Documentation
Introduction
Cloud Deployment
Reference
- Antrea Network Policy
- antctl
- Architecture
- IPsec Configuration
- Securing Control Plane
- Troubleshooting
- OS-specific Known Issues
- OVS Pipeline
- Feature Gates
- Network Flow Visibility
- Traceflow Guide
- NoEncap and Hybrid Traffic Modes
- Versioning
- Antrea API Groups
- Antrea API Reference
Windows
Integrations
Cookbooks
Developer Guide
Project Information
Packages:
- crd.antrea.io/v1beta1
- stats.antrea.io/v1alpha1
- system.antrea.io/v1beta1
- controlplane.antrea.io/v1beta1
- controlplane.antrea.io/v1beta2
- crd.antrea.io/v1alpha1
- crd.antrea.io/v1alpha2
crd.antrea.io/v1beta1
Resource Types:AgentCondition
(Appears on: AntreaAgentInfo)
| Field | Description |
|---|---|
type
AgentConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
One of the AgentConditionType listed above |
lastHeartbeatTime
Kubernetes meta/v1.Time
|
Mark certain type status, one of True, False, Unknown |
reason
string
|
The timestamp when AntreaAgentInfo is created/updated, ideally heartbeat interval is 60s |
message
string
|
Brief reason |
AgentConditionType
(string alias)
(Appears on: AgentCondition)
AntreaAgentInfo
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
version
string
|
|
podRef
Kubernetes core/v1.ObjectReference
|
Antrea binary version |
nodeRef
Kubernetes core/v1.ObjectReference
|
The Pod that Antrea Agent is running in |
nodeSubnets
[]string
|
The Node that Antrea Agent is running in |
ovsInfo
OVSInfo
|
Node subnets |
networkPolicyControllerInfo
NetworkPolicyControllerInfo
|
OVS Information |
localPodNum
int32
|
Antrea Agent NetworkPolicy information |
agentConditions
[]AgentCondition
|
The number of Pods which the agent is in charge of |
apiPort
int
|
Agent condition contains types like AgentHealthy |
AntreaControllerInfo
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
version
string
|
|
podRef
Kubernetes core/v1.ObjectReference
|
Antrea binary version |
nodeRef
Kubernetes core/v1.ObjectReference
|
The Pod that Antrea Controller is running in |
serviceRef
Kubernetes core/v1.ObjectReference
|
The Node that Antrea Controller is running in |
networkPolicyControllerInfo
NetworkPolicyControllerInfo
|
Antrea Controller Service |
connectedAgentNum
int32
|
Antrea Controller NetworkPolicy information |
controllerConditions
[]ControllerCondition
|
Number of agents which are connected to this controller |
apiPort
int
|
Controller condition contains types like ControllerHealthy |
ControllerCondition
(Appears on: AntreaControllerInfo)
| Field | Description |
|---|---|
type
ControllerConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
One of the ControllerConditionType listed above, controllerHealthy |
lastHeartbeatTime
Kubernetes meta/v1.Time
|
Mark certain type status, one of True, False, Unknown |
reason
string
|
The timestamp when AntreaControllerInfo is created/updated, ideally heartbeat interval is 60s |
message
string
|
Brief reason |
ControllerConditionType
(string alias)
(Appears on: ControllerCondition)
NetworkPolicyControllerInfo
(Appears on: AntreaAgentInfo, AntreaControllerInfo)
| Field | Description |
|---|---|
networkPolicyNum
int32
|
|
addressGroupNum
int32
|
|
appliedToGroupNum
int32
|
OVSInfo
(Appears on: AntreaAgentInfo)
| Field | Description |
|---|---|
version
string
|
|
bridgeName
string
|
|
flowTable
map[string]int32
|
stats.antrea.io/v1alpha1
Package v1alpha1 is the v1alpha1 version of the Antrea Stats API.
Resource Types:AntreaClusterNetworkPolicyStats
AntreaClusterNetworkPolicyStats is the statistics of a Antrea ClusterNetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
AntreaClusterNetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the Antrea ClusterNetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The traffic stats of the Antrea ClusterNetworkPolicy, from rule perspective. |
AntreaNetworkPolicyStats
AntreaNetworkPolicyStats is the statistics of a Antrea NetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
AntreaNetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the Antrea NetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The traffic stats of the Antrea NetworkPolicy, from rule perspective. |
NetworkPolicyStats
NetworkPolicyStats is the statistics of a K8s NetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
NetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the K8s NetworkPolicy. |
RuleTrafficStats
(Appears on: AntreaClusterNetworkPolicyStats, AntreaNetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats)
RuleTrafficStats contains TrafficStats of single rule inside a NetworkPolicy.
| Field | Description |
|---|---|
name
string
|
|
trafficStats
TrafficStats
|
TrafficStats
(Appears on: AntreaClusterNetworkPolicyStats, AntreaNetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats, RuleTrafficStats)
TrafficStats contains the traffic stats of a NetworkPolicy.
| Field | Description |
|---|---|
packets
int64
|
Packets is the packets count hit by the NetworkPolicy. |
bytes
int64
|
Bytes is the bytes count hit by the NetworkPolicy. |
sessions
int64
|
Sessions is the sessions count hit by the NetworkPolicy. |
system.antrea.io/v1beta1
Package v1beta1 contains the v1beta1 version of the Antrea “system” API group definitions.
Resource Types:BundleStatus
(string alias)
(Appears on: SupportBundle)
SupportBundle
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
status
BundleStatus
|
|
sum
string
|
|
size
uint32
|
|
-
string
|
controlplane.antrea.io/v1beta1
Package v1beta1 is the v1beta1 version of the Antrea NetworkPolicy API messages.
Resource Types:NodeStatsSummary
NodeStatsSummary contains stats produced on a Node. It’s used by the antrea-agents to report stats to the antrea-controller.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta1
|
kind
string
|
NodeStatsSummary |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
networkPolicies
[]NetworkPolicyStats
|
The TrafficStats of K8s NetworkPolicies collected from the Node. |
antreaClusterNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node. |
antreaNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea NetworkPolicies collected from the Node. |
AddressGroup
AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
pods
[]GroupMemberPod
|
|
groupMembers
[]GroupMember
|
AddressGroupPatch
AddressGroupPatch describes the incremental update of an AddressGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedPods
[]GroupMemberPod
|
|
removedPods
[]GroupMemberPod
|
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
AppliedToGroup
AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
pods
[]GroupMemberPod
|
Pods is a list of Pods selected by this group. |
groupMembers
[]GroupMember
|
GroupMembers is list of resources selected by this group. This eventually will replace Pods |
AppliedToGroupPatch
AppliedToGroupPatch describes the incremental update of an AppliedToGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedPods
[]GroupMemberPod
|
|
removedPods
[]GroupMemberPod
|
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
Direction
(string alias)
(Appears on: NetworkPolicyRule)
Direction defines traffic direction of NetworkPolicyRule.
Endpoint
(Appears on: GroupMember)
Endpoint represents an external endpoint.
| Field | Description |
|---|---|
ip
IPAddress
|
IP is the IP address of the Endpoint. |
ports
[]NamedPort
|
Ports is the list NamedPort of the Endpoint. |
ExternalEntityReference
(Appears on: GroupMember)
ExternalEntityReference represents a ExternalEntity Reference.
| Field | Description |
|---|---|
name
string
|
The name of this ExternalEntity. |
namespace
string
|
The namespace of this ExternalEntity. |
GroupMember
(Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch)
GroupMember represents resource member to be populated in Groups. This supersedes GroupMemberPod, and will eventually replace it.
| Field | Description |
|---|---|
pod
PodReference
|
Pod maintains the reference to the Pod. |
externalEntity
ExternalEntityReference
|
ExternalEntity maintains the reference to the ExternalEntity. |
endpoints
[]Endpoint
|
Endpoints maintains a list of EndPoints associated with this groupMember. |
GroupMemberPod
(Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch)
GroupMemberPod represents a GroupMember related to Pods.
| Field | Description |
|---|---|
pod
PodReference
|
Pod maintains the reference to the Pod. |
ip
IPAddress
|
IP maintains the IPAddress associated with the Pod. |
ports
[]NamedPort
|
Ports maintain the named port mapping of this Pod. |
GroupMemberPodSet
(map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.groupMemberPodKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod alias)
GroupMemberPodSet is a set of GroupMemberPods.
GroupMemberSet
(map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.groupMemberKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember alias)
GroupMemberSet is a set of GroupMembers.
IPAddress
([]byte alias)
(Appears on: Endpoint, GroupMemberPod, IPNet)
IPAddress describes a single IP address. Either an IPv4 or IPv6 address must be set.
IPBlock
(Appears on: NetworkPolicyPeer)
IPBlock describes a particular CIDR (Ex. “192.168.1.1⁄24”). The except entry describes CIDRs that should not be included within this rule.
| Field | Description |
|---|---|
cidr
IPNet
|
CIDR is an IPNet represents the IP Block. |
except
[]IPNet
|
(Optional)
Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range. |
IPNet
(Appears on: IPBlock)
IPNet describes an IP network.
| Field | Description |
|---|---|
ip
IPAddress
|
|
prefixLength
int32
|
NamedPort
(Appears on: Endpoint, GroupMemberPod)
NamedPort represents a Port with a name on Pod.
| Field | Description |
|---|---|
port
int32
|
Port represents the Port number. |
name
string
|
Name represents the associated name with this Port number. |
protocol
Protocol
|
Protocol for port. Must be UDP, TCP, or SCTP. |
NetworkPolicy
NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
rules
[]NetworkPolicyRule
|
Rules is a list of rules to be applied to the selected Pods. |
appliedToGroups
[]string
|
AppliedToGroups is a list of names of AppliedToGroups to which this policy applies. |
priority
float64
|
Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s NetworkPolicy. |
tierPriority
int32
|
TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy. |
sourceRef
NetworkPolicyReference
|
Reference to the original NetworkPolicy that the internal NetworkPolicy is created for. |
NetworkPolicyPeer
(Appears on: NetworkPolicyRule)
NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.
| Field | Description |
|---|---|
addressGroups
[]string
|
A list of names of AddressGroups. |
ipBlocks
[]IPBlock
|
A list of IPBlock. |
NetworkPolicyReference
(Appears on: NetworkPolicy, NetworkPolicyStats)
| Field | Description |
|---|---|
type
NetworkPolicyType
|
Type of the NetworkPolicy. |
namespace
string
|
Namespace of the NetworkPolicy. It’s empty for Antrea ClusterNetworkPolicy. |
name
string
|
Name of the NetworkPolicy. |
uid
k8s.io/apimachinery/pkg/types.UID
|
UID of the NetworkPolicy. |
NetworkPolicyRule
(Appears on: NetworkPolicy)
NetworkPolicyRule describes a particular set of traffic that is allowed.
| Field | Description |
|---|---|
direction
Direction
|
The direction of this rule. If it’s set to In, From must be set and To must not be set. If it’s set to Out, To must be set and From must not be set. |
from
NetworkPolicyPeer
|
From represents sources which should be able to access the pods selected by the policy. |
to
NetworkPolicyPeer
|
To represents destinations which should be able to be accessed by the pods selected by the policy. |
services
[]Service
|
Services is a list of services which should be matched. |
priority
int32
|
Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy. |
action
RuleAction
|
Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy. |
enableLogging
bool
|
EnableLogging indicates whether or not to generate logs when rules are matched. Default to false. |
NetworkPolicyStats
(Appears on: NodeStatsSummary)
NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.
| Field | Description |
|---|---|
networkPolicy
NetworkPolicyReference
|
The reference of the NetworkPolicy. |
trafficStats
TrafficStats
|
The stats of the NetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The stats of the NetworkPolicy rules. It’s empty for K8s NetworkPolicies as they don’t have rule name to identify a rule. |
NetworkPolicyType
(string alias)
(Appears on: NetworkPolicyReference)
PodReference
(Appears on: GroupMember, GroupMemberPod)
PodReference represents a Pod Reference.
| Field | Description |
|---|---|
name
string
|
The name of this pod. |
namespace
string
|
The namespace of this pod. |
Protocol
(string alias)
(Appears on: NamedPort, Service)
Protocol defines network protocols supported for things like container ports.
Service
(Appears on: NetworkPolicyRule)
Service describes a port to allow traffic on.
| Field | Description |
|---|---|
protocol
Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
k8s.io/apimachinery/pkg/util/intstr.IntOrString
|
(Optional)
The port name or number on the given protocol. If not specified, this matches all port numbers. |
controlplane.antrea.io/v1beta2
Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages.
Resource Types:NodeStatsSummary
NodeStatsSummary contains stats produced on a Node. It’s used by the antrea-agents to report stats to the antrea-controller.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
NodeStatsSummary |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
networkPolicies
[]NetworkPolicyStats
|
The TrafficStats of K8s NetworkPolicies collected from the Node. |
antreaClusterNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node. |
antreaNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea NetworkPolicies collected from the Node. |
AddressGroup
AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
AddressGroupPatch
AddressGroupPatch describes the incremental update of an AddressGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
AppliedToGroup
AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
GroupMembers is list of resources selected by this group. |
AppliedToGroupPatch
AppliedToGroupPatch describes the incremental update of an AppliedToGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
ClusterGroupMembers
ClusterGroupMembers is a list of GroupMember objects that are currently selected by a ClusterGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
effectiveMembers
[]GroupMember
|
Direction
(string alias)
(Appears on: NetworkPolicyRule)
Direction defines traffic direction of NetworkPolicyRule.
EgressGroup
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
GroupMembers is list of resources selected by this group. |
EgressGroupPatch
EgressGroupPatch describes the incremental update of an EgressGroup.
| Field | Description |
|---|---|
ObjectMeta
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
AddedGroupMembers
[]GroupMember
|
|
RemovedGroupMembers
[]GroupMember
|
ExternalEntityReference
(Appears on: GroupMember)
ExternalEntityReference represents a ExternalEntity Reference.
| Field | Description |
|---|---|
name
string
|
The name of this ExternalEntity. |
namespace
string
|
The Namespace of this ExternalEntity. |
GroupAssociation
GroupAssociation is the message format in an API response for groupassociation queries.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
associatedGroups
[]GroupReference
|
AssociatedGroups is a list of GroupReferences that is associated with the Pod/ExternalEntity being queried. |
GroupMember
(Appears on: AddressGroup, AddressGroupPatch, AppliedToGroup, AppliedToGroupPatch, ClusterGroupMembers, EgressGroup, EgressGroupPatch)
GroupMember represents resource member to be populated in Groups.
| Field | Description |
|---|---|
pod
PodReference
|
Pod maintains the reference to the Pod. |
externalEntity
ExternalEntityReference
|
ExternalEntity maintains the reference to the ExternalEntity. |
ips
[]IPAddress
|
IP is the IP address of the Endpoints associated with the GroupMember. |
ports
[]NamedPort
|
Ports is the list NamedPort of the GroupMember. |
GroupMemberSet
(map[github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.groupMemberKey]*github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember alias)
GroupMemberSet is a set of GroupMembers.
GroupReference
(Appears on: GroupAssociation)
| Field | Description |
|---|---|
namespace
string
|
Namespace of the Group. Empty for ClusterGroup. |
name
string
|
Name of the Group. |
uid
k8s.io/apimachinery/pkg/types.UID
|
UID of the Group. |
IPAddress
([]byte alias)
(Appears on: GroupMember, IPNet)
IPAddress describes a single IP address. Either an IPv4 or IPv6 address must be set.
IPBlock
(Appears on: NetworkPolicyPeer)
IPBlock describes a particular CIDR (Ex. “192.168.1.1⁄24”). The except entry describes CIDRs that should not be included within this rule.
| Field | Description |
|---|---|
cidr
IPNet
|
CIDR is an IPNet represents the IP Block. |
except
[]IPNet
|
(Optional)
Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range. |
IPNet
(Appears on: IPBlock)
IPNet describes an IP network.
| Field | Description |
|---|---|
ip
IPAddress
|
|
prefixLength
int32
|
NamedPort
(Appears on: GroupMember)
NamedPort represents a Port with a name on Pod.
| Field | Description |
|---|---|
port
int32
|
Port represents the Port number. |
name
string
|
Name represents the associated name with this Port number. |
protocol
Protocol
|
Protocol for port. Must be UDP, TCP, or SCTP. |
NetworkPolicy
NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
rules
[]NetworkPolicyRule
|
Rules is a list of rules to be applied to the selected GroupMembers. |
appliedToGroups
[]string
|
AppliedToGroups is a list of names of AppliedToGroups to which this policy applies. Cannot be set in conjunction with any NetworkPolicyRule.AppliedToGroups in Rules. |
priority
float64
|
Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s NetworkPolicy. |
tierPriority
int32
|
TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy. |
sourceRef
NetworkPolicyReference
|
Reference to the original NetworkPolicy that the internal NetworkPolicy is created for. |
NetworkPolicyNodeStatus
(Appears on: NetworkPolicyStatus)
NetworkPolicyNodeStatus is the status of a NetworkPolicy on a Node.
| Field | Description |
|---|---|
nodeName
string
|
The name of the Node that produces the status. |
generation
int64
|
The generation realized by the Node. |
NetworkPolicyPeer
(Appears on: NetworkPolicyRule)
NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.
| Field | Description |
|---|---|
addressGroups
[]string
|
A list of names of AddressGroups. |
ipBlocks
[]IPBlock
|
A list of IPBlock. |
NetworkPolicyReference
(Appears on: NetworkPolicy, NetworkPolicyStats)
| Field | Description |
|---|---|
type
NetworkPolicyType
|
Type of the NetworkPolicy. |
namespace
string
|
Namespace of the NetworkPolicy. It’s empty for Antrea ClusterNetworkPolicy. |
name
string
|
Name of the NetworkPolicy. |
uid
k8s.io/apimachinery/pkg/types.UID
|
UID of the NetworkPolicy. |
NetworkPolicyRule
(Appears on: NetworkPolicy)
NetworkPolicyRule describes a particular set of traffic that is allowed.
| Field | Description |
|---|---|
direction
Direction
|
The direction of this rule. If it’s set to In, From must be set and To must not be set. If it’s set to Out, To must be set and From must not be set. |
from
NetworkPolicyPeer
|
From represents sources which should be able to access the GroupMembers selected by the policy. |
to
NetworkPolicyPeer
|
To represents destinations which should be able to be accessed by the GroupMembers selected by the policy. |
services
[]Service
|
Services is a list of services which should be matched. |
priority
int32
|
Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy. |
action
RuleAction
|
Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy. |
enableLogging
bool
|
EnableLogging indicates whether or not to generate logs when rules are matched. Default to false. |
appliedToGroups
[]string
|
AppliedToGroups is a list of names of AppliedToGroups to which this rule applies. Cannot be set in conjunction with NetworkPolicy.AppliedToGroups of the NetworkPolicy that this Rule is referred to. |
name
string
|
Name describes the intention of this rule. Name should be unique within the policy. |
NetworkPolicyStats
(Appears on: NodeStatsSummary)
NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.
| Field | Description |
|---|---|
networkPolicy
NetworkPolicyReference
|
The reference of the NetworkPolicy. |
trafficStats
TrafficStats
|
The stats of the NetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The stats of the NetworkPolicy rules. It’s empty for K8s NetworkPolicies as they don’t have rule name to identify a rule. |
NetworkPolicyStatus
NetworkPolicyStatus is the status of a NetworkPolicy.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
nodes
[]NetworkPolicyNodeStatus
|
Nodes contains statuses produced on a list of Nodes. |
NetworkPolicyType
(string alias)
(Appears on: NetworkPolicyReference)
PodReference
(Appears on: GroupMember)
PodReference represents a Pod Reference.
| Field | Description |
|---|---|
name
string
|
The name of this Pod. |
namespace
string
|
The Namespace of this Pod. |
Protocol
(string alias)
(Appears on: NamedPort, Service)
Protocol defines network protocols supported for things like container ports.
Service
(Appears on: NetworkPolicyRule)
Service describes a port to allow traffic on.
| Field | Description |
|---|---|
protocol
Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
k8s.io/apimachinery/pkg/util/intstr.IntOrString
|
(Optional)
The port name or number on the given protocol. If not specified, this matches all port numbers. |
endPort
int32
|
(Optional)
EndPort defines the end of the port range, being the end included within the range.
It can only be specified when a numerical |
ServiceReference
ServiceReference represents reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
The name of this Service. |
namespace
string
|
The Namespace of this Service. |
crd.antrea.io/v1alpha1
Resource Types:ClusterNetworkPolicy
| Field | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||||||||
kind
string
|
ClusterNetworkPolicy |
||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||
spec
ClusterNetworkPolicySpec
|
Specification of the desired behavior of ClusterNetworkPolicy.
|
||||||||||
status
NetworkPolicyStatus
|
Most recently observed status of the NetworkPolicy. |
NetworkPolicy
| Field | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||||||||
kind
string
|
NetworkPolicy |
||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||
spec
NetworkPolicySpec
|
Specification of the desired behavior of NetworkPolicy.
|
||||||||||
status
NetworkPolicyStatus
|
Most recently observed status of the NetworkPolicy. |
Tier
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||
kind
string
|
Tier |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
spec
TierSpec
|
Specification of the desired behavior of Tier.
|
ClusterNetworkPolicySpec
(Appears on: ClusterNetworkPolicy)
ClusterNetworkPolicySpec defines the desired state for ClusterNetworkPolicy.
| Field | Description |
|---|---|
tier
string
|
Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier’s Priority and the ClusterNetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. |
priority
float64
|
Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. |
ingress
[]Rule
|
(Optional)
Set of ingress rules evaluated based on the order in which they are set.
Currently Ingress rule supports setting the |
egress
[]Rule
|
(Optional)
Set of egress rules evaluated based on the order in which they are set.
Currently Egress rule supports setting the |
Destination
(Appears on: TraceflowSpec)
Destination describes the destination spec of the traceflow.
| Field | Description |
|---|---|
namespace
string
|
Namespace is the destination namespace. |
pod
string
|
Pod is the destination pod, exclusive with destination service. |
service
string
|
Service is the destination service, exclusive with destination pod. |
ip
string
|
IP is the destination IPv4 or IPv6 address. |
ICMPEchoRequestHeader
(Appears on: TransportHeader)
ICMPEchoRequestHeader describes spec of an ICMP echo request header.
| Field | Description |
|---|---|
id
int32
|
ID is the ICMPEchoRequestHeader ID. |
sequence
int32
|
Sequence is the ICMPEchoRequestHeader sequence. |
IPBlock
(Appears on: GroupSpec, NetworkPolicyPeer)
IPBlock describes a particular CIDR (Ex. “192.168.1.1⁄24”) that is allowed or denied to/from the workloads matched by a Spec.AppliedTo.
| Field | Description |
|---|---|
cidr
string
|
CIDR is a string representing the IP Block Valid examples are “192.168.1.1⁄24”. |
IPHeader
(Appears on: Packet)
IPHeader describes spec of an IPv4 header.
| Field | Description |
|---|---|
srcIP
string
|
SrcIP is the source IP. |
protocol
int32
|
Protocol is the IP protocol. |
ttl
int32
|
TTL is the IP TTL. |
flags
int32
|
Flags is the flags for IP. |
IPv6Header
(Appears on: Packet)
IPv6Header describes spec of an IPv6 header.
| Field | Description |
|---|---|
srcIP
string
|
SrcIP is the source IPv6. |
nextHeader
int32
|
NextHeader is the IPv6 protocol. |
hopLimit
int32
|
HopLimit is the IPv6 Hop Limit. |
NetworkPolicyPeer
(Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec, Rule)
NetworkPolicyPeer describes the grouping selector of workloads.
| Field | Description |
|---|---|
ipBlock
IPBlock
|
(Optional)
IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. |
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. |
externalEntitySelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select ExternalEntities from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
group
string
|
Group is the name of the ClusterGroup which can be set as an AppliedTo or within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. |
NetworkPolicyPhase
(string alias)
(Appears on: NetworkPolicyStatus)
NetworkPolicyPhase defines the phase in which a NetworkPolicy is.
NetworkPolicyPort
(Appears on: Rule)
NetworkPolicyPort describes the port and protocol to match in a rule.
| Field | Description |
|---|---|
protocol
Kubernetes core/v1.Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
k8s.io/apimachinery/pkg/util/intstr.IntOrString
|
(Optional)
The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. |
endPort
int32
|
(Optional)
EndPort defines the end of the port range, being the end included within the range.
It can only be specified when a numerical |
NetworkPolicySpec
(Appears on: NetworkPolicy)
NetworkPolicySpec defines the desired state for NetworkPolicy.
| Field | Description |
|---|---|
tier
string
|
Tier specifies the tier to which this NetworkPolicy belongs to. The NetworkPolicy order will be determined based on the combination of the Tier’s Priority and the NetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. |
priority
float64
|
Priority specfies the order of the NetworkPolicy relative to other NetworkPolicies. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. |
ingress
[]Rule
|
(Optional)
Set of ingress rules evaluated based on the order in which they are set.
Currently Ingress rule supports setting the |
egress
[]Rule
|
(Optional)
Set of egress rules evaluated based on the order in which they are set.
Currently Egress rule supports setting the |
NetworkPolicyStatus
(Appears on: ClusterNetworkPolicy, NetworkPolicy)
NetworkPolicyStatus represents information about the status of a NetworkPolicy.
| Field | Description |
|---|---|
phase
NetworkPolicyPhase
|
The phase of a NetworkPolicy is a simple, high-level summary of the NetworkPolicy’s status. |
observedGeneration
int64
|
The generation observed by Antrea. |
currentNodesRealized
int32
|
The number of nodes that have realized the NetworkPolicy. |
desiredNodesRealized
int32
|
The total number of nodes that should realize the NetworkPolicy. |
NodeResult
(Appears on: TraceflowStatus)
| Field | Description |
|---|---|
node
string
|
Node is the node of the observation. |
role
string
|
Role of the node like sender, receiver, etc. |
timestamp
int64
|
Timestamp is the timestamp of the observations on the node. |
observations
[]Observation
|
Observations includes all observations from sender nodes, receiver ones, etc. |
Observation
(Appears on: NodeResult)
Observation describes those from sender nodes or receiver nodes.
| Field | Description |
|---|---|
component
TraceflowComponent
|
Component is the observation component. |
componentInfo
string
|
ComponentInfo is the extension of Component field. |
action
TraceflowAction
|
Action is the action to the observation. |
pod
string
|
Pod is the combination of Pod name and Pod Namespace. |
dstMAC
string
|
DstMAC is the destination MAC. |
networkPolicy
string
|
NetworkPolicy is the combination of Namespace and NetworkPolicyName. |
ttl
int32
|
TTL is the observation TTL. |
translatedSrcIP
string
|
TranslatedSrcIP is the translated source IP. |
translatedDstIP
string
|
TranslatedDstIP is the translated destination IP. |
tunnelDstIP
string
|
TunnelDstIP is the tunnel destination IP. |
Packet
(Appears on: TraceflowSpec, TraceflowStatus)
Packet includes header info.
| Field | Description |
|---|---|
srcIP
string
|
|
dstIP
string
|
|
length
uint16
|
Length is the IP packet length (includes the IPv4 or IPv6 header length). |
ipHeader
IPHeader
|
TODO: change type IPHeader to *IPHeader and correct all internal references |
ipv6Header
IPv6Header
|
|
transportHeader
TransportHeader
|
Rule
(Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec)
Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol.
| Field | Description |
|---|---|
action
RuleAction
|
Action specifies the action to be applied on the rule. |
ports
[]NetworkPolicyPort
|
(Optional)
Set of port and protocol allowed/denied by the rule. If this field is unset or empty, this rule matches all ports. |
from
[]NetworkPolicyPeer
|
(Optional)
Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. |
to
[]NetworkPolicyPeer
|
(Optional)
Rule is matched if traffic is intended for workloads selected by this field. If this field is empty or missing, this rule matches all destinations. |
name
string
|
(Optional)
Name describes the intention of this rule. Name should be unique within the policy. |
enableLogging
bool
|
EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. |
RuleAction
(string alias)
(Appears on: NetworkPolicyRule, NetworkPolicyRule, Rule)
RuleAction describes the action to be applied on traffic matching a rule.
Source
(Appears on: TraceflowSpec)
Source describes the source spec of the traceflow.
| Field | Description |
|---|---|
namespace
string
|
Namespace is the source namespace. |
pod
string
|
Pod is the source pod. |
TCPHeader
(Appears on: TransportHeader)
TCPHeader describes spec of a TCP header.
| Field | Description |
|---|---|
srcPort
int32
|
SrcPort is the source port. |
dstPort
int32
|
DstPort is the destination port. |
flags
int32
|
Flags are flags in the header. |
TierSpec
(Appears on: Tier)
TierSpec defines the desired state for Tier.
| Field | Description |
|---|---|
priority
int32
|
Priority specfies the order of the Tier relative to other Tiers. |
description
string
|
Description is an optional field to add more information regarding the purpose of this Tier. |
Traceflow
| Field | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||
spec
TraceflowSpec
|
|
||||||||||||
status
TraceflowStatus
|
TraceflowAction
(string alias)
(Appears on: Observation)
TraceflowComponent
(string alias)
(Appears on: Observation)
TraceflowPhase
(string alias)
(Appears on: TraceflowStatus)
TraceflowSpec
(Appears on: Traceflow)
TraceflowSpec describes the spec of the traceflow.
| Field | Description |
|---|---|
source
Source
|
|
destination
Destination
|
|
packet
Packet
|
|
liveTraffic
bool
|
LiveTraffic indicates the Traceflow is to trace the live traffic rather than an injected packet, when set to true. The first packet of the first connection that matches the packet spec will be traced. |
droppedOnly
bool
|
DroppedOnly indicates only the dropped packet should be captured in a live-traffic Traceflow. |
timeout
uint16
|
Timeout specifies the timeout of the Traceflow in seconds. Defaults to 20 seconds if not set. |
TraceflowStatus
(Appears on: Traceflow)
TraceflowStatus describes current status of the traceflow.
| Field | Description |
|---|---|
phase
TraceflowPhase
|
Phase is the Traceflow phase. |
reason
string
|
Reason is a message indicating the reason of the traceflow’s current phase. |
dataplaneTag
byte
|
DataplaneTag is a tag to identify a traceflow session across Nodes. |
results
[]NodeResult
|
Results is the collection of all observations on different nodes. |
capturedPacket
Packet
|
CapturedPacket is the captured packet in live-traffic Traceflow. |
TransportHeader
(Appears on: Packet)
TransportHeader describes spec of a TransportHeader.
| Field | Description |
|---|---|
icmp
ICMPEchoRequestHeader
|
|
udp
UDPHeader
|
|
tcp
TCPHeader
|
UDPHeader
(Appears on: TransportHeader)
UDPHeader describes spec of a UDP header.
| Field | Description |
|---|---|
srcPort
int32
|
SrcPort is the source port. |
dstPort
int32
|
DstPort is the destination port. |
crd.antrea.io/v1alpha2
Resource Types:ClusterGroup
| Field | Description | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||||||||||||
kind
string
|
ClusterGroup |
||||||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||
spec
GroupSpec
|
Desired state of the group.
|
||||||||||||||
status
GroupStatus
|
Most recently observed status of the group. |
Egress
Egress defines which egress (SNAT) IP the traffic from the selected Pods to the external network should use.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||
kind
string
|
Egress |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
spec
EgressSpec
|
Specification of the desired behavior of Egress.
|
ExternalEntity
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||||
kind
string
|
ExternalEntity |
||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||
spec
ExternalEntitySpec
|
Desired state of the external entity.
|
AppliedTo
(Appears on: EgressSpec)
AppliedTo selects the entities to which a policy is applied.
| Field | Description |
|---|---|
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods matched by this selector. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector; otherwise, Pods are matched from all Namespaces. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. |
groups
[]string
|
(Optional)
Groups is the set of ClusterGroup names. |
ClusterGroupReference
(string alias)
(Appears on: GroupSpec)
ClusterGroupReference represent reference to a ClusterGroup.
EgressSpec
(Appears on: Egress)
EgressSpec defines the desired state for Egress.
| Field | Description |
|---|---|
appliedTo
AppliedTo
|
AppliedTo selects Pods to which the Egress will be applied. |
egressIP
string
|
EgressIP specifies the SNAT IP address for the selected workloads. |
Endpoint
(Appears on: ExternalEntitySpec)
Endpoint refers to an endpoint associated with the ExternalEntity.
| Field | Description |
|---|---|
ip
string
|
IP associated with this endpoint. |
name
string
|
(Optional)
Name identifies this endpoint. Could be the network interface name in case of VMs. |
ExternalEntitySpec
(Appears on: ExternalEntity)
ExternalEntitySpec defines the desired state for ExternalEntity.
| Field | Description |
|---|---|
endpoints
[]Endpoint
|
Endpoints is a list of external endpoints associated with this entity. |
ports
[]NamedPort
|
Ports maintain the list of named ports. |
externalNode
string
|
ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity. |
GroupCondition
(Appears on: GroupStatus)
| Field | Description |
|---|---|
type
GroupConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
|
lastTransitionTime
Kubernetes meta/v1.Time
|
GroupConditionType
(string alias)
(Appears on: GroupCondition)
GroupSpec
(Appears on: ClusterGroup)
| Field | Description |
|---|---|
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods matching the labels set in the PodSelector in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo/To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector. |
ipBlock
IPBlock
|
(Optional)
IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference. Cannot be set with IPBlocks. |
ipBlocks
[]IPBlock
|
(Optional)
IPBlocks is a list of IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference. Cannot be set with IPBlock. |
serviceReference
ServiceReference
|
(Optional)
Select backend Pods of the referred Service. Cannot be set with any other selector or ipBlock. |
externalEntitySelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select ExternalEntities from all Namespaces as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
childGroups
[]ClusterGroupReference
|
(Optional)
Select other ClusterGroups by name. The ClusterGroups must already exist and must not contain ChildGroups themselves. Cannot be set with any selector/IPBlock/ServiceReference. |
GroupStatus
(Appears on: ClusterGroup)
GroupStatus represents information about the status of a Group.
| Field | Description |
|---|---|
conditions
[]GroupCondition
|
NamedPort
(Appears on: ExternalEntitySpec)
NamedPort describes the port and protocol to match in a rule.
| Field | Description |
|---|---|
protocol
Kubernetes core/v1.Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
int32
|
(Optional)
The port on the given protocol. |
name
string
|
(Optional)
Name associated with the Port. |
ServiceReference
(Appears on: GroupSpec)
ServiceReference represent reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
Name of the Service |
namespace
string
|
Namespace of the Service |
WebhookImpl
WebhookImpl implements webhook validator of a resource.
Generated with gen-crd-api-reference-docs
on git commit a37a34aa.