Documentation
Introduction
Cloud Deployment
Reference
- Antrea Network Policy
- antctl
- Architecture
- Traffic Encryption (Ipsec / WireGuard)
- Securing Control Plane
- Troubleshooting
- OS-specific Known Issues
- OVS Pipeline
- Feature Gates
- Network Flow Visibility
- Traceflow Guide
- NoEncap and Hybrid Traffic Modes
- Egress Guide
- NodePortLocal Guide
- Versioning
- Antrea API Groups
- Antrea API Reference
Windows
Integrations
Cookbooks
Developer Guide
Project Information
Packages:
- controlplane.antrea.io/v1beta2
- crd.antrea.io/v1alpha1
- crd.antrea.io/v1alpha2
- crd.antrea.io/v1alpha3
- crd.antrea.io/v1beta1
- stats.antrea.io/v1alpha1
- system.antrea.io/v1beta1
controlplane.antrea.io/v1beta2
Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages.
Resource Types:- AddressGroup
- AppliedToGroup
- ClusterGroupMembers
- EgressGroup
- GroupAssociation
- NetworkPolicy
- NodeStatsSummary
AddressGroup
AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
AddressGroup |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
AppliedToGroup
AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
AppliedToGroup |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
GroupMembers is list of resources selected by this group. |
ClusterGroupMembers
ClusterGroupMembers is a list of GroupMember objects or ipBlocks that are currently selected by a ClusterGroup.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
ClusterGroupMembers |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
effectiveMembers
[]GroupMember
|
|
effectiveIPBlocks
[]IPNet
|
EgressGroup
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
EgressGroup |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
groupMembers
[]GroupMember
|
GroupMembers is list of resources selected by this group. |
GroupAssociation
GroupAssociation is the message format in an API response for groupassociation queries.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
GroupAssociation |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
associatedGroups
[]GroupReference
|
AssociatedGroups is a list of GroupReferences that is associated with the Pod/ExternalEntity being queried. |
NetworkPolicy
NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
NetworkPolicy |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
rules
[]NetworkPolicyRule
|
Rules is a list of rules to be applied to the selected GroupMembers. |
appliedToGroups
[]string
|
AppliedToGroups is a list of names of AppliedToGroups to which this policy applies. Cannot be set in conjunction with any NetworkPolicyRule.AppliedToGroups in Rules. |
priority
float64
|
Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s NetworkPolicy. |
tierPriority
int32
|
TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy. |
sourceRef
NetworkPolicyReference
|
Reference to the original NetworkPolicy that the internal NetworkPolicy is created for. |
NodeStatsSummary
NodeStatsSummary contains stats produced on a Node. It’s used by the antrea-agents to report stats to the antrea-controller.
| Field | Description |
|---|---|
apiVersion
string |
controlplane.antrea.io/v1beta2
|
kind
string
|
NodeStatsSummary |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
networkPolicies
[]NetworkPolicyStats
|
The TrafficStats of K8s NetworkPolicies collected from the Node. |
antreaClusterNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node. |
antreaNetworkPolicies
[]NetworkPolicyStats
|
The TrafficStats of Antrea NetworkPolicies collected from the Node. |
AddressGroupPatch
AddressGroupPatch describes the incremental update of an AddressGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
AppliedToGroupPatch
AppliedToGroupPatch describes the incremental update of an AppliedToGroup.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
addedGroupMembers
[]GroupMember
|
|
removedGroupMembers
[]GroupMember
|
Direction
(string alias)
(Appears on: NetworkPolicyRule)
Direction defines traffic direction of NetworkPolicyRule.
EgressGroupPatch
EgressGroupPatch describes the incremental update of an EgressGroup.
| Field | Description |
|---|---|
ObjectMeta
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
AddedGroupMembers
[]GroupMember
|
|
RemovedGroupMembers
[]GroupMember
|
ExternalEntityReference
(Appears on: GroupMember)
ExternalEntityReference represents a ExternalEntity Reference.
| Field | Description |
|---|---|
name
string
|
The name of this ExternalEntity. |
namespace
string
|
The Namespace of this ExternalEntity. |
GroupMember
(Appears on: AddressGroup, AppliedToGroup, ClusterGroupMembers, EgressGroup, AddressGroupPatch, AppliedToGroupPatch, EgressGroupPatch)
GroupMember represents resource member to be populated in Groups.
| Field | Description |
|---|---|
pod
PodReference
|
Pod maintains the reference to the Pod. |
externalEntity
ExternalEntityReference
|
ExternalEntity maintains the reference to the ExternalEntity. |
ips
[]IPAddress
|
IP is the IP address of the Endpoints associated with the GroupMember. |
ports
[]NamedPort
|
Ports is the list NamedPort of the GroupMember. |
GroupMemberSet
(map[antrea.io/antrea/pkg/apis/controlplane/v1beta2.groupMemberKey]*antrea.io/antrea/pkg/apis/controlplane/v1beta2.GroupMember alias)
GroupMemberSet is a set of GroupMembers.
GroupReference
(Appears on: GroupAssociation)
| Field | Description |
|---|---|
namespace
string
|
Namespace of the Group. Empty for ClusterGroup. |
name
string
|
Name of the Group. |
uid
k8s.io/apimachinery/pkg/types.UID
|
UID of the Group. |
IPAddress
([]byte alias)
(Appears on: GroupMember, IPNet)
IPAddress describes a single IP address. Either an IPv4 or IPv6 address must be set.
IPBlock
(Appears on: NetworkPolicyPeer)
IPBlock describes a particular CIDR (Ex. “192.168.1.1⁄24”). The except entry describes CIDRs that should not be included within this rule.
| Field | Description |
|---|---|
cidr
IPNet
|
CIDR is an IPNet represents the IP Block. |
except
[]IPNet
|
(Optional)
Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range. |
IPNet
(Appears on: ClusterGroupMembers, IPBlock)
IPNet describes an IP network.
| Field | Description |
|---|---|
ip
IPAddress
|
|
prefixLength
int32
|
NamedPort
(Appears on: GroupMember)
NamedPort represents a Port with a name on Pod.
| Field | Description |
|---|---|
port
int32
|
Port represents the Port number. |
name
string
|
Name represents the associated name with this Port number. |
protocol
Protocol
|
Protocol for port. Must be UDP, TCP, or SCTP. |
NetworkPolicyNodeStatus
(Appears on: NetworkPolicyStatus)
NetworkPolicyNodeStatus is the status of a NetworkPolicy on a Node.
| Field | Description |
|---|---|
nodeName
string
|
The name of the Node that produces the status. |
generation
int64
|
The generation realized by the Node. |
NetworkPolicyPeer
(Appears on: NetworkPolicyRule)
NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.
| Field | Description |
|---|---|
addressGroups
[]string
|
A list of names of AddressGroups. |
ipBlocks
[]IPBlock
|
A list of IPBlock. |
fqdns
[]string
|
A list of exact FQDN names or FQDN wildcard expressions. This field can only be possibly set for NetworkPolicyPeer of egress rules. |
toServices
[]ServiceReference
|
A list of ServiceReference. This field can only be possibly set for NetworkPolicyPeer of egress rules. |
NetworkPolicyReference
(Appears on: NetworkPolicy, NetworkPolicyStats)
| Field | Description |
|---|---|
type
NetworkPolicyType
|
Type of the NetworkPolicy. |
namespace
string
|
Namespace of the NetworkPolicy. It’s empty for Antrea ClusterNetworkPolicy. |
name
string
|
Name of the NetworkPolicy. |
uid
k8s.io/apimachinery/pkg/types.UID
|
UID of the NetworkPolicy. |
NetworkPolicyRule
(Appears on: NetworkPolicy)
NetworkPolicyRule describes a particular set of traffic that is allowed.
| Field | Description |
|---|---|
direction
Direction
|
The direction of this rule. If it’s set to In, From must be set and To must not be set. If it’s set to Out, To must be set and From must not be set. |
from
NetworkPolicyPeer
|
From represents sources which should be able to access the GroupMembers selected by the policy. |
to
NetworkPolicyPeer
|
To represents destinations which should be able to be accessed by the GroupMembers selected by the policy. |
services
[]Service
|
Services is a list of services which should be matched. |
priority
int32
|
Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy. |
action
RuleAction
|
Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy. |
enableLogging
bool
|
EnableLogging indicates whether or not to generate logs when rules are matched. Default to false. |
appliedToGroups
[]string
|
AppliedToGroups is a list of names of AppliedToGroups to which this rule applies. Cannot be set in conjunction with NetworkPolicy.AppliedToGroups of the NetworkPolicy that this Rule is referred to. |
name
string
|
Name describes the intention of this rule. Name should be unique within the policy. |
NetworkPolicyStats
(Appears on: NodeStatsSummary)
NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.
| Field | Description |
|---|---|
networkPolicy
NetworkPolicyReference
|
The reference of the NetworkPolicy. |
trafficStats
TrafficStats
|
The stats of the NetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The stats of the NetworkPolicy rules. It’s empty for K8s NetworkPolicies as they don’t have rule name to identify a rule. |
NetworkPolicyStatus
NetworkPolicyStatus is the status of a NetworkPolicy.
| Field | Description |
|---|---|
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
nodes
[]NetworkPolicyNodeStatus
|
Nodes contains statuses produced on a list of Nodes. |
NetworkPolicyType
(string alias)
(Appears on: NetworkPolicyReference)
PodReference
(Appears on: GroupMember)
PodReference represents a Pod Reference.
| Field | Description |
|---|---|
name
string
|
The name of this Pod. |
namespace
string
|
The Namespace of this Pod. |
Protocol
(string alias)
(Appears on: NamedPort, Service)
Protocol defines network protocols supported for things like container ports.
Service
(Appears on: NetworkPolicyRule)
Service describes a port to allow traffic on.
| Field | Description |
|---|---|
protocol
Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
k8s.io/apimachinery/pkg/util/intstr.IntOrString
|
(Optional)
The port name or number on the given protocol. If not specified, this matches all port numbers. |
endPort
int32
|
(Optional)
EndPort defines the end of the port range, being the end included within the range.
It can only be specified when a numerical |
ServiceReference
(Appears on: NetworkPolicyPeer)
ServiceReference represents reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
The name of this Service. |
namespace
string
|
The Namespace of this Service. |
crd.antrea.io/v1alpha1
Resource Types:ClusterNetworkPolicy
| Field | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||||||||
kind
string
|
ClusterNetworkPolicy |
||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||
spec
ClusterNetworkPolicySpec
|
Specification of the desired behavior of ClusterNetworkPolicy.
|
||||||||||
status
NetworkPolicyStatus
|
Most recently observed status of the NetworkPolicy. |
NetworkPolicy
| Field | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||||||||
kind
string
|
NetworkPolicy |
||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||
spec
NetworkPolicySpec
|
Specification of the desired behavior of NetworkPolicy.
|
||||||||||
status
NetworkPolicyStatus
|
Most recently observed status of the NetworkPolicy. |
Tier
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||
kind
string
|
Tier |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
spec
TierSpec
|
Specification of the desired behavior of Tier.
|
Traceflow
| Field | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha1
|
||||||||||||
kind
string
|
Traceflow |
||||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
||||||||||||
spec
TraceflowSpec
|
|
||||||||||||
status
TraceflowStatus
|
ClusterNetworkPolicySpec
(Appears on: ClusterNetworkPolicy)
ClusterNetworkPolicySpec defines the desired state for ClusterNetworkPolicy.
| Field | Description |
|---|---|
tier
string
|
Tier specifies the tier to which this ClusterNetworkPolicy belongs to. The ClusterNetworkPolicy order will be determined based on the combination of the Tier’s Priority and the ClusterNetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. |
priority
float64
|
Priority specfies the order of the ClusterNetworkPolicy relative to other AntreaClusterNetworkPolicies. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. |
ingress
[]Rule
|
(Optional)
Set of ingress rules evaluated based on the order in which they are set.
Currently Ingress rule supports setting the |
egress
[]Rule
|
(Optional)
Set of egress rules evaluated based on the order in which they are set.
Currently Egress rule supports setting the |
Destination
(Appears on: TraceflowSpec)
Destination describes the destination spec of the traceflow.
| Field | Description |
|---|---|
namespace
string
|
Namespace is the destination namespace. |
pod
string
|
Pod is the destination pod, exclusive with destination service. |
service
string
|
Service is the destination service, exclusive with destination pod. |
ip
string
|
IP is the destination IPv4 or IPv6 address. |
ICMPEchoRequestHeader
(Appears on: TransportHeader)
ICMPEchoRequestHeader describes spec of an ICMP echo request header.
| Field | Description |
|---|---|
id
int32
|
ID is the ICMPEchoRequestHeader ID. |
sequence
int32
|
Sequence is the ICMPEchoRequestHeader sequence. |
IPBlock
(Appears on: NetworkPolicyPeer, GroupSpec, GroupSpec)
IPBlock describes a particular CIDR (Ex. “192.168.1.1⁄24”) that is allowed or denied to/from the workloads matched by a Spec.AppliedTo.
| Field | Description |
|---|---|
cidr
string
|
CIDR is a string representing the IP Block Valid examples are “192.168.1.1⁄24”. |
IPHeader
(Appears on: Packet)
IPHeader describes spec of an IPv4 header.
| Field | Description |
|---|---|
srcIP
string
|
SrcIP is the source IP. |
protocol
int32
|
Protocol is the IP protocol. |
ttl
int32
|
TTL is the IP TTL. |
flags
int32
|
Flags is the flags for IP. |
IPv6Header
(Appears on: Packet)
IPv6Header describes spec of an IPv6 header.
| Field | Description |
|---|---|
srcIP
string
|
SrcIP is the source IPv6. |
nextHeader
int32
|
NextHeader is the IPv6 protocol. |
hopLimit
int32
|
HopLimit is the IPv6 Hop Limit. |
NamespaceMatchType
(string alias)
(Appears on: PeerNamespaces)
NamespaceMatchType describes Namespace matching strategy.
NetworkPolicyPeer
(Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec, Rule)
NetworkPolicyPeer describes the grouping selector of workloads.
| Field | Description |
|---|---|
ipBlock
IPBlock
|
(Optional)
IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector. |
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector, as workloads in To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. Cannot be set with Namespaces. |
namespaces
PeerNamespaces
|
(Optional)
Select Pod/ExternalEntity from Namespaces matched by specifc criteria. Current supported criteria is match: Self, which selects from the same Namespace of the appliedTo workloads. Cannot be set with any other selector except PodSelector or ExternalEntitySelector. This field can only be set when NetworkPolicyPeer is created for ClusterNetworkPolicy ingress/egress rules. Cannot be set with NamespaceSelector. |
externalEntitySelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select ExternalEntities from NetworkPolicy’s Namespace as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
group
string
|
Group is the name of the ClusterGroup which can be set as an AppliedTo or within an Ingress or Egress rule in place of a stand-alone selector. A Group cannot be set with any other selector. |
fqdn
string
|
Restrict egress access to the Fully Qualified Domain Names prescribed by name or by wildcard match patterns. This field can only be set for NetworkPolicyPeer of egress rules. Supported formats are: Exact FQDNs, i.e. “google.com”, “db-svc.default.svc.cluster.local” Wildcard expressions, i.e. “*wayfair.com”. |
NetworkPolicyPhase
(string alias)
(Appears on: NetworkPolicyStatus)
NetworkPolicyPhase defines the phase in which a NetworkPolicy is.
NetworkPolicyPort
(Appears on: Rule)
NetworkPolicyPort describes the port and protocol to match in a rule.
| Field | Description |
|---|---|
protocol
Kubernetes core/v1.Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
k8s.io/apimachinery/pkg/util/intstr.IntOrString
|
(Optional)
The port on the given protocol. This can be either a numerical or named port on a Pod. If this field is not provided, this matches all port names and numbers. |
endPort
int32
|
(Optional)
EndPort defines the end of the port range, being the end included within the range.
It can only be specified when a numerical |
NetworkPolicySpec
(Appears on: NetworkPolicy)
NetworkPolicySpec defines the desired state for NetworkPolicy.
| Field | Description |
|---|---|
tier
string
|
Tier specifies the tier to which this NetworkPolicy belongs to. The NetworkPolicy order will be determined based on the combination of the Tier’s Priority and the NetworkPolicy’s own Priority. If not specified, this policy will be created in the Application Tier right above the K8s NetworkPolicy which resides at the bottom. |
priority
float64
|
Priority specfies the order of the NetworkPolicy relative to other NetworkPolicies. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which the rules will be applied to. Cannot be set in conjunction with AppliedTo in each rule. |
ingress
[]Rule
|
(Optional)
Set of ingress rules evaluated based on the order in which they are set.
Currently Ingress rule supports setting the |
egress
[]Rule
|
(Optional)
Set of egress rules evaluated based on the order in which they are set.
Currently Egress rule supports setting the |
NetworkPolicyStatus
(Appears on: ClusterNetworkPolicy, NetworkPolicy)
NetworkPolicyStatus represents information about the status of a NetworkPolicy.
| Field | Description |
|---|---|
phase
NetworkPolicyPhase
|
The phase of a NetworkPolicy is a simple, high-level summary of the NetworkPolicy’s status. |
observedGeneration
int64
|
The generation observed by Antrea. |
currentNodesRealized
int32
|
The number of nodes that have realized the NetworkPolicy. |
desiredNodesRealized
int32
|
The total number of nodes that should realize the NetworkPolicy. |
NodeResult
(Appears on: TraceflowStatus)
| Field | Description |
|---|---|
node
string
|
Node is the node of the observation. |
role
string
|
Role of the node like sender, receiver, etc. |
timestamp
int64
|
Timestamp is the timestamp of the observations on the node. |
observations
[]Observation
|
Observations includes all observations from sender nodes, receiver ones, etc. |
Observation
(Appears on: NodeResult)
Observation describes those from sender nodes or receiver nodes.
| Field | Description |
|---|---|
component
TraceflowComponent
|
Component is the observation component. |
componentInfo
string
|
ComponentInfo is the extension of Component field. |
action
TraceflowAction
|
Action is the action to the observation. |
pod
string
|
Pod is the combination of Pod name and Pod Namespace. |
dstMAC
string
|
DstMAC is the destination MAC. |
networkPolicy
string
|
NetworkPolicy is the combination of Namespace and NetworkPolicyName. |
ttl
int32
|
TTL is the observation TTL. |
translatedSrcIP
string
|
TranslatedSrcIP is the translated source IP. |
translatedDstIP
string
|
TranslatedDstIP is the translated destination IP. |
tunnelDstIP
string
|
TunnelDstIP is the tunnel destination IP. |
Packet
(Appears on: TraceflowSpec, TraceflowStatus)
Packet includes header info.
| Field | Description |
|---|---|
srcIP
string
|
|
dstIP
string
|
|
length
uint16
|
Length is the IP packet length (includes the IPv4 or IPv6 header length). |
ipHeader
IPHeader
|
TODO: change type IPHeader to *IPHeader and correct all internal references |
ipv6Header
IPv6Header
|
|
transportHeader
TransportHeader
|
PeerNamespaces
(Appears on: NetworkPolicyPeer)
| Field | Description |
|---|---|
match
NamespaceMatchType
|
Rule
(Appears on: ClusterNetworkPolicySpec, NetworkPolicySpec)
Rule describes the traffic allowed to/from the workloads selected by Spec.AppliedTo. Based on the action specified in the rule, traffic is either allowed or denied which exactly match the specified ports and protocol.
| Field | Description |
|---|---|
action
RuleAction
|
Action specifies the action to be applied on the rule. |
ports
[]NetworkPolicyPort
|
(Optional)
Set of port and protocol allowed/denied by the rule. If this field is unset or empty, this rule matches all ports. |
from
[]NetworkPolicyPeer
|
(Optional)
Rule is matched if traffic originates from workloads selected by this field. If this field is empty, this rule matches all sources. |
to
[]NetworkPolicyPeer
|
(Optional)
Rule is matched if traffic is intended for workloads selected by this field. This field can’t be used with ToServices. If this field and ToServices are both empty or missing this rule matches all destinations. |
toServices
[]ServiceReference
|
(Optional)
Rule is matched if traffic is intended for a Service listed in this field. Currently only ClusterIP types Services are supported in this field. This field can only be used when AntreaProxy is enabled. This field can’t be used with To or Ports. If this field and To are both empty or missing, this rule matches all destinations. |
name
string
|
(Optional)
Name describes the intention of this rule. Name should be unique within the policy. |
enableLogging
bool
|
EnableLogging is used to indicate if agent should generate logs when rules are matched. Should be default to false. |
appliedTo
[]NetworkPolicyPeer
|
(Optional)
Select workloads on which this rule will be applied to. Cannot be set in conjunction with NetworkPolicySpec/ClusterNetworkPolicySpec.AppliedTo. |
RuleAction
(string alias)
(Appears on: NetworkPolicyRule, Rule)
RuleAction describes the action to be applied on traffic matching a rule.
ServiceReference
(Appears on: Rule)
ServiceReference represents a reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
Name of the Service |
namespace
string
|
Namespace of the Service |
Source
(Appears on: TraceflowSpec)
Source describes the source spec of the traceflow.
| Field | Description |
|---|---|
namespace
string
|
Namespace is the source namespace. |
pod
string
|
Pod is the source pod. |
ip
string
|
IP is the source IPv4 or IPv6 address. IP as the source is supported only for live-traffic Traceflow. |
TCPHeader
(Appears on: TransportHeader)
TCPHeader describes spec of a TCP header.
| Field | Description |
|---|---|
srcPort
int32
|
SrcPort is the source port. |
dstPort
int32
|
DstPort is the destination port. |
flags
int32
|
Flags are flags in the header. |
TierSpec
(Appears on: Tier)
TierSpec defines the desired state for Tier.
| Field | Description |
|---|---|
priority
int32
|
Priority specfies the order of the Tier relative to other Tiers. |
description
string
|
Description is an optional field to add more information regarding the purpose of this Tier. |
TraceflowAction
(string alias)
(Appears on: Observation)
TraceflowComponent
(string alias)
(Appears on: Observation)
TraceflowPhase
(string alias)
(Appears on: TraceflowStatus)
TraceflowSpec
(Appears on: Traceflow)
TraceflowSpec describes the spec of the traceflow.
| Field | Description |
|---|---|
source
Source
|
|
destination
Destination
|
|
packet
Packet
|
|
liveTraffic
bool
|
LiveTraffic indicates the Traceflow is to trace the live traffic rather than an injected packet, when set to true. The first packet of the first connection that matches the packet spec will be traced. |
droppedOnly
bool
|
DroppedOnly indicates only the dropped packet should be captured in a live-traffic Traceflow. |
timeout
uint16
|
Timeout specifies the timeout of the Traceflow in seconds. Defaults to 20 seconds if not set. |
TraceflowStatus
(Appears on: Traceflow)
TraceflowStatus describes current status of the traceflow.
| Field | Description |
|---|---|
phase
TraceflowPhase
|
Phase is the Traceflow phase. |
reason
string
|
Reason is a message indicating the reason of the traceflow’s current phase. |
dataplaneTag
byte
|
DataplaneTag is a tag to identify a traceflow session across Nodes. |
results
[]NodeResult
|
Results is the collection of all observations on different nodes. |
capturedPacket
Packet
|
CapturedPacket is the captured packet in live-traffic Traceflow. |
TransportHeader
(Appears on: Packet)
TransportHeader describes spec of a TransportHeader.
| Field | Description |
|---|---|
icmp
ICMPEchoRequestHeader
|
|
udp
UDPHeader
|
|
tcp
TCPHeader
|
UDPHeader
(Appears on: TransportHeader)
UDPHeader describes spec of a UDP header.
| Field | Description |
|---|---|
srcPort
int32
|
SrcPort is the source port. |
dstPort
int32
|
DstPort is the destination port. |
crd.antrea.io/v1alpha2
Resource Types:ClusterGroup
| Field | Description | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||||||||||||
kind
string
|
ClusterGroup |
||||||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||||
spec
GroupSpec
|
Desired state of the group.
|
||||||||||||||
status
GroupStatus
|
Most recently observed status of the group. |
Egress
Egress defines which egress (SNAT) IP the traffic from the selected Pods to the external network should use.
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||||
kind
string
|
Egress |
||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||
spec
EgressSpec
|
Specification of the desired behavior of Egress.
|
||||||
status
EgressStatus
|
EgressStatus represents the current status of an Egress. |
ExternalEntity
| Field | Description | ||||||
|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||||
kind
string
|
ExternalEntity |
||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||
spec
ExternalEntitySpec
|
Desired state of the external entity.
|
ExternalIPPool
ExternalIPPool defines one or multiple IP sets that can be used in the external network. For instance, the IPs can be allocated to the Egress resources as the Egress IPs.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||
kind
string
|
ExternalIPPool |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
spec
ExternalIPPoolSpec
|
Specification of the ExternalIPPool.
|
||||
status
ExternalIPPoolStatus
|
The current status of the ExternalIPPool. |
IPPool
IPPool defines one or multiple IP sets that can be used for flexible IPAM feature. For instance, the IPs can be allocated to Pods according to IP pool specified in Deployment annotation.
| Field | Description | ||||
|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha2
|
||||
kind
string
|
IPPool |
||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||
spec
IPPoolSpec
|
Specification of the IPPool.
|
||||
status
IPPoolStatus
|
Most recently observed status of the pool. |
AppliedTo
(Appears on: EgressSpec)
AppliedTo selects the entities to which a policy is applied.
| Field | Description |
|---|---|
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods matched by this selector. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector; otherwise, Pods are matched from all Namespaces. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. |
groups
[]string
|
(Optional)
Groups is the set of ClusterGroup names. |
ClusterGroupReference
(string alias)
(Appears on: GroupSpec)
ClusterGroupReference represent reference to a ClusterGroup.
EgressSpec
(Appears on: Egress)
EgressSpec defines the desired state for Egress.
| Field | Description |
|---|---|
appliedTo
AppliedTo
|
AppliedTo selects Pods to which the Egress will be applied. |
egressIP
string
|
EgressIP specifies the SNAT IP address for the selected workloads. If ExternalIPPool is empty, it must be specified manually. If ExternalIPPool is non-empty, it can be empty and will be assigned by Antrea automatically. If both ExternalIPPool and EgressIP are non-empty, the IP must be in the pool. |
externalIPPool
string
|
ExternalIPPool specifies the IP Pool that the EgressIP should be allocated from. If it is empty, the specified EgressIP must be assigned to a Node manually. If it is non-empty, the EgressIP will be assigned to a Node specified by the pool automatically and will failover to a different Node when the Node becomes unreachable. |
EgressStatus
(Appears on: Egress)
EgressStatus represents the current status of an Egress.
| Field | Description |
|---|---|
egressNode
string
|
The name of the Node that holds the Egress IP. |
Endpoint
(Appears on: ExternalEntitySpec)
Endpoint refers to an endpoint associated with the ExternalEntity.
| Field | Description |
|---|---|
ip
string
|
IP associated with this endpoint. |
name
string
|
(Optional)
Name identifies this endpoint. Could be the network interface name in case of VMs. |
ExternalEntitySpec
(Appears on: ExternalEntity)
ExternalEntitySpec defines the desired state for ExternalEntity.
| Field | Description |
|---|---|
endpoints
[]Endpoint
|
Endpoints is a list of external endpoints associated with this entity. |
ports
[]NamedPort
|
Ports maintain the list of named ports. |
externalNode
string
|
ExternalNode is the opaque identifier of the agent/controller responsible for additional processing or handling of this external entity. |
ExternalIPPoolSpec
(Appears on: ExternalIPPool)
| Field | Description |
|---|---|
ipRanges
[]IPRange
|
The IP ranges of this IP pool, e.g. 10.10.0.0/24, 10.10.10.2-10.10.10.20, 10.10.10.30-10.10.10.30. |
nodeSelector
Kubernetes meta/v1.LabelSelector
|
The Nodes that the external IPs can be assigned to. If empty, it means all Nodes. |
ExternalIPPoolStatus
(Appears on: ExternalIPPool)
| Field | Description |
|---|---|
usage
ExternalIPPoolUsage
|
ExternalIPPoolUsage
(Appears on: ExternalIPPoolStatus)
| Field | Description |
|---|---|
total
int
|
Total number of IPs. |
used
int
|
Number of allocated IPs. |
GroupCondition
(Appears on: GroupStatus)
| Field | Description |
|---|---|
type
GroupConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
|
lastTransitionTime
Kubernetes meta/v1.Time
|
GroupConditionType
(string alias)
(Appears on: GroupCondition)
GroupSpec
(Appears on: ClusterGroup)
| Field | Description |
|---|---|
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods matching the labels set in the PodSelector in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo/To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector. |
ipBlock
IPBlock
|
(Optional)
IPBlock describes the IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference. Cannot be set with IPBlocks. |
ipBlocks
[]IPBlock
|
(Optional)
IPBlocks is a list of IPAddresses/IPBlocks that is matched in to/from. IPBlock cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference. Cannot be set with IPBlock. |
serviceReference
ServiceReference
|
(Optional)
Select backend Pods of the referred Service. Cannot be set with any other selector or ipBlock. |
externalEntitySelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select ExternalEntities from all Namespaces as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
childGroups
[]ClusterGroupReference
|
(Optional)
Select other ClusterGroups by name. The ClusterGroups must already exist and must not contain ChildGroups themselves. Cannot be set with any selector/IPBlock/ServiceReference. |
GroupStatus
(Appears on: ClusterGroup)
GroupStatus represents information about the status of a Group.
| Field | Description |
|---|---|
conditions
[]GroupCondition
|
IPAddressOwner
(Appears on: IPAddressState)
| Field | Description |
|---|---|
pod
PodOwner
|
IPAddressPhase
(string alias)
(Appears on: IPAddressState)
IPAddressState
(Appears on: IPPoolStatus)
| Field | Description |
|---|---|
ipAddress
string
|
IP Address this entry is tracking |
phase
IPAddressPhase
|
Allocation state - either Allocated or Preallocated |
owner
IPAddressOwner
|
Owner this IP Address is allocated to |
IPPoolSpec
(Appears on: IPPool)
| Field | Description |
|---|---|
ipVersion
int
|
IP Version for this IP pool - either 4 or 6 |
ipRanges
[]SubnetIPRange
|
List IP ranges, along with subnet definition. |
IPPoolStatus
(Appears on: IPPool)
| Field | Description |
|---|---|
ipAddresses
[]IPAddressState
|
IPRange
(Appears on: ExternalIPPoolSpec, SubnetIPRange)
IPRange is a set of contiguous IP addresses, represented by a CIDR or a pair of start and end IPs.
| Field | Description |
|---|---|
cidr
string
|
The CIDR of this range, e.g. 10.10.10.0/24. |
start
string
|
The start IP of the range, e.g. 10.10.20.5, inclusive. |
end
string
|
The end IP of the range, e.g. 10.10.20.20, inclusive. |
NamedPort
(Appears on: ExternalEntitySpec)
NamedPort describes the port and protocol to match in a rule.
| Field | Description |
|---|---|
protocol
Kubernetes core/v1.Protocol
|
(Optional)
The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP. |
port
int32
|
(Optional)
The port on the given protocol. |
name
string
|
(Optional)
Name associated with the Port. |
PodOwner
(Appears on: IPAddressOwner)
| Field | Description |
|---|---|
name
string
|
|
namespace
string
|
|
containerID
string
|
ServiceReference
(Appears on: GroupSpec)
ServiceReference represent reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
Name of the Service |
namespace
string
|
Namespace of the Service |
SubnetIPRange
(Appears on: IPPoolSpec)
SubnetIPRange is a set of contiguous IP addresses, represented by a CIDR or a pair of start and end IPs, along with subnet definition.
| Field | Description |
|---|---|
IPRange
IPRange
|
(Members of |
SubnetInfo
SubnetInfo
|
(Members of |
SubnetInfo
(Appears on: SubnetIPRange)
SubnetInfo specifies subnet attributes for IP Range
| Field | Description |
|---|---|
gateway
string
|
Gateway IP for this subnet, eg. 10.10.1.1 |
prefixLength
int32
|
Prefix length for the subnet, eg. 24 |
vlan
string
|
VLAN ID for this subnet. Default is 0. String-typed for sake of potential autoselect option. |
WebhookImpl
WebhookImpl implements webhook validator of a resource.
crd.antrea.io/v1alpha3
Resource Types:ClusterGroup
| Field | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
apiVersion
string |
crd.antrea.io/v1alpha3
|
||||||||||||
kind
string
|
ClusterGroup |
||||||||||||
metadata
Kubernetes meta/v1.ObjectMeta
|
Standard metadata of the object. Refer to the Kubernetes API documentation for the fields of themetadata field.
|
||||||||||||
spec
GroupSpec
|
Desired state of the group.
|
||||||||||||
status
GroupStatus
|
Most recently observed status of the group. |
ClusterGroupReference
(string alias)
(Appears on: GroupSpec)
ClusterGroupReference represent reference to a ClusterGroup.
GroupCondition
(Appears on: GroupStatus)
| Field | Description |
|---|---|
type
GroupConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
|
lastTransitionTime
Kubernetes meta/v1.Time
|
GroupConditionType
(string alias)
(Appears on: GroupCondition)
GroupSpec
(Appears on: ClusterGroup)
| Field | Description |
|---|---|
podSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select Pods matching the labels set in the PodSelector in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
namespaceSelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo/To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector. |
ipBlocks
[]IPBlock
|
(Optional)
IPBlocks describe the IPAddresses/IPBlocks that are matched in to/from. IPBlocks cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference. |
serviceReference
ServiceReference
|
(Optional)
Select backend Pods of the referred Service. Cannot be set with any other selector or ipBlock. |
externalEntitySelector
Kubernetes meta/v1.LabelSelector
|
(Optional)
Select ExternalEntities from all Namespaces as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector. |
childGroups
[]ClusterGroupReference
|
(Optional)
Select other ClusterGroups by name. The ClusterGroups must already exist and must not contain ChildGroups themselves. Cannot be set with any selector/IPBlock/ServiceReference. |
GroupStatus
(Appears on: ClusterGroup)
GroupStatus represents information about the status of a Group.
| Field | Description |
|---|---|
conditions
[]GroupCondition
|
ServiceReference
(Appears on: GroupSpec)
ServiceReference represent reference to a v1.Service.
| Field | Description |
|---|---|
name
string
|
Name of the Service |
namespace
string
|
Namespace of the Service |
crd.antrea.io/v1beta1
Resource Types:AntreaAgentInfo
| Field | Description |
|---|---|
apiVersion
string |
crd.antrea.io/v1beta1
|
kind
string
|
AntreaAgentInfo |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
version
string
|
|
podRef
Kubernetes core/v1.ObjectReference
|
Antrea binary version |
nodeRef
Kubernetes core/v1.ObjectReference
|
The Pod that Antrea Agent is running in |
nodeSubnets
[]string
|
The Node that Antrea Agent is running in |
ovsInfo
OVSInfo
|
Node subnets |
networkPolicyControllerInfo
NetworkPolicyControllerInfo
|
OVS Information |
localPodNum
int32
|
Antrea Agent NetworkPolicy information |
agentConditions
[]AgentCondition
|
The number of Pods which the agent is in charge of |
apiPort
int
|
Agent condition contains types like AgentHealthy |
AntreaControllerInfo
| Field | Description |
|---|---|
apiVersion
string |
crd.antrea.io/v1beta1
|
kind
string
|
AntreaControllerInfo |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
version
string
|
|
podRef
Kubernetes core/v1.ObjectReference
|
Antrea binary version |
nodeRef
Kubernetes core/v1.ObjectReference
|
The Pod that Antrea Controller is running in |
serviceRef
Kubernetes core/v1.ObjectReference
|
The Node that Antrea Controller is running in |
networkPolicyControllerInfo
NetworkPolicyControllerInfo
|
Antrea Controller Service |
connectedAgentNum
int32
|
Antrea Controller NetworkPolicy information |
controllerConditions
[]ControllerCondition
|
Number of agents which are connected to this controller |
apiPort
int
|
Controller condition contains types like ControllerHealthy |
AgentCondition
(Appears on: AntreaAgentInfo)
| Field | Description |
|---|---|
type
AgentConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
One of the AgentConditionType listed above |
lastHeartbeatTime
Kubernetes meta/v1.Time
|
Mark certain type status, one of True, False, Unknown |
reason
string
|
The timestamp when AntreaAgentInfo is created/updated, ideally heartbeat interval is 60s |
message
string
|
Brief reason |
AgentConditionType
(string alias)
(Appears on: AgentCondition)
ControllerCondition
(Appears on: AntreaControllerInfo)
| Field | Description |
|---|---|
type
ControllerConditionType
|
|
status
Kubernetes core/v1.ConditionStatus
|
One of the ControllerConditionType listed above, controllerHealthy |
lastHeartbeatTime
Kubernetes meta/v1.Time
|
Mark certain type status, one of True, False, Unknown |
reason
string
|
The timestamp when AntreaControllerInfo is created/updated, ideally heartbeat interval is 60s |
message
string
|
Brief reason |
ControllerConditionType
(string alias)
(Appears on: ControllerCondition)
NetworkPolicyControllerInfo
(Appears on: AntreaAgentInfo, AntreaControllerInfo)
| Field | Description |
|---|---|
networkPolicyNum
int32
|
|
addressGroupNum
int32
|
|
appliedToGroupNum
int32
|
OVSInfo
(Appears on: AntreaAgentInfo)
| Field | Description |
|---|---|
version
string
|
|
bridgeName
string
|
|
flowTable
map[string]int32
|
stats.antrea.io/v1alpha1
Package v1alpha1 is the v1alpha1 version of the Antrea Stats API.
Resource Types:AntreaClusterNetworkPolicyStats
AntreaClusterNetworkPolicyStats is the statistics of a Antrea ClusterNetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
AntreaClusterNetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the Antrea ClusterNetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The traffic stats of the Antrea ClusterNetworkPolicy, from rule perspective. |
AntreaNetworkPolicyStats
AntreaNetworkPolicyStats is the statistics of a Antrea NetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
AntreaNetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the Antrea NetworkPolicy. |
ruleTrafficStats
[]RuleTrafficStats
|
The traffic stats of the Antrea NetworkPolicy, from rule perspective. |
NetworkPolicyStats
NetworkPolicyStats is the statistics of a K8s NetworkPolicy.
| Field | Description |
|---|---|
apiVersion
string |
stats.antrea.io/v1alpha1
|
kind
string
|
NetworkPolicyStats |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
trafficStats
TrafficStats
|
The traffic stats of the K8s NetworkPolicy. |
RuleTrafficStats
(Appears on: AntreaClusterNetworkPolicyStats, AntreaNetworkPolicyStats, NetworkPolicyStats)
RuleTrafficStats contains TrafficStats of single rule inside a NetworkPolicy.
| Field | Description |
|---|---|
name
string
|
|
trafficStats
TrafficStats
|
TrafficStats
(Appears on: AntreaClusterNetworkPolicyStats, AntreaNetworkPolicyStats, NetworkPolicyStats, NetworkPolicyStats, RuleTrafficStats)
TrafficStats contains the traffic stats of a NetworkPolicy.
| Field | Description |
|---|---|
packets
int64
|
Packets is the packets count hit by the NetworkPolicy. |
bytes
int64
|
Bytes is the bytes count hit by the NetworkPolicy. |
sessions
int64
|
Sessions is the sessions count hit by the NetworkPolicy. |
system.antrea.io/v1beta1
Package v1beta1 contains the v1beta1 version of the Antrea “system” API group definitions.
Resource Types:SupportBundle
| Field | Description |
|---|---|
apiVersion
string |
system.antrea.io/v1beta1
|
kind
string
|
SupportBundle |
metadata
Kubernetes meta/v1.ObjectMeta
|
Refer to the Kubernetes API documentation for the fields of the
metadata field.
|
status
BundleStatus
|
|
sum
string
|
|
since
string
|
|
size
uint32
|
|
-
string
|
BundleStatus
(string alias)
(Appears on: SupportBundle)
Generated with gen-crd-api-reference-docs
on git commit bd88118.