector

    Select ExternalEntities from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector.

    NetworkPolicyPort

    (Appears on: Rule)

    NetworkPolicyPort describes the port and protocol to match in a rule.

    Field Description
    protocol
    Kubernetes core/v1.Protocol
    (Optional)

    The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

    port
    k8s.io/apimachinery/pkg/util/intstr.IntOrString
    (Optional)

    The port on the given protocol. This can either be a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. TODO: extend it to include Port Range.

    NetworkPolicySpec

    (Appears on: NetworkPolicy)

    NetworkPolicySpec defines the desired state for NetworkPolicy.

    Field Description
    tier
    string

    Tier specifies the tier to which this NetworkPolicy belongs to. The NetworkPolicy order will be determined based on the combination of the Tier’s Priority and the NetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom.

    priority
    float64

    Priority specfies the order of the NetworkPolicy relative to other NetworkPolicies.

    appliedTo
    []NetworkPolicyPeer

    Select workloads on which the rules will be applied to.

    ingress
    []Rule
    (Optional)

    Set of ingress rules evaluated based on the order in which they are set. Currently Ingress rule supports setting the From field but not the To field within a Rule.

    egress
    []Rule
    (Optional)

    Set of egress rules evaluated based on the order in which they are set. Currently Egress rule supports setting the To field but not the From field within a Rule.

    Rule

    (Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec)

    Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol.

    Field Description
    action
    RuleAction

    Action specifies the action to be applied on the rule.

    ports
    []NetworkPolicyPort
    (Optional)

    Set of port and protocol allowed/denied by the rule. If this field is unset or empty, this rule matches all ports.

    from
    []NetworkPolicyPeer
    (Optional)

    Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources.

    to
    []NetworkPolicyPeer
    (Optional)

    Rule is matched if traffic is intended for workloads selected by this field. If this field is empty or missing, this rule matches all destinations.

    name
    string
    (Optional)

    Name describes the intention of this rule. Name should be unique within the policy.

    enableLogging
    bool

    EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false.

    RuleAction (string alias)

    (Appears on: NetworkPolicyRule, NetworkPolicyRule, Rule)

    RuleAction describes the action to be applied on traffic matching a rule.

    TierSpec

    (Appears on: Tier)

    TierSpec defines the desired state for Tier.

    Field Description
    priority
    int32

    Priority specfies the order of the Tier relative to other Tiers.

    description
    string

    Description is an optional field to add more information regarding the purpose of this Tier.


    stats.antrea.tanzu.vmware.com/v1alpha1

    Package v1alpha1 is the v1alpha1 version of the Antrea Stats API.

    Resource Types:

    AntreaClusterNetworkPolicyStats

    AntreaClusterNetworkPolicyStats is the statistics of a Antrea ClusterNetworkPolicy.

    Field Description
    apiVersion
    string
    stats.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    AntreaClusterNetworkPolicyStats
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    trafficStats
    TrafficStats

    The traffic stats of the Antrea ClusterNetworkPolicy.

    AntreaNetworkPolicyStats

    AntreaNetworkPolicyStats is the statistics of a Antrea NetworkPolicy.

    Field Description
    apiVersion
    string
    stats.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    AntreaNetworkPolicyStats
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    trafficStats
    TrafficStats

    The traffic stats of the Antrea NetworkPolicy.

    NetworkPolicyStats

    NetworkPolicyStats is the statistics of a K8s NetworkPolicy.

    Field Description
    apiVersion
    string
    stats.antrea.tanzu.vmware.com/v1alpha1
    kind
    string
    NetworkPolicyStats
    metadata
    Kubernetes meta/v1.ObjectMeta
    Refer to the Kubernetes API documentation for the fields of the metadata field.
    trafficStats
    TrafficStats

    The traffic stats of the K8s NetworkPolicy.

    TrafficStats

    (Appears on: AntreaClusterNetworkPolicyStats, AntreaNetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats)

    TrafficStats contains the traffic stats of a NetworkPolicy.

    Field Description
    packets
    int64

    Packets is the packets count hit by the NetworkPolicy.

    bytes
    int64

    Bytes is the bytes count hit by the NetworkPolicy.

    sessions
    int64

    Sessions is the sessions count hit by the NetworkPolicy.


    system.antrea.tanzu.vmware.com/v1beta1

    Package v1beta1 contains the v1beta1 version of the Antrea “system” API group definitions.

    Resource Types:

      BundleStatus (string alias)

      (Appears on: SupportBundle)

      SupportBundle

      Field Description
      metadata
      Kubernetes meta/v1.ObjectMeta
      Refer to the Kubernetes API documentation for the fields of the metadata field.
      status
      BundleStatus
      sum
      string
      size
      uint32
      -
      string

      clusterinformation.antrea.tanzu.vmware.com/v1beta1

      Resource Types:

        AgentCondition

        (Appears on: AntreaAgentInfo)

        Field Description
        type
        AgentConditionType
        status
        Kubernetes core/v1.ConditionStatus

        One of the AgentConditionType listed above

        lastHeartbeatTime
        Kubernetes meta/v1.Time

        Mark certain type status, one of True, False, Unknown

        reason
        string

        The timestamp when AntreaAgentInfo is created/updated, ideally heartbeat interval is 60s

        message
        string

        Brief reason

        AgentConditionType (string alias)

        (Appears on: AgentCondition)

        AntreaAgentInfo

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        version
        string
        podRef
        Kubernetes core/v1.ObjectReference

        Antrea binary version

        nodeRef
        Kubernetes core/v1.ObjectReference

        The Pod that Antrea Agent is running in

        nodeSubnet
        []string

        The Node that Antrea Agent is running in

        ovsInfo
        OVSInfo

        Node subnet

        networkPolicyControllerInfo
        NetworkPolicyControllerInfo

        OVS Information

        localPodNum
        int32

        Antrea Agent NetworkPolicy information

        agentConditions
        []AgentCondition

        The number of Pods which the agent is in charge of

        apiPort
        int

        Agent condition contains types like AgentHealthy

        AntreaControllerInfo

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        version
        string
        podRef
        Kubernetes core/v1.ObjectReference

        Antrea binary version

        nodeRef
        Kubernetes core/v1.ObjectReference

        The Pod that Antrea Controller is running in

        serviceRef
        Kubernetes core/v1.ObjectReference

        The Node that Antrea Controller is running in

        networkPolicyControllerInfo
        NetworkPolicyControllerInfo

        Antrea Controller Service

        connectedAgentNum
        int32

        Antrea Controller NetworkPolicy information

        controllerConditions
        []ControllerCondition

        Number of agents which are connected to this controller

        apiPort
        int

        Controller condition contains types like ControllerHealthy

        ControllerCondition

        (Appears on: AntreaControllerInfo)

        Field Description
        type
        ControllerConditionType
        status
        Kubernetes core/v1.ConditionStatus

        One of the ControllerConditionType listed above, controllerHealthy

        lastHeartbeatTime
        Kubernetes meta/v1.Time

        Mark certain type status, one of True, False, Unknown

        reason
        string

        The timestamp when AntreaControllerInfo is created/updated, ideally heartbeat interval is 60s

        message
        string

        Brief reason

        ControllerConditionType (string alias)

        (Appears on: ControllerCondition)

        NetworkPolicyControllerInfo

        (Appears on: AntreaAgentInfo, AntreaControllerInfo)

        Field Description
        networkPolicyNum
        int32
        addressGroupNum
        int32
        appliedToGroupNum
        int32

        OVSInfo

        (Appears on: AntreaAgentInfo)

        Field Description
        version
        string
        bridgeName
        string
        flowTable
        map[string]int32

        controlplane.antrea.tanzu.vmware.com/v1beta1

        Package v1beta1 is the v1beta1 version of the Antrea NetworkPolicy API messages.

        Resource Types:

        NodeStatsSummary

        NodeStatsSummary contains stats produced on a Node. It’s used by the antrea-agents to report stats to the antrea-controller.

        Field Description
        apiVersion
        string
        controlplane.antrea.tanzu.vmware.com/v1beta1
        kind
        string
        NodeStatsSummary
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        networkPolicies
        []NetworkPolicyStats

        The TrafficStats of K8s NetworkPolicies collected from the Node.

        antreaClusterNetworkPolicies
        []NetworkPolicyStats

        The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node.

        antreaNetworkPolicies
        []NetworkPolicyStats

        The TrafficStats of Antrea NetworkPolicies collected from the Node.

        AddressGroup

        AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        pods
        []GroupMemberPod
        groupMembers
        []GroupMember

        AddressGroupPatch

        AddressGroupPatch describes the incremental update of an AddressGroup.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        addedPods
        []GroupMemberPod
        removedPods
        []GroupMemberPod
        addedGroupMembers
        []GroupMember
        removedGroupMembers
        []GroupMember

        AppliedToGroup

        AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        pods
        []GroupMemberPod

        Pods is a list of Pods selected by this group.

        groupMembers
        []GroupMember

        GroupMembers is list of resources selected by this group. This eventually will replace Pods

        AppliedToGroupPatch

        AppliedToGroupPatch describes the incremental update of an AppliedToGroup.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        addedPods
        []GroupMemberPod
        removedPods
        []GroupMemberPod
        addedGroupMembers
        []GroupMember
        removedGroupMembers
        []GroupMember

        Direction (string alias)

        (Appears on: NetworkPolicyRule)

        Direction defines traffic direction of NetworkPolicyRule.

        Endpoint

        (Appears on: GroupMember)

        Endpoint represents an external endpoint.

        Field Description
        ip
        IPAddress

        IP is the IP address of the Endpoint.

        ports
        []NamedPort

        Ports is the list NamedPort of the Endpoint.

        ExternalEntityReference

        (Appears on: GroupMember)

        ExternalEntityReference represents a ExternalEntity Reference.

        Field Description
        name
        string

        The name of this ExternalEntity.

        namespace
        string

        The namespace of this ExternalEntity.

        GroupMember

        (Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch)

        GroupMember represents resource member to be populated in Groups. This supersedes GroupMemberPod, and will eventually replace it.

        Field Description
        pod
        PodReference

        Pod maintains the reference to the Pod.

        externalEntity
        ExternalEntityReference

        ExternalEntity maintains the reference to the ExternalEntity.

        endpoints
        []Endpoint

        Endpoints maintains a list of EndPoints associated with this groupMember.

        GroupMemberPod

        (Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch)

        GroupMemberPod represents a GroupMember related to Pods.

        Field Description
        pod
        PodReference

        Pod maintains the reference to the Pod.

        ip
        IPAddress

        IP maintains the IPAddress associated with the Pod.

        ports
        []NamedPort

        Ports maintain the named port mapping of this Pod.

        GroupMemberPodSet (map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.groupMemberPodKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod alias)

        GroupMemberPodSet is a set of GroupMemberPods.

        GroupMemberSet (map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.groupMemberKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember alias)

        GroupMemberSet is a set of GroupMembers.

        IPAddress ([]byte alias)

        (Appears on: Endpoint, GroupMemberPod, IPNet)

        IPAddress describes a single IP address. Either an IPv4 or IPv6 address must be set.

        IPBlock

        (Appears on: NetworkPolicyPeer)

        IPBlock describes a particular CIDR (Ex. “192.168.1.124”). The except entry describes CIDRs that should not be included within this rule.

        Field Description
        cidr
        IPNet

        CIDR is an IPNet represents the IP Block.

        except
        []IPNet
        (Optional)

        Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range.

        IPNet

        (Appears on: IPBlock)

        IPNet describes an IP network.

        Field Description
        ip
        IPAddress
        prefixLength
        int32

        NamedPort

        (Appears on: Endpoint, GroupMemberPod)

        NamedPort represents a Port with a name on Pod.

        Field Description
        port
        int32

        Port represents the Port number.

        name
        string

        Name represents the associated name with this Port number.

        protocol
        Protocol

        Protocol for port. Must be UDP, TCP, or SCTP.

        NetworkPolicy

        NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        rules
        []NetworkPolicyRule

        Rules is a list of rules to be applied to the selected Pods.

        appliedToGroups
        []string

        AppliedToGroups is a list of names of AppliedToGroups to which this policy applies.

        priority
        float64

        Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s Network Policy.

        tierPriority
        int32

        TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy.

        sourceRef
        NetworkPolicyReference

        Reference to the original NetworkPolicy that the internal NetworkPolicy is created for.

        NetworkPolicyPeer

        (Appears on: NetworkPolicyRule)

        NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.

        Field Description
        addressGroups
        []string

        A list of names of AddressGroups.

        ipBlocks
        []IPBlock

        A list of IPBlock.

        NetworkPolicyReference

        (Appears on: NetworkPolicy, NetworkPolicyStats)

        Field Description
        type
        NetworkPolicyType

        Type of the NetworkPolicy.

        namespace
        string

        Namespace of the NetworkPolicy. It’s empty for Antrea ClusterNetworkPolicy.

        name
        string

        Name of the NetworkPolicy.

        uid
        k8s.io/apimachinery/pkg/types.UID

        UID of the NetworkPolicy.

        NetworkPolicyRule

        (Appears on: NetworkPolicy)

        NetworkPolicyRule describes a particular set of traffic that is allowed.

        Field Description
        direction
        Direction

        The direction of this rule. If it’s set to In, From must be set and To must not be set. If it’s set to Out, To must be set and From must not be set.

        from
        NetworkPolicyPeer

        From represents sources which should be able to access the pods selected by the policy.

        to
        NetworkPolicyPeer

        To represents destinations which should be able to be accessed by the pods selected by the policy.

        services
        []Service

        Services is a list of services which should be matched.

        priority
        int32

        Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy.

        action
        RuleAction

        Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy.

        enableLogging
        bool

        EnableLogging indicates whether or not to generate logs when rules are matched. Default to false.

        NetworkPolicyStats

        (Appears on: NodeStatsSummary)

        NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.

        Field Description
        networkPolicy
        NetworkPolicyReference

        The reference of the NetworkPolicy.

        trafficStats
        TrafficStats

        The stats of the NetworkPolicy.

        NetworkPolicyType (string alias)

        (Appears on: NetworkPolicyReference)

        PodReference

        (Appears on: GroupMember, GroupMemberPod)

        PodReference represents a Pod Reference.

        Field Description
        name
        string

        The name of this pod.

        namespace
        string

        The namespace of this pod.

        Protocol (string alias)

        (Appears on: NamedPort, Service)

        Protocol defines network protocols supported for things like container ports.

        Service

        (Appears on: NetworkPolicyRule)

        Service describes a port to allow traffic on.

        Field Description
        protocol
        Protocol
        (Optional)

        The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

        port
        k8s.io/apimachinery/pkg/util/intstr.IntOrString
        (Optional)

        The port name or number on the given protocol. If not specified, this matches all port numbers.


        controlplane.antrea.tanzu.vmware.com/v1beta2

        Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages.

        Resource Types:

        NodeStatsSummary

        NodeStatsSummary contains stats produced on a Node. It’s used by the antrea-agents to report stats to the antrea-controller.

        Field Description
        apiVersion
        string
        controlplane.antrea.tanzu.vmware.com/v1beta2
        kind
        string
        NodeStatsSummary
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        networkPolicies
        []NetworkPolicyStats

        The TrafficStats of K8s NetworkPolicies collected from the Node.

        antreaClusterNetworkPolicies
        []NetworkPolicyStats

        The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node.

        antreaNetworkPolicies
        []NetworkPolicyStats

        The TrafficStats of Antrea NetworkPolicies collected from the Node.

        AddressGroup

        AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        groupMembers
        []GroupMember

        AddressGroupPatch

        AddressGroupPatch describes the incremental update of an AddressGroup.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        addedGroupMembers
        []GroupMember
        removedGroupMembers
        []GroupMember

        AppliedToGroup

        AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        groupMembers
        []GroupMember

        GroupMembers is list of resources selected by this group.

        AppliedToGroupPatch

        AppliedToGroupPatch describes the incremental update of an AppliedToGroup.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        addedGroupMembers
        []GroupMember
        removedGroupMembers
        []GroupMember

        Direction (string alias)

        (Appears on: NetworkPolicyRule)

        Direction defines traffic direction of NetworkPolicyRule.

        ExternalEntityReference

        (Appears on: GroupMember)

        ExternalEntityReference represents a ExternalEntity Reference.

        Field Description
        name
        string

        The name of this ExternalEntity.

        namespace
        string

        The namespace of this ExternalEntity.

        GroupMember

        (Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch)

        GroupMember represents resource member to be populated in Groups. This supersedes GroupMemberPod, and will eventually replace it.

        Field Description
        pod
        PodReference

        Pod maintains the reference to the Pod.

        externalEntity
        ExternalEntityReference

        ExternalEntity maintains the reference to the ExternalEntity.

        ips
        []IPAddress

        IP is the IP address of the Endpoints associated with the GroupMember.

        ports
        []NamedPort

        Ports is the list NamedPort of the GroupMember.

        GroupMemberSet (map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.groupMemberKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember alias)

        GroupMemberSet is a set of GroupMembers.

        IPAddress ([]byte alias)

        (Appears on: GroupMember, IPNet)

        IPAddress describes a single IP address. Either an IPv4 or IPv6 address must be set.

        IPBlock

        (Appears on: NetworkPolicyPeer)

        IPBlock describes a particular CIDR (Ex. “192.168.1.124”). The except entry describes CIDRs that should not be included within this rule.

        Field Description
        cidr
        IPNet

        CIDR is an IPNet represents the IP Block.

        except
        []IPNet
        (Optional)

        Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range.

        IPNet

        (Appears on: IPBlock)

        IPNet describes an IP network.

        Field Description
        ip
        IPAddress
        prefixLength
        int32

        NamedPort

        (Appears on: GroupMember)

        NamedPort represents a Port with a name on Pod.

        Field Description
        port
        int32

        Port represents the Port number.

        name
        string

        Name represents the associated name with this Port number.

        protocol
        Protocol

        Protocol for port. Must be UDP, TCP, or SCTP.

        NetworkPolicy

        NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.

        Field Description
        metadata
        Kubernetes meta/v1.ObjectMeta
        Refer to the Kubernetes API documentation for the fields of the metadata field.
        rules
        []NetworkPolicyRule

        Rules is a list of rules to be applied to the selected GroupMembers.

        appliedToGroups
        []string

        AppliedToGroups is a list of names of AppliedToGroups to which this policy applies.

        priority
        float64

        Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s Network Policy.

        tierPriority
        int32

        TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy.

        sourceRef
        NetworkPolicyReference

        Reference to the original NetworkPolicy that the internal NetworkPolicy is created for.

        NetworkPolicyPeer

        (Appears on: NetworkPolicyRule)

        NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.

        Field Description
        addressGroups
        []string

        A list of names of AddressGroups.

        ipBlocks
        []IPBlock

        A list of IPBlock.

        NetworkPolicyReference

        (Appears on: NetworkPolicy, NetworkPolicyStats)

        Field Description
        type
        NetworkPolicyType

        Type of the NetworkPolicy.

        namespace
        string

        Namespace of the NetworkPolicy. It’s empty for Antrea ClusterNetworkPolicy.

        name
        string

        Name of the NetworkPolicy.

        uid
        k8s.io/apimachinery/pkg/types.UID

        UID of the NetworkPolicy.

        NetworkPolicyRule

        (Appears on: NetworkPolicy)

        NetworkPolicyRule describes a particular set of traffic that is allowed.

        Field Description
        direction
        Direction

        The direction of this rule. If it’s set to In, From must be set and To must not be set. If it’s set to Out, To must be set and From must not be set.

        from
        NetworkPolicyPeer

        From represents sources which should be able to access the GroupMembers selected by the policy.

        to
        NetworkPolicyPeer

        To represents destinations which should be able to be accessed by the GroupMembers selected by the policy.

        services
        []Service

        Services is a list of services which should be matched.

        priority
        int32

        Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy.

        action
        RuleAction

        Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy.

        enableLogging
        bool

        EnableLogging indicates whether or not to generate logs when rules are matched. Default to false.

        NetworkPolicyStats

        (Appears on: NodeStatsSummary)

        NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.

        Field Description
        networkPolicy
        NetworkPolicyReference

        The reference of the NetworkPolicy.

        trafficStats
        TrafficStats

        The stats of the NetworkPolicy.

        NetworkPolicyType (string alias)

        (Appears on: NetworkPolicyReference)

        PodReference

        (Appears on: GroupMember)

        PodReference represents a Pod Reference.

        Field Description
        name
        string

        The name of this pod.

        namespace
        string

        The namespace of this pod.

        Protocol (string alias)

        (Appears on: NamedPort, Service)

        Protocol defines network protocols supported for things like container ports.

        Service

        (Appears on: NetworkPolicyRule)

        Service describes a port to allow traffic on.

        Field Description
        protocol
        Protocol
        (Optional)

        The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

        port
        k8s.io/apimachinery/pkg/util/intstr.IntOrString
        (Optional)

        The port name or number on the given protocol. If not specified, this matches all port numbers.


        core.antrea.tanzu.vmware.com/v1alpha2

        Resource Types:

        ExternalEntity

        Field Description
        apiVersion
        string
        core.antrea.tanzu.vmware.com/v1alpha2
        kind
        string
        ExternalEntity
        metadata
        Kubernetes meta/v1.ObjectMeta

        Standard metadata of the object.

        Refer to the Kubernetes API documentation for the fields of the metadata field.
        spec
        ExternalEntitySpec

        Desired state of the external entity.



        endpoints
        []Endpoint

        Endpoints is a list of external endpoints associated with this entity.

        ports
        []NamedPort

        Ports maintain the list of named ports.

        externalNode
        string

        ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity.

        Endpoint

        (Appears on: ExternalEntitySpec)

        Endpoint refers to an endpoint associated with the ExternalEntity.

        Field Description
        ip
        string

        IP associated with this endpoint.

        name
        string
        (Optional)

        Name identifies this endpoint. Could be the network interface name in case of VMs.

        ExternalEntitySpec

        (Appears on: ExternalEntity)

        ExternalEntitySpec defines the desired state for ExternalEntity.

        Field Description
        endpoints
        []Endpoint

        Endpoints is a list of external endpoints associated with this entity.

        ports
        []NamedPort

        Ports maintain the list of named ports.

        externalNode
        string

        ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity.

        NamedPort

        (Appears on: ExternalEntitySpec)

        NamedPort describes the port and protocol to match in a rule.

        Field Description
        protocol
        Kubernetes core/v1.Protocol
        (Optional)

        The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

        port
        int32
        (Optional)

        The port on the given protocol.

        name
        string
        (Optional)

        Name associated with the Port.

        WebhookImpl

        WebhookImpl implements webhook validator of a resource.


        Generated with gen-crd-api-reference-docs on git commit d8e9c978.

        Getting Started

        To help you get started, see the documentation.