From ba58d9502762fb5b1f1b4b4a1dc102c13b2e5591 Mon Sep 17 00:00:00 2001 From: Le Yao Date: Tue, 15 Feb 2022 03:20:35 -0500 Subject: [PATCH] Fix the crd-controller with v1 version Signed-off-by: Le Yao Change-Id: Ic27bd6fde16bf179639afa38e3d0e82002c81d6e --- .../sdewan_controllers/templates/certificate.yaml | 6 +- .../helm/sdewan_controllers/templates/crd.yaml | 2357 ++++++++++---------- .../sdewan_controllers/templates/deployment.yaml | 4 +- .../helm/sdewan_controllers/templates/issuer.yaml | 2 +- .../helm/sdewan_controllers/templates/role.yaml | 20 + .../helm/sdewan_controllers/templates/webhook.yaml | 19 +- .../deployment/helm/sdewan_controllers/values.yaml | 2 +- 7 files changed, 1209 insertions(+), 1201 deletions(-) diff --git a/platform/deployment/helm/sdewan_controllers/templates/certificate.yaml b/platform/deployment/helm/sdewan_controllers/templates/certificate.yaml index eaa35f8..926d014 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/certificate.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/certificate.yaml @@ -2,15 +2,15 @@ # Copyright (c) 2021 Intel Corporation --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: sdewan-serving-cert namespace: {{ .Values.namespace }} spec: dnsNames: - - sdewan-webhook-service.sdewan-system.svc - - sdewan-webhook-service.sdewan-system.svc.cluster.local + - sdewan-webhook-service.{{ .Values.namespace }}.svc + - sdewan-webhook-service.{{ .Values.namespace }}.svc.cluster.local issuerRef: kind: Issuer name: sdewan-selfsigned-issuer diff --git a/platform/deployment/helm/sdewan_controllers/templates/crd.yaml b/platform/deployment/helm/sdewan_controllers/templates/crd.yaml index 8c5e1db..f83e5bf 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/crd.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/crd.yaml @@ -2,11 +2,11 @@ # Copyright (c) 2021 Intel Corporation --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnflocalservices.batch.sdewan.akraino.org spec: @@ -17,61 +17,60 @@ spec: plural: cnflocalservices singular: cnflocalservice scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFLocalService is the Schema for the cnflocalservices API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFLocalServiceSpec defines the desired state of CNFService - properties: - localport: - type: string - localservice: - type: string - remoteport: - type: string - remoteservice: - type: string - type: object - status: - description: CNFLocalServiceStatus defines the observed state of CNFLocalServiceStatus - properties: - localip: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' - type: string - localport: - type: string - message: - type: string - remoteips: - items: - type: string - type: array - remoteport: - type: string - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFLocalService is the Schema for the cnflocalservices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFLocalServiceSpec defines the desired state of CNFService + properties: + localport: + type: string + localservice: + type: string + remoteport: + type: string + remoteservice: + type: string + type: object + status: + description: CNFLocalServiceStatus defines the observed state of CNFLocalServiceStatus + properties: + localip: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + type: string + localport: + type: string + message: + type: string + remoteips: + items: + type: string + type: array + remoteport: + type: string + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -79,11 +78,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnfnats.batch.sdewan.akraino.org spec: @@ -94,76 +93,75 @@ spec: plural: cnfnats singular: cnfnat scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFNAT is the Schema for the cnfnats API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFNATSpec defines the desired state of CNFNAT - properties: - dest: - type: string - dest_ip: - type: string - dest_port: - type: string - index: - type: string - name: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code after modifying this file' - type: string - proto: - type: string - src: - type: string - src_dip: - type: string - src_dport: - type: string - src_ip: - type: string - src_port: - type: string - target: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFNAT is the Schema for the cnfnats API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFNATSpec defines the desired state of CNFNAT + properties: + dest: + type: string + dest_ip: + type: string + dest_port: + type: string + index: + type: string + name: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file' + type: string + proto: + type: string + src: + type: string + src_dip: + type: string + src_dport: + type: string + src_ip: + type: string + src_port: + type: string + target: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -171,11 +169,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnfrouterules.batch.sdewan.akraino.org spec: @@ -186,62 +184,61 @@ spec: plural: cnfrouterules singular: cnfrouterule scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFRouteRule is the Schema for the cnfrouterules API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFRouteRuleSpec defines the desired state of CNFRouteRule - properties: - dst: - type: string - fwmark: - type: string - not: - type: boolean - prio: - type: string - src: - type: string - table: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFRouteRule is the Schema for the cnfrouterules API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFRouteRuleSpec defines the desired state of CNFRouteRule + properties: + dst: + type: string + fwmark: + type: string + not: + type: boolean + prio: + type: string + src: + type: string + table: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -249,11 +246,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnfroutes.batch.sdewan.akraino.org spec: @@ -264,61 +261,60 @@ spec: plural: cnfroutes singular: cnfroute scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFRoute is the Schema for the cnfroutes API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFRouteSpec defines the desired state of CNFRoute - properties: - dev: - type: string - dst: - type: string - gw: - type: string - table: - enum: - - default - - cnf - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFRoute is the Schema for the cnfroutes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFRouteSpec defines the desired state of CNFRoute + properties: + dev: + type: string + dst: + type: string + gw: + type: string + table: + enum: + - default + - cnf + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -326,11 +322,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnfservices.batch.sdewan.akraino.org spec: @@ -341,56 +337,55 @@ spec: plural: cnfservices singular: cnfservice scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFService is the Schema for the cnfservices API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFServiceSpec defines the desired state of CNFService - properties: - dport: - type: string - fullname: - type: string - port: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFService is the Schema for the cnfservices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFServiceSpec defines the desired state of CNFService + properties: + dport: + type: string + fullname: + type: string + port: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -398,11 +393,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: cnfstatuses.batch.sdewan.akraino.org spec: @@ -413,67 +408,66 @@ spec: plural: cnfstatuses singular: cnfstatus scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CNFStatus is the Schema for the cnfstatuses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CNFStatusSpec defines the desired state of CNFStatus - type: object - status: - description: CNFStatusStatus defines the observed state of CNFStatus - properties: - appliedGeneration: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' - format: int64 - type: integer - appliedTime: - format: date-time - type: string - information: - items: - description: CNFStatusInformation defines the runtime information - of a CNF - properties: - ip: - type: string - name: - type: string - namespace: - type: string - node: - type: string - purpose: - type: string - status: - type: string - required: - - name - type: object - type: array - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: CNFStatus is the Schema for the cnfstatuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CNFStatusSpec defines the desired state of CNFStatus + type: object + status: + description: CNFStatusStatus defines the observed state of CNFStatus + properties: + appliedGeneration: + description: 'INSERT ADDITIONAL STATUS FIELD - define observed state + of cluster Important: Run "make" to regenerate code after modifying + this file' + format: int64 + type: integer + appliedTime: + format: date-time + type: string + information: + items: + description: CNFStatusInformation defines the runtime information + of a CNF + properties: + ip: + type: string + name: + type: string + namespace: + type: string + node: + type: string + purpose: + type: string + status: + type: string + required: + - name + type: object + type: array + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -481,11 +475,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: firewalldnats.batch.sdewan.akraino.org spec: @@ -496,80 +490,79 @@ spec: plural: firewalldnats singular: firewalldnat scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: FirewallDNAT is the Schema for the firewalldnats API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: FirewallDNATSpec defines the desired state of FirewallDNAT - properties: - dest: - type: string - dest_ip: - type: string - dest_port: - type: string - family: - type: string - mark: - type: string - name: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code after modifying this file' - type: string - proto: - type: string - src: - type: string - src_dip: - type: string - src_dport: - type: string - src_ip: - type: string - src_mac: - type: string - src_port: - type: string - target: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: FirewallDNAT is the Schema for the firewalldnats API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirewallDNATSpec defines the desired state of FirewallDNAT + properties: + dest: + type: string + dest_ip: + type: string + dest_port: + type: string + family: + type: string + mark: + type: string + name: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file' + type: string + proto: + type: string + src: + type: string + src_dip: + type: string + src_dport: + type: string + src_ip: + type: string + src_mac: + type: string + src_port: + type: string + target: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -577,11 +570,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: firewallforwardings.batch.sdewan.akraino.org spec: @@ -592,60 +585,60 @@ spec: plural: firewallforwardings singular: firewallforwarding scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: FirewallForwarding is the Schema for the firewallforwardings API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: FirewallForwardingSpec defines the desired state of FirewallForwarding - properties: - dest: - type: string - family: - type: string - name: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code after modifying this file' - type: string - src: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: FirewallForwarding is the Schema for the firewallforwardings + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirewallForwardingSpec defines the desired state of FirewallForwarding + properties: + dest: + type: string + family: + type: string + name: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file' + type: string + src: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -653,11 +646,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: firewallrules.batch.sdewan.akraino.org spec: @@ -668,86 +661,85 @@ spec: plural: firewallrules singular: firewallrule scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: FirewallRule is the Schema for the firewallrules API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: FirewallRuleSpec defines the desired state of FirewallRule - properties: - dest: - type: string - dest_ip: - type: string - dest_port: - type: string - extra: - type: string - family: - type: string - icmp_type: - items: - type: string - type: array - mark: - type: string - name: - description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go - to remove/update - type: string - proto: - type: string - set_mark: - type: string - set_xmark: - type: string - src: - type: string - src_ip: - type: string - src_mac: - type: string - src_port: - type: string - target: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: FirewallRule is the Schema for the firewallrules API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirewallRuleSpec defines the desired state of FirewallRule + properties: + dest: + type: string + dest_ip: + type: string + dest_port: + type: string + extra: + type: string + family: + type: string + icmp_type: + items: + type: string + type: array + mark: + type: string + name: + description: Foo is an example field of FirewallRule. Edit FirewallRule_types.go + to remove/update + type: string + proto: + type: string + set_mark: + type: string + set_xmark: + type: string + src: + type: string + src_ip: + type: string + src_mac: + type: string + src_port: + type: string + target: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -755,11 +747,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: firewallsnats.batch.sdewan.akraino.org spec: @@ -770,80 +762,79 @@ spec: plural: firewallsnats singular: firewallsnat scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: FirewallSNAT is the Schema for the firewallsnats API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: FirewallSNATSpec defines the desired state of FirewallSNAT - properties: - dest: - type: string - dest_ip: - type: string - dest_port: - type: string - family: - type: string - mark: - type: string - name: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code after modifying this file' - type: string - proto: - type: string - src: - type: string - src_dip: - type: string - src_dport: - type: string - src_ip: - type: string - src_mac: - type: string - src_port: - type: string - target: - type: string - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: FirewallSNAT is the Schema for the firewallsnats API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirewallSNATSpec defines the desired state of FirewallSNAT + properties: + dest: + type: string + dest_ip: + type: string + dest_port: + type: string + family: + type: string + mark: + type: string + name: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file' + type: string + proto: + type: string + src: + type: string + src_dip: + type: string + src_dport: + type: string + src_ip: + type: string + src_mac: + type: string + src_port: + type: string + target: + type: string + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -851,11 +842,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: firewallzones.batch.sdewan.akraino.org spec: @@ -866,90 +857,89 @@ spec: plural: firewallzones singular: firewallzone scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: FirewallZone is the Schema for the firewallzones API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: FirewallZoneSpec defines the desired state of FirewallZone - properties: - etra_dest: - type: string - extra_src: - type: string - family: - type: string - forward: - type: string - input: - type: string - masq: - type: string - masq_allow_invalid: - type: string - masq_dest: - items: - type: string - type: array - masq_src: - items: - type: string - type: array - mtu_fix: - type: string - name: - description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go - to remove/update - type: string - network: - items: - type: string - type: array - output: - type: string - subnet: - items: - type: string - type: array - required: - - network - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: FirewallZone is the Schema for the firewallzones API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FirewallZoneSpec defines the desired state of FirewallZone + properties: + etra_dest: + type: string + extra_src: + type: string + family: + type: string + forward: + type: string + input: + type: string + masq: + type: string + masq_allow_invalid: + type: string + masq_dest: + items: + type: string + type: array + masq_src: + items: + type: string + type: array + mtu_fix: + type: string + name: + description: Foo is an example field of FirewallZone. Edit FirewallZone_types.go + to remove/update + type: string + network: + items: + type: string + type: array + output: + type: string + subnet: + items: + type: string + type: array + required: + - network + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -957,11 +947,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: ipsechosts.batch.sdewan.akraino.org spec: @@ -972,117 +962,116 @@ spec: plural: ipsechosts singular: ipsechost scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: IpsecHost is the Schema for the ipsechosts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - authentication_method: - type: string - connections: - items: - properties: - conn_type: - type: string - crypto_proposal: - items: - type: string - type: array - if_id: - type: string - local_firewall: - type: string - local_sourceip: - type: string - local_updown: - type: string - mark: - type: string - mode: - type: string - name: - type: string - remote_firewall: - type: string - remote_sourceip: - type: string - remote_subnet: - type: string - remote_updown: - type: string - required: - - conn_type - - mode - - name - type: object - type: array - crypto_proposal: - items: - type: string - type: array - force_crypto_proposal: - type: string - local_identifier: - type: string - local_private_cert: - type: string - local_public_cert: - type: string - name: - type: string - pre_shared_key: - type: string - remote: - type: string - remote_identifier: - type: string - shared_ca: - type: string - type: - type: string - required: - - authentication_method - - connections - - crypto_proposal - - remote - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: IpsecHost is the Schema for the ipsechosts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + authentication_method: + type: string + connections: + items: + properties: + conn_type: + type: string + crypto_proposal: + items: + type: string + type: array + if_id: + type: string + local_firewall: + type: string + local_sourceip: + type: string + local_updown: + type: string + mark: + type: string + mode: + type: string + name: + type: string + remote_firewall: + type: string + remote_sourceip: + type: string + remote_subnet: + type: string + remote_updown: + type: string + required: + - conn_type + - mode + - name + type: object + type: array + crypto_proposal: + items: + type: string + type: array + force_crypto_proposal: + type: string + local_identifier: + type: string + local_private_cert: + type: string + local_public_cert: + type: string + name: + type: string + pre_shared_key: + type: string + remote: + type: string + remote_identifier: + type: string + shared_ca: + type: string + type: + type: string + required: + - authentication_method + - connections + - crypto_proposal + - remote + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1090,11 +1079,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: ipsecproposals.batch.sdewan.akraino.org spec: @@ -1105,62 +1094,61 @@ spec: plural: ipsecproposals singular: ipsecproposal scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: IpsecProposal is the Schema for the ipsecproposals API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IpsecProposalSpec defines the desired state of IpsecProposal - properties: - dh_group: - type: string - encryption_algorithm: - type: string - hash_algorithm: - type: string - name: - type: string - required: - - dh_group - - encryption_algorithm - - hash_algorithm - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: IpsecProposal is the Schema for the ipsecproposals API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IpsecProposalSpec defines the desired state of IpsecProposal + properties: + dh_group: + type: string + encryption_algorithm: + type: string + hash_algorithm: + type: string + name: + type: string + required: + - dh_group + - encryption_algorithm + - hash_algorithm + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1168,11 +1156,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: ipsecsites.batch.sdewan.akraino.org spec: @@ -1183,119 +1171,118 @@ spec: plural: ipsecsites singular: ipsecsite scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: IpsecSite is the Schema for the ipsecsites API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IpsecSiteSpec defines the desired state of IpsecSite - properties: - authentication_method: - type: string - connections: - items: - properties: - conn_type: - type: string - crypto_proposal: - items: - type: string - type: array - if_id: - type: string - local_firewall: - type: string - local_subnet: - type: string - local_updown: - type: string - mark: - type: string - mode: - type: string - name: - type: string - remote_firewall: - type: string - remote_sourceip: - type: string - remote_subnet: - type: string - remote_updown: - type: string - required: - - conn_type - - local_subnet - - mode - - name - type: object - type: array - crypto_proposal: - items: - type: string - type: array - force_crypto_proposal: - type: string - local_identifier: - type: string - local_private_cert: - type: string - local_public_cert: - type: string - name: - type: string - pre_shared_key: - type: string - remote: - type: string - remote_identifier: - type: string - shared_ca: - type: string - type: - type: string - required: - - authentication_method - - connections - - crypto_proposal - - remote - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: IpsecSite is the Schema for the ipsecsites API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IpsecSiteSpec defines the desired state of IpsecSite + properties: + authentication_method: + type: string + connections: + items: + properties: + conn_type: + type: string + crypto_proposal: + items: + type: string + type: array + if_id: + type: string + local_firewall: + type: string + local_subnet: + type: string + local_updown: + type: string + mark: + type: string + mode: + type: string + name: + type: string + remote_firewall: + type: string + remote_sourceip: + type: string + remote_subnet: + type: string + remote_updown: + type: string + required: + - conn_type + - local_subnet + - mode + - name + type: object + type: array + crypto_proposal: + items: + type: string + type: array + force_crypto_proposal: + type: string + local_identifier: + type: string + local_private_cert: + type: string + local_public_cert: + type: string + name: + type: string + pre_shared_key: + type: string + remote: + type: string + remote_identifier: + type: string + shared_ca: + type: string + type: + type: string + required: + - authentication_method + - connections + - crypto_proposal + - remote + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1303,11 +1290,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: mwan3policies.batch.sdewan.akraino.org spec: @@ -1318,70 +1305,69 @@ spec: plural: mwan3policies singular: mwan3policy scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Mwan3Policy is the Schema for the mwan3policies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - members: - items: - description: Mwan3PolicySpec defines the desired state of Mwan3Policy - properties: - metric: - type: integer - network: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of - cluster Important: Run "make" to regenerate code after modifying - this file' - type: string - weight: - type: integer - required: - - metric - - network - - weight - type: object - type: array - required: - - members - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: Mwan3Policy is the Schema for the mwan3policies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + members: + items: + description: Mwan3PolicySpec defines the desired state of Mwan3Policy + properties: + metric: + type: integer + network: + description: 'INSERT ADDITIONAL SPEC FIELDS - desired state + of cluster Important: Run "make" to regenerate code after + modifying this file' + type: string + weight: + type: integer + required: + - metric + - network + - weight + type: object + type: array + required: + - members + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1389,11 +1375,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: mwan3rules.batch.sdewan.akraino.org spec: @@ -1404,77 +1390,76 @@ spec: plural: mwan3rules singular: mwan3rule scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Mwan3Rule is the Schema for the mwan3rules API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - dest_ip: - type: string - dest_port: - type: string - family: - type: string - policy: - type: string - proto: - type: string - src_ip: - type: string - src_port: - type: string - sticky: - type: string - timeout: - type: string - required: - - dest_ip - - dest_port - - family - - policy - - proto - - src_ip - - src_port - - sticky - - timeout - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: Mwan3Rule is the Schema for the mwan3rules API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + dest_ip: + type: string + dest_port: + type: string + family: + type: string + policy: + type: string + proto: + type: string + src_ip: + type: string + src_port: + type: string + sticky: + type: string + timeout: + type: string + required: + - dest_ip + - dest_port + - family + - policy + - proto + - src_ip + - src_port + - sticky + - timeout + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1482,11 +1467,11 @@ status: conditions: [] storedVersions: [] --- -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.2.5 + controller-gen.kubebuilder.io/version: v0.7.0 creationTimestamp: null name: sdewanapplications.batch.sdewan.akraino.org spec: @@ -1497,98 +1482,98 @@ spec: plural: sdewanapplications singular: sdewanapplication scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: SdewanApplication is the Schema for the sdewanapplications API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: SdewanApplicationSpec defines the desired state of SdewanApplication - properties: - appNamespace: - type: string - podSelector: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - type: object - status: - description: status subsource used for Sdewan rule CRDs - properties: - appliedGeneration: - format: int64 - type: integer - appliedTime: - format: date-time - type: string - message: - type: string - state: - type: string - required: - - state - type: object - type: object - version: v1alpha1 versions: - name: v1alpha1 + schema: + openAPIV3Schema: + description: SdewanApplication is the Schema for the sdewanapplications API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: SdewanApplicationSpec defines the desired state of SdewanApplication + properties: + appNamespace: + type: string + podSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An empty + label selector matches all objects. A null label selector matches + no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + type: object + status: + description: status subsource used for Sdewan rule CRDs + properties: + appliedGeneration: + format: int64 + type: integer + appliedTime: + format: date-time + type: string + message: + type: string + state: + type: string + required: + - state + type: object + type: object served: true storage: true + subresources: + status: {} status: acceptedNames: kind: "" diff --git a/platform/deployment/helm/sdewan_controllers/templates/deployment.yaml b/platform/deployment/helm/sdewan_controllers/templates/deployment.yaml index c236261..5612316 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/deployment.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/deployment.yaml @@ -31,8 +31,8 @@ spec: - containerPort: 8443 name: https - args: - - --metrics-addr=127.0.0.1:8080 - - --enable-leader-election + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect command: - /manager image: {{ .Values.spec.sdewan.image }} diff --git a/platform/deployment/helm/sdewan_controllers/templates/issuer.yaml b/platform/deployment/helm/sdewan_controllers/templates/issuer.yaml index 6f321b3..71fead9 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/issuer.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/issuer.yaml @@ -2,7 +2,7 @@ # Copyright (c) 2021 Intel Corporation --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: sdewan-selfsigned-issuer diff --git a/platform/deployment/helm/sdewan_controllers/templates/role.yaml b/platform/deployment/helm/sdewan_controllers/templates/role.yaml index 27fc4e7..4b19ced 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/role.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/role.yaml @@ -42,6 +42,26 @@ metadata: sdewan-bucket-type-permission: '{ "*": ["*"]}' name: sdewan-manager-role rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - apps resources: diff --git a/platform/deployment/helm/sdewan_controllers/templates/webhook.yaml b/platform/deployment/helm/sdewan_controllers/templates/webhook.yaml index 395bd98..51b5471 100644 --- a/platform/deployment/helm/sdewan_controllers/templates/webhook.yaml +++ b/platform/deployment/helm/sdewan_controllers/templates/webhook.yaml @@ -2,15 +2,16 @@ # Copyright (c) 2021 Intel Corporation --- -apiVersion: admissionregistration.k8s.io/v1beta1 +apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: {{ .Values.namespace }}/sdewan-serving-cert name: sdewan-validating-webhook-configuration webhooks: -- clientConfig: - caBundle: Cg== +- admissionReviewVersions: + - v1 + clientConfig: service: name: sdewan-webhook-service namespace: {{ .Values.namespace }} @@ -21,7 +22,7 @@ webhooks: - apiGroups: - batch.sdewan.akraino.org apiVersions: - - v1alpha1 + - v1 operations: - CREATE - UPDATE @@ -44,8 +45,10 @@ webhooks: - ipsecproposals - ipsechosts - ipsecsites -- clientConfig: - caBundle: Cg== + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: service: name: sdewan-webhook-service namespace: {{ .Values.namespace }} @@ -58,7 +61,6 @@ webhooks: - batch.sdewan.akraino.org apiVersions: - v1 - - v1alpha1 operations: - UPDATE resources: @@ -71,12 +73,13 @@ webhooks: - firewallsnats - firewalldnats - cnfnats + - cnfservices - cnfroutes - cnfrouterules - - cnfservices - cnflocalservices - cnfstatuses - sdewanapplication - ipsecproposals - ipsechosts - ipsecsites + sideEffects: None diff --git a/platform/deployment/helm/sdewan_controllers/values.yaml b/platform/deployment/helm/sdewan_controllers/values.yaml index a73f690..614f0ff 100644 --- a/platform/deployment/helm/sdewan_controllers/values.yaml +++ b/platform/deployment/helm/sdewan_controllers/values.yaml @@ -12,7 +12,7 @@ spec: image: "gcr.io/kubebuilder/kube-rbac-proxy:v0.4.1" name: "kube-rbac-proxy" sdewan: - image: "integratedcloudnative/sdewan-controller:0.5.0" + image: "integratedcloudnative/sdewan-controller:0.5.2" name: "manager" -- 2.16.6