Packages:

policy.openservicemesh.io/v1alpha1

Package v1alpha1 is the v1alpha1 version of the API.

Resource Types:

    BackendSpec

    (Appears on:IngressBackendSpec)

    BackendSpec is the type used to represent a Backend specified in the IngressBackend policy specification.

    Field Description
    name
    string

    Name defines the name of the backend.

    port
    PortSpec

    Port defines the specification for the backend’s port.

    tls
    TLSSpec
    (Optional)

    TLS defines the specification for the backend’s TLS configuration.

    ConnectionSettingsSpec

    (Appears on:UpstreamTrafficSettingSpec)

    ConnectionSettingsSpec defines the connection settings for an upstream host.

    Field Description
    tcp
    TCPConnectionSettings
    (Optional)

    TCP specifies the TCP level connection settings. Applies to both TCP and HTTP connections.

    http
    HTTPConnectionSettings
    (Optional)

    HTTP specifies the HTTP level connection settings.

    Egress

    Egress is the type used to represent an Egress traffic policy. An Egress policy allows applications to access endpoints external to the service mesh or cluster based on the specified rules in the policy.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    EgressSpec
    (Optional)

    Spec is the Egress policy specification



    sources
    []EgressSourceSpec

    Sources defines the list of sources the Egress policy applies to.

    hosts
    []string
    (Optional)

    Hosts defines the list of external hosts the Egress policy will allow access to.

    • For HTTP traffic, the HTTP Host/Authority header is matched against the list of Hosts specified.

    • For HTTPS traffic, the Server Name Indication (SNI) indicated by the client in the TLS handshake is matched against the list of Hosts specified.

    • For non-HTTP(s) based protocols, the Hosts field is ignored.

    ipAddresses
    []string
    (Optional)

    IPAddresses defines the list of external IP address ranges the Egress policy applies to. The destination IP address of the traffic is matched against the list of IPAddresses specified as a CIDR range.

    ports
    []PortSpec

    Ports defines the list of ports the Egress policy is applies to. The destination port of the traffic is matched against the list of Ports specified.

    matches
    []Kubernetes core/v1.TypedLocalObjectReference
    (Optional)

    Matches defines the list of object references the Egress policy should match on.

    EgressSourceSpec

    (Appears on:EgressSpec)

    EgressSourceSpec is the type used to represent the Source in the list of Sources specified in an Egress policy specification.

    Field Description
    kind
    string

    Kind defines the kind for the source in the Egress policy, ex. ServiceAccount.

    name
    string

    Name defines the name of the source for the given Kind.

    namespace
    string

    Namespace defines the namespace for the given source.

    EgressSpec

    (Appears on:Egress)

    EgressSpec is the type used to represent the Egress policy specification.

    Field Description
    sources
    []EgressSourceSpec

    Sources defines the list of sources the Egress policy applies to.

    hosts
    []string
    (Optional)

    Hosts defines the list of external hosts the Egress policy will allow access to.

    • For HTTP traffic, the HTTP Host/Authority header is matched against the list of Hosts specified.

    • For HTTPS traffic, the Server Name Indication (SNI) indicated by the client in the TLS handshake is matched against the list of Hosts specified.

    • For non-HTTP(s) based protocols, the Hosts field is ignored.

    ipAddresses
    []string
    (Optional)

    IPAddresses defines the list of external IP address ranges the Egress policy applies to. The destination IP address of the traffic is matched against the list of IPAddresses specified as a CIDR range.

    ports
    []PortSpec

    Ports defines the list of ports the Egress policy is applies to. The destination port of the traffic is matched against the list of Ports specified.

    matches
    []Kubernetes core/v1.TypedLocalObjectReference
    (Optional)

    Matches defines the list of object references the Egress policy should match on.

    EnvoyAccessLogConfig

    (Appears on:TelemetrySpec)

    EnvoyAccessLogConfig defines the Envoy access log configuration.

    Field Description
    format
    string
    (Optional)

    Format defines the Envoy access log format. The format can either be unstructured or structured (e.g. JSON). Refer to https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#format-strings regarding how a format string can be specified.

    openTelemetry
    EnvoyAccessLogOpenTelemetryConfig
    (Optional)

    OpenTelemetry defines the OpenTelemetry configuration used to export the Envoy access logs to an OpenTelemetry collector.

    EnvoyAccessLogOpenTelemetryConfig

    (Appears on:EnvoyAccessLogConfig)

    EnvoyAccessLogOpenTelemetryConfig defines the Envoy access log OpenTelemetry configuration.

    Field Description
    extensionService
    ExtensionServiceRef

    ExtensionService defines the referenence to ExtensionService resource corresponding to the OpenTelemetry collector the access log should be exported to.

    attributes
    map[string]string
    (Optional)

    Attributes defines key-value pairs as additional metadata corresponding access log record.

    ExtensionServiceRef

    (Appears on:EnvoyAccessLogOpenTelemetryConfig)

    ExtensionServiceRef defines the namespace and name of the ExtensionService resource.

    Field Description
    namespace
    string

    Namespace defines the namespaces of the ExtensionService resource.

    name
    string

    Name defines the name of the ExtensionService resource.

    GenericKeyDescriptorEntry

    (Appears on:HTTPGlobalRateLimitDescriptorEntry)

    GenericKeyDescriptorEntry defines a descriptor entry with a static key-value pair.

    Field Description
    value
    string

    Value defines the descriptor entry’s value.

    key
    string
    (Optional)

    Key defines the descriptor entry’s key. Defaults to ‘generic_key’.

    GlobalRateLimitSpec

    (Appears on:RateLimitSpec)

    GlobalRateLimitSpec defines the global rate limiting specification for the upstream host.

    Field Description
    tcp
    TCPGlobalRateLimitSpec
    (Optional)

    TCP defines the global rate limiting specification at the network level. This has the ultimate effect of rate limiting connections per unit of time that arrive at the upstream host.

    http
    HTTPGlobalRateLimitSpec
    (Optional)

    HTTP defines the global rate limiting specification for HTTP traffic. This has the ultimate effect of rate limiting HTTP requests per unit of time that arrive at the upstream host.

    HTTPConnectionSettings

    (Appears on:ConnectionSettingsSpec)

    HTTPConnectionSettings defines the HTTP connection settings for an upstream host.

    Field Description
    maxRequests
    uint32
    (Optional)

    MaxRequests specifies the maximum number of parallel requests allowed to the upstream host. Defaults to 4294967295 (2^32 - 1) if not specified.

    maxRequestsPerConnection
    uint32
    (Optional)

    MaxRequestsPerConnection specifies the maximum number of requests per connection allowed to the upstream host. Defaults to unlimited if not specified.

    maxPendingRequests
    uint32
    (Optional)

    MaxPendingRequests specifies the maximum number of pending HTTP requests allowed to the upstream host. For HTTP/2 connections, if maxRequestsPerConnection is not configured, all requests will be multiplexed over the same connection so this circuit breaker will only be hit when no connection is already established. Defaults to 4294967295 (2^32 - 1) if not specified.

    maxRetries
    uint32
    (Optional)

    MaxRetries specifies the maximum number of parallel retries allowed to the upstream host. Defaults to 4294967295 (2^32 - 1) if not specified.

    HTTPGlobalPerRouteRateLimitSpec

    (Appears on:HTTPPerRouteRateLimitSpec)

    HTTPGlobalPerRouteRateLimitSpec defines the global rate limiting specification applied per HTTP route.

    Field Description
    descriptors
    []HTTPGlobalRateLimitDescriptor

    Descriptors defines the list of rate limit descriptors to use in the rate limit service request.

    HTTPGlobalRateLimitDescriptor

    (Appears on:HTTPGlobalPerRouteRateLimitSpec, HTTPGlobalRateLimitSpec)

    HTTPGlobalRateLimitDescriptor defines rate limit descriptor to use in the rate limit service request for HTTP requests.

    Field Description
    entries
    []HTTPGlobalRateLimitDescriptorEntry

    Entries defines the list of rate limit descriptor entries.

    HTTPGlobalRateLimitDescriptorEntry

    (Appears on:HTTPGlobalRateLimitDescriptor)

    HTTPGlobalRateLimitDescriptorEntry defines the rate limit descriptor entry to use in the rate limit service request for HTTP requests. Only one of GenericKey, RemoteAddress, RequestHeader, HeaderValueMatch may be set.

    Field Description
    genericKey
    GenericKeyDescriptorEntry
    (Optional)

    GenericKey defines a descriptor entry with a static key-value pair.

    remoteAddress
    RemoteAddressDescriptorEntry
    (Optional)

    RemoteAddress defines a descriptor entry with with key ‘remote_address’ and value equal to the client’s IP address derived from the x-forwarded-for header.

    requestHeader
    RequestHeaderDescriptorEntry
    (Optional)

    RequestHeader defines a descriptor entry that is generated only when the request header matches the given header name. The value of the descriptor entry is derived from the value of the header present in the request.

    headerValueMatch
    HeaderValueMatchDescriptorEntry
    (Optional)

    HeaderValueMatch defines a descriptor entry that is generated when the request header matches the given HTTP header match criteria.

    HTTPGlobalRateLimitSpec

    (Appears on:GlobalRateLimitSpec)

    HTTPGlobalRateLimitSpec defines the global rate limiting specification for HTTP requests.

    Field Description
    rateLimitService
    RateLimitServiceSpec

    RateLimitService defines the rate limiting service to use as a global rate limiter.

    domain
    string

    Domain defines a container for a set of rate limits. All domains known to the Ratelimit service must be globally unique. They serve as a way to have different rate limit configurations that don’t conflict.

    descriptors
    []HTTPGlobalRateLimitDescriptor
    (Optional)

    Descriptors defines the list of rate limit descriptors to use in the rate limit service request.

    timeout
    Kubernetes meta/v1.Duration
    (Optional)

    Timeout defines the timeout interval for calls to the rate limit service. Defaults to 20ms.

    failOpen
    bool
    (Optional)

    FailOpen defines whether to allow traffic in case of communication failure between rate limiting service and the proxy. Defaults to true.

    enableXRateLimitHeaders
    bool
    (Optional)

    EnableXRateLimitHeaders defines whether to include the headers X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset on responses to clients when the rate limit service is consulted for a request. Defaults to false.

    responseStatusCode
    uint32
    (Optional)

    ResponseStatusCode defines the HTTP status code to use for responses to rate limited requests. Code must be in the 400-599 (inclusive) error range. If not specified, a default of 429 (Too Many Requests) is used. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/type/v3/http_status.proto#enum-type-v3-statuscode for the list of HTTP status codes supported by Envoy.

    HTTPHeaderMatcher

    (Appears on:HeaderValueMatchDescriptorEntry)

    HTTPHeaderMatcher defines the HTTP header match criteria. Only one of Exact, Prefix, Suffix, Regex, Contains, Present may be set.

    Field Description
    name
    string

    Name defines the name of the header to match.

    exact
    string
    (Optional)

    Exact defines the exact value to match.

    prefix
    string
    (Optional)

    Prefix defines the prefix value to match.

    suffix
    string
    (Optional)

    Suffix defines the suffix value to match.

    regex
    string
    (Optional)

    Regex defines the regex value to match.

    contains
    string
    (Optional)

    Contains defines the substring value to match.

    present
    bool
    (Optional)

    Present defines whether the request matches the criteria when the header is present. If set to false, header match will be performed based on whether the header is absent.

    HTTPHeaderValue

    (Appears on:HTTPLocalRateLimitSpec)

    HTTPHeaderValue defines an HTTP header name/value pair

    Field Description
    name
    string

    Name defines the name of the HTTP header.

    value
    string

    Value defines the value of the header corresponding to the name key.

    HTTPLocalRateLimitSpec

    (Appears on:HTTPPerRouteRateLimitSpec, LocalRateLimitSpec)

    HTTPLocalRateLimitSpec defines the local rate limiting specification for the upstream host at the HTTP level.

    Field Description
    requests
    uint32

    Requests defines the number of requests allowed per unit of time before rate limiting occurs.

    unit
    string

    Unit defines the period of time within which requests over the limit will be rate limited. Valid values are “second”, “minute” and “hour”.

    burst
    uint32
    (Optional)

    Burst defines the number of requests above the baseline rate that are allowed in a short period of time.

    responseStatusCode
    uint32
    (Optional)

    ResponseStatusCode defines the HTTP status code to use for responses to rate limited requests. Code must be in the 400-599 (inclusive) error range. If not specified, a default of 429 (Too Many Requests) is used. See https://www.envoyproxy.io/docs/envoy/latest/api-v3/type/v3/http_status.proto#enum-type-v3-statuscode for the list of HTTP status codes supported by Envoy.

    responseHeadersToAdd
    []HTTPHeaderValue
    (Optional)

    ResponseHeadersToAdd defines the list of HTTP headers that should be added to each response for requests that have been rate limited.

    HTTPPerRouteRateLimitSpec

    (Appears on:HTTPRouteSpec)

    HTTPPerRouteRateLimitSpec defines the rate limiting specification per HTTP route.

    Field Description
    local
    HTTPLocalRateLimitSpec

    Local defines the local rate limiting specification applied per HTTP route.

    global
    HTTPGlobalPerRouteRateLimitSpec

    Global defines the global rate limiting specification applied per HTTP route.

    HTTPRouteSpec

    (Appears on:UpstreamTrafficSettingSpec)

    HTTPRouteSpec defines the settings correspondng to an HTTP route

    Field Description
    path
    string

    Path defines the HTTP path.

    rateLimit
    HTTPPerRouteRateLimitSpec

    RateLimit defines the HTTP rate limiting specification for the specified HTTP route.

    HeaderValueMatchDescriptorEntry

    (Appears on:HTTPGlobalRateLimitDescriptorEntry)

    HeaderValueMatchDescriptorEntry defines the descriptor entry that is generated when the request header matches the given HTTP header match criteria.

    Field Description
    value
    string

    Value defines the descriptor entry’s value.

    headers
    []HTTPHeaderMatcher

    Headers defines the list of HTTP header match criteria.

    key
    string
    (Optional)

    Key defines the descriptor entry’s key. Defaults to ‘header_match’.

    expectMatch
    bool
    (Optional)

    ExpectMatch defines whether the request must match the given match criteria for the descriptor entry to be generated. If set to false, a descriptor entry will be generated when the request does not match the match criteria. Defaults to true.

    IngressBackend

    IngressBackend is the type used to represent an Ingress backend policy. An Ingress backend policy authorizes one or more backends to accept ingress traffic from one or more sources.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    IngressBackendSpec
    (Optional)

    Spec is the Ingress backend policy specification



    backends
    []BackendSpec

    Backends defines the list of backends the IngressBackend policy applies to.

    sources
    []IngressSourceSpec

    Sources defines the list of sources the IngressBackend policy applies to.

    matches
    []Kubernetes core/v1.TypedLocalObjectReference
    (Optional)

    Matches defines the list of object references the IngressBackend policy should match on.

    status
    IngressBackendStatus
    (Optional)

    Status is the status of the IngressBackend configuration.

    IngressBackendSpec

    (Appears on:IngressBackend)

    IngressBackendSpec is the type used to represent the IngressBackend policy specification.

    Field Description
    backends
    []BackendSpec

    Backends defines the list of backends the IngressBackend policy applies to.

    sources
    []IngressSourceSpec

    Sources defines the list of sources the IngressBackend policy applies to.

    matches
    []Kubernetes core/v1.TypedLocalObjectReference
    (Optional)

    Matches defines the list of object references the IngressBackend policy should match on.

    IngressBackendStatus

    (Appears on:IngressBackend)

    IngressBackendStatus is the type used to represent the status of an IngressBackend resource.

    Field Description
    currentStatus
    string
    (Optional)

    CurrentStatus defines the current status of an IngressBackend resource.

    reason
    string
    (Optional)

    Reason defines the reason for the current status of an IngressBackend resource.

    IngressSourceSpec

    (Appears on:IngressBackendSpec)

    IngressSourceSpec is the type used to represent the Source in the list of Sources specified in an IngressBackend policy specification.

    Field Description
    kind
    string

    Kind defines the kind for the source in the IngressBackend policy. Must be one of: Service, AuthenticatedPrincipal, IPRange

    name
    string

    Name defines the name of the source for the given Kind.

    namespace
    string
    (Optional)

    Namespace defines the namespace for the given source.

    LocalRateLimitSpec

    (Appears on:RateLimitSpec)

    LocalRateLimitSpec defines the local rate limiting specification for the upstream host.

    Field Description
    tcp
    TCPLocalRateLimitSpec
    (Optional)

    TCP defines the local rate limiting specification at the network level. This is a token bucket rate limiter where each connection consumes a single token. If the token is available, the connection will be allowed. If no tokens are available, the connection will be immediately closed.

    http
    HTTPLocalRateLimitSpec

    HTTP defines the local rate limiting specification for HTTP traffic. This is a token bucket rate limiter where each request consumes a single token. If the token is available, the request will be allowed. If no tokens are available, the request will receive the configured rate limit status.

    PortSpec

    (Appears on:BackendSpec, EgressSpec)

    PortSpec is the type used to represent the Port in the list of Ports specified in an Egress policy specification.

    Field Description
    number
    int

    Number defines the port number.

    protocol
    string

    Protocol defines the protocol served by the port.

    RateLimitServiceSpec

    (Appears on:HTTPGlobalRateLimitSpec, TCPGlobalRateLimitSpec)

    RateLimitServiceSpec defines the Rate Limit Service specification.

    Field Description
    host
    string

    Host defines the hostname of the rate limiting service.

    port
    uint16

    Port defines the port number of the rate limiting service

    RateLimitSpec

    (Appears on:UpstreamTrafficSettingSpec)

    RateLimitSpec defines the rate limiting specification for the upstream host.

    Field Description
    local
    LocalRateLimitSpec
    (Optional)

    Local defines the local rate limiting specification for the upstream host. Local rate limiting is enforced directly by the upstream host without any involvement of a global rate limiting service. This is applied as a token bucket rate limiter.

    global
    GlobalRateLimitSpec
    (Optional)

    Global defines the global rate limiting specification for the upstream host. Global rate limiting is enforced by an external rate limiting service.

    RemoteAddressDescriptorEntry

    (Appears on:HTTPGlobalRateLimitDescriptorEntry)

    RemoteAddressDescriptorEntry defines a descriptor entry with key ‘remote_address’ and value equal to the client’s IP address derived from the x-forwarded-for header.

    RequestHeaderDescriptorEntry

    (Appears on:HTTPGlobalRateLimitDescriptorEntry)

    RequestHeaderDescriptorEntry defines a descriptor entry that is generated only when the request header matches the given header name. The value of the descriptor entry is derived from the value of the header present in the request.

    Field Description
    name
    string

    Name defines the name of the header used to look up the descriptor entry’s value.

    key
    string

    Key defines the descriptor entry’s key.

    Retry

    Retry is the type used to represent a Retry policy. A Retry policy authorizes retries to failed attempts for outbound traffic from one service source to one or more destination services.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    RetrySpec
    (Optional)

    Spec is the Retry policy specification



    source
    RetrySrcDstSpec

    Source defines the source the Retry policy applies to.

    destinations
    []RetrySrcDstSpec

    Destinations defines the list of destinations the Retry policy applies to.

    retryPolicy
    RetryPolicySpec

    RetryPolicy defines the retry policy the Retry policy applies.

    RetryPolicySpec

    (Appears on:RetrySpec)

    RetryPolicySpec is the type used to represent the retry policy specified in the Retry policy specification.

    Field Description
    retryOn
    string

    RetryOn defines the policies to retry on, delimited by comma.

    perTryTimeout
    Kubernetes meta/v1.Duration
    (Optional)

    PerTryTimeout defines the time allowed for a retry before it’s considered a failed attempt.

    numRetries
    uint32
    (Optional)

    NumRetries defines the max number of retries to attempt.

    retryBackoffBaseInterval
    Kubernetes meta/v1.Duration
    (Optional)

    RetryBackoffBaseInterval defines the base interval for exponential retry backoff.

    RetrySpec

    (Appears on:Retry)

    RetrySpec is the type used to represent the Retry policy specification.

    Field Description
    source
    RetrySrcDstSpec

    Source defines the source the Retry policy applies to.

    destinations
    []RetrySrcDstSpec

    Destinations defines the list of destinations the Retry policy applies to.

    retryPolicy
    RetryPolicySpec

    RetryPolicy defines the retry policy the Retry policy applies.

    RetrySrcDstSpec

    (Appears on:RetrySpec)

    RetrySrcDstSpec is the type used to represent the Destination in the list of Destinations and the Source specified in the Retry policy specification.

    Field Description
    kind
    string

    Kind defines the kind for the Src/Dst in the Retry policy.

    name
    string

    Name defines the name of the Src/Dst for the given Kind.

    namespace
    string

    Namespace defines the namespace for the given Src/Dst.

    TCPConnectionSettings

    (Appears on:ConnectionSettingsSpec)

    TCPConnectionSettings defines the TCP connection settings for an upstream host.

    Field Description
    maxConnections
    uint32
    (Optional)

    MaxConnections specifies the maximum number of TCP connections allowed to the upstream host. Defaults to 4294967295 (2^32 - 1) if not specified.

    connectTimeout
    Kubernetes meta/v1.Duration
    (Optional)

    ConnectTimeout specifies the TCP connection timeout. Defaults to 5s if not specified.

    TCPGlobalRateLimitSpec

    (Appears on:GlobalRateLimitSpec)

    TCPGlobalRateLimitSpec defines the global rate limiting specification for TCP connections.

    Field Description
    rateLimitService
    RateLimitServiceSpec

    RateLimitService defines the rate limiting service to use as a global rate limiter.

    domain
    string

    Domain defines a container for a set of rate limits. All domains known to the Ratelimit service must be globally unique. They serve as a way to have different rate limit configurations that don’t conflict.

    descriptors
    []TCPRateLimitDescriptor

    Descriptors defines the list of rate limit descriptors to use in the rate limit service request.

    timeout
    Kubernetes meta/v1.Duration
    (Optional)

    Timeout defines the timeout interval for calls to the rate limit service. Defaults to 20ms.

    failOpen
    bool
    (Optional)

    FailOpen defines whether to allow traffic in case of communication failure between rate limiting service and the proxy. Defaults to true.

    TCPLocalRateLimitSpec

    (Appears on:LocalRateLimitSpec)

    TCPLocalRateLimitSpec defines the local rate limiting specification for the upstream host at the TCP level.

    Field Description
    connections
    uint32

    Connections defines the number of connections allowed per unit of time before rate limiting occurs.

    unit
    string

    Unit defines the period of time within which connections over the limit will be rate limited. Valid values are “second”, “minute” and “hour”.

    burst
    uint32
    (Optional)

    Burst defines the number of connections above the baseline rate that are allowed in a short period of time.

    TCPRateLimitDescriptor

    (Appears on:TCPGlobalRateLimitSpec)

    TCPRateLimitDescriptor defines the rate limit descriptor to use in the rate limit service request for TCP connections.

    Field Description
    entries
    []TCPRateLimitDescriptorEntry

    Entries defines the list of rate limit descriptor entries.

    TCPRateLimitDescriptorEntry

    (Appears on:TCPRateLimitDescriptor)

    TCPRateLimitDescriptorEntry defines the rate limit descriptor entry as a key-value pair to use in the rate limit service request for TCP connections.

    Field Description
    key
    string

    Key defines the key of the descriptor entry.

    value
    string

    Value defines the value of the descriptor entry.

    TLSSpec

    (Appears on:BackendSpec)

    TLSSpec is the type used to represent the backend’s TLS configuration.

    Field Description
    skipClientCertValidation
    bool

    SkipClientCertValidation defines whether the backend should skip validating the certificate presented by the client.

    sniHosts
    []string
    (Optional)

    SNIHosts defines the SNI hostnames that the backend allows the client to connect to.

    Telemetry

    Telemetry defines the telemetry configuration for workloads in the mesh.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    TelemetrySpec
    (Optional)

    Spec is the UpstreamTrafficSetting policy specification



    selector
    map[string]string
    (Optional)

    Selector defines the pod label selector for pods the Telemetry configuration is applicable to. It selects pods with matching label keys and values. If not specified, the configuration applies to all pods in the Telemetry resource’s namespace.

    accessLog
    EnvoyAccessLogConfig
    (Optional)

    AccessLog defines the Envoy access log configuration.

    status
    TelemetryStatus
    (Optional)

    Status is the status of the TelemetryStatus resource.

    TelemetrySpec

    (Appears on:Telemetry)

    TelemetrySpec defines the Telemetry specification applicable to workloads in the mesh.

    Field Description
    selector
    map[string]string
    (Optional)

    Selector defines the pod label selector for pods the Telemetry configuration is applicable to. It selects pods with matching label keys and values. If not specified, the configuration applies to all pods in the Telemetry resource’s namespace.

    accessLog
    EnvoyAccessLogConfig
    (Optional)

    AccessLog defines the Envoy access log configuration.

    TelemetryStatus

    (Appears on:Telemetry)

    TelemetryStatus defines the status of a TelemetryStatus resource.

    Field Description
    currentStatus
    string
    (Optional)

    CurrentStatus defines the current status of a TelemetryStatus resource.

    reason
    string
    (Optional)

    Reason defines the reason for the current status of a TelemetryStatus resource.

    UpstreamTrafficSetting

    UpstreamTrafficSetting defines the settings applicable to traffic destined to an upstream host.

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    UpstreamTrafficSettingSpec
    (Optional)

    Spec is the UpstreamTrafficSetting policy specification



    host
    string

    Host the upstream traffic is directed to. Must either be an FQDN corresponding to the upstream service or the name of the upstream service. If only the service name is specified, the FQDN is derived from the service name and the namespace of the UpstreamTrafficSetting rule.

    connectionSettings
    ConnectionSettingsSpec
    (Optional)

    ConnectionSettings specifies the connection settings for traffic directed to the upstream host.

    rateLimit
    RateLimitSpec
    (Optional)

    RateLimit specifies the rate limit settings for the traffic directed to the upstream host. If HTTP rate limiting is specified, the rate limiting is applied at the VirtualHost level applicable to all routes within the VirtualHost.

    httpRoutes
    []HTTPRouteSpec
    (Optional)

    HTTPRoutes defines the list of HTTP routes settings for the upstream host. Settings are applied at a per route level.

    status
    UpstreamTrafficSettingStatus
    (Optional)

    Status is the status of the UpstreamTrafficSetting resource.

    UpstreamTrafficSettingSpec

    (Appears on:UpstreamTrafficSetting)

    UpstreamTrafficSettingSpec defines the upstream traffic setting specification.

    Field Description
    host
    string

    Host the upstream traffic is directed to. Must either be an FQDN corresponding to the upstream service or the name of the upstream service. If only the service name is specified, the FQDN is derived from the service name and the namespace of the UpstreamTrafficSetting rule.

    connectionSettings
    ConnectionSettingsSpec
    (Optional)

    ConnectionSettings specifies the connection settings for traffic directed to the upstream host.

    rateLimit
    RateLimitSpec
    (Optional)

    RateLimit specifies the rate limit settings for the traffic directed to the upstream host. If HTTP rate limiting is specified, the rate limiting is applied at the VirtualHost level applicable to all routes within the VirtualHost.

    httpRoutes
    []HTTPRouteSpec
    (Optional)

    HTTPRoutes defines the list of HTTP routes settings for the upstream host. Settings are applied at a per route level.

    UpstreamTrafficSettingStatus

    (Appears on:UpstreamTrafficSetting)

    UpstreamTrafficSettingStatus defines the status of an UpstreamTrafficSetting resource.

    Field Description
    currentStatus
    string
    (Optional)

    CurrentStatus defines the current status of an UpstreamTrafficSetting resource.

    reason
    string
    (Optional)

    Reason defines the reason for the current status of an UpstreamTrafficSetting resource.


    Generated with gen-crd-api-reference-docs on git commit a65cd374.