###Install dependencies\r
**1. Install cert-manager**\r
\r
-`$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml`\r
+`$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml`\r
\r
**2. Create namespace for SDEWAN Overlay Controller Microservices**\r
\r
### Precondition\r
**1. Install cert-manager**\r
\r
-`$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml`\r
+`$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml`\r
\r
### Steps to install packages from yaml\r
**1. Create namespace for SDEWAN Central Controller v1Microservices**\r
\r
**4. install monitor resources**\r
\r
-`$ ./monitor-deploy.sh`
\ No newline at end of file
+`$ ./monitor-deploy.sh`\r
-apiVersion: apiextensions.k8s.io/v1beta1\r
+apiVersion: apiextensions.k8s.io/v1\r
kind: CustomResourceDefinition\r
metadata:\r
name: resourcebundlestates.k8splugin.io\r
plural: resourcebundlestates\r
singular: resourcebundlestate\r
scope: Namespaced\r
- subresources:\r
- status: {}\r
- validation:\r
- openAPIV3Schema:\r
- properties:\r
- apiVersion:\r
- description: 'APIVersion defines the versioned schema of this representation\r
+ versions:\r
+ - name: v1alpha1\r
+ schema:\r
+ openAPIV3Schema:\r
+ properties:\r
+ apiVersion:\r
+ description: 'APIVersion defines the versioned schema of this representation\r
of an object. Servers should convert recognized schemas to the latest\r
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'\r
- type: string\r
- kind:\r
- description: 'Kind is a string value representing the REST resource this\r
+ type: string\r
+ kind:\r
+ description: 'Kind is a string value representing the REST resource this\r
object represents. Servers may infer this from the endpoint the client\r
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'\r
- type: string\r
- metadata:\r
- type: object\r
- spec:\r
- properties:\r
- selector:\r
- type: object\r
- required:\r
- - selector\r
- type: object\r
- status:\r
- properties:\r
- podStatuses:\r
- items:\r
- type: object\r
- type: array\r
- ready:\r
- type: boolean\r
- resourceCount:\r
- format: int32\r
- type: integer\r
- serviceStatuses:\r
- items:\r
- type: object\r
- type: array\r
- configMapStatuses:\r
- items:\r
- type: object\r
- type: array\r
- deploymentStatuses:\r
- items:\r
- type: object\r
- type: array\r
- secretStatuses:\r
- items:\r
- type: object\r
- type: array\r
- daemonSetStatuses:\r
- items:\r
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'\r
+ type: string\r
+ metadata:\r
+ type: object\r
+ spec:\r
+ properties:\r
+ selector:\r
type: object\r
- type: array\r
- ingressStatuses:\r
- items:\r
- type: object\r
- type: array\r
- jobStatuses:\r
- items:\r
- type: object\r
- type: array\r
- statefulSetStatuses:\r
- items:\r
- type: object\r
- type: array\r
- csrStatuses:\r
- items:\r
- type: object\r
- type: array\r
- required:\r
- - ready\r
- - resourceCount\r
- - podStatuses\r
- - serviceStatuses\r
- - configMapStatuses\r
- - deploymentStatuses\r
- - secretStatuses\r
- - daemonSetStatuses\r
- - ingressStatuses\r
- - jobStatuses\r
- - statefulSetStatuses\r
- - csrStatuses\r
- type: object\r
- version: v1alpha1\r
- versions:\r
- - name: v1alpha1\r
+ required:\r
+ - selector\r
+ type: object\r
+ status:\r
+ properties:\r
+ podStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ ready:\r
+ type: boolean\r
+ resourceCount:\r
+ format: int32\r
+ type: integer\r
+ serviceStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ configMapStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ deploymentStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ secretStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ daemonSetStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ ingressStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ jobStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ statefulSetStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ csrStatuses:\r
+ items:\r
+ type: object\r
+ type: array\r
+ required:\r
+ - ready\r
+ - resourceCount\r
+ - podStatuses\r
+ - serviceStatuses\r
+ - configMapStatuses\r
+ - deploymentStatuses\r
+ - secretStatuses\r
+ - daemonSetStatuses\r
+ - ingressStatuses\r
+ - jobStatuses\r
+ - statefulSetStatuses\r
+ - csrStatuses\r
+ type: object\r
+ type: object\r
served: true\r
storage: true\r
+ subresources:\r
+ status: {}\r
# Resources to create SDEWAN Central Controller v1 Microservices\r
# SCC Config Map\r
-apiVersion: rbac.authorization.k8s.io/v1beta1\r
+apiVersion: rbac.authorization.k8s.io/v1\r
kind: ClusterRoleBinding\r
metadata:\r
name: scc-rbac\r
name: scc\r
items:\r
- key: rsync_config.json\r
- path: rsync_config.json
\ No newline at end of file
+ path: rsync_config.json\r
control-plane: controller-manager
name: sdewan-system
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
+ creationTimestamp: null
+ name: cnflocalservices.batch.sdewan.akraino.org
+spec:
+ group: batch.sdewan.akraino.org
+ names:
+ kind: CNFLocalService
+ listKind: CNFLocalServiceList
+ plural: cnflocalservices
+ singular: cnflocalservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFLocalService is the Schema for the cnflocalservices API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFLocalServiceSpec defines the desired state of CNFService
+ properties:
+ localport:
+ type: string
+ localservice:
+ type: string
+ remoteport:
+ type: string
+ remoteservice:
+ type: string
+ type: object
+ status:
+ description: CNFLocalServiceStatus defines the observed state of CNFLocalServiceStatus
+ properties:
+ localip:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "make" to regenerate code after modifying
+ this file'
+ type: string
+ localport:
+ type: string
+ message:
+ type: string
+ remoteips:
+ items:
+ type: string
+ type: array
+ remoteport:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.7.0
+ creationTimestamp: null
+ name: cnfnats.batch.sdewan.akraino.org
+spec:
+ group: batch.sdewan.akraino.org
+ names:
+ kind: CNFNAT
+ listKind: CNFNATList
+ plural: cnfnats
+ singular: cnfnat
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFNAT is the Schema for the cnfnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFNATSpec defines the desired state of CNFNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ index:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.7.0
+ creationTimestamp: null
+ name: cnfrouterules.batch.sdewan.akraino.org
+spec:
+ group: batch.sdewan.akraino.org
+ names:
+ kind: CNFRouteRule
+ listKind: CNFRouteRuleList
+ plural: cnfrouterules
+ singular: cnfrouterule
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFRouteRule is the Schema for the cnfrouterules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFRouteRuleSpec defines the desired state of CNFRouteRule
+ properties:
+ dst:
+ type: string
+ fwmark:
+ type: string
+ not:
+ type: boolean
+ prio:
+ type: string
+ src:
+ type: string
+ table:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfroutes.batch.sdewan.akraino.org
spec:
plural: cnfroutes
singular: cnfroute
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFRoute is the Schema for the cnfroutes API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFRouteSpec defines the desired state of CNFRoute
- properties:
- dev:
- type: string
- dst:
- type: string
- gw:
- type: string
- table:
- enum:
- - default
- - cnf
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFRoute is the Schema for the cnfroutes API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFRouteSpec defines the desired state of CNFRoute
+ properties:
+ dev:
+ type: string
+ dst:
+ type: string
+ gw:
+ type: string
+ table:
+ enum:
+ - default
+ - cnf
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfservices.batch.sdewan.akraino.org
spec:
plural: cnfservices
singular: cnfservice
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFService is the Schema for the cnfservices API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFServiceSpec defines the desired state of CNFService
- properties:
- dport:
- type: string
- fullname:
- type: string
- port:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFService is the Schema for the cnfservices API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFServiceSpec defines the desired state of CNFService
+ properties:
+ dport:
+ type: string
+ fullname:
+ type: string
+ port:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfstatuses.batch.sdewan.akraino.org
spec:
plural: cnfstatuses
singular: cnfstatus
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFStatus is the Schema for the cnfstatuses API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFStatusSpec defines the desired state of CNFStatus
- type: object
- status:
- description: CNFStatusStatus defines the observed state of CNFStatus
- properties:
- appliedGeneration:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file'
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- information:
- items:
- description: CNFStatusInformation defines the runtime information of a CMF
- properties:
- ip:
- type: string
- name:
- type: string
- namespace:
- type: string
- node:
- type: string
- purpose:
- type: string
- status:
- type: string
- required:
- - name
- type: object
- type: array
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFStatus is the Schema for the cnfstatuses API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFStatusSpec defines the desired state of CNFStatus
+ type: object
+ status:
+ description: CNFStatusStatus defines the observed state of CNFStatus
+ properties:
+ appliedGeneration:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "make" to regenerate code after modifying
+ this file'
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ information:
+ items:
+ description: CNFStatusInformation defines the runtime information
+ of a CNF
+ properties:
+ ip:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ node:
+ type: string
+ purpose:
+ type: string
+ status:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewalldnats.batch.sdewan.akraino.org
spec:
plural: firewalldnats
singular: firewalldnat
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallDNAT is the Schema for the firewalldnats API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallDNATSpec defines the desired state of FirewallDNAT
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- mark:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file'
- type: string
- proto:
- type: string
- src:
- type: string
- src_dip:
- type: string
- src_dport:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallDNAT is the Schema for the firewalldnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallDNATSpec defines the desired state of FirewallDNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ mark:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallforwardings.batch.sdewan.akraino.org
spec:
plural: firewallforwardings
singular: firewallforwarding
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallForwarding is the Schema for the firewallforwardings API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallForwardingSpec defines the desired state of FirewallForwarding
- properties:
- dest:
- type: string
- family:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file'
- type: string
- src:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallForwarding is the Schema for the firewallforwardings
+ API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallForwardingSpec defines the desired state of FirewallForwarding
+ properties:
+ dest:
+ type: string
+ family:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ src:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallrules.batch.sdewan.akraino.org
spec:
plural: firewallrules
singular: firewallrule
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallRule is the Schema for the firewallrules API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallRuleSpec defines the desired state of FirewallRule
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- extra:
- type: string
- family:
- type: string
- icmp_type:
- items:
- type: string
- type: array
- mark:
- type: string
- name:
- description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go to remove/update
- type: string
- proto:
- type: string
- set_mark:
- type: string
- set_xmark:
- type: string
- src:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallRule is the Schema for the firewallrules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallRuleSpec defines the desired state of FirewallRule
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ extra:
+ type: string
+ family:
+ type: string
+ icmp_type:
+ items:
+ type: string
+ type: array
+ mark:
+ type: string
+ name:
+ description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go
+ to remove/update
+ type: string
+ proto:
+ type: string
+ set_mark:
+ type: string
+ set_xmark:
+ type: string
+ src:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallsnats.batch.sdewan.akraino.org
spec:
plural: firewallsnats
singular: firewallsnat
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallSNAT is the Schema for the firewallsnats API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallSNATSpec defines the desired state of FirewallSNAT
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- mark:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file'
- type: string
- proto:
- type: string
- src:
- type: string
- src_dip:
- type: string
- src_dport:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallSNAT is the Schema for the firewallsnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallSNATSpec defines the desired state of FirewallSNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ mark:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallzones.batch.sdewan.akraino.org
spec:
plural: firewallzones
singular: firewallzone
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallZone is the Schema for the firewallzones API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallZoneSpec defines the desired state of FirewallZone
- properties:
- etra_dest:
- type: string
- extra_src:
- type: string
- family:
- type: string
- forward:
- type: string
- input:
- type: string
- masq:
- type: string
- masq_allow_invalid:
- type: string
- masq_dest:
- items:
- type: string
- type: array
- masq_src:
- items:
- type: string
- type: array
- mtu_fix:
- type: string
- name:
- description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go to remove/update
- type: string
- network:
- items:
- type: string
- type: array
- output:
- type: string
- subnet:
- items:
- type: string
- type: array
- required:
- - network
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallZone is the Schema for the firewallzones API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallZoneSpec defines the desired state of FirewallZone
+ properties:
+ etra_dest:
+ type: string
+ extra_src:
+ type: string
+ family:
+ type: string
+ forward:
+ type: string
+ input:
+ type: string
+ masq:
+ type: string
+ masq_allow_invalid:
+ type: string
+ masq_dest:
+ items:
+ type: string
+ type: array
+ masq_src:
+ items:
+ type: string
+ type: array
+ mtu_fix:
+ type: string
+ name:
+ description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go
+ to remove/update
+ type: string
+ network:
+ items:
+ type: string
+ type: array
+ output:
+ type: string
+ subnet:
+ items:
+ type: string
+ type: array
+ required:
+ - network
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsechosts.batch.sdewan.akraino.org
spec:
plural: ipsechosts
singular: ipsechost
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecHost is the Schema for the ipsechosts API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- authentication_method:
- type: string
- connections:
- items:
- properties:
- conn_type:
- type: string
- crypto_proposal:
- items:
- type: string
- type: array
- if_id:
- type: string
- local_firewall:
- type: string
- local_sourceip:
- type: string
- local_updown:
- type: string
- mark:
- type: string
- mode:
- type: string
- name:
- type: string
- remote_firewall:
- type: string
- remote_sourceip:
- type: string
- remote_subnet:
- type: string
- remote_updown:
- type: string
- required:
- - conn_type
- - mode
- - name
- type: object
- type: array
- crypto_proposal:
- items:
- type: string
- type: array
- force_crypto_proposal:
- type: string
- local_identifier:
- type: string
- local_private_cert:
- type: string
- local_public_cert:
- type: string
- name:
- type: string
- pre_shared_key:
- type: string
- remote:
- type: string
- remote_identifier:
- type: string
- shared_ca:
- type: string
- type:
- type: string
- required:
- - authentication_method
- - connections
- - crypto_proposal
- - remote
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecHost is the Schema for the ipsechosts API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ authentication_method:
+ type: string
+ connections:
+ items:
+ properties:
+ conn_type:
+ type: string
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ if_id:
+ type: string
+ local_firewall:
+ type: string
+ local_sourceip:
+ type: string
+ local_updown:
+ type: string
+ mark:
+ type: string
+ mode:
+ type: string
+ name:
+ type: string
+ remote_firewall:
+ type: string
+ remote_sourceip:
+ type: string
+ remote_subnet:
+ type: string
+ remote_updown:
+ type: string
+ required:
+ - conn_type
+ - mode
+ - name
+ type: object
+ type: array
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ force_crypto_proposal:
+ type: string
+ local_identifier:
+ type: string
+ local_private_cert:
+ type: string
+ local_public_cert:
+ type: string
+ name:
+ type: string
+ pre_shared_key:
+ type: string
+ remote:
+ type: string
+ remote_identifier:
+ type: string
+ shared_ca:
+ type: string
+ type:
+ type: string
+ required:
+ - authentication_method
+ - connections
+ - crypto_proposal
+ - remote
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsecproposals.batch.sdewan.akraino.org
spec:
plural: ipsecproposals
singular: ipsecproposal
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecProposal is the Schema for the ipsecproposals API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IpsecProposalSpec defines the desired state of IpsecProposal
- properties:
- dh_group:
- type: string
- encryption_algorithm:
- type: string
- hash_algorithm:
- type: string
- name:
- type: string
- required:
- - dh_group
- - encryption_algorithm
- - hash_algorithm
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecProposal is the Schema for the ipsecproposals API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IpsecProposalSpec defines the desired state of IpsecProposal
+ properties:
+ dh_group:
+ type: string
+ encryption_algorithm:
+ type: string
+ hash_algorithm:
+ type: string
+ name:
+ type: string
+ required:
+ - dh_group
+ - encryption_algorithm
+ - hash_algorithm
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsecsites.batch.sdewan.akraino.org
spec:
plural: ipsecsites
singular: ipsecsite
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecSite is the Schema for the ipsecsites API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IpsecSiteSpec defines the desired state of IpsecSite
- properties:
- authentication_method:
- type: string
- connections:
- items:
- properties:
- conn_type:
- type: string
- crypto_proposal:
- items:
- type: string
- type: array
- if_id:
- type: string
- local_firewall:
- type: string
- local_subnet:
- type: string
- local_updown:
- type: string
- mark:
- type: string
- mode:
- type: string
- name:
- type: string
- remote_firewall:
- type: string
- remote_sourceip:
- type: string
- remote_subnet:
- type: string
- remote_updown:
- type: string
- required:
- - conn_type
- - local_subnet
- - mode
- - name
- type: object
- type: array
- crypto_proposal:
- items:
- type: string
- type: array
- force_crypto_proposal:
- type: string
- local_identifier:
- type: string
- local_private_cert:
- type: string
- local_public_cert:
- type: string
- name:
- type: string
- pre_shared_key:
- type: string
- remote:
- type: string
- remote_identifier:
- type: string
- shared_ca:
- type: string
- type:
- type: string
- required:
- - authentication_method
- - connections
- - crypto_proposal
- - remote
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecSite is the Schema for the ipsecsites API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IpsecSiteSpec defines the desired state of IpsecSite
+ properties:
+ authentication_method:
+ type: string
+ connections:
+ items:
+ properties:
+ conn_type:
+ type: string
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ if_id:
+ type: string
+ local_firewall:
+ type: string
+ local_subnet:
+ type: string
+ local_updown:
+ type: string
+ mark:
+ type: string
+ mode:
+ type: string
+ name:
+ type: string
+ remote_firewall:
+ type: string
+ remote_sourceip:
+ type: string
+ remote_subnet:
+ type: string
+ remote_updown:
+ type: string
+ required:
+ - conn_type
+ - local_subnet
+ - mode
+ - name
+ type: object
+ type: array
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ force_crypto_proposal:
+ type: string
+ local_identifier:
+ type: string
+ local_private_cert:
+ type: string
+ local_public_cert:
+ type: string
+ name:
+ type: string
+ pre_shared_key:
+ type: string
+ remote:
+ type: string
+ remote_identifier:
+ type: string
+ shared_ca:
+ type: string
+ type:
+ type: string
+ required:
+ - authentication_method
+ - connections
+ - crypto_proposal
+ - remote
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: mwan3policies.batch.sdewan.akraino.org
spec:
plural: mwan3policies
singular: mwan3policy
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: Mwan3Policy is the Schema for the mwan3policies API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- members:
- items:
- description: Mwan3PolicySpec defines the desired state of Mwan3Policy
- properties:
- metric:
- type: integer
- network:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file'
- type: string
- weight:
- type: integer
- required:
- - metric
- - network
- - weight
- type: object
- type: array
- required:
- - members
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Mwan3Policy is the Schema for the mwan3policies API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ members:
+ items:
+ description: Mwan3PolicySpec defines the desired state of Mwan3Policy
+ properties:
+ metric:
+ type: integer
+ network:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state
+ of cluster Important: Run "make" to regenerate code after
+ modifying this file'
+ type: string
+ weight:
+ type: integer
+ required:
+ - metric
+ - network
+ - weight
+ type: object
+ type: array
+ required:
+ - members
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: mwan3rules.batch.sdewan.akraino.org
spec:
plural: mwan3rules
singular: mwan3rule
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: Mwan3Rule is the Schema for the mwan3rules API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- policy:
- type: string
- proto:
- type: string
- src_ip:
- type: string
- src_port:
- type: string
- sticky:
- type: string
- timeout:
- type: string
- required:
- - dest_ip
- - dest_port
- - family
- - policy
- - proto
- - src_ip
- - src_port
- - sticky
- - timeout
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Mwan3Rule is the Schema for the mwan3rules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ policy:
+ type: string
+ proto:
+ type: string
+ src_ip:
+ type: string
+ src_port:
+ type: string
+ sticky:
+ type: string
+ timeout:
+ type: string
+ required:
+ - dest_ip
+ - dest_port
+ - family
+ - policy
+ - proto
+ - src_ip
+ - src_port
+ - sticky
+ - timeout
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
conditions: []
storedVersions: []
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: sdewanapplications.batch.sdewan.akraino.org
spec:
plural: sdewanapplications
singular: sdewanapplication
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: SdewanApplication is the Schema for the sdewanapplications API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SdewanApplicationSpec defines the desired state of SdewanApplication
- properties:
- appNamespace:
- type: string
- podSelector:
- description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
- type: object
- type: object
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: SdewanApplication is the Schema for the sdewanapplications API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: SdewanApplicationSpec defines the desired state of SdewanApplication
+ properties:
+ appNamespace:
+ type: string
+ podSelector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the key
+ and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to
+ a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
sdewan-bucket-type-permission: '{ "*": ["*"]}'
name: sdewan-manager-role
rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - get
+ - list
+ - watch
- apiGroups:
- apps
resources:
- get
- list
- watch
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnflocalservices
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnflocalservices/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfnats
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfnats/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfrouterules
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfrouterules/status
+ verbs:
+ - get
+ - patch
+ - update
- apiGroups:
- batch.sdewan.akraino.org
resources:
- get
- patch
- update
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfstatuses
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - batch.sdewan.akraino.org
+ resources:
+ - cnfstatuses/status
+ verbs:
+ - get
+ - patch
+ - update
- apiGroups:
- batch.sdewan.akraino.org
resources:
spec:
containers:
- args:
- - --metrics-addr=127.0.0.1:8080
- - --enable-leader-election
+ - --metrics-bind-address=127.0.0.1:8080
+ - --leader-elect
command:
- /manager
image: integratedcloudnative/sdewan-controller:dev
resources:
limits:
cpu: 100m
- memory: 30Mi
+ memory: 100Mi
requests:
cpu: 100m
- memory: 20Mi
+ memory: 60Mi
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
defaultMode: 420
secretName: webhook-server-cert
---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: sdewan-serving-cert
name: sdewan-selfsigned-issuer
secretName: webhook-server-cert
---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: sdewan-selfsigned-issuer
spec:
selfSigned: {}
---
-apiVersion: admissionregistration.k8s.io/v1beta1
+apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
cert-manager.io/inject-ca-from: sdewan-system/sdewan-serving-cert
name: sdewan-validating-webhook-configuration
webhooks:
-- clientConfig:
- caBundle: Cg==
+- admissionReviewVersions:
+ - v1
+ clientConfig:
service:
name: sdewan-webhook-service
namespace: sdewan-system
- apiGroups:
- batch.sdewan.akraino.org
apiVersions:
- - v1alpha1
+ - v1
operations:
- CREATE
- UPDATE
- firewallrules
- firewallsnats
- firewalldnats
- - cnfservice
+ - cnfnats
+ - cnfroutes
+ - cnfrouterules
+ - cnfservices
+ - cnflocalservices
+ - cnfstatuses
- sdewanapplication
- ipsecproposals
- ipsechosts
- ipsecsites
-- clientConfig:
- caBundle: Cg==
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
service:
name: sdewan-webhook-service
namespace: sdewan-system
- batch.sdewan.akraino.org
apiVersions:
- v1
- - v1alpha1
operations:
- UPDATE
resources:
- firewallrules
- firewallsnats
- firewalldnats
- - cnfservice
+ - cnfnats
+ - cnfservices
+ - cnfroutes
+ - cnfrouterules
+ - cnflocalservices
+ - cnfstatuses
- sdewanapplication
- ipsecproposals
- ipsechosts
- ipsecsites
+ sideEffects: None
# Image URL to use all building/pushing image targets
IMG ?= integratedcloudnative/sdewan-controller:dev
# Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
-CRD_OPTIONS ?= "crd:trivialVersions=true"
+CRD_OPTIONS ?= "crd"
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN))
cd config/manager && kustomize edit set image controller=${IMG}
kustomize build config/default | kubectl apply -f -
+undeploy: manifests
+ cd config/manager && kustomize edit set image controller=${IMG}
+ kustomize build config/default | kubectl delete -f -
+
# Deploy controller in the configured Kubernetes cluster in ~/.kube/config
gen-yaml: manifests
cd config/manager && kustomize edit set image controller=${IMG}
CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
cd $$CONTROLLER_GEN_TMP_DIR ;\
go mod init tmp ;\
- go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.2.5 ;\
+ go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0 ;\
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
}
CONTROLLER_GEN=$(GOBIN)/controller-gen
- group: batch
kind: CNFRouteRule
version: v1alpha1
-version: "2"
+version: "3"
return true
}
-// +kubebuilder:webhook:path=/validate-sdewan-bucket-permission,mutating=false,failurePolicy=fail,groups="batch.sdewan.akraino.org",resources=mwan3policies;mwan3rules;firewallzones;firewallforwardings;firewallrules;firewallsnats;firewalldnats;cnfnats;cnfroutes;cnfrouterules;cnfservices;cnflocalservices;cnfstatuses;sdewanapplication;ipsecproposals;ipsechosts;ipsecsites,verbs=create;update;delete,versions=v1alpha1,name=validate-sdewan-bucket.akraino.org
+// +kubebuilder:webhook:path=/validate-sdewan-bucket-permission,mutating=false,failurePolicy=fail,groups="batch.sdewan.akraino.org",resources=mwan3policies;mwan3rules;firewallzones;firewallforwardings;firewallrules;firewallsnats;firewalldnats;cnfnats;cnfroutes;cnfrouterules;cnfservices;cnflocalservices;cnfstatuses;sdewanapplication;ipsecproposals;ipsechosts;ipsecsites,verbs=create;update;delete,versions=v1,name=validate-sdewan-bucket.akraino.org,admissionReviewVersions=v1,sideEffects=none
// bucketPermissionValidator validates Pods
type bucketPermissionValidator struct {
return nil
}
-// +kubebuilder:webhook:path=/validate-label,mutating=false,failurePolicy=fail,groups=apps;batch.sdewan.akraino.org,resources=deployments;mwan3policies;mwan3rules;firewallzones;firewallforwardings;firewallrules;firewallsnats;firewalldnats;cnfnats;cnfservices;cnfroutes;cnfrouterules;cnflocalservices;cnfstatuses;sdewanapplication;ipsecproposals;ipsechosts;ipsecsites,verbs=update,versions=v1;v1alpha1,name=validate-label.akraino.org
+// +kubebuilder:webhook:path=/validate-label,mutating=false,failurePolicy=fail,groups=apps;batch.sdewan.akraino.org,resources=deployments;mwan3policies;mwan3rules;firewallzones;firewallforwardings;firewallrules;firewallsnats;firewalldnats;cnfnats;cnfservices;cnfroutes;cnfrouterules;cnflocalservices;cnfstatuses;sdewanapplication;ipsecproposals;ipsechosts;ipsecsites,verbs=update,versions=v1,name=validate-label.akraino.org,admissionReviewVersions=v1,sideEffects=none
type labelValidator struct {
Client client.Client
+//go:build !ignore_autogenerated
// +build !ignore_autogenerated
// SPDX-License-Identifier: Apache-2.0
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
spec:
selfSigned: {}
---
-apiVersion: cert-manager.io/v1alpha2
+apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnflocalservices.batch.sdewan.akraino.org
spec:
plural: cnflocalservices
singular: cnflocalservice
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFLocalService is the Schema for the cnflocalservices API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFLocalServiceSpec defines the desired state of CNFService
- properties:
- localport:
- type: string
- localservice:
- type: string
- remoteport:
- type: string
- remoteservice:
- type: string
- type: object
- status:
- description: CNFLocalServiceStatus defines the observed state of CNFLocalServiceStatus
- properties:
- localip:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
- of cluster Important: Run "make" to regenerate code after modifying
- this file'
- type: string
- localport:
- type: string
- message:
- type: string
- remoteips:
- items:
- type: string
- type: array
- remoteport:
- type: string
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFLocalService is the Schema for the cnflocalservices API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFLocalServiceSpec defines the desired state of CNFService
+ properties:
+ localport:
+ type: string
+ localservice:
+ type: string
+ remoteport:
+ type: string
+ remoteservice:
+ type: string
+ type: object
+ status:
+ description: CNFLocalServiceStatus defines the observed state of CNFLocalServiceStatus
+ properties:
+ localip:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "make" to regenerate code after modifying
+ this file'
+ type: string
+ localport:
+ type: string
+ message:
+ type: string
+ remoteips:
+ items:
+ type: string
+ type: array
+ remoteport:
+ type: string
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfnats.batch.sdewan.akraino.org
spec:
plural: cnfnats
singular: cnfnat
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFNAT is the Schema for the cnfnats API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFNATSpec defines the desired state of CNFNAT
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- index:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
- Important: Run "make" to regenerate code after modifying this file'
- type: string
- proto:
- type: string
- src:
- type: string
- src_dip:
- type: string
- src_dport:
- type: string
- src_ip:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFNAT is the Schema for the cnfnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFNATSpec defines the desired state of CNFNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ index:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfrouterules.batch.sdewan.akraino.org
spec:
plural: cnfrouterules
singular: cnfrouterule
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFRouteRule is the Schema for the cnfrouterules API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFRouteRuleSpec defines the desired state of CNFRouteRule
- properties:
- dst:
- type: string
- fwmark:
- type: string
- not:
- type: boolean
- prio:
- type: string
- src:
- type: string
- table:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFRouteRule is the Schema for the cnfrouterules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFRouteRuleSpec defines the desired state of CNFRouteRule
+ properties:
+ dst:
+ type: string
+ fwmark:
+ type: string
+ not:
+ type: boolean
+ prio:
+ type: string
+ src:
+ type: string
+ table:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfroutes.batch.sdewan.akraino.org
spec:
plural: cnfroutes
singular: cnfroute
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFRoute is the Schema for the cnfroutes API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFRouteSpec defines the desired state of CNFRoute
- properties:
- dev:
- type: string
- dst:
- type: string
- gw:
- type: string
- table:
- enum:
- - default
- - cnf
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFRoute is the Schema for the cnfroutes API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFRouteSpec defines the desired state of CNFRoute
+ properties:
+ dev:
+ type: string
+ dst:
+ type: string
+ gw:
+ type: string
+ table:
+ enum:
+ - default
+ - cnf
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfservices.batch.sdewan.akraino.org
spec:
plural: cnfservices
singular: cnfservice
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFService is the Schema for the cnfservices API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFServiceSpec defines the desired state of CNFService
- properties:
- dport:
- type: string
- fullname:
- type: string
- port:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFService is the Schema for the cnfservices API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFServiceSpec defines the desired state of CNFService
+ properties:
+ dport:
+ type: string
+ fullname:
+ type: string
+ port:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: cnfstatuses.batch.sdewan.akraino.org
spec:
plural: cnfstatuses
singular: cnfstatus
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: CNFStatus is the Schema for the cnfstatuses API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: CNFStatusSpec defines the desired state of CNFStatus
- type: object
- status:
- description: CNFStatusStatus defines the observed state of CNFStatus
- properties:
- appliedGeneration:
- description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
- of cluster Important: Run "make" to regenerate code after modifying
- this file'
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- information:
- items:
- description: CNFStatusInformation defines the runtime information
- of a CNF
- properties:
- ip:
- type: string
- name:
- type: string
- namespace:
- type: string
- node:
- type: string
- purpose:
- type: string
- status:
- type: string
- required:
- - name
- type: object
- type: array
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: CNFStatus is the Schema for the cnfstatuses API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CNFStatusSpec defines the desired state of CNFStatus
+ type: object
+ status:
+ description: CNFStatusStatus defines the observed state of CNFStatus
+ properties:
+ appliedGeneration:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "make" to regenerate code after modifying
+ this file'
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ information:
+ items:
+ description: CNFStatusInformation defines the runtime information
+ of a CNF
+ properties:
+ ip:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ node:
+ type: string
+ purpose:
+ type: string
+ status:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewalldnats.batch.sdewan.akraino.org
spec:
plural: firewalldnats
singular: firewalldnat
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallDNAT is the Schema for the firewalldnats API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallDNATSpec defines the desired state of FirewallDNAT
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- mark:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
- Important: Run "make" to regenerate code after modifying this file'
- type: string
- proto:
- type: string
- src:
- type: string
- src_dip:
- type: string
- src_dport:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallDNAT is the Schema for the firewalldnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallDNATSpec defines the desired state of FirewallDNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ mark:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallforwardings.batch.sdewan.akraino.org
spec:
plural: firewallforwardings
singular: firewallforwarding
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallForwarding is the Schema for the firewallforwardings API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallForwardingSpec defines the desired state of FirewallForwarding
- properties:
- dest:
- type: string
- family:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
- Important: Run "make" to regenerate code after modifying this file'
- type: string
- src:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallForwarding is the Schema for the firewallforwardings
+ API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallForwardingSpec defines the desired state of FirewallForwarding
+ properties:
+ dest:
+ type: string
+ family:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ src:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallrules.batch.sdewan.akraino.org
spec:
plural: firewallrules
singular: firewallrule
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallRule is the Schema for the firewallrules API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallRuleSpec defines the desired state of FirewallRule
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- extra:
- type: string
- family:
- type: string
- icmp_type:
- items:
- type: string
- type: array
- mark:
- type: string
- name:
- description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go
- to remove/update
- type: string
- proto:
- type: string
- set_mark:
- type: string
- set_xmark:
- type: string
- src:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallRule is the Schema for the firewallrules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallRuleSpec defines the desired state of FirewallRule
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ extra:
+ type: string
+ family:
+ type: string
+ icmp_type:
+ items:
+ type: string
+ type: array
+ mark:
+ type: string
+ name:
+ description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go
+ to remove/update
+ type: string
+ proto:
+ type: string
+ set_mark:
+ type: string
+ set_xmark:
+ type: string
+ src:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallsnats.batch.sdewan.akraino.org
spec:
plural: firewallsnats
singular: firewallsnat
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallSNAT is the Schema for the firewallsnats API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallSNATSpec defines the desired state of FirewallSNAT
- properties:
- dest:
- type: string
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- mark:
- type: string
- name:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
- Important: Run "make" to regenerate code after modifying this file'
- type: string
- proto:
- type: string
- src:
- type: string
- src_dip:
- type: string
- src_dport:
- type: string
- src_ip:
- type: string
- src_mac:
- type: string
- src_port:
- type: string
- target:
- type: string
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallSNAT is the Schema for the firewallsnats API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallSNATSpec defines the desired state of FirewallSNAT
+ properties:
+ dest:
+ type: string
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ mark:
+ type: string
+ name:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+ Important: Run "make" to regenerate code after modifying this file'
+ type: string
+ proto:
+ type: string
+ src:
+ type: string
+ src_dip:
+ type: string
+ src_dport:
+ type: string
+ src_ip:
+ type: string
+ src_mac:
+ type: string
+ src_port:
+ type: string
+ target:
+ type: string
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: firewallzones.batch.sdewan.akraino.org
spec:
plural: firewallzones
singular: firewallzone
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: FirewallZone is the Schema for the firewallzones API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: FirewallZoneSpec defines the desired state of FirewallZone
- properties:
- etra_dest:
- type: string
- extra_src:
- type: string
- family:
- type: string
- forward:
- type: string
- input:
- type: string
- masq:
- type: string
- masq_allow_invalid:
- type: string
- masq_dest:
- items:
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: FirewallZone is the Schema for the firewallzones API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: FirewallZoneSpec defines the desired state of FirewallZone
+ properties:
+ etra_dest:
type: string
- type: array
- masq_src:
- items:
+ extra_src:
type: string
- type: array
- mtu_fix:
- type: string
- name:
- description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go
- to remove/update
- type: string
- network:
- items:
+ family:
type: string
- type: array
- output:
- type: string
- subnet:
- items:
+ forward:
type: string
- type: array
- required:
- - network
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
- versions:
- - name: v1alpha1
+ input:
+ type: string
+ masq:
+ type: string
+ masq_allow_invalid:
+ type: string
+ masq_dest:
+ items:
+ type: string
+ type: array
+ masq_src:
+ items:
+ type: string
+ type: array
+ mtu_fix:
+ type: string
+ name:
+ description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go
+ to remove/update
+ type: string
+ network:
+ items:
+ type: string
+ type: array
+ output:
+ type: string
+ subnet:
+ items:
+ type: string
+ type: array
+ required:
+ - network
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsechosts.batch.sdewan.akraino.org
spec:
plural: ipsechosts
singular: ipsechost
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecHost is the Schema for the ipsechosts API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- authentication_method:
- type: string
- connections:
- items:
- properties:
- conn_type:
- type: string
- crypto_proposal:
- items:
- type: string
- type: array
- if_id:
- type: string
- local_firewall:
- type: string
- local_sourceip:
- type: string
- local_updown:
- type: string
- mark:
- type: string
- mode:
- type: string
- name:
- type: string
- remote_firewall:
- type: string
- remote_sourceip:
- type: string
- remote_subnet:
- type: string
- remote_updown:
- type: string
- required:
- - conn_type
- - mode
- - name
- type: object
- type: array
- crypto_proposal:
- items:
- type: string
- type: array
- force_crypto_proposal:
- type: string
- local_identifier:
- type: string
- local_private_cert:
- type: string
- local_public_cert:
- type: string
- name:
- type: string
- pre_shared_key:
- type: string
- remote:
- type: string
- remote_identifier:
- type: string
- shared_ca:
- type: string
- type:
- type: string
- required:
- - authentication_method
- - connections
- - crypto_proposal
- - remote
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecHost is the Schema for the ipsechosts API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ authentication_method:
+ type: string
+ connections:
+ items:
+ properties:
+ conn_type:
+ type: string
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ if_id:
+ type: string
+ local_firewall:
+ type: string
+ local_sourceip:
+ type: string
+ local_updown:
+ type: string
+ mark:
+ type: string
+ mode:
+ type: string
+ name:
+ type: string
+ remote_firewall:
+ type: string
+ remote_sourceip:
+ type: string
+ remote_subnet:
+ type: string
+ remote_updown:
+ type: string
+ required:
+ - conn_type
+ - mode
+ - name
+ type: object
+ type: array
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ force_crypto_proposal:
+ type: string
+ local_identifier:
+ type: string
+ local_private_cert:
+ type: string
+ local_public_cert:
+ type: string
+ name:
+ type: string
+ pre_shared_key:
+ type: string
+ remote:
+ type: string
+ remote_identifier:
+ type: string
+ shared_ca:
+ type: string
+ type:
+ type: string
+ required:
+ - authentication_method
+ - connections
+ - crypto_proposal
+ - remote
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsecproposals.batch.sdewan.akraino.org
spec:
plural: ipsecproposals
singular: ipsecproposal
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecProposal is the Schema for the ipsecproposals API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IpsecProposalSpec defines the desired state of IpsecProposal
- properties:
- dh_group:
- type: string
- encryption_algorithm:
- type: string
- hash_algorithm:
- type: string
- name:
- type: string
- required:
- - dh_group
- - encryption_algorithm
- - hash_algorithm
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecProposal is the Schema for the ipsecproposals API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IpsecProposalSpec defines the desired state of IpsecProposal
+ properties:
+ dh_group:
+ type: string
+ encryption_algorithm:
+ type: string
+ hash_algorithm:
+ type: string
+ name:
+ type: string
+ required:
+ - dh_group
+ - encryption_algorithm
+ - hash_algorithm
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: ipsecsites.batch.sdewan.akraino.org
spec:
plural: ipsecsites
singular: ipsecsite
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: IpsecSite is the Schema for the ipsecsites API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IpsecSiteSpec defines the desired state of IpsecSite
- properties:
- authentication_method:
- type: string
- connections:
- items:
- properties:
- conn_type:
- type: string
- crypto_proposal:
- items:
- type: string
- type: array
- if_id:
- type: string
- local_firewall:
- type: string
- local_subnet:
- type: string
- local_updown:
- type: string
- mark:
- type: string
- mode:
- type: string
- name:
- type: string
- remote_firewall:
- type: string
- remote_sourceip:
- type: string
- remote_subnet:
- type: string
- remote_updown:
- type: string
- required:
- - conn_type
- - local_subnet
- - mode
- - name
- type: object
- type: array
- crypto_proposal:
- items:
- type: string
- type: array
- force_crypto_proposal:
- type: string
- local_identifier:
- type: string
- local_private_cert:
- type: string
- local_public_cert:
- type: string
- name:
- type: string
- pre_shared_key:
- type: string
- remote:
- type: string
- remote_identifier:
- type: string
- shared_ca:
- type: string
- type:
- type: string
- required:
- - authentication_method
- - connections
- - crypto_proposal
- - remote
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IpsecSite is the Schema for the ipsecsites API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IpsecSiteSpec defines the desired state of IpsecSite
+ properties:
+ authentication_method:
+ type: string
+ connections:
+ items:
+ properties:
+ conn_type:
+ type: string
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ if_id:
+ type: string
+ local_firewall:
+ type: string
+ local_subnet:
+ type: string
+ local_updown:
+ type: string
+ mark:
+ type: string
+ mode:
+ type: string
+ name:
+ type: string
+ remote_firewall:
+ type: string
+ remote_sourceip:
+ type: string
+ remote_subnet:
+ type: string
+ remote_updown:
+ type: string
+ required:
+ - conn_type
+ - local_subnet
+ - mode
+ - name
+ type: object
+ type: array
+ crypto_proposal:
+ items:
+ type: string
+ type: array
+ force_crypto_proposal:
+ type: string
+ local_identifier:
+ type: string
+ local_private_cert:
+ type: string
+ local_public_cert:
+ type: string
+ name:
+ type: string
+ pre_shared_key:
+ type: string
+ remote:
+ type: string
+ remote_identifier:
+ type: string
+ shared_ca:
+ type: string
+ type:
+ type: string
+ required:
+ - authentication_method
+ - connections
+ - crypto_proposal
+ - remote
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: mwan3policies.batch.sdewan.akraino.org
spec:
plural: mwan3policies
singular: mwan3policy
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: Mwan3Policy is the Schema for the mwan3policies API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- members:
- items:
- description: Mwan3PolicySpec defines the desired state of Mwan3Policy
- properties:
- metric:
- type: integer
- network:
- description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of
- cluster Important: Run "make" to regenerate code after modifying
- this file'
- type: string
- weight:
- type: integer
- required:
- - metric
- - network
- - weight
- type: object
- type: array
- required:
- - members
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Mwan3Policy is the Schema for the mwan3policies API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ members:
+ items:
+ description: Mwan3PolicySpec defines the desired state of Mwan3Policy
+ properties:
+ metric:
+ type: integer
+ network:
+ description: 'INSERT ADDITIONAL SPEC FIELDS - desired state
+ of cluster Important: Run "make" to regenerate code after
+ modifying this file'
+ type: string
+ weight:
+ type: integer
+ required:
+ - metric
+ - network
+ - weight
+ type: object
+ type: array
+ required:
+ - members
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: mwan3rules.batch.sdewan.akraino.org
spec:
plural: mwan3rules
singular: mwan3rule
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: Mwan3Rule is the Schema for the mwan3rules API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- properties:
- dest_ip:
- type: string
- dest_port:
- type: string
- family:
- type: string
- policy:
- type: string
- proto:
- type: string
- src_ip:
- type: string
- src_port:
- type: string
- sticky:
- type: string
- timeout:
- type: string
- required:
- - dest_ip
- - dest_port
- - family
- - policy
- - proto
- - src_ip
- - src_port
- - sticky
- - timeout
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Mwan3Rule is the Schema for the mwan3rules API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ dest_ip:
+ type: string
+ dest_port:
+ type: string
+ family:
+ type: string
+ policy:
+ type: string
+ proto:
+ type: string
+ src_ip:
+ type: string
+ src_port:
+ type: string
+ sticky:
+ type: string
+ timeout:
+ type: string
+ required:
+ - dest_ip
+ - dest_port
+ - family
+ - policy
+ - proto
+ - src_ip
+ - src_port
+ - sticky
+ - timeout
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.2.5
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
name: sdewanapplications.batch.sdewan.akraino.org
spec:
plural: sdewanapplications
singular: sdewanapplication
scope: Namespaced
- subresources:
- status: {}
- validation:
- openAPIV3Schema:
- description: SdewanApplication is the Schema for the sdewanapplications API
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: SdewanApplicationSpec defines the desired state of SdewanApplication
- properties:
- appNamespace:
- type: string
- podSelector:
- description: A label selector is a label query over a set of resources.
- The result of matchLabels and matchExpressions are ANDed. An empty
- label selector matches all objects. A null label selector matches
- no objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that contains
- values, a key, and an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to a
- set of values. Valid operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the operator
- is In or NotIn, the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the values array must
- be empty. This array is replaced during a strategic merge
- patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator is
- "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- type: object
- status:
- description: status subsource used for Sdewan rule CRDs
- properties:
- appliedGeneration:
- format: int64
- type: integer
- appliedTime:
- format: date-time
- type: string
- message:
- type: string
- state:
- type: string
- required:
- - state
- type: object
- type: object
- version: v1alpha1
versions:
- name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: SdewanApplication is the Schema for the sdewanapplications API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: SdewanApplicationSpec defines the desired state of SdewanApplication
+ properties:
+ appNamespace:
+ type: string
+ podSelector:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the key
+ and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to
+ a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ type: object
+ status:
+ description: status subsource used for Sdewan rule CRDs
+ properties:
+ appliedGeneration:
+ format: int64
+ type: integer
+ appliedTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ state:
+ type: string
+ required:
+ - state
+ type: object
+ type: object
served: true
storage: true
+ subresources:
+ status: {}
status:
acceptedNames:
kind: ""
--- /dev/null
+# SPDX-License-Identifier: Apache-2.0\r
+# Copyright (c) 2021 Intel Corporation\r
+# The following patch adds a directive for certmanager to inject CA into the CRD\r
+# CRD conversion requires k8s 1.13 or later.\r
+apiVersion: apiextensions.k8s.io/v1\r
+kind: CustomResourceDefinition\r
+metadata:\r
+ annotations:\r
+ cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)\r
+ name: cnflocalservices.batch.sdewan.akraino.org\r
# Copyright (c) 2021 Intel Corporation\r
# The following patch adds a directive for certmanager to inject CA into the CRD\r
# CRD conversion requires k8s 1.13 or later.\r
-apiVersion: apiextensions.k8s.io/v1beta1\r
+apiVersion: apiextensions.k8s.io/v1\r
kind: CustomResourceDefinition\r
metadata:\r
annotations:\r
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
--- /dev/null
+# SPDX-License-Identifier: Apache-2.0\r
+# Copyright (c) 2021 Intel Corporation\r
+# The following patch enables conversion webhook for CRD\r
+# CRD conversion requires k8s 1.13 or later.\r
+apiVersion: apiextensions.k8s.io/v1\r
+kind: CustomResourceDefinition\r
+metadata:\r
+ name: cnflocalservices.batch.sdewan.akraino.org\r
+spec:\r
+ conversion:\r
+ strategy: Webhook\r
+ webhookClientConfig:\r
+ # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,\r
+ # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)\r
+ caBundle: Cg==\r
+ service:\r
+ namespace: system\r
+ name: webhook-service\r
+ path: /convert\r
# Copyright (c) 2021 Intel Corporation\r
# The following patch enables conversion webhook for CRD\r
# CRD conversion requires k8s 1.13 or later.\r
-apiVersion: apiextensions.k8s.io/v1beta1\r
+apiVersion: apiextensions.k8s.io/v1\r
kind: CustomResourceDefinition\r
metadata:\r
name: cnfnats.batch.sdewan.akraino.org\r
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cnfrouterules.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cnfroutes.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cnfservices.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cnfstatuses.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: firewalldnats.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: firewallforwardings.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: firewallrules.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: firewallsnats.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: firewallzones.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: ipsechosts.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: ipsecproposals.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: ipsecsites.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: mwan3policies.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: mwan3rules.batch.sdewan.akraino.org
-# SPDX-License-Identifier: Apache-2.0
+# SPDX-License-Identifier: Apache-2.0
# Copyright (c) 2021 Intel Corporation
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: sdewanapplications.batch.sdewan.akraino.org
objref:
kind: Certificate
group: cert-manager.io
- version: v1alpha2
+ version: v1
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
objref:
kind: Certificate
group: cert-manager.io
- version: v1alpha2
+ version: v1
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
name: https
- name: manager
args:
- - "--metrics-addr=127.0.0.1:8080"
- - "--enable-leader-election"
+ - "--metrics-bind-address=127.0.0.1:8080"
+ - "--leader-elect"
# Copyright (c) 2021 Intel Corporation
# This patch add annotation to admission webhook config and
# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
-#apiVersion: admissionregistration.k8s.io/v1beta1
+#apiVersion: admissionregistration.k8s.io/v1
#kind: MutatingWebhookConfiguration
#metadata:
# name: mutating-webhook-configuration
# annotations:
# cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
---
-apiVersion: admissionregistration.k8s.io/v1beta1
+apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-webhook-configuration
-apiVersion: admissionregistration.k8s.io/v1beta1
+apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: sdewan-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- - v1beta1
+ - v1
clientConfig:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURYakNDQWthZ0F3SUJBZ0lRWndqK2VKYTNzU3ZVbUQ1d2EwS2FQREFOQmdrcWhraUc5dzBCQVFzRkFEQVgKTVJVd0V3WURWUVFLRXd4alpYSjBMVzFoYm1GblpYSXdIaGNOTWpBd05USTNNREUwTlRNNFdoY05NakF3T0RJMQpNREUwTlRNNFdqQVhNUlV3RXdZRFZRUUtFd3hqWlhKMExXMWhibUZuWlhJd2dnRWlNQTBHQ1NxR1NJYjNEUUVCCkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEVzZTMEp3SE9BeitEajhtTmdYMVBteWRHVUNqTXJLL2ptZmlzZHlFMWkKRVIyNkVZY0NhbWdYVlZjbjB3MHRDZ0pJWW5FR0xhMit4WUsxRUJ0WmZhMU85TGdHNWY3OTRxR1JNU1RzUk9DZgo2d2FPTCtvVEhVWm55dndBOTNYYStmT1pQcXBzeSs1OG9zSlZaYlFKZlhqcnJpZXlLbnBGT2o1aDNDK2NmZE1KCmRlMDR4QWJJdktCaHRwcUFoR0k4TFVzTUNEMVVHYjhKM3Y1L2lqd3dUMDZLb3lMVjRUUi9LUFhqK2ZGblBzVjkKMUNxYXZXb2o0VEgvUWtnUlZocFJUN0hxZy80Sm5BUGgzb0M3eHZOanpPejdkRU5iRk9sWWNCZHA2WXM5Vm9pTQo3TnZjQnIxNFNWUDZPdU9yeEVpQXozdUFkVHFFQUxFQ1RZazBQU2xRbVdldEFnTUJBQUdqZ2FVd2dhSXdEZ1lEClZSMFBBUUgvQkFRREFnV2dNQXdHQTFVZEV3RUIvd1FDTUFBd2dZRUdBMVVkRVFSNk1IaUNLSE5rWlhkaGJpMTMKWldKb2IyOXJMWE5sY25acFkyVXVjMlJsZDJGdUxYTjVjM1JsYlM1emRtT0NObk5rWlhkaGJpMTNaV0pvYjI5cgpMWE5sY25acFkyVXVjMlJsZDJGdUxYTjVjM1JsYlM1emRtTXVZMngxYzNSbGNpNXNiMk5oYklJSmJHOWpZV3hvCmIzTjBnZ2t4TWpjdU1DNHdMakV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUg2SHovMFh6a1lubHQ1S1U0QlQKMmNQZUV6UlBqTUwrd3BVZCtKdGFLRmJkYlZZR2ZYMHg5QTlqVkllcEV4WndPODlrWXVIVXNpYTNYWklXYWpzNgpwNldOMzZHTVJZZWI2aGhxaURvRHFvSTJEdXIzQUN2TnoxWCtxbnAxTGVaVHZtUlM3Tms1MS85Q1NPbTRXb3NOCmczZExyY3NIaTM1ZjgrUVUySkVFTGhiOWJtbHdmOEc1Uy9HRElNZWl0OU1XWEFMVzdqalJ3VHFrbWpscGdIUWkKT1R0TkVvQmtMUWRDVUQ2TjNLbGhIdmhZU29HKzJDNjI2MGN3N2tvVm5KOXUzMXNjUFJVTlhmY2RDQTEvdWNxNQpBV055QkI1Y1lPYlZ0NTdVbHVoRlVpT01XWUEwcUxSMnJuem8vMksxVjJCdkNPYjhVSytxTURCNFcvZkRaM0xmCnBQVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
url: https://localhost:9443/validate-sdewan-bucket-permission
- apiGroups:
- batch.sdewan.akraino.org
apiVersions:
- - v1alpha1
+ - v1
operations:
- CREATE
- UPDATE
sideEffects: Unknown
timeoutSeconds: 30
- admissionReviewVersions:
- - v1beta1
+ - v1
clientConfig:
caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURYakNDQWthZ0F3SUJBZ0lRWndqK2VKYTNzU3ZVbUQ1d2EwS2FQREFOQmdrcWhraUc5dzBCQVFzRkFEQVgKTVJVd0V3WURWUVFLRXd4alpYSjBMVzFoYm1GblpYSXdIaGNOTWpBd05USTNNREUwTlRNNFdoY05NakF3T0RJMQpNREUwTlRNNFdqQVhNUlV3RXdZRFZRUUtFd3hqWlhKMExXMWhibUZuWlhJd2dnRWlNQTBHQ1NxR1NJYjNEUUVCCkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEVzZTMEp3SE9BeitEajhtTmdYMVBteWRHVUNqTXJLL2ptZmlzZHlFMWkKRVIyNkVZY0NhbWdYVlZjbjB3MHRDZ0pJWW5FR0xhMit4WUsxRUJ0WmZhMU85TGdHNWY3OTRxR1JNU1RzUk9DZgo2d2FPTCtvVEhVWm55dndBOTNYYStmT1pQcXBzeSs1OG9zSlZaYlFKZlhqcnJpZXlLbnBGT2o1aDNDK2NmZE1KCmRlMDR4QWJJdktCaHRwcUFoR0k4TFVzTUNEMVVHYjhKM3Y1L2lqd3dUMDZLb3lMVjRUUi9LUFhqK2ZGblBzVjkKMUNxYXZXb2o0VEgvUWtnUlZocFJUN0hxZy80Sm5BUGgzb0M3eHZOanpPejdkRU5iRk9sWWNCZHA2WXM5Vm9pTQo3TnZjQnIxNFNWUDZPdU9yeEVpQXozdUFkVHFFQUxFQ1RZazBQU2xRbVdldEFnTUJBQUdqZ2FVd2dhSXdEZ1lEClZSMFBBUUgvQkFRREFnV2dNQXdHQTFVZEV3RUIvd1FDTUFBd2dZRUdBMVVkRVFSNk1IaUNLSE5rWlhkaGJpMTMKWldKb2IyOXJMWE5sY25acFkyVXVjMlJsZDJGdUxYTjVjM1JsYlM1emRtT0NObk5rWlhkaGJpMTNaV0pvYjI5cgpMWE5sY25acFkyVXVjMlJsZDJGdUxYTjVjM1JsYlM1emRtTXVZMngxYzNSbGNpNXNiMk5oYklJSmJHOWpZV3hvCmIzTjBnZ2t4TWpjdU1DNHdMakV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUg2SHovMFh6a1lubHQ1S1U0QlQKMmNQZUV6UlBqTUwrd3BVZCtKdGFLRmJkYlZZR2ZYMHg5QTlqVkllcEV4WndPODlrWXVIVXNpYTNYWklXYWpzNgpwNldOMzZHTVJZZWI2aGhxaURvRHFvSTJEdXIzQUN2TnoxWCtxbnAxTGVaVHZtUlM3Tms1MS85Q1NPbTRXb3NOCmczZExyY3NIaTM1ZjgrUVUySkVFTGhiOWJtbHdmOEc1Uy9HRElNZWl0OU1XWEFMVzdqalJ3VHFrbWpscGdIUWkKT1R0TkVvQmtMUWRDVUQ2TjNLbGhIdmhZU29HKzJDNjI2MGN3N2tvVm5KOXUzMXNjUFJVTlhmY2RDQTEvdWNxNQpBV055QkI1Y1lPYlZ0NTdVbHVoRlVpT01XWUEwcUxSMnJuem8vMksxVjJCdkNPYjhVSytxTURCNFcvZkRaM0xmCnBQVT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
url: https://localhost:9443/validate-label
- batch.sdewan.akraino.org
- apps
apiVersions:
- - v1alpha1
- v1
operations:
- UPDATE
- command:
- /manager
args:
- - --enable-leader-election
+ - --leader-elect
image: controller:latest
name: manager
resources:
creationTimestamp: null
name: manager-role
rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - get
+ - list
+ - watch
- apiGroups:
- apps
resources:
---
-apiVersion: admissionregistration.k8s.io/v1beta1
+apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
webhooks:
-- clientConfig:
- caBundle: Cg==
+- admissionReviewVersions:
+ - v1
+ clientConfig:
service:
name: webhook-service
namespace: system
- apiGroups:
- batch.sdewan.akraino.org
apiVersions:
- - v1alpha1
+ - v1
operations:
- CREATE
- UPDATE
- ipsecproposals
- ipsechosts
- ipsecsites
-- clientConfig:
- caBundle: Cg==
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
service:
name: webhook-service
namespace: system
- batch.sdewan.akraino.org
apiVersions:
- v1
- - v1alpha1
operations:
- UPDATE
resources:
- ipsecproposals
- ipsechosts
- ipsecsites
+ sideEffects: None
return "", fmt.Errorf("No matched network in annotation: %s", net)
}
+// +kubebuilder:rbac:groups="",resources=pods,verbs=get;watch;list
// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch
// +kubebuilder:rbac:groups=apps,resources=deployments/status,verbs=get;list;watch
+++ /dev/null
-// SPDX-License-Identifier: Apache-2.0
-// Copyright (c) 2021 Intel Corporation
-package controllers
-
-import (
- "path/filepath"
- "testing"
-
- . "github.com/onsi/ginkgo"
- . "github.com/onsi/gomega"
-
- "k8s.io/client-go/kubernetes/scheme"
- "k8s.io/client-go/rest"
- "sigs.k8s.io/controller-runtime/pkg/client"
- "sigs.k8s.io/controller-runtime/pkg/envtest"
- "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
- logf "sigs.k8s.io/controller-runtime/pkg/log"
- "sigs.k8s.io/controller-runtime/pkg/log/zap"
-
- batchv1alpha1 "sdewan.akraino.org/sdewan/api/v1alpha1"
- // +kubebuilder:scaffold:imports
-)
-
-// These tests use Ginkgo (BDD-style Go testing framework). Refer to
-// http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
-
-var cfg *rest.Config
-var k8sClient client.Client
-var testEnv *envtest.Environment
-
-func TestAPIs(t *testing.T) {
- RegisterFailHandler(Fail)
-
- RunSpecsWithDefaultAndCustomReporters(t,
- "Controller Suite",
- []Reporter{printer.NewlineReporter{}})
-}
-
-var _ = BeforeSuite(func(done Done) {
- logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))
-
- By("bootstrapping test environment")
- testEnv = &envtest.Environment{
- CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")},
- }
-
- var err error
- cfg, err = testEnv.Start()
- Expect(err).ToNot(HaveOccurred())
- Expect(cfg).ToNot(BeNil())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- err = batchv1alpha1.AddToScheme(scheme.Scheme)
- Expect(err).NotTo(HaveOccurred())
-
- // +kubebuilder:scaffold:scheme
-
- k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme})
- Expect(err).ToNot(HaveOccurred())
- Expect(k8sClient).ToNot(BeNil())
-
- close(done)
-}, 60)
-
-var _ = AfterSuite(func() {
- By("tearing down the test environment")
- err := testEnv.Stop()
- Expect(err).ToNot(HaveOccurred())
-})
var metricsAddr string
var enableLeaderElection bool
var checkInterval int
- flag.StringVar(&metricsAddr, "metrics-addr", ":8080", "The address the metric endpoint binds to.")
- flag.BoolVar(&enableLeaderElection, "enable-leader-election", false,
+ flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
+ flag.BoolVar(&enableLeaderElection, "leader-elect", false,
"Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.")
flag.IntVar(&checkInterval, "check-interval", 30,
"The check interval of CRD Controller (seconds)")
## Pre-condition
**1.Install cert-manager**
-`kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml`
+`kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.6.1/cert-manager.yaml`
**2.Label the node**
Code Review / icn / sdwan.git / commitdiff