2
apiVersion: apiextensions.k8s.io/v1
3
kind: CustomResourceDefinition
6
controller-gen.kubebuilder.io/version: v0.14.0
7
name: meshproxypatches.kuma.io
14
listKind: MeshProxyPatchList
15
plural: meshproxypatches
16
singular: meshproxypatch
19
- additionalPrinterColumns:
20
- jsonPath: .spec.targetRef.kind
23
- jsonPath: .spec.targetRef.name
32
APIVersion defines the versioned schema of this representation of an object.
33
Servers should convert recognized schemas to the latest internal value, and
34
may reject unrecognized values.
35
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
39
Kind is a string value representing the REST resource this object represents.
40
Servers may infer this from the endpoint the client submits requests to.
43
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
48
description: Spec is the specification of the Kuma MeshProxyPatch resource.
52
Default is a configuration specific to the group of destinations
53
referenced in 'targetRef'.
56
description: AppendModifications is a list of modifications applied
57
on the selected proxy.
61
description: Cluster is a modification of Envoy's Cluster
66
JsonPatches specifies list of jsonpatches to apply to on Envoy's Cluster
69
description: JsonPatchBlock is one json patch operation
73
description: From is a jsonpatch from string,
74
used by move and copy operations.
77
description: Op is a jsonpatch operation string.
86
description: Path is a jsonpatch path string.
89
description: Value must be a valid json value
90
used by replace and add operations.
91
x-kubernetes-preserve-unknown-fields: true
98
description: Match is a set of conditions that have
99
to be matched for modification operation to happen.
102
description: Name of the cluster to match.
106
Origin is the name of the component or plugin that generated the resource.
109
Here is the list of well-known origins:
110
inbound - resources generated for handling incoming traffic.
111
outbound - resources generated for handling outgoing traffic.
112
transparent - resources generated for transparent proxy functionality.
113
prometheus - resources generated when Prometheus metrics are enabled.
114
direct-access - resources generated for Direct Access functionality.
115
ingress - resources generated for Zone Ingress.
116
egress - resources generated for Zone Egress.
117
gateway - resources generated for MeshGateway.
120
The list is not complete, because policy plugins can introduce new resources.
121
For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
125
description: Operation to execute on matched cluster.
132
description: Value of xDS resource in YAML format to
140
HTTPFilter is a modification of Envoy HTTP Filter
141
available in HTTP Connection Manager in a Listener resource.
145
JsonPatches specifies list of jsonpatches to apply to on Envoy's
146
HTTP Filter available in HTTP Connection Manager in a Listener resource.
148
description: JsonPatchBlock is one json patch operation
152
description: From is a jsonpatch from string,
153
used by move and copy operations.
156
description: Op is a jsonpatch operation string.
165
description: Path is a jsonpatch path string.
168
description: Value must be a valid json value
169
used by replace and add operations.
170
x-kubernetes-preserve-unknown-fields: true
177
description: Match is a set of conditions that have
178
to be matched for modification operation to happen.
181
description: Name of the listener to match.
184
additionalProperties:
186
description: Listener tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
189
description: Name of the HTTP filter. For example
190
"envoy.filters.http.local_ratelimit"
194
Origin is the name of the component or plugin that generated the resource.
197
Here is the list of well-known origins:
198
inbound - resources generated for handling incoming traffic.
199
outbound - resources generated for handling outgoing traffic.
200
transparent - resources generated for transparent proxy functionality.
201
prometheus - resources generated when Prometheus metrics are enabled.
202
direct-access - resources generated for Direct Access functionality.
203
ingress - resources generated for Zone Ingress.
204
egress - resources generated for Zone Egress.
205
gateway - resources generated for MeshGateway.
208
The list is not complete, because policy plugins can introduce new resources.
209
For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
213
description: Operation to execute on matched listener.
223
description: Value of xDS resource in YAML format to
230
description: Listener is a modification of Envoy's Listener
235
JsonPatches specifies list of jsonpatches to apply to on Envoy's Listener
238
description: JsonPatchBlock is one json patch operation
242
description: From is a jsonpatch from string,
243
used by move and copy operations.
246
description: Op is a jsonpatch operation string.
255
description: Path is a jsonpatch path string.
258
description: Value must be a valid json value
259
used by replace and add operations.
260
x-kubernetes-preserve-unknown-fields: true
267
description: Match is a set of conditions that have
268
to be matched for modification operation to happen.
271
description: Name of the listener to match.
275
Origin is the name of the component or plugin that generated the resource.
278
Here is the list of well-known origins:
279
inbound - resources generated for handling incoming traffic.
280
outbound - resources generated for handling outgoing traffic.
281
transparent - resources generated for transparent proxy functionality.
282
prometheus - resources generated when Prometheus metrics are enabled.
283
direct-access - resources generated for Direct Access functionality.
284
ingress - resources generated for Zone Ingress.
285
egress - resources generated for Zone Egress.
286
gateway - resources generated for MeshGateway.
289
The list is not complete, because policy plugins can introduce new resources.
290
For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
293
additionalProperties:
295
description: Tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
299
description: Operation to execute on matched listener.
306
description: Value of xDS resource in YAML format to
313
description: NetworkFilter is a modification of Envoy Listener's
318
JsonPatches specifies list of jsonpatches to apply to on Envoy Listener's
321
description: JsonPatchBlock is one json patch operation
325
description: From is a jsonpatch from string,
326
used by move and copy operations.
329
description: Op is a jsonpatch operation string.
338
description: Path is a jsonpatch path string.
341
description: Value must be a valid json value
342
used by replace and add operations.
343
x-kubernetes-preserve-unknown-fields: true
350
description: Match is a set of conditions that have
351
to be matched for modification operation to happen.
354
description: Name of the listener to match.
357
additionalProperties:
359
description: Listener tags available in Listener#Metadata#FilterMetadata[io.kuma.tags]
362
description: Name of the network filter. For example
363
"envoy.filters.network.ratelimit"
367
Origin is the name of the component or plugin that generated the resource.
370
Here is the list of well-known origins:
371
inbound - resources generated for handling incoming traffic.
372
outbound - resources generated for handling outgoing traffic.
373
transparent - resources generated for transparent proxy functionality.
374
prometheus - resources generated when Prometheus metrics are enabled.
375
direct-access - resources generated for Direct Access functionality.
376
ingress - resources generated for Zone Ingress.
377
egress - resources generated for Zone Egress.
378
gateway - resources generated for MeshGateway.
381
The list is not complete, because policy plugins can introduce new resources.
382
For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
386
description: Operation to execute on matched listener.
396
description: Value of xDS resource in YAML format to
404
VirtualHost is a modification of Envoy's VirtualHost
405
referenced in HTTP Connection Manager in a Listener resource.
409
JsonPatches specifies list of jsonpatches to apply to on Envoy's
412
description: JsonPatchBlock is one json patch operation
416
description: From is a jsonpatch from string,
417
used by move and copy operations.
420
description: Op is a jsonpatch operation string.
429
description: Path is a jsonpatch path string.
432
description: Value must be a valid json value
433
used by replace and add operations.
434
x-kubernetes-preserve-unknown-fields: true
441
description: Match is a set of conditions that have
442
to be matched for modification operation to happen.
445
description: Name of the VirtualHost to match.
449
Origin is the name of the component or plugin that generated the resource.
452
Here is the list of well-known origins:
453
inbound - resources generated for handling incoming traffic.
454
outbound - resources generated for handling outgoing traffic.
455
transparent - resources generated for transparent proxy functionality.
456
prometheus - resources generated when Prometheus metrics are enabled.
457
direct-access - resources generated for Direct Access functionality.
458
ingress - resources generated for Zone Ingress.
459
egress - resources generated for Zone Egress.
460
gateway - resources generated for MeshGateway.
463
The list is not complete, because policy plugins can introduce new resources.
464
For example MeshTrace plugin can create Cluster with "mesh-trace" origin.
466
routeConfigurationName:
467
description: Name of the RouteConfiguration resource
472
description: Operation to execute on matched listener.
479
description: Value of xDS resource in YAML format to
489
- appendModifications
493
TargetRef is a reference to the resource the policy takes an effect on.
494
The resource could be either a real store object or virtual resource
498
description: Kind of the referenced resource
508
description: Mesh is reserved for future use to identify cross
513
Name of the referenced resource. Can only be used with kinds: `MeshService`,
514
`MeshServiceSubset` and `MeshGatewayRoute`
518
ProxyTypes specifies the data plane types that are subject to the policy. When not specified,
519
all data plane types are targeted by the policy.
528
additionalProperties:
531
Tags used to select a subset of proxies by tags. Can only be used with kinds
532
`MeshSubset` and `MeshServiceSubset`