From d8f8847dd93339f112e29f53d405a33b3c89c13a Mon Sep 17 00:00:00 2001 From: kyma-website-bot <49988522+kyma-website-bot@users.noreply.github.com> Date: Mon, 20 May 2024 14:22:09 +0000 Subject: [PATCH] Update modules --- model.js | 3507 +--------------------------------------------------- model.json | 3507 +--------------------------------------------------- 2 files changed, 4 insertions(+), 7010 deletions(-) diff --git a/model.js b/model.js index c4fe82f..eee0057 100644 --- a/model.js +++ b/model.js @@ -38,3510 +38,6 @@ export default [ "crYaml": "istio-default-cr.yaml" }, "versions": [ - { - "version": "1.6.1", - "channels": [ - "regular" - ], - "documentation": "https://kyma-project.io/#/istio/user/README", - "repository": "https://github.com/kyma-project/istio.git", - "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/istio-controller-manager", - "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.1", - "resources": [ - { - "apiVersion": "apiextensions.k8s.io/v1", - "kind": "CustomResourceDefinition", - "metadata": { - "annotations": { - "controller-gen.kubebuilder.io/version": "v0.14.0" - }, - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istios.operator.kyma-project.io" - }, - "spec": { - "group": "operator.kyma-project.io", - "names": { - "kind": "Istio", - "listKind": "IstioList", - "plural": "istios", - "singular": "istio" - }, - "scope": "Namespaced", - "versions": [ - { - "additionalPrinterColumns": [ - { - "jsonPath": ".status.state", - "name": "State", - "type": "string" - } - ], - "name": "v1alpha1", - "schema": { - "openAPIV3Schema": { - "description": "Contains Istio CR specification and current status.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "type": "object" - }, - "spec": { - "description": "Defines the desired specification for installing or updating Istio.", - "properties": { - "components": { - "properties": { - "cni": { - "description": "Cni defines component configuration for Istio CNI DaemonSet", - "properties": { - "k8s": { - "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "affinity": { - "description": "Affinity is a group of affinity scheduling rules.", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "preference", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "type": "array" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "ingressGateway": { - "description": "IngressGateway defines component configurations for Istio Ingress Gateway", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "pilot": { - "description": "Pilot defines component configuration for Istiod", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "proxy": { - "description": "Proxy defines component configuration for Istio proxy sidecar", - "properties": { - "k8s": { - "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - } - }, - "type": "object" - }, - "config": { - "description": "Config is the configuration for the Istio installation.", - "properties": { - "authorizers": { - "description": "Defines a list of external authorization providers.", - "items": { - "properties": { - "headers": { - "description": "Specifies headers to be included, added or forwarded during authorization.", - "properties": { - "inCheck": { - "description": "Defines headers to be included or added in check authorization request.", - "properties": { - "add": { - "additionalProperties": { - "type": "string" - }, - "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", - "type": "object" - }, - "include": { - "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toDownstream": { - "description": "Defines headers to be forwarded to the downstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - }, - "onDeny": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toUpstream": { - "description": "Defines headers to be forwarded to the upstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "name": { - "description": "A unique name identifying the extension authorization provider.", - "type": "string" - }, - "port": { - "description": "Specifies the port of the service.", - "format": "int32", - "type": "integer" - }, - "service": { - "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", - "type": "string" - } - }, - "required": [ - "name", - "port", - "service" - ], - "type": "object" - }, - "type": "array" - }, - "gatewayExternalTrafficPolicy": { - "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", - "enum": [ - "Local", - "Cluster" - ], - "type": "string" - }, - "numTrustedProxies": { - "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", - "maximum": 4294967295, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "status": { - "description": "IstioStatus defines the observed state of IstioCR.", - "properties": { - "conditions": { - "description": " Conditions associated with IstioStatus.", - "items": { - "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", - "maxLength": 32768, - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "reason": { - "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "enum": [ - "True", - "False", - "Unknown" - ], - "type": "string" - }, - "type": { - "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", - "maxLength": 316, - "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "message", - "reason", - "status", - "type" - ], - "type": "object" - }, - "type": "array" - }, - "description": { - "description": "Description of Istio status", - "type": "string" - }, - "state": { - "description": "State signifies current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", - "enum": [ - "Processing", - "Deleting", - "Ready", - "Error", - "Warning" - ], - "type": "string" - } - }, - "required": [ - "state" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "served": true, - "storage": false, - "subresources": { - "status": {} - } - }, - { - "additionalPrinterColumns": [ - { - "jsonPath": ".status.state", - "name": "State", - "type": "string" - } - ], - "name": "v1alpha2", - "schema": { - "openAPIV3Schema": { - "description": "Contains Istio CR specification and current status.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "type": "object" - }, - "spec": { - "description": "IstioSpec describes the desired specification for installing or updating Istio.", - "properties": { - "components": { - "properties": { - "cni": { - "description": "Cni defines component configuration for Istio CNI DaemonSet", - "properties": { - "k8s": { - "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "affinity": { - "description": "Affinity is a group of affinity scheduling rules.", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "preference", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "type": "array" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "ingressGateway": { - "description": "IngressGateway defines component configurations for Istio Ingress Gateway", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "pilot": { - "description": "Pilot defines component configuration for Istiod", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "proxy": { - "description": "Proxy defines component configuration for Istio proxy sidecar", - "properties": { - "k8s": { - "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - } - }, - "type": "object" - }, - "config": { - "description": "Config is the configuration for the Istio installation.", - "properties": { - "authorizers": { - "description": "Defines a list of external authorization providers.", - "items": { - "properties": { - "headers": { - "description": "Specifies headers to be included, added or forwarded during authorization.", - "properties": { - "inCheck": { - "description": "Defines headers to be included or added in check authorization request.", - "properties": { - "add": { - "additionalProperties": { - "type": "string" - }, - "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", - "type": "object" - }, - "include": { - "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toDownstream": { - "description": "Defines headers to be forwarded to the downstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - }, - "onDeny": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toUpstream": { - "description": "Defines headers to be forwarded to the upstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "name": { - "description": "A unique name identifying the extension authorization provider.", - "type": "string" - }, - "port": { - "description": "Specifies the port of the service.", - "format": "int32", - "type": "integer" - }, - "service": { - "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", - "type": "string" - } - }, - "required": [ - "name", - "port", - "service" - ], - "type": "object" - }, - "type": "array" - }, - "gatewayExternalTrafficPolicy": { - "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", - "enum": [ - "Local", - "Cluster" - ], - "type": "string" - }, - "numTrustedProxies": { - "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", - "maximum": 4294967295, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "experimental": { - "properties": { - "pilot": { - "properties": { - "enableAlphaGatewayAPI": { - "type": "boolean" - }, - "enableMultiNetworkDiscoverGatewayAPI": { - "type": "boolean" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "status": { - "description": "IstioStatus defines the observed state of IstioCR.", - "properties": { - "conditions": { - "description": " Conditions associated with IstioStatus.", - "items": { - "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", - "maxLength": 32768, - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "reason": { - "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "enum": [ - "True", - "False", - "Unknown" - ], - "type": "string" - }, - "type": { - "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", - "maxLength": 316, - "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "message", - "reason", - "status", - "type" - ], - "type": "object" - }, - "type": "array" - }, - "description": { - "description": "Description of Istio status", - "type": "string" - }, - "state": { - "description": "State signifies the current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", - "enum": [ - "Processing", - "Deleting", - "Ready", - "Error", - "Warning" - ], - "type": "string" - } - }, - "required": [ - "state" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "served": true, - "storage": true, - "subresources": { - "status": {} - } - } - ] - } - }, - { - "apiVersion": "v1", - "kind": "ServiceAccount", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "Role", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-leader-election-role", - "namespace": "kyma-system" - }, - "rules": [ - { - "apiGroups": [ - "" - ], - "resources": [ - "configmaps" - ], - "verbs": [ - "get", - "list", - "watch", - "create", - "update", - "patch", - "delete" - ] - }, - { - "apiGroups": [ - "coordination.k8s.io" - ], - "resources": [ - "leases" - ], - "verbs": [ - "get", - "list", - "watch", - "create", - "update", - "patch", - "delete" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "events" - ], - "verbs": [ - "create", - "patch" - ] - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "ClusterRole", - "metadata": { - "creationTimestamp": null, - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-manager-role" - }, - "rules": [ - { - "apiGroups": [ - "" - ], - "resources": [ - "namespaces" - ], - "verbs": [ - "create", - "get", - "patch", - "update" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "nodes" - ], - "verbs": [ - "get", - "list", - "watch" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios" - ], - "verbs": [ - "create", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios/finalizers" - ], - "verbs": [ - "update" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios/status" - ], - "verbs": [ - "get", - "patch", - "update" - ] - }, - { - "apiGroups": [ - "authentication.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "config.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "install.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "networking.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "security.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "telemetry.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "extensions.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "admissionregistration.k8s.io" - ], - "resources": [ - "mutatingwebhookconfigurations", - "validatingwebhookconfigurations" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "apiextensions.k8s.io" - ], - "resources": [ - "customresourcedefinitions.apiextensions.k8s.io", - "customresourcedefinitions" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "apps", - "extensions" - ], - "resources": [ - "daemonsets", - "deployments", - "deployments/finalizers", - "replicasets", - "statefulsets" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "autoscaling" - ], - "resources": [ - "horizontalpodautoscalers" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "monitoring.coreos.com" - ], - "resources": [ - "servicemonitors" - ], - "verbs": [ - "get", - "create", - "update" - ] - }, - { - "apiGroups": [ - "policy" - ], - "resources": [ - "poddisruptionbudgets" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "rbac.authorization.k8s.io" - ], - "resources": [ - "clusterrolebindings", - "roles", - "rolebindings" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "rbac.authorization.k8s.io" - ], - "resources": [ - "clusterroles" - ], - "verbs": [ - "*" - ] - }, - { - "apiGroups": [ - "coordination.k8s.io" - ], - "resources": [ - "leases" - ], - "verbs": [ - "get", - "create", - "update", - "patch" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "configmaps", - "endpoints", - "events", - "namespaces", - "pods", - "pods/proxy", - "pods/portforward", - "persistentvolumeclaims", - "secrets", - "services", - "serviceaccounts", - "resourcequotas" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "RoleBinding", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-leader-election-rolebinding", - "namespace": "kyma-system" - }, - "roleRef": { - "apiGroup": "rbac.authorization.k8s.io", - "kind": "Role", - "name": "istio-leader-election-role" - }, - "subjects": [ - { - "kind": "ServiceAccount", - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "ClusterRoleBinding", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-manager-rolebinding" - }, - "roleRef": { - "apiGroup": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "name": "istio-manager-role" - }, - "subjects": [ - { - "kind": "ServiceAccount", - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - ] - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", - "details": "header:\n - source: spec.action\n name: spec.action\n - source: spec.provider\n widget: Labels\n name: spec.provider\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: podSelector\nbody:\n - widget: Table\n name: spec.rules\n source: spec.rules\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"Rule #\" & $string($index + 1) & (\" \" & $join($keys($item), \" \"))'\n collapsible:\n - source: $item.from\n widget: Table\n name: spec.rules.from\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"From #\" & $string($index + 1) & (\" \" & $join($keys($item.source), \" \"))'\n collapsible:\n - source: source\n widget: Panel\n name: spec.rules.from.source\n children:\n - source: principals\n name: spec.rules.from.source.principals\n widget: JoinedArray\n visibility: $exists($value)\n - source: notPrincipals\n name: spec.rules.from.source.notPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: requestPrincipals\n name: spec.rules.from.source.requestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: notRequestPrincipals\n name: spec.rules.from.source.notRequestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: namespaces\n name: spec.rules.from.source.namespaces\n widget: Labels\n visibility: $exists($value)\n - source: notNamespaces\n name: spec.rules.from.source.notNamespaces\n widget: Labels\n visibility: $exists($value)\n - source: ipBlocks\n name: spec.rules.from.source.ipBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notIpBlocks\n name: spec.rules.from.source.notIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: remoteIpBlocks\n name: spec.rules.from.source.remoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notRemoteIpBlocks\n name: spec.rules.from.source.notRemoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: $item.to\n widget: Table\n name: spec.rules.to\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"To #\" & $string($index + 1) & (\" \" & $join($keys($item.operation), \" \"))'\n collapsible:\n - source: operation\n widget: Panel\n name: spec.rules.to.operation\n children:\n - source: Hosts\n name: spec.rules.to.operation.hosts\n widget: Labels\n visibility: $exists($value)\n - source: notHosts\n name: spec.rules.to.operation.notHosts\n widget: Labels\n visibility: $exists($value)\n - source: ports\n name: spec.rules.to.operation.ports\n widget: Labels\n visibility: $exists($value)\n - source: notPorts\n name: spec.rules.to.operation.notPorts\n widget: Labels\n visibility: $exists($value)\n - source: methods\n name: spec.rules.to.operation.methods\n widget: Labels\n visibility: $exists($value)\n - source: notMethods\n name: spec.rules.to.operation.notMethods\n widget: Labels\n visibility: $exists($value)\n - source: paths\n name: spec.rules.to.operation.paths\n widget: Labels\n visibility: $exists($value)\n - source: notPaths\n name: spec.rules.to.operation.notPaths\n widget: Labels\n visibility: $exists($value)\n - source: when\n widget: Table\n name: spec.rules.when\n visibility: $exists($value)\n children:\n - source: key\n name: spec.rules.when.key\n visibility: $exists($value)\n - source: values\n name: spec.rules.when.values\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - source: notValues\n name: spec.rules.when.notValues\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", - "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.action\n placeholder: placeholders.dropdown\n simple: true\n description: description.action\n- path: spec.provider\n widget: FormGroup\n children:\n - path: name\n- path: spec.rules\n widget: GenericList\n simple: true\n children:\n - path: '[].from'\n simple: true\n widget: GenericList\n children:\n - path: '[].source'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: principals\n simple: true\n widget: SimpleList\n description: description.rules.from.principals\n children:\n - path: '[]'\n simple: true\n - path: notPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notPrincipals\n children:\n - path: '[]'\n simple: true\n - path: requestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.requestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: notRequestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notRequestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: namespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.namespaces\n children:\n - path: '[]'\n simple: true\n - path: notNamespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.notNamespaces\n children:\n - path: '[]'\n simple: true\n - path: ipBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.ipBlocks\n children:\n - path: '[]'\n simple: true\n - path: notIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: remoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.remoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: notRemoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notRemoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: '[].to'\n simple: true\n widget: GenericList\n children:\n - path: '[].operation'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: hosts\n simple: true\n widget: SimpleList\n description: description.rules.to.hosts\n children:\n - path: '[]'\n simple: true\n - path: notHosts\n simple: true\n widget: SimpleList\n description: description.rules.to.notHosts\n children:\n - path: '[]'\n simple: true\n - path: ports\n simple: true\n widget: SimpleList\n description: description.rules.to.ports\n children:\n - path: '[]'\n simple: true\n - path: notPorts\n simple: true\n widget: SimpleList\n description: description.rules.to.notPorts\n children:\n - path: '[]'\n simple: true\n - path: methods\n simple: true\n widget: SimpleList\n description: description.rules.to.methods\n children:\n - path: '[]'\n simple: true\n - path: notMethods\n simple: true\n widget: SimpleList\n description: description.rules.to.notMethods\n children:\n - path: '[]'\n simple: true\n - path: paths\n simple: true\n widget: SimpleList\n description: description.rules.to.paths\n children:\n - path: '[]'\n simple: true\n - path: notPaths\n simple: true\n widget: SimpleList\n description: description.rules.to.notPaths\n children:\n - path: '[]'\n simple: true\n - path: '[].when'\n simple: true\n widget: GenericList\n children:\n - path: '[].key'\n simple: true\n widget: Text\n description: description.rules.when.key\n - path: '[].values'\n simple: true\n widget: SimpleList\n description: description.rules.when.values\n children:\n - path: '[]'\n simple: true\n - path: '[].notValues'\n simple: true\n widget: SimpleList\n description: description.rules.when.notValues\n children:\n - path: '[]'\n simple: true\n", - "general": "resource:\n kind: AuthorizationPolicy\n group: security.istio.io\n version: v1beta1\nname: Authorization Policies\ncategory: Istio\nurlPath: authorizationpolicies\nscope: namespace\ndescription: >-\n {{[Istio Authorization\n Policy](https://istio.io/latest/docs/reference/config/security/authorization-policy/)}}\n allows for workload access management in the mesh.", - "list": "- name: action\n source: spec.action", - "translations": "en:\n description.action: Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified.\n description.rules.from.principals: Optional. A list of peer identities derived from the peer certificate. The peer identity is in the format of ' /ns/ /sa/ ', for example, 'cluster.local/ns/default/sa/productpage'. If not set, any principal is allowed.\n description.rules.from.notPrincipals: Optional. A list of negative match of peer identities.\n description.rules.from.requestPrincipals: Optional. A list of request identities derived from the JWT. The request identity is in the format of '/', for example, 'example.com/sub-1'. If not set, any request principal is allowed.\n description.rules.from.notRequestPrincipals: Optional. A list of negative match of request identities.\n description.rules.from.namespaces: Optional. A list of namespaces derived from the peer certificate. If not set, any namespace is allowed.\n description.rules.from.notNamespaces: Optional. A list of negative match of namespaces.\n description.rules.from.ipBlocks: Optional. A list of IP blocks, populated from the source address of the IP packet. Single IP (e.g. '1.2.3.4') and CIDR (e.g. '1.2.3.0/24') are supported. If not set, any IP is allowed.\n description.rules.from.notIpBlocks: Optional. A list of negative match of IP blocks.\n description.rules.from.remoteIpBlocks: Optional. A list of IP blocks, populated from X-Forwarded-For header or proxy protocol. To make use of this field, you must configure the numTrustedProxies field of the gatewayTopology under the meshConfig when you install Istio or using an annotation on the ingress gateway. If not set, any IP is allowed.\n description.rules.from.notRemoteIpBlocks: Optional. A list of negative match of remote IP blocks.\n description.rules.to.hosts: Optional. A list of hosts as specified in the HTTP request. The match is case-insensitive. If not set, any host is allowed. Must be used only with HTTP.\n description.rules.to.notHosts: Optional. A list of negative match of hosts as specified in the HTTP request. The match is case-insensitive.\n description.rules.to.ports: Optional. A list of ports as specified in the connection. If not set, any port is allowed.\n description.rules.to.notPorts: Optional. A list of negative match of ports as specified in the connection.\n description.rules.to.methods: Optional. A list of methods as specified in the HTTP request. If not set, any method is allowed. Must be used only with HTTP.\n description.rules.to.notMethods: Optional. A list of negative match of methods as specified in the HTTP request.\n description.rules.to.paths: Optional. A list of paths as specified in the HTTP request. If not set, any path is allowed. Must be used only with HTTP.\n description.rules.to.notPaths: Optional. A list of negative match of paths.\n description.rules.when.key: The name of an Istio attribute.\n description.rules.when.values: Optional. A list of allowed values for the attribute. At least one of values or notValues must be set.\n description.rules.when.notValues: Optional. A list of negative match of values for the attribute. At least one of values or notValues must be set.\n placeholders.dropdown: Type or choose an option.\n spec.action: Action\n spec.provider: Provider\n spec.rules: Rules\n spec.rules.from: From\n spec.rules.from.source: Source\n spec.rules.from.source.principals: Principals\n spec.rules.from.source.notPrincipals: NotPrincipals\n spec.rules.from.source.requestPrincipals: RequestPrincipals\n spec.rules.from.source.notRequestPrincipals: NotRequestPrincipals\n spec.rules.from.source.namespaces: Namespaces\n spec.rules.from.source.notNamespaces: NotNamespaces\n spec.rules.from.source.ipBlocks: IpBlocks\n spec.rules.from.source.notIpBlocks: NotIpBlocks\n spec.rules.from.source.remoteIpBlocks: RemoteIpBlocks\n spec.rules.from.source.notRemoteIpBlocks: NotRemoteIpBlocks\n spec.rules.to: To\n spec.rules.to.operation: Operation\n spec.rules.to.operation.hosts: Hosts\n spec.rules.to.operation.notHosts: NotHosts\n spec.rules.to.operation.ports: Ports\n spec.rules.to.operation.notPorts: NotPorts\n spec.rules.to.operation.methods: Methods\n spec.rules.to.operation.notMethods: NotMethods\n spec.rules.to.operation.paths: Paths\n spec.rules.to.operation.notPaths: NotPaths\n spec.rules.when: When\n spec.rules.when.key: Key\n spec.rules.when.values: Values\n spec.rules.when.notValues: NotValues\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-authorizationpolicies-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "header: []\nbody:\n - name: References\n widget: Panel\n children:\n - source: spec.host\n name: Host\n - source: spec.exportTo\n widget: Labels\n name: Export To\n visibility: $exists($value)\n - source: spec.workloadSelector.matchLabels\n widget: Labels\n name: Workload Selector Match Labels\n visibility: $exists($value)\n - source: spec.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: spec.subsets\n name: Subsets\n widget: Table\n disablePadding: true\n visibility: $exists($value)\n children:\n - source: $item.name\n name: Name\n - source: $item.labels\n name: Labels\n widget: Labels\n collapsible:\n - source: $item.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n", - "form": "- simple: true\n path: spec.host\n name: Host\n required: true\n- widget: FormGroup\n path: spec.trafficPolicy\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: mainloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $mainloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $mainloadBalancerSelector = 'consistentHash'\n children:\n - var: mainconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $mainconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $mainconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $mainconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $mainconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: mainLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $mainLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $mainLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $mainLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: portLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $portLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $portLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: portLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $portLevelconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $portLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $portLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $portLevelconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: portLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $portLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $portLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $portLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.subsets\n name: Subsets\n widget: GenericList\n children:\n - path: '[].name'\n name: Name\n - path: '[].labels'\n name: Labels\n widget: KeyValuePair\n - path: '[].trafficPolicy'\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: subsetsloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetsloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetsloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetsconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $subsetsconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetsconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetsconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $subsetsconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetsLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetsLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetsLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetsLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: subsetPortLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetPortLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetPortLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetPortLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector =\n 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetPortLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetPortLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector=\n 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetPortLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetPortLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.exportTo\n name: Export To\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.workloadSelector.matchLabels\n defaultExpanded: true\n name: Workload Selector Match Labels\n widget: KeyValuePair\n", - "general": "resource:\n kind: DestinationRule\n group: networking.istio.io\n version: v1beta1\nname: Destination Rules\ncategory: Istio\nurlPath: destinationrules\nscope: namespace\ndescription: resource.description", - "list": "- source: spec.host\n name: Host", - "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n resource.description: >-\n {{[Destination\n Rule](https://istio.io/latest/docs/reference/config/networking/destination-rule)}}\n specifies rules that apply to traffic intended for a service after routing.\n References: References\n probes: Probes\n Export To: Export To\n Workload Selector Match Labels: Workload Selector Match Labels\n Traffic Policy: Traffic Policy\n Interval: Interval\n Name: Name\n time: Time\n interval: Interval\n Host: Host\n Connection Pool: Connection Pool\n TCP Keep Alive: TCP Keep Alive\n Probes: Probes\n Time: Time\n TCP: TCP\n HTTP: HTTP\n HTTP1 Max Pending Requests: HTTP1 Max Pending Requests\n Max Connections: Max Connections\n Connect Timeout: Connect Timeout\n HTTP2 Max Requests: HTTP2 Max Requests\n Max Requests Per Connection: Max Requests Per Connection\n Max Retries: Max Retries\n Idle Timeout: Idle Timeout\n H2 Upgrade Policy: H2 Upgrade Policy\n Use Client Protocol: Use Client Protocol\n Locality LB Settings: Locality LB Settings\n Enabled: Enabled\n Distribute: Distribute\n From: From\n To: To\n Failover: Failover\n Failover Priority: Failover Priority\n HTTP Cookie: HTTP Cookie\n Path: Path\n TTL: TTL\n Consistent Hash: Consistent Hash\n HTTP Header Name: HTTP Header Name\n Use Source IP: Use Source IP\n HTTP Query Parameter Name: HTTP Query Parameter Name\n Minimum Ring Size: Minimum Ring Size\n Load Balancer: Load Balancer\n Simple: Simple\n Warmup Duration Secs: Warmup Duration Secs\n ChooseConsistentHashSelector: Select Hash Type\n ChooseLoadBalancerSelector: Select Balancer Type\n ChooseLbSelector: Select LB Settings\n Split External Local Origin Errors: Split External Local Origin Errors\n Consecutive Local Origin Failures: Consecutive Local Origin Failures\n Consecutive Gateway Errors: Consecutive Gateway Errors\n Consecutive 5xx Errors: Consecutive 5xx Errors\n Base Ejection Time: Base Ejection Time\n Max Ejection Percent: Max Ejection Percent\n Min Health Percent: Min Health Percent\n Port Level Settings: Port Level Settings\n Port Number: Port Number\n TLS: TLS\n Mode: Mode\n Client Certificate: Client Certificate\n Private Key: Private Key\n CA Certificates: CA Certificates\n Credential Name: Credential Name\n Subject Alt Names: Subject Alt Names\n SNI: SNI\n Insecure Skip Verify: Insecure Skip Verify\n Tunnel: Tunnel\n Protocol: Protocol\n Target Host: Target Host\n Target Port: Target Port\n Subsets: Subsets\n Labels: Labels\n consistentHash: Consistent Hash\n simple: Simple\n failover: Failover\n distribute: Distribute\n\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-destinationrules-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n namespace: null\n filter: $matchByLabelSelector($item, $root.spec.selector)\nrelatedVirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($item.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $root.metadata.namespace and $substringAfter($g,\n '/') = $root.metadata.name) : ($substringBefore($g, '.') =\n $root.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $root.metadata.namespace) })", - "details": "header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\nbody:\n - widget: Table\n source: spec.servers\n name: spec.servers\n children:\n - source: port.name\n name: spec.servers.port.name\n - widget: JoinedArray\n separator: break\n source: hosts\n name: spec.servers.hosts\n - source: port.number\n name: spec.servers.port.number\n - source: port.protocol\n name: spec.servers.port.protocol\n - source: tls.mode\n name: spec.servers.tls.mode\n - widget: ResourceLink\n source: tls.credentialName\n name: spec.servers.tls.credentialName\n resource:\n name: tls.credentialName\n namespace: '\"istio-system\"'\n kind: '\"Secret\"'\n - widget: Panel\n name: spec.selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector) and $boolean($root.spec.selector)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: relatedVirtualServices", - "form": "- path: spec.selector\n widget: KeyValuePair\n simple: true\n required: true\n defaultExpanded: true\n- path: spec.servers\n widget: GenericList\n simple: true\n required: true\n children:\n - widget: FormGroup\n simple: true\n path: '[].port'\n defaultExpanded: true\n children:\n - path: number\n simple: true\n required: true\n inputInfo: inputInfo.spec.servers.port.number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - GRPC-WEB\n - MONGO\n - REDIS\n - MYSQL\n - TCP\n required: true\n placeholder: placeholders.dropdown\n - widget: FormGroup\n simple: true\n path: '[].tls'\n visibility: $item.port.protocol = 'HTTP' or $item.port.protocol = 'HTTPS'\n children:\n - path: httpsRedirect\n simple: true\n visibility: $item.port.protocol = 'HTTP'\n - path: mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: placeholders.dropdown\n - path: credentialName\n simple: true\n widget: Resource\n resource:\n kind: Secret\n version: v1\n namespace: istio-system\n scope: namespace\n filter: >-\n $item.type = 'kubernetes.io/tls' or ($item.type = 'Opaque' and\n $contains($item.data, 'key') and $contains($item.data, 'cert'))\n visibility: $item.port.protocol = 'HTTPS'\n - path: serverCertificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.serverCertificate\n - path: privateKey\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.privateKey\n - path: caCertificates\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.caCertificates\n - simple: true\n widget: Alert\n type: warning\n alert: '\"alert.tls.https\"'\n visibility: $item.port.protocol = 'HTTPS'\n - widget: SimpleList\n path: '[].hosts'\n required: true\n simple: true\n placeholder: placeholders.hosts\n children:\n - path: '[]'\n simple: true", - "general": "resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\nurlPath: gateways\ncategory: Istio\nname: Gateways\nscope: namespace\ndescription: >-\n {{[Gateways](https://istio.io/latest/docs/reference/config/networking/gateway/)}}\n describes a load balancer that operates at the edge of the mesh and receives\n incoming or outgoing HTTP/TCP connections.", - "list": "- name: spec.selector\n source: spec.selector\n widget: Labels", - "presets": "- name: Default Gateway\n default: true\n value:\n spec:\n selector:\n istio: ingressgateway\n- name: Ingress Gateway\n value:\n metadata:\n name: httpbin-gateway\n labels:\n app.kubernetes.io/name: httpbin-gateway\n spec:\n selector:\n istio: ingressgateway\n servers:\n - port:\n number: 443\n name: https\n protocol: HTTPS\n tls:\n mode: SIMPLE\n credentialName: ''\n hosts: []", - "translations": "en:\n alert.tls.https: TLS Server of mode SIMPLE or MUTUAL needs either credential name, or private key and server certificate pair.\n spec.selector: Selector\n spec.gateways: Gateways\n spec.servers: Servers\n spec.servers.port: Port\n spec.servers.port.name: Port Name\n spec.servers.port.protocol: Protocol\n spec.servers.port.targetPort: Target Port\n spec.servers.port.number: Port Number\n spec.servers.tls: TLS\n spec.servers.tls.mode: TLS Mode\n spec.servers.tls.httpsRedirect: HTTP Redirect\n spec.servers.tls.credentialName: Credential Name\n spec.servers.tls.serverCertificate: Server Certificate\n spec.servers.tls.privateKey: Private Key\n spec.servers.tls.caCertificates: CA Certificate\n spec.servers.hosts: Hosts\n selector.matchesAllPods: Matches all Pods in the Namespace\n placeholders.dropdown: Type or choose an option\n placeholders.serverCertificate: Enter the certificate path\n placeholders.privateKey: Enter the private key path\n placeholders.caCertificates: Enter the CA certificates path\n placeholders.hosts: For example, *.api.mydomain.com\n inputInfo.spec.servers.port.number: Must be a on-negative number." - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-gateways-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)\n", - "details": "header:\n - source: spec.location\n name: spec.location\n - source: spec.resolution\n name: spec.resolution\nresourceGraph:\n colorVariant: 2\n dataSources:\n - source: podSelector\nbody:\n - name: configuration\n widget: Panel\n source: spec\n visibility: >-\n $boolean($exists($value.hosts) or $exists($value.addresses) or\n $exists($value.subjectAltNames))\n children:\n - name: spec.hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.addresses\n source: addresses\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.exportTo\n source: exportTo\n widget: Labels\n placeholder: Exported to all Namespaces\n - name: spec.subjectAltNames\n source: subjectAltNames\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.ports\n widget: Table\n source: spec.ports\n visibility: $exists($value)\n children:\n - name: spec.ports.number\n source: number\n sort: true\n - name: spec.ports.protocol\n source: protocol\n sort: true\n - name: spec.ports.name\n source: name\n sort: true\n - name: spec.ports.targetPort\n source: targetPort\n sort: true\n - name: spec.endpoints\n widget: Table\n source: spec.endpoints\n visibility: $exists($value)\n children:\n - name: spec.endpoints.address\n source: address\n sort: true\n - name: spec.endpoints.ports\n source: ports\n widget: Labels\n - name: spec.endpoints.labels\n source: labels\n widget: Labels\n - name: spec.endpoints.network\n source: network\n sort: true\n - name: spec.endpoints.weight\n source: weight\n - name: spec.endpoints.serviceAccount\n source: serviceAccount\n - name: spec.workloadSelector\n widget: Panel\n source: spec.workloadSelector.labels\n visibility: $exists($value)\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n header:\n - widget: Labels\n source: spec.workloadSelector.labels\n visibility: $exists($value)", - "form": "- path: spec.hosts\n name: spec.hosts\n widget: SimpleList\n simple: true\n required: true\n children:\n - path: '[]'\n simple: true\n- path: spec.addresses\n name: spec.addresses\n widget: SimpleList\n placeholder: placeholders.addreses\n children:\n - path: '[]'\n- path: spec.ports\n name: Ports\n widget: GenericList\n children:\n - path: '[].number'\n name: spec.ports.number\n required: true\n - path: '[].protocol'\n name: spec.ports.protocol\n required: true\n placeholder: placeholders.dropdown\n enum:\n - HTTP\n - HTTPS\n - GRPC\n - HTTP2\n - MONGO\n - TCP\n - TLS\n - path: '[].name'\n name: spec.ports.name\n required: true\n - path: '[].targetPort'\n name: spec.ports.targetPort\n- path: spec.location\n name: spec.location\n placeholder: placeholders.dropdown\n- path: spec.resolution\n name: spec.resolution\n placeholder: placeholders.dropdown\n- path: spec.endpoints\n name: spec.endpoints\n widget: GenericList\n children:\n - path: '[].address'\n name: spec.endpoints.address\n - path: '[].ports'\n name: spec.endpoints.ports\n widget: KeyValuePair\n value:\n type: number\n - path: '[].labels'\n name: spec.endpoints.labels\n widget: KeyValuePair\n - path: '[].network'\n name: spec.endpoints.network\n - path: '[].locality'\n name: spec.endpoints.locality\n - path: '[].weight'\n name: spec.endpoints.weight\n - path: '[].serviceAccount'\n name: spec.endpoints.serviceAccount\n- path: spec.workloadSelector.labels\n name: spec.workloadSelector\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.exportTo\n name: spec.exportTo\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.subjectAltNames\n name: spec.subjectAltNames\n widget: SimpleList\n children:\n - path: '[]'", - "general": "resource:\n kind: ServiceEntry\n group: networking.istio.io\n version: v1beta1\nurlPath: serviceentries\ncategory: Istio\nname: Service Entries\nscope: namespace\ndescription: >-\n {{[ServiceEntry](https://istio.io/latest/docs/reference/config/networking/service-entry/)}}\n allows for adding more entries to the internal service registry of Istio.", - "list": "- source: spec.location\n name: spec.location\n sort: true\n- source: spec.resolution\n name: spec.resolution\n sort: true", - "translations": "en:\n configuration: Configuration\n spec.hosts: Hosts\n spec.addresses: Addresses\n spec.ports: Ports\n spec.ports.number: Number\n spec.ports.protocol: Protocol\n spec.ports.name: Name\n spec.ports.targetPort: Target Port\n spec.location: Location\n spec.resolution: Resolution\n spec.endpoints: Endpoints\n spec.endpoints.address: Address\n spec.endpoints.ports: Ports\n spec.endpoints.labels: Labels\n spec.endpoints.network: Network\n spec.endpoints.locality: Locality\n spec.endpoints.weight: Weight\n spec.endpoints.serviceAccount: Service Account\n spec.workloadSelector: Workload Selector\n spec.exportTo: Export To\n spec.subjectAltNames: Subject Alt Names\n placeholders.dropdown: Type or choose an option\n placeholders.addreses: For example, 127.0.0.1" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-serviceentries-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)", - "details": "header:\n - name: Outbound Traffic Policy Mode\n source: spec.outboundTrafficPolicy.mode\nbody:\n - widget: Table\n source: spec.egress\n name: Egress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: hosts\n name: Hosts\n widget: Labels\n - widget: Table\n source: spec.ingress\n name: Ingress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: $parent.tls.mode\n name: TLS Mode\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: defaultEndpoint\n name: Default Endpoint\n widget: Labels\n - widget: Panel\n name: Workload Selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n isCompact: true\n visibility: $exists($root.spec.workloadSelector.labels) and $boolean($root.spec.workloadSelector.labels)\n - source: spec.workloadSelector.labels\n widget: Panel\n name: Matches all Pods in the Namespace\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.workloadSelector.labels\n widget: Labels\n name: Workload Selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: podSelector", - "form": "- path: spec.workloadSelector.labels\n name: Workload Selector\n widget: KeyValuePair\n- widget: FormGroup\n path: spec.egress[].port\n simple: true\n children:\n - path: number\n simple: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n placeholder: Type or choose an option\n- path: spec.egress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.egress[].captureMode\n simple: true\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n placeholder: Type or choose an option\n- widget: SimpleList\n path: spec.egress[].hosts\n required: true\n simple: true\n placeholder: For example, *.api.mydomain.com\n children:\n - path: '[]'\n simple: true\n- widget: FormGroup\n path: spec.ingress[].port\n required: true\n simple: true\n children:\n - path: number\n simple: true\n required: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n required: true\n placeholder: Type or choose an option\n- path: spec.ingress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.ingress[].captureMode\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n simple: true\n placeholder: Type or choose an option\n- path: spec.ingress[].defaultEndpoint\n placeholder: For example, 127.0.0.1:PORT\n required: true\n simple: true\n- widget: FormGroup\n simple: true\n path: spec.ingress[].tls\n name: TLS\n visibility: $item.port.protocol = 'HTTPS'\n children:\n - path: mode\n name: TLS Mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: Type or choose an option\n - path: serverCertificate\n name: Server Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the certificate path\n - path: privateKey\n name: Private Key\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the private key path\n - path: caCertificates\n name: CA Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the CA certificates path\n- widget: FormGroup\n path: spec.outboundTrafficPolicy\n name: Outbound Traffic Policy\n children:\n - path: mode\n name: Outbound Traffic Policy Mode\n enum:\n - REGISTRY_ONLY\n - ALLOW_ANY\n placeholder: Type or choose an option", - "general": "resource:\n kind: Sidecar\n group: networking.istio.io\n version: v1beta1\nurlPath: sidecars\ncategory: Istio\nname: Sidecars\nscope: namespace\ndescription: >-\n {{[Sidecar](https://istio.io/latest/docs/reference/config/networking/sidecar/)}}\n manages the incoming and outgoing communication in a workload it is attached\n to.", - "list": "- source: spec.outboundTrafficPolicy.mode\n name: Outbound Traffic Policy Mode\n- source: spec.workloadSelector.labels\n name: Workload Selector Labels\n widget: Labels" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-sidecars-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "body: \n - name: Configuration\n widget: Panel\n source: spec\n children:\n - name: AccessLogging\n source: accessLogging\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: Filter\n source: filter\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Expression\n source: expression\n widget: Labels\n - name: Match\n source: match\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Mode\n source: mode\n widget: Labels\n - name: Tracing\n source: tracing\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: RandomSamplingPercentage\n source: randomSamplingPercentage\n widget: Text\n visibility: $exists($value)\n - name: Providers\n source: providers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n widget: Text\n name: Name\n \n", - "form": "- path: spec.accessLogging\n widget: GenericList\n simple: true\n name: Access logging configuration\n children:\n - path: '[]'\n children:\n - path: match.mode\n simple: true\n name: Access logging match mode\n - path: filter.expression\n simple: true\n name: Access logging filter expression\n- path: spec.tracing\n simple: true\n widget: GenericList\n name: Tracing configuration\n children:\n - path: '[]'\n children:\n - path: providers\n simple: true\n widget: GenericList\n children:\n - path: '[]'\n children:\n - path: name\n simple: true\n name: Tracing provider name\n - path: randomSamplingPercentage\n type: number\n name: Tracing random sampling percentage\n", - "general": "resource:\n kind: Telemetry\n group: telemetry.istio.io\n version: v1alpha1\nurlPath: telemetries\ncategory: Istio\nname: Telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry](https://istio.io/latest/docs/reference/config/telemetry)}}\n defines how the telemetry is generated for workloads within a mesh.\n\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-telemetries-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n visibility: '$exists($value)'\n - source: spec.config.numTrustedProxies\n name: config.numTrustedProxies\n placeholder: '1'\n\n - name: config.authorizers\n widget: Table\n source: spec.config.authorizers\n visibility: $exists($value)\n collapsibleTitle: \"$item.name\"\n collapsible:\n - name: config.authorizers.headers.inCheck.add\n # For some reason $each doesn't return an array that works with JoinedArray widget, when we have only one element. So in this case we return an Array with one element.\n source: '$count($keys(headers.inCheck.add)) = 1 ? $each(headers.inCheck.add, function($v, $k) {[$k & \":\" & $v]}) : $each(headers.inCheck.add, function($v, $k) {$k & \":\" & $v})'\n widget: JoinedArray\n - name: config.authorizers.headers.inCheck.include\n source: headers.inCheck.include\n widget: JoinedArray\n - name: config.authorizers.headers.toUpstream.onAllow\n source: headers.toUpstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onAllow\n source: headers.toDownstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onDeny\n source: headers.toDownstream.onDeny\n widget: JoinedArray\n children:\n - name: config.authorizers.service\n source: service\n - name: config.authorizers.port\n source: port\n\n - widget: Panel\n name: Pilot\n visibility: '$exists(spec.components.pilot.k8s.hpaSpec.minReplicas) or $exists(spec.components.pilot.k8s.hpaSpec.maxReplicas) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.pilot.k8s.resources.limits.cpu) or $exists(spec.components.pilot.k8s.resources.limits.memory) or $exists(spec.components.pilot.k8s.resources.requests.cpu) or $exists(spec.components.pilot.k8s.resources.requests.memory)'\n children:\n - source: spec.components.pilot.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Ingress Gateway\n visibility: '$exists(spec.components.ingressGateway.k8s.hpaSpec.minReplicas) or $exists(spec.components.ingressGateway.k8s.hpaSpec.maxReplicas) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.ingressGateway.k8s.resources.limits.cpu) or $exists(spec.components.ingressGateway.k8s.resources.limits.memory) or $exists(spec.components.ingressGateway.k8s.resources.requests.cpu) or $exists(spec.components.ingressGateway.k8s.resources.requests.memory)'\n children:\n - source: spec.components.ingressGateway.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: CNI\n visibility: '$exists(spec.components.cni.k8s.resources.limits.cpu) or $exists(spec.components.cni.k8s.resources.limits.memory) or $exists(spec.components.cni.k8s.resources.requests.cpu) or $exists(spec.components.cni.k8s.resources.requests.memory) or $exists(spec.components.cni.k8s.affinity)'\n children:\n - source: spec.components.cni.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.affinity\n name: k8s.affinity\n widget: CodeViewer\n description: \"Kubernetes documentation for {{[Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Proxy\n visibility: '$exists(spec.components.proxy.k8s.resources.limits.cpu) or $exists(spec.components.proxy.k8s.resources.limits.memory) or $exists(spec.components.proxy.k8s.resources.requests.cpu) or $exists(spec.components.proxy.k8s.resources.requests.memory)'\n children:\n - source: spec.components.proxy.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true", - "form": "- path: spec.config\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n simple: true\n description: description.externalTrafficPolicy\n value:\n type: string\n - path: numTrustedProxies\n simple: true\n name: config.numTrustedProxies\n value:\n type: number\n- path: spec.config.authorizers\n name: config.authorizers\n widget: GenericList\n children:\n - path: '[].name'\n name: config.authorizers.name\n - path: '[].service'\n name: config.authorizers.service\n - path: '[].port'\n name: config.authorizers.port\n - path: '[].headers'\n name: config.authorizers.headers\n widget: FormGroup\n children:\n - path: 'inCheck.add'\n name: config.authorizers.headers.inCheck.add\n widget: KeyValuePair\n - path: 'inCheck.include'\n name: config.authorizers.headers.inCheck.include\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toUpstream.onAllow'\n name: config.authorizers.headers.toUpstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onAllow'\n name: config.authorizers.headers.toDownstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onDeny'\n name: config.authorizers.headers.toDownstream.onDeny\n widget: SimpleList\n children:\n - path: '[]'\n\n- path: spec.components\n name: Components\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: 'pilot'\n required: false\n name: Pilot\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'ingressGateway'\n required: false\n name: Ingress Gateway\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'cni'\n required: false\n name: CNI\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.affinity'\n widget: CodeEditor\n description: k8s.affinity\n language: \"'yaml'\"\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'proxy'\n required: false\n name: Proxy\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n", - "general": "resource:\n kind: Istio\n group: operator.kyma-project.io\n version: v1alpha2\nurlPath: istios\ncategory: Kyma\nname: Istio\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Istio CR](https://github.com/kyma-project/istio/blob/main/config/samples/operator_v1alpha2_istio.yaml)}}\n describes the Istio module", - "list": "- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\n", - "translations": "en:\n config.numTrustedProxies: Number of trusted proxies\n\n config.authorizers: Authorizers\n config.authorizers.name: Name\n config.authorizers.service: Service\n config.authorizers.port: Port\n config.authorizers.headers: Headers\n config.authorizers.headers.inCheck.include: Forward To Authorization Request\n config.authorizers.headers.inCheck.add: Add To Authorization Request\n config.authorizers.headers.toUpstream.onAllow: Forward To Upstream\n config.authorizers.headers.toDownstream.onAllow: Forward To Downstream On Allow\n config.authorizers.headers.toDownstream.onDeny: Forward To Downstream On Deny\n config.gatewayExternalTrafficPolicy: Gateway external traffic policy\n\n k8s.hpaSpec: Horizontal Pod Autoscaler\n k8s.hpaSpec.minReplicas: Minimum number of replicas\n k8s.hpaSpec.maxReplicas: Maximum number of replicas\n k8s.strategy.rollingUpdate: Rolling update strategy\n k8s.strategy.rollingUpdate.maxSurge: Maximum surge\n k8s.strategy.rollingUpdate.maxUnavailable: Maximum unavailable\n k8s.resources.cpu: CPU\n k8s.resources.memory: Memory\n k8s.resources.limits.cpu: CPU limits\n k8s.resources.limits.memory: Memory limits\n k8s.resources.requests.cpu: CPU requests\n k8s.resources.requests.memory: Memory requests\n k8s.affinity: Affinity (YAML)\n description.hpaSpec.minReplicas: Minimum number of replicas for this deployment\n description.hpaSpec.maxReplicas: Maximum number of replicas for this deployment\n description.rollingUpdate.maxSurge: Maximum number of Pods, or the percentage of Pods that can be created on top during an update\n description.rollingUpdate.maxUnvailable: Maximum number of Pods, or the percentage of Pods that can be unavailable during an update\n description.limits.cpu: Total CPU limits of all Pods that are in a non-terminal state must not exceed this value\n description.limits.memory: Total memory limits of all Pods that are in a non-terminal state must not exceed this value\n description.requests.cpu: Total CPU requests of all Pods that are in a non-terminal state must not exceed this value\n description.requests.memory: Total memory requests of all Pods that are in a non-terminal state must not exceed this value\n description.externalTrafficPolicy: Specifies externalTrafficPolicy for the Istio Ingress Gateway Service" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($root.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $item.metadata.namespace and $substringAfter($g,\n '/') = $item.metadata.name) : ($substringBefore($g, '.') =\n $item.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $item.metadata.namespace) })\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\n filter: >-\n $filter($root.spec.http.route, function($r) { $filter($r.destination.host,\n function($h){($substringBefore($h, '.') = $item.metadata.name) and\n ($split($substringAfter($h, '.'),'.')[0] = $item.metadata.namespace)} ) })", - "details": "resourceGraph:\n dataSources:\n - source: relatedGateways\n - source: relatedServices\nbody:\n - widget: Table\n source: spec.gateways[]\n name: gateways\n visibility: $exists($value)\n children:\n - source: $item\n name: t-name\n widget: ResourceLink\n resource:\n kind: '\"Gateway\"'\n name: >-\n $contains($item,'/') ? $substringAfter($item, '/') :\n $substringBefore($item, '.')\n namespace: >-\n $contains($item,'/') ? $substringBefore($item, '/'):\n $substringBefore($substringAfter($item, '.'), '.')\n - name: summary\n widget: Panel\n source: spec\n visibility: $boolean($exists($value.exportTo) or $exists($value.hosts))\n children:\n - name: exportTo\n source: exportTo\n widget: Labels\n visibility: $exists($value)\n - name: hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - widget: Table\n source: spec.http\n name: http\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: timeout\n name: timeout\n - source: mirrorPercentage.value\n name: mirrorPercentage\n collapsible:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: uri\n name: uri\n widget: Labels\n - source: scheme\n name: scheme\n widget: Labels\n - source: method\n name: method\n widget: Labels\n - source: authority\n name: authority\n widget: Labels\n - source: headers\n name: headers\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: queryParams\n name: queryParams\n - source: ignoreUriCase\n name: ignoreUriCase\n - source: withoutHeaders\n name: withoutHeaders\n - source: sourceNamespace\n name: sourceNamespace\n - source: statPrefix\n name: statPrefix\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: redirect\n name: redirect\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: port\n name: port\n - source: derivePort\n name: derivePort\n widget: Labels\n - source: scheme\n name: scheme\n - source: redirectCode\n name: redirectCode\n - source: directResponse\n name: directResponse\n widget: Panel\n visibility: $exists($value)\n children:\n - source: status\n name: status\n - source: body\n name: body\n widget: Panel\n visibility: $exists($value)\n children:\n - source: string\n name: string\n - source: bytes\n name: bytes\n - source: delegate\n name: delegate\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: namespace\n name: namespace\n - source: rewrite\n name: rewrite\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: retries\n name: retries\n widget: Panel\n visibility: $exists($value)\n children:\n - source: attempts\n name: attempts\n - source: perTryTimeout\n name: perTryTimeout\n - source: retryOn\n name: retryOn\n - source: retryRemoteLocalities\n name: retryRemoteLocalities\n - source: fault\n name: fault\n widget: Panel\n visibility: $exists($value)\n children:\n - source: delay\n name: delay\n widget: Panel\n visibility: $exists($value)\n children:\n - source: fixedDelay\n name: fixedDelay\n - source: percentage.value\n name: percentage.value\n - source: percent\n name: percent\n - source: abort\n name: Abort\n widget: Panel\n visibility: $exists($value)\n children:\n - source: httpStatus\n name: httpStatus\n - source: percentage.value\n name: percentage.value\n - source: mirror\n name: Mirror\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: corsPolicy\n name: corsPolicy\n widget: Panel\n visibility: $exists($value)\n children:\n - source: allowOrigins\n name: allowOrigins\n - source: allowMethods\n name: allowMethods\n widget: JoinedArray\n - source: allowHeaders\n name: allowHeaders\n widget: JoinedArray\n - source: exposeHeaders\n name: exposeHeaders\n widget: JoinedArray\n - source: maxAge\n name: maxAge\n - source: allowCredentials\n name: allowCredentials\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - widget: Table\n source: spec.tcp\n name: tcp\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port\n - source: weight\n name: weight\n - widget: Table\n source: spec.tls\n name: tls\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: sniHosts\n name: sniHosts\n widget: JoinedArray\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight", - "form": "- path: spec.tls\n widget: GenericList\n name: tls\n children:\n - path: '[].match'\n widget: GenericList\n name: matches\n children:\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n widget: KeyValuePair\n name: sourceLabels\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n widget: GenericList\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.tcp\n name: tcp\n widget: GenericList\n children:\n - path: '[].match'\n name: matches\n children:\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.http\n simple: true\n name: http\n widget: GenericList\n children:\n - path: '[].match'\n simple: true\n name: matches\n widget: GenericList\n children:\n - path: '[].name'\n simple: true\n name: t-name\n - path: '[].uri'\n simple: true\n name: uri\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].scheme'\n simple: true\n name: scheme\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].method'\n simple: true\n name: method\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].authority'\n simple: true\n name: authority\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].headers'\n simple: true\n name: headers\n defaultExpanded: true\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].port'\n simple: true\n name: port\n - path: '[].sourceLabels'\n simple: true\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n simple: true\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].queryParams'\n simple: true\n name: queryParams\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].ignoreUriCase'\n simple: true\n name: ignoreUriCase\n - path: '[].withoutHeaders'\n simple: true\n name: withoutHeaders\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].sourceNamespace'\n simple: true\n name: sourceNamespace\n - path: '[].statPrefix'\n simple: true\n name: statPrefix\n - path: '[].route'\n simple: true\n name: routes\n children:\n - path: '[].destination'\n simple: true\n name: destination\n widget: FormGroup\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n simple: true\n name: weight\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: '[].redirect'\n simple: true\n name: redirect\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: port\n simple: true\n name: port\n - path: derivePort\n simple: true\n name: derivePort\n - path: scheme\n simple: true\n name: scheme\n - path: redirectCode\n simple: true\n name: redirectCode\n - path: '[].directResponse'\n simple: true\n name: directResponse\n widget: FormGroup\n children:\n - path: status\n simple: true\n name: status\n - path: body\n simple: true\n name: body\n widget: FormGroup\n children:\n - path: string\n simple: true\n name: string\n - path: bytes\n simple: true\n name: bytes\n - path: '[].delegate'\n simple: true\n name: delegate\n widget: FormGroup\n children:\n - path: name\n simple: true\n name: name\n - path: namespace\n simple: true\n name: namespace\n - path: '[].rewrite'\n simple: true\n name: rewrite\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: '[].timeout'\n simple: true\n name: timeout\n - path: '[].retries'\n simple: true\n name: retries\n widget: FormGroup\n children:\n - path: attempts\n simple: true\n name: attempts\n - path: perTryTimeout\n simple: true\n name: perTryTimeout\n - path: retryOn\n simple: true\n name: retryOn\n - path: retryRemoteLocalities\n simple: true\n name: retryRemoteLocalities\n - path: '[].fault'\n simple: true\n name: fault\n widget: FormGroup\n children:\n - path: delay\n simple: true\n name: delay\n widget: FormGroup\n children:\n - path: fixedDelay\n simple: true\n name: fixedDelay\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: percent\n simple: true\n name: percent\n - path: abort\n simple: true\n name: abort\n widget: FormGroup\n children:\n - path: httpStatus\n simple: true\n name: httpStatus\n - path: grpcStatus\n simple: true\n name: grpcStatus\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: '[].mirror'\n simple: true\n name: mirror\n widget: FormGroup\n children:\n - path: host\n simple: true\n name: host\n - path: subset\n simple: true\n name: subset\n - path: port.number\n simple: true\n name: port.number\n - path: '[].mirrorPercentage.value'\n simple: true\n name: mirrorPercentage\n - path: '[].corsPolicy'\n simple: true\n name: corsPolicy\n widget: FormGroup\n children:\n - path: allowCredentials\n simple: true\n name: allowCredentials\n type: boolean\n - path: allowMethods\n simple: true\n name: allowMethods\n widget: SimpleList\n placeholder: allowMethods.placeholder\n children:\n - path: '[]'\n simple: true\n - path: allowHeaders\n simple: true\n name: allowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: exposeHeaders\n simple: true\n name: exposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: maxAge\n simple: true\n name: maxAge\n placeholder: maxAge.placeholder\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n- path: spec.hosts\n name: hosts\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.gateways\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.exportTo\n name: exportTo\n widget: SimpleList\n children:\n - path: '[]'", - "general": "resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\nurlPath: virtualservices\ncategory: Istio\nname: Virtual Services\nscope: namespace\ndescription: >-\n {{[VirtualService](https://istio.io/latest/docs/reference/config/networking/virtual-service/)}}\n describes a configuration that affects traffic routing. .", - "list": "- name: hosts\n source: spec.hosts\n widget: JoinedArray\n- name: gateways\n source: spec.gateways\n widget: JoinedArray", - "translations": "en:\n t-name: Name\n gateways: Gateways\n hosts: Hosts\n exportTo: Export to\n summary: Summary\n http: HTTP\n tls: TLS\n tcp: TCP\n mirror: Mirror\n mirrorPercentage: Mirror Percentage\n timeout: Timeout\n matches: Matches\n uri: URI\n scheme: Scheme\n method: Method\n authority: Authority\n headers: Headers\n port: Port\n sourceLabels: Source Labels\n queryParams: Query Params\n ignoreUriCase: Ignore URI Case\n withoutHeaders: Without Headers\n sourceNamespace: Source Namespace\n statPrefix: Stat Prefix\n routes: Routes\n destination: Destination\n host: Host\n subset: Subset\n port.number: Port Number\n weight: Weight\n request: Request\n response: Response\n set: Set\n add: Add\n remove: Remove\n redirect: Redirect\n derivePort: Derive Port\n redirectCode: Redirect Code\n directResponse: Direct Response\n status: Status\n body: Body\n string: String\n bytes: Bytes\n delegate: Delegate\n namespace: Namespace\n rewrite: Rewrite\n retries: Retries\n attempts: Attempts\n perTryTimeout: Per Try Timeout\n retryOn: Retry On\n retryRemoteLocalities: Retry Remote Localities\n fault: Fault\n delay: Delay\n fixedDelay: Fixed Delay\n abort: Abort\n percentage.value: Percentage Value\n percent: Percent\n httpStatus: HTTP Status\n grpcStatus: GRPC Status\n corsPolicy: CORS Policy\n allowOrigins: Allow Origins\n allowMethods: Allow Methods\n allowMethods.placeholder: For example, GET\n allowHeaders: Allow Headers\n exposeHeaders: Expose Headers\n maxAge: Max Age\n maxAge.placeholder: For example, 24h\n allowCredentials: Allow Credentials\n destinationSubnets: Destination Subnets\n sniHosts: SNI Hosts" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-virtualservices-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "kind": "Service", - "metadata": { - "labels": { - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-operator-metrics", - "namespace": "kyma-system" - }, - "spec": { - "ports": [ - { - "name": "http-metrics", - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "control-plane": "controller-manager" - } - } - }, - { - "apiVersion": "scheduling.k8s.io/v1", - "description": "Used for Istio components that are managed by Kyma Istio Manager and must run in the cluster.", - "globalDefault": false, - "kind": "PriorityClass", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-kyma-priority" - }, - "value": 2100000 - }, - { - "apiVersion": "apps/v1", - "kind": "Deployment", - "metadata": { - "labels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "control-plane": "controller-manager", - "kyma-project.io/module": "istio" - }, - "name": "istio-controller-manager", - "namespace": "kyma-system" - }, - "spec": { - "replicas": 1, - "selector": { - "matchLabels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "control-plane": "controller-manager" - } - }, - "template": { - "metadata": { - "annotations": { - "kubectl.kubernetes.io/default-container": "manager" - }, - "labels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "control-plane": "controller-manager", - "kyma-project.io/module": "istio", - "sidecar.istio.io/inject": "false" - } - }, - "spec": { - "containers": [ - { - "args": [ - "--leader-elect", - "--health-probe-bind-address=:8081", - "--metrics-bind-address=:8080" - ], - "command": [ - "/manager" - ], - "image": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.1", - "livenessProbe": { - "httpGet": { - "path": "/healthz", - "port": 8081 - }, - "initialDelaySeconds": 15, - "periodSeconds": 20 - }, - "name": "manager", - "readinessProbe": { - "httpGet": { - "path": "/readyz", - "port": 8081 - }, - "initialDelaySeconds": 5, - "periodSeconds": 10 - }, - "resources": { - "limits": { - "cpu": "1000m", - "memory": "512Mi" - }, - "requests": { - "cpu": "10m", - "memory": "64Mi" - } - }, - "securityContext": { - "allowPrivilegeEscalation": false, - "capabilities": { - "drop": [ - "ALL" - ] - } - } - } - ], - "securityContext": { - "runAsNonRoot": true - }, - "serviceAccountName": "istio-controller-manager", - "terminationGracePeriodSeconds": 10 - } - } - } - } - ], - "cr": { - "apiVersion": "operator.kyma-project.io/v1alpha2", - "kind": "Istio", - "metadata": { - "name": "default", - "namespace": "kyma-system", - "labels": { - "app.kubernetes.io/name": "default" - } - } - }, - "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default", - "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.6.1/istio-manager.yaml", - "crYaml": "https://github.com/kyma-project/istio/releases/download/1.6.1/istio-default-cr.yaml" - }, { "version": "1.6.2", "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.6.2/istio-manager.yaml", @@ -7041,7 +3537,8 @@ export default [ "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.2", "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default", "channels": [ - "fast" + "fast", + "regular" ], "documentation": "https://kyma-project.io/#/istio/user/README", "repository": "https://github.com/kyma-project/istio.git" diff --git a/model.json b/model.json index 0769eb9..edd0d68 100644 --- a/model.json +++ b/model.json @@ -38,3510 +38,6 @@ "crYaml": "istio-default-cr.yaml" }, "versions": [ - { - "version": "1.6.1", - "channels": [ - "regular" - ], - "documentation": "https://kyma-project.io/#/istio/user/README", - "repository": "https://github.com/kyma-project/istio.git", - "managerPath": "/apis/apps/v1/namespaces/kyma-system/deployments/istio-controller-manager", - "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.1", - "resources": [ - { - "apiVersion": "apiextensions.k8s.io/v1", - "kind": "CustomResourceDefinition", - "metadata": { - "annotations": { - "controller-gen.kubebuilder.io/version": "v0.14.0" - }, - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istios.operator.kyma-project.io" - }, - "spec": { - "group": "operator.kyma-project.io", - "names": { - "kind": "Istio", - "listKind": "IstioList", - "plural": "istios", - "singular": "istio" - }, - "scope": "Namespaced", - "versions": [ - { - "additionalPrinterColumns": [ - { - "jsonPath": ".status.state", - "name": "State", - "type": "string" - } - ], - "name": "v1alpha1", - "schema": { - "openAPIV3Schema": { - "description": "Contains Istio CR specification and current status.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "type": "object" - }, - "spec": { - "description": "Defines the desired specification for installing or updating Istio.", - "properties": { - "components": { - "properties": { - "cni": { - "description": "Cni defines component configuration for Istio CNI DaemonSet", - "properties": { - "k8s": { - "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "affinity": { - "description": "Affinity is a group of affinity scheduling rules.", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "preference", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "type": "array" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "ingressGateway": { - "description": "IngressGateway defines component configurations for Istio Ingress Gateway", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "pilot": { - "description": "Pilot defines component configuration for Istiod", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "proxy": { - "description": "Proxy defines component configuration for Istio proxy sidecar", - "properties": { - "k8s": { - "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - } - }, - "type": "object" - }, - "config": { - "description": "Config is the configuration for the Istio installation.", - "properties": { - "authorizers": { - "description": "Defines a list of external authorization providers.", - "items": { - "properties": { - "headers": { - "description": "Specifies headers to be included, added or forwarded during authorization.", - "properties": { - "inCheck": { - "description": "Defines headers to be included or added in check authorization request.", - "properties": { - "add": { - "additionalProperties": { - "type": "string" - }, - "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", - "type": "object" - }, - "include": { - "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toDownstream": { - "description": "Defines headers to be forwarded to the downstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - }, - "onDeny": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toUpstream": { - "description": "Defines headers to be forwarded to the upstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "name": { - "description": "A unique name identifying the extension authorization provider.", - "type": "string" - }, - "port": { - "description": "Specifies the port of the service.", - "format": "int32", - "type": "integer" - }, - "service": { - "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", - "type": "string" - } - }, - "required": [ - "name", - "port", - "service" - ], - "type": "object" - }, - "type": "array" - }, - "gatewayExternalTrafficPolicy": { - "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", - "enum": [ - "Local", - "Cluster" - ], - "type": "string" - }, - "numTrustedProxies": { - "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", - "maximum": 4294967295, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "status": { - "description": "IstioStatus defines the observed state of IstioCR.", - "properties": { - "conditions": { - "description": " Conditions associated with IstioStatus.", - "items": { - "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", - "maxLength": 32768, - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "reason": { - "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "enum": [ - "True", - "False", - "Unknown" - ], - "type": "string" - }, - "type": { - "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", - "maxLength": 316, - "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "message", - "reason", - "status", - "type" - ], - "type": "object" - }, - "type": "array" - }, - "description": { - "description": "Description of Istio status", - "type": "string" - }, - "state": { - "description": "State signifies current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", - "enum": [ - "Processing", - "Deleting", - "Ready", - "Error", - "Warning" - ], - "type": "string" - } - }, - "required": [ - "state" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "served": true, - "storage": false, - "subresources": { - "status": {} - } - }, - { - "additionalPrinterColumns": [ - { - "jsonPath": ".status.state", - "name": "State", - "type": "string" - } - ], - "name": "v1alpha2", - "schema": { - "openAPIV3Schema": { - "description": "Contains Istio CR specification and current status.", - "properties": { - "apiVersion": { - "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - "type": "string" - }, - "kind": { - "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - "type": "string" - }, - "metadata": { - "type": "object" - }, - "spec": { - "description": "IstioSpec describes the desired specification for installing or updating Istio.", - "properties": { - "components": { - "properties": { - "cni": { - "description": "Cni defines component configuration for Istio CNI DaemonSet", - "properties": { - "k8s": { - "description": "CniK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "affinity": { - "description": "Affinity is a group of affinity scheduling rules.", - "properties": { - "nodeAffinity": { - "description": "Describes node affinity scheduling rules for the pod.", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).", - "properties": { - "preference": { - "description": "A node selector term, associated with the corresponding weight.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "weight": { - "description": "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "preference", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node.", - "properties": { - "nodeSelectorTerms": { - "description": "Required. A list of node selector terms. The terms are ORed.", - "items": { - "description": "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm.", - "properties": { - "matchExpressions": { - "description": "A list of node selector requirements by node's labels.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchFields": { - "description": "A list of node selector requirements by node's fields.", - "items": { - "description": "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values.", - "properties": { - "key": { - "description": "The label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.", - "type": "string" - }, - "values": { - "description": "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "type": "array" - } - }, - "required": [ - "nodeSelectorTerms" - ], - "type": "object", - "x-kubernetes-map-type": "atomic" - } - }, - "type": "object" - }, - "podAffinity": { - "description": "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - }, - "podAntiAffinity": { - "description": "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).", - "properties": { - "preferredDuringSchedulingIgnoredDuringExecution": { - "description": "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred.", - "items": { - "description": "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)", - "properties": { - "podAffinityTerm": { - "description": "Required. A pod affinity term, associated with the corresponding weight.", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "weight": { - "description": "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100.", - "format": "int32", - "type": "integer" - } - }, - "required": [ - "podAffinityTerm", - "weight" - ], - "type": "object" - }, - "type": "array" - }, - "requiredDuringSchedulingIgnoredDuringExecution": { - "description": "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied.", - "items": { - "description": "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running", - "properties": { - "labelSelector": { - "description": "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "matchLabelKeys": { - "description": "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "mismatchLabelKeys": { - "description": "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.", - "items": { - "type": "string" - }, - "type": "array", - "x-kubernetes-list-type": "atomic" - }, - "namespaceSelector": { - "description": "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces.", - "properties": { - "matchExpressions": { - "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", - "items": { - "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", - "properties": { - "key": { - "description": "key is the label key that the selector applies to.", - "type": "string" - }, - "operator": { - "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", - "type": "string" - }, - "values": { - "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "required": [ - "key", - "operator" - ], - "type": "object" - }, - "type": "array" - }, - "matchLabels": { - "additionalProperties": { - "type": "string" - }, - "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", - "type": "object" - } - }, - "type": "object", - "x-kubernetes-map-type": "atomic" - }, - "namespaces": { - "description": "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\".", - "items": { - "type": "string" - }, - "type": "array" - }, - "topologyKey": { - "description": "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed.", - "type": "string" - } - }, - "required": [ - "topologyKey" - ], - "type": "object" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "ingressGateway": { - "description": "IngressGateway defines component configurations for Istio Ingress Gateway", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "pilot": { - "description": "Pilot defines component configuration for Istiod", - "properties": { - "k8s": { - "description": "KubernetesResourcesConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "hpaSpec": { - "description": "HPASpec defines configuration for HorizontalPodAutoscaler", - "properties": { - "maxReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - }, - "minReplicas": { - "format": "int32", - "maximum": 2147483647, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "strategy": { - "description": "Strategy defines rolling update strategy", - "properties": { - "rollingUpdate": { - "description": "RollingUpdate defines configuration for rolling updates: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#rolling-update-deployment", - "properties": { - "maxSurge": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^[0-9]+%?$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - }, - "maxUnavailable": { - "anyOf": [ - { - "type": "integer" - }, - { - "type": "string" - } - ], - "pattern": "^((100|[0-9]{1,2})%|[0-9]+)$", - "x-kubernetes-int-or-string": true, - "x-kubernetes-validations": [ - { - "message": "must not be negative, more than 2147483647 or an empty string", - "rule": "(type(self) == int ? self >= 0 && self <= 2147483647: self.size() >= 0)" - } - ] - } - }, - "type": "object" - } - }, - "required": [ - "rollingUpdate" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - }, - "proxy": { - "description": "Proxy defines component configuration for Istio proxy sidecar", - "properties": { - "k8s": { - "description": "ProxyK8sConfig is a subset of https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/#KubernetesResourcesSpec", - "properties": { - "resources": { - "description": "Resources define Kubernetes resources configuration: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", - "properties": { - "limits": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - }, - "requests": { - "properties": { - "cpu": { - "pattern": "^([0-9]+m?|[0-9]\\.[0-9]{1,3})$", - "type": "string" - }, - "memory": { - "pattern": "^[0-9]+(((\\.[0-9]+)?(E|P|T|G|M|k|Ei|Pi|Ti|Gi|Mi|Ki|m)?)|(e[0-9]+))$", - "type": "string" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "required": [ - "k8s" - ], - "type": "object" - } - }, - "type": "object" - }, - "config": { - "description": "Config is the configuration for the Istio installation.", - "properties": { - "authorizers": { - "description": "Defines a list of external authorization providers.", - "items": { - "properties": { - "headers": { - "description": "Specifies headers to be included, added or forwarded during authorization.", - "properties": { - "inCheck": { - "description": "Defines headers to be included or added in check authorization request.", - "properties": { - "add": { - "additionalProperties": { - "type": "string" - }, - "description": "Set of additional fixed headers that should be included in the authorization request sent to the authorization service.\nThe Key is the header name and value is the header value.\nNote that client request of the same key or headers specified in `Include` will be overridden.", - "type": "object" - }, - "include": { - "description": "List of client request headers that should be included in the authorization request sent to the authorization service.\nNote that in addition to the headers specified here, the following headers are included by default:\n1. *Host*, *Method*, *Path* and *Content-Length* are automatically sent.\n2. *Content-Length* will be set to 0, and the request will not have a message body. However, the authorization request can include the buffered client request body (controlled by include_request_body_in_check setting), consequently the value of Content-Length of the authorization request reflects the size of its payload size.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toDownstream": { - "description": "Defines headers to be forwarded to the downstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original response will not be modified and forwarded to downstream as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - }, - "onDeny": { - "description": "List of headers from the authorization service that should be forwarded to downstream when the authorization check result is not allowed (HTTP code other than 200).\nIf not specified, all the authorization response headers, except *Authority (Host)* will be in the response to the downstream.\nWhen a header is included in this list, *Path*, *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.\nNote, the body from the authorization service is always included in the response to downstream.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - }, - "toUpstream": { - "description": "Defines headers to be forwarded to the upstream.", - "properties": { - "onAllow": { - "description": "List of headers from the authorization service that should be added or overridden in the original request and forwarded to the upstream when the authorization check result is allowed (HTTP code 200).\nIf not specified, the original request will not be modified and forwarded to backend as-is.\nNote, any existing headers will be overridden.", - "items": { - "type": "string" - }, - "type": "array" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "name": { - "description": "A unique name identifying the extension authorization provider.", - "type": "string" - }, - "port": { - "description": "Specifies the port of the service.", - "format": "int32", - "type": "integer" - }, - "service": { - "description": "Specifies the service that implements the Envoy ext_authz HTTP authorization service.\nThe format is \"[/]\".\nThe specification of \"\"\nis required only when it is insufficient to unambiguously resolve a service in the service registry.\nThe \"\" is a fully qualified host name of a service defined by the Kubernetes service or ServiceEntry.\nThe recommended format is \"[/]\"\nExample: \"my-ext-authz.foo.svc.cluster.local\" or \"bar/my-ext-authz\".", - "type": "string" - } - }, - "required": [ - "name", - "port", - "service" - ], - "type": "object" - }, - "type": "array" - }, - "gatewayExternalTrafficPolicy": { - "description": "Defines the external traffic policy for the Istio Ingress Gateway Service. Valid configurations are \"Local\" or \"Cluster\". The external traffic policy set to \"Local\" preserves the client IP in the request, but also introduces the risk of unbalanced traffic distribution.\nWARNING: Switching `externalTrafficPolicy` may result in a temporal increase in request delay. Make sure that this is acceptable.", - "enum": [ - "Local", - "Cluster" - ], - "type": "string" - }, - "numTrustedProxies": { - "description": "Defines the number of trusted proxies deployed in front of the Istio gateway proxy.", - "maximum": 4294967295, - "minimum": 0, - "type": "integer" - } - }, - "type": "object" - }, - "experimental": { - "properties": { - "pilot": { - "properties": { - "enableAlphaGatewayAPI": { - "type": "boolean" - }, - "enableMultiNetworkDiscoverGatewayAPI": { - "type": "boolean" - } - }, - "type": "object" - } - }, - "type": "object" - } - }, - "type": "object" - }, - "status": { - "description": "IstioStatus defines the observed state of IstioCR.", - "properties": { - "conditions": { - "description": " Conditions associated with IstioStatus.", - "items": { - "description": "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}", - "properties": { - "lastTransitionTime": { - "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", - "format": "date-time", - "type": "string" - }, - "message": { - "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", - "maxLength": 32768, - "type": "string" - }, - "observedGeneration": { - "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", - "format": "int64", - "minimum": 0, - "type": "integer" - }, - "reason": { - "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", - "maxLength": 1024, - "minLength": 1, - "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", - "type": "string" - }, - "status": { - "description": "status of the condition, one of True, False, Unknown.", - "enum": [ - "True", - "False", - "Unknown" - ], - "type": "string" - }, - "type": { - "description": "type of condition in CamelCase or in foo.example.com/CamelCase.\n---\nMany .condition.type values are consistent across resources like Available, but because arbitrary conditions can be\nuseful (see .node.status.conditions), the ability to deconflict is important.\nThe regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)", - "maxLength": 316, - "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", - "type": "string" - } - }, - "required": [ - "lastTransitionTime", - "message", - "reason", - "status", - "type" - ], - "type": "object" - }, - "type": "array" - }, - "description": { - "description": "Description of Istio status", - "type": "string" - }, - "state": { - "description": "State signifies the current state of CustomObject. Value\ncan be one of (\"Ready\", \"Processing\", \"Error\", \"Deleting\", \"Warning\").", - "enum": [ - "Processing", - "Deleting", - "Ready", - "Error", - "Warning" - ], - "type": "string" - } - }, - "required": [ - "state" - ], - "type": "object" - } - }, - "type": "object" - } - }, - "served": true, - "storage": true, - "subresources": { - "status": {} - } - } - ] - } - }, - { - "apiVersion": "v1", - "kind": "ServiceAccount", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "Role", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-leader-election-role", - "namespace": "kyma-system" - }, - "rules": [ - { - "apiGroups": [ - "" - ], - "resources": [ - "configmaps" - ], - "verbs": [ - "get", - "list", - "watch", - "create", - "update", - "patch", - "delete" - ] - }, - { - "apiGroups": [ - "coordination.k8s.io" - ], - "resources": [ - "leases" - ], - "verbs": [ - "get", - "list", - "watch", - "create", - "update", - "patch", - "delete" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "events" - ], - "verbs": [ - "create", - "patch" - ] - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "ClusterRole", - "metadata": { - "creationTimestamp": null, - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-manager-role" - }, - "rules": [ - { - "apiGroups": [ - "" - ], - "resources": [ - "namespaces" - ], - "verbs": [ - "create", - "get", - "patch", - "update" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "nodes" - ], - "verbs": [ - "get", - "list", - "watch" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios" - ], - "verbs": [ - "create", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios/finalizers" - ], - "verbs": [ - "update" - ] - }, - { - "apiGroups": [ - "operator.kyma-project.io" - ], - "resources": [ - "istios/status" - ], - "verbs": [ - "get", - "patch", - "update" - ] - }, - { - "apiGroups": [ - "authentication.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "config.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "install.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "networking.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "security.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "telemetry.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "extensions.istio.io" - ], - "resources": [ - "*" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "admissionregistration.k8s.io" - ], - "resources": [ - "mutatingwebhookconfigurations", - "validatingwebhookconfigurations" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "apiextensions.k8s.io" - ], - "resources": [ - "customresourcedefinitions.apiextensions.k8s.io", - "customresourcedefinitions" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "apps", - "extensions" - ], - "resources": [ - "daemonsets", - "deployments", - "deployments/finalizers", - "replicasets", - "statefulsets" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "autoscaling" - ], - "resources": [ - "horizontalpodautoscalers" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "monitoring.coreos.com" - ], - "resources": [ - "servicemonitors" - ], - "verbs": [ - "get", - "create", - "update" - ] - }, - { - "apiGroups": [ - "policy" - ], - "resources": [ - "poddisruptionbudgets" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "rbac.authorization.k8s.io" - ], - "resources": [ - "clusterrolebindings", - "roles", - "rolebindings" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - }, - { - "apiGroups": [ - "rbac.authorization.k8s.io" - ], - "resources": [ - "clusterroles" - ], - "verbs": [ - "*" - ] - }, - { - "apiGroups": [ - "coordination.k8s.io" - ], - "resources": [ - "leases" - ], - "verbs": [ - "get", - "create", - "update", - "patch" - ] - }, - { - "apiGroups": [ - "" - ], - "resources": [ - "configmaps", - "endpoints", - "events", - "namespaces", - "pods", - "pods/proxy", - "pods/portforward", - "persistentvolumeclaims", - "secrets", - "services", - "serviceaccounts", - "resourcequotas" - ], - "verbs": [ - "create", - "deletecollection", - "delete", - "get", - "list", - "patch", - "update", - "watch" - ] - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "RoleBinding", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-leader-election-rolebinding", - "namespace": "kyma-system" - }, - "roleRef": { - "apiGroup": "rbac.authorization.k8s.io", - "kind": "Role", - "name": "istio-leader-election-role" - }, - "subjects": [ - { - "kind": "ServiceAccount", - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - ] - }, - { - "apiVersion": "rbac.authorization.k8s.io/v1", - "kind": "ClusterRoleBinding", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-manager-rolebinding" - }, - "roleRef": { - "apiGroup": "rbac.authorization.k8s.io", - "kind": "ClusterRole", - "name": "istio-manager-role" - }, - "subjects": [ - { - "kind": "ServiceAccount", - "name": "istio-controller-manager", - "namespace": "kyma-system" - } - ] - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.selector.matchLabels)", - "details": "header:\n - source: spec.action\n name: spec.action\n - source: spec.provider\n widget: Labels\n name: spec.provider\nresourceGraph:\n colorVariant: 3\n dataSources:\n - source: podSelector\nbody:\n - widget: Table\n name: spec.rules\n source: spec.rules\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"Rule #\" & $string($index + 1) & (\" \" & $join($keys($item), \" \"))'\n collapsible:\n - source: $item.from\n widget: Table\n name: spec.rules.from\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"From #\" & $string($index + 1) & (\" \" & $join($keys($item.source), \" \"))'\n collapsible:\n - source: source\n widget: Panel\n name: spec.rules.from.source\n children:\n - source: principals\n name: spec.rules.from.source.principals\n widget: JoinedArray\n visibility: $exists($value)\n - source: notPrincipals\n name: spec.rules.from.source.notPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: requestPrincipals\n name: spec.rules.from.source.requestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: notRequestPrincipals\n name: spec.rules.from.source.notRequestPrincipals\n widget: Labels\n visibility: $exists($value)\n - source: namespaces\n name: spec.rules.from.source.namespaces\n widget: Labels\n visibility: $exists($value)\n - source: notNamespaces\n name: spec.rules.from.source.notNamespaces\n widget: Labels\n visibility: $exists($value)\n - source: ipBlocks\n name: spec.rules.from.source.ipBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notIpBlocks\n name: spec.rules.from.source.notIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: remoteIpBlocks\n name: spec.rules.from.source.remoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: notRemoteIpBlocks\n name: spec.rules.from.source.notRemoteIpBlocks\n widget: Labels\n visibility: $exists($value)\n - source: $item.to\n widget: Table\n name: spec.rules.to\n disablePadding: true\n showHeader: false\n visibility: $exists($value)\n collapsibleTitle: '\"To #\" & $string($index + 1) & (\" \" & $join($keys($item.operation), \" \"))'\n collapsible:\n - source: operation\n widget: Panel\n name: spec.rules.to.operation\n children:\n - source: Hosts\n name: spec.rules.to.operation.hosts\n widget: Labels\n visibility: $exists($value)\n - source: notHosts\n name: spec.rules.to.operation.notHosts\n widget: Labels\n visibility: $exists($value)\n - source: ports\n name: spec.rules.to.operation.ports\n widget: Labels\n visibility: $exists($value)\n - source: notPorts\n name: spec.rules.to.operation.notPorts\n widget: Labels\n visibility: $exists($value)\n - source: methods\n name: spec.rules.to.operation.methods\n widget: Labels\n visibility: $exists($value)\n - source: notMethods\n name: spec.rules.to.operation.notMethods\n widget: Labels\n visibility: $exists($value)\n - source: paths\n name: spec.rules.to.operation.paths\n widget: Labels\n visibility: $exists($value)\n - source: notPaths\n name: spec.rules.to.operation.notPaths\n widget: Labels\n visibility: $exists($value)\n - source: when\n widget: Table\n name: spec.rules.when\n visibility: $exists($value)\n children:\n - source: key\n name: spec.rules.when.key\n visibility: $exists($value)\n - source: values\n name: spec.rules.when.values\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - source: notValues\n name: spec.rules.when.notValues\n widget: JoinedArray\n separator: break\n visibility: $exists($value)\n - widget: Panel\n name: spec.selector.matchLabels\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector.matchLabels) and $boolean($root.spec.selector.matchLabels)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector.matchLabels\n widget: Labels\n name: spec.selector.matchLabels\n visibility: $exists($value) and $boolean($value)\n", - "form": "- path: spec.selector.matchLabels\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.action\n placeholder: placeholders.dropdown\n simple: true\n description: description.action\n- path: spec.provider\n widget: FormGroup\n children:\n - path: name\n- path: spec.rules\n widget: GenericList\n simple: true\n children:\n - path: '[].from'\n simple: true\n widget: GenericList\n children:\n - path: '[].source'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: principals\n simple: true\n widget: SimpleList\n description: description.rules.from.principals\n children:\n - path: '[]'\n simple: true\n - path: notPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notPrincipals\n children:\n - path: '[]'\n simple: true\n - path: requestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.requestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: notRequestPrincipals\n simple: true\n widget: SimpleList\n description: description.rules.from.notRequestPrincipals\n children:\n - path: '[]'\n simple: true\n - path: namespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.namespaces\n children:\n - path: '[]'\n simple: true\n - path: notNamespaces\n simple: true\n widget: SimpleList\n description: description.rules.from.notNamespaces\n children:\n - path: '[]'\n simple: true\n - path: ipBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.ipBlocks\n children:\n - path: '[]'\n simple: true\n - path: notIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: remoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.remoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: notRemoteIpBlocks\n simple: true\n widget: SimpleList\n description: description.rules.from.notRemoteIpBlocks\n children:\n - path: '[]'\n simple: true\n - path: '[].to'\n simple: true\n widget: GenericList\n children:\n - path: '[].operation'\n simple: true\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: hosts\n simple: true\n widget: SimpleList\n description: description.rules.to.hosts\n children:\n - path: '[]'\n simple: true\n - path: notHosts\n simple: true\n widget: SimpleList\n description: description.rules.to.notHosts\n children:\n - path: '[]'\n simple: true\n - path: ports\n simple: true\n widget: SimpleList\n description: description.rules.to.ports\n children:\n - path: '[]'\n simple: true\n - path: notPorts\n simple: true\n widget: SimpleList\n description: description.rules.to.notPorts\n children:\n - path: '[]'\n simple: true\n - path: methods\n simple: true\n widget: SimpleList\n description: description.rules.to.methods\n children:\n - path: '[]'\n simple: true\n - path: notMethods\n simple: true\n widget: SimpleList\n description: description.rules.to.notMethods\n children:\n - path: '[]'\n simple: true\n - path: paths\n simple: true\n widget: SimpleList\n description: description.rules.to.paths\n children:\n - path: '[]'\n simple: true\n - path: notPaths\n simple: true\n widget: SimpleList\n description: description.rules.to.notPaths\n children:\n - path: '[]'\n simple: true\n - path: '[].when'\n simple: true\n widget: GenericList\n children:\n - path: '[].key'\n simple: true\n widget: Text\n description: description.rules.when.key\n - path: '[].values'\n simple: true\n widget: SimpleList\n description: description.rules.when.values\n children:\n - path: '[]'\n simple: true\n - path: '[].notValues'\n simple: true\n widget: SimpleList\n description: description.rules.when.notValues\n children:\n - path: '[]'\n simple: true\n", - "general": "resource:\n kind: AuthorizationPolicy\n group: security.istio.io\n version: v1beta1\nname: Authorization Policies\ncategory: Istio\nurlPath: authorizationpolicies\nscope: namespace\ndescription: >-\n {{[Istio Authorization\n Policy](https://istio.io/latest/docs/reference/config/security/authorization-policy/)}}\n allows for workload access management in the mesh.", - "list": "- name: action\n source: spec.action", - "translations": "en:\n description.action: Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified.\n description.rules.from.principals: Optional. A list of peer identities derived from the peer certificate. The peer identity is in the format of ' /ns/ /sa/ ', for example, 'cluster.local/ns/default/sa/productpage'. If not set, any principal is allowed.\n description.rules.from.notPrincipals: Optional. A list of negative match of peer identities.\n description.rules.from.requestPrincipals: Optional. A list of request identities derived from the JWT. The request identity is in the format of '/', for example, 'example.com/sub-1'. If not set, any request principal is allowed.\n description.rules.from.notRequestPrincipals: Optional. A list of negative match of request identities.\n description.rules.from.namespaces: Optional. A list of namespaces derived from the peer certificate. If not set, any namespace is allowed.\n description.rules.from.notNamespaces: Optional. A list of negative match of namespaces.\n description.rules.from.ipBlocks: Optional. A list of IP blocks, populated from the source address of the IP packet. Single IP (e.g. '1.2.3.4') and CIDR (e.g. '1.2.3.0/24') are supported. If not set, any IP is allowed.\n description.rules.from.notIpBlocks: Optional. A list of negative match of IP blocks.\n description.rules.from.remoteIpBlocks: Optional. A list of IP blocks, populated from X-Forwarded-For header or proxy protocol. To make use of this field, you must configure the numTrustedProxies field of the gatewayTopology under the meshConfig when you install Istio or using an annotation on the ingress gateway. If not set, any IP is allowed.\n description.rules.from.notRemoteIpBlocks: Optional. A list of negative match of remote IP blocks.\n description.rules.to.hosts: Optional. A list of hosts as specified in the HTTP request. The match is case-insensitive. If not set, any host is allowed. Must be used only with HTTP.\n description.rules.to.notHosts: Optional. A list of negative match of hosts as specified in the HTTP request. The match is case-insensitive.\n description.rules.to.ports: Optional. A list of ports as specified in the connection. If not set, any port is allowed.\n description.rules.to.notPorts: Optional. A list of negative match of ports as specified in the connection.\n description.rules.to.methods: Optional. A list of methods as specified in the HTTP request. If not set, any method is allowed. Must be used only with HTTP.\n description.rules.to.notMethods: Optional. A list of negative match of methods as specified in the HTTP request.\n description.rules.to.paths: Optional. A list of paths as specified in the HTTP request. If not set, any path is allowed. Must be used only with HTTP.\n description.rules.to.notPaths: Optional. A list of negative match of paths.\n description.rules.when.key: The name of an Istio attribute.\n description.rules.when.values: Optional. A list of allowed values for the attribute. At least one of values or notValues must be set.\n description.rules.when.notValues: Optional. A list of negative match of values for the attribute. At least one of values or notValues must be set.\n placeholders.dropdown: Type or choose an option.\n spec.action: Action\n spec.provider: Provider\n spec.rules: Rules\n spec.rules.from: From\n spec.rules.from.source: Source\n spec.rules.from.source.principals: Principals\n spec.rules.from.source.notPrincipals: NotPrincipals\n spec.rules.from.source.requestPrincipals: RequestPrincipals\n spec.rules.from.source.notRequestPrincipals: NotRequestPrincipals\n spec.rules.from.source.namespaces: Namespaces\n spec.rules.from.source.notNamespaces: NotNamespaces\n spec.rules.from.source.ipBlocks: IpBlocks\n spec.rules.from.source.notIpBlocks: NotIpBlocks\n spec.rules.from.source.remoteIpBlocks: RemoteIpBlocks\n spec.rules.from.source.notRemoteIpBlocks: NotRemoteIpBlocks\n spec.rules.to: To\n spec.rules.to.operation: Operation\n spec.rules.to.operation.hosts: Hosts\n spec.rules.to.operation.notHosts: NotHosts\n spec.rules.to.operation.ports: Ports\n spec.rules.to.operation.notPorts: NotPorts\n spec.rules.to.operation.methods: Methods\n spec.rules.to.operation.notMethods: NotMethods\n spec.rules.to.operation.paths: Paths\n spec.rules.to.operation.notPaths: NotPaths\n spec.rules.when: When\n spec.rules.when.key: Key\n spec.rules.when.values: Values\n spec.rules.when.notValues: NotValues\n spec.selector.matchLabels: Selector\n selector.matchesAllPods: Matches all Pods in the Namespace\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-authorizationpolicies-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "header: []\nbody:\n - name: References\n widget: Panel\n children:\n - source: spec.host\n name: Host\n - source: spec.exportTo\n widget: Labels\n name: Export To\n visibility: $exists($value)\n - source: spec.workloadSelector.matchLabels\n widget: Labels\n name: Workload Selector Match Labels\n visibility: $exists($value)\n - source: spec.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: spec.subsets\n name: Subsets\n widget: Table\n disablePadding: true\n visibility: $exists($value)\n children:\n - source: $item.name\n name: Name\n - source: $item.labels\n name: Labels\n widget: Labels\n collapsible:\n - source: $item.trafficPolicy\n name: Traffic Policy\n disablePadding: true\n visibility: $exists($value)\n widget: Panel\n children:\n - source: loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: portLevelSettings\n name: portLevelSettings\n widget: Table\n disablePadding: true\n children:\n - source: $item.port.number\n name: port\n visibility: $exists($value)\n collapsible:\n - source: $item.loadBalancer\n name: Load Balancer\n visibility: $exists($value)\n widget: Panel\n children:\n - source: simple\n name: Simple\n visibility: $exists($value)\n widget: Badge\n - source: warmupDurationSecs\n name: Warmup Duration Secs\n visibility: $exists($value)\n - source: consistentHash\n name: Consistent Hash\n visibility: $exists($value)\n widget: Panel\n children:\n - source: httpHeaderName\n name: HTTP Header Name\n visibility: $exists($value)\n - source: useSourceIp\n name: Use Source IP\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: httpQueryParameterName\n name: HTTP Query Parameter Name\n visibility: $exists($value)\n - source: minimumRingSize\n name: Minimum Ring Size\n visibility: $exists($value)\n - source: httpCookie\n name: HTTP Cookie\n visibility: $exists($value)\n widget: Panel\n children:\n - source: name\n name: Name\n - source: path\n name: Path\n - source: ttl\n name: TTL\n - source: localityLbSetting\n name: Locality LB Settings\n visibility: $exists($value)\n widget: Panel\n children:\n - name: Enabled\n source: enabled\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - widget: Table\n disablePadding: true\n name: Distribute\n visibility: $exists($value)\n source: distribute\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n widget: Labels\n - widget: Table\n disablePadding: true\n name: Failover\n visibility: $exists($value)\n source: failover\n children:\n - source: $item.from\n name: From\n - source: $item.to\n name: To\n - name: Failover Priority\n source: failoverPriority\n widget: JoinedArray\n visibility: $exists($value)\n - source: $item.connectionPool\n name: Connection Pool\n visibility: $exists($value)\n widget: Panel\n children:\n - source: tcp\n name: TCP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: maxConnections\n name: Max Connections\n visibility: $exists($value)\n - source: connectTimeout\n name: Connect Timeout\n visibility: $exists($value)\n - source: tcpKeepalive\n name: TCP Keep Alive\n visibility: $exists($value)\n widget: Panel\n children:\n - source: probes\n name: Probes\n - source: time\n name: Time\n - source: interval\n name: Interval\n - source: http\n name: HTTP\n visibility: $exists($value)\n widget: Panel\n children:\n - source: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n visibility: $exists($value)\n - source: http2MaxRequests\n name: HTTP2 Max Requests\n visibility: $exists($value)\n - source: maxRequestsPerConnection\n name: Max Requests Per Connection\n visibility: $exists($value)\n - source: maxRetries\n name: Max Retries\n visibility: $exists($value)\n - source: idleTimeout\n name: Idle Timeout\n visibility: $exists($value)\n - source: h2UpgradePolicy\n name: H2 Upgrade Policy\n visibility: $exists($value)\n widget: Badge\n - source: useClientProtocol\n name: Use Client Protocol\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: $item.outlierDetection\n name: outlierDetection\n visibility: $exists($value)\n widget: Panel\n children:\n - source: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n visibility: $exists($value)\n widget: Badge\n highlights:\n positive:\n - 'true'\n negative:\n - 'false'\n - source: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n visibility: $exists($value)\n - source: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n visibility: $exists($value)\n type: number\n - source: consecutive5xxErrors\n name: Consecutive 5xx Errors\n visibility: $exists($value)\n - source: interval\n name: Interval\n visibility: $exists($value)\n - source: baseEjectionTime\n name: Base Ejection Time\n visibility: $exists($value)\n - source: maxEjectionPercent\n name: Max Ejection Percent\n visibility: $exists($value)\n - source: minHealthPercent\n name: Min Health Percent\n visibility: $exists($value)\n - source: $item.tls\n name: TLS\n visibility: $exists($value)\n widget: Panel\n children:\n - source: mode\n name: Mode\n visibility: $exists($value)\n widget: Badge\n - source: clientCertificate\n name: Client Certificate\n visibility: $exists($value)\n - source: privateKey\n name: Private Key\n visibility: $exists($value)\n type: number\n - source: caCertificates\n name: CA Certificates\n visibility: $exists($value)\n - source: credentialName\n name: Credential Name\n visibility: $exists($value)\n - source: subjectAltNames\n name: Subject Alt Names\n visibility: $exists($value)\n widget: Labels\n - source: sni\n name: SNI\n visibility: $exists($value)\n - source: insecureSkipVerify\n name: Insecure Skip Verify\n visibility: $exists($value)\n widget: Badge\n - source: $item.tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n - source: tunnel\n name: Tunnel\n visibility: $exists($value)\n widget: Panel\n children:\n - source: protocol\n name: Protocol\n visibility: $exists($value)\n widget: Badge\n - source: targetHost\n name: Target Host\n visibility: $exists($value)\n - source: targetPort\n name: Target Port\n visibility: $exists($value)\n", - "form": "- simple: true\n path: spec.host\n name: Host\n required: true\n- widget: FormGroup\n path: spec.trafficPolicy\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: mainloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $mainloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $mainloadBalancerSelector = 'consistentHash'\n children:\n - var: mainconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $mainconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $mainconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $mainconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $mainconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: mainLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $mainLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $mainLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $mainLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: portLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $portLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $portLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: portLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $portLevelconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $portLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $portLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $portLevelconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: portLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $portLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $portLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $portLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.subsets\n name: Subsets\n widget: GenericList\n children:\n - path: '[].name'\n name: Name\n - path: '[].labels'\n name: Labels\n widget: KeyValuePair\n - path: '[].trafficPolicy'\n name: Traffic Policy\n children:\n - widget: FormGroup\n path: loadBalancer\n name: Load Balancer\n children:\n - var: subsetsloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetsloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetsloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetsconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: $subsetsconsistentHashSelector = 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetsconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetsconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: $subsetsconsistentHashSelector= 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetsLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetsLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetsLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetsLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: connectionPool\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: outlierDetection\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: tls\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: portLevelSettings\n name: Port Level Settings\n widget: GenericList\n children:\n - path: '[].port.number'\n name: Port Number\n - widget: FormGroup\n path: '[].loadBalancer'\n name: Load Balancer\n children:\n - var: subsetPortLevelloadBalancerSelector\n name: ChooseLoadBalancerSelector\n type: string\n enum:\n - simple\n - consistentHash\n - path: simple\n name: Simple\n required: true\n visibility: $subsetPortLevelloadBalancerSelector = 'simple'\n - widget: FormGroup\n path: consistentHash\n name: Consistent Hash\n visibility: $subsetPortLevelloadBalancerSelector = 'consistentHash'\n children:\n - var: subsetPortLevelconsistentHashSelector\n name: ChooseConsistentHashSelector\n type: string\n enum:\n - httpHeaderName\n - httpCookie\n - useSourceIp\n - httpQueryParameterName\n - path: httpHeaderName\n name: HTTP Header Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector =\n 'httpHeaderName'\n - path: httpCookie\n name: HTTP Cookie\n widget: FormGroup\n visibility: $subsetPortLevelconsistentHashSelector = 'httpCookie'\n children:\n - path: name\n name: Name\n required: true\n - path: path\n name: Path\n - path: ttl\n name: TTL\n required: true\n - path: useSourceIp\n name: Use Source IP\n required: true\n visibility: $subsetPortLevelconsistentHashSelector = 'useSourceIp'\n - path: httpQueryParameterName\n name: HTTP Query Parameter Name\n required: true\n visibility: >-\n $subsetPortLevelconsistentHashSelector=\n 'httpQueryParameterName'\n - path: minimumRingSize\n name: Minimum Ring Size\n - path: localityLbSetting\n name: Locality LB Settings\n widget: FormGroup\n children:\n - path: enabled\n name: Enabled\n type: boolean\n - var: subsetPortLevelLbSelector\n name: ChooseLbSelector\n type: string\n enum:\n - distribute\n - failover\n - path: distribute\n name: Distribute\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'distribute'\n - path: distribute[].from\n name: From\n - path: distribute[].to\n name: To\n widget: KeyValuePair\n value:\n type: number\n - path: failover\n name: Failover\n widget: GenericList\n visibility: $subsetPortLevelLbSelector = 'failover'\n - path: failover[].from\n name: From\n - path: failover[].to\n name: To\n - path: failoverPriority\n name: Failover Priority\n visibility: $subsetPortLevelLbSelector = 'failover'\n widget: SimpleList\n children:\n - path: '[]'\n - path: warmupDurationSecs\n name: Warmup Duration Secs\n - path: '[].connectionPool'\n name: Connection Pool\n widget: FormGroup\n children:\n - path: tcp\n name: TCP\n widget: FormGroup\n children:\n - path: maxConnections\n name: Max Connections\n - path: connectTimeout\n name: Connect Timeout\n - path: tcpKeepalive\n name: TCP Keep Alive\n widget: FormGroup\n children:\n - path: probes\n name: Probes\n - path: time\n name: Time\n - path: interval\n name: Interval\n - path: http\n name: HTTP\n widget: FormGroup\n children:\n - path: http1MaxPendingRequests\n name: HTTP1 Max Pending Requests\n - path: http2MaxRequests\n name: HTTP2 Max Requests\n - path: maxRequestsPerConnection\n name: Max Requests Per Connection\n - path: maxRetries\n name: Max Retries\n - path: idleTimeout\n name: Idle Timeout\n - path: h2UpgradePolicy\n name: H2 Upgrade Policy\n - path: useClientProtocol\n name: Use Client Protocol\n - path: '[].outlierDetection'\n widget: FormGroup\n children:\n - path: splitExternalLocalOriginErrors\n name: Split External Local Origin Errors\n - path: consecutiveLocalOriginFailures\n name: Consecutive Local Origin Failures\n type: number\n - path: consecutiveGatewayErrors\n name: Consecutive Gateway Errors\n type: number\n - path: consecutive5xxErrors\n name: Consecutive 5xx Errors\n type: number\n - path: interval\n name: Interval\n - path: baseEjectionTime\n name: Base Ejection Time\n - path: maxEjectionPercent\n name: Max Ejection Percent\n - path: minHealthPercent\n name: Min Health Percent\n - path: '[].tls'\n name: TLS\n widget: FormGroup\n children:\n - path: mode\n name: Mode\n - path: clientCertificate\n name: Client Certificate\n - path: privateKey\n name: Private Key\n - path: caCertificates\n name: CA Certificates\n - path: credentialName\n name: Credential Name\n - path: subjectAltNames\n name: Subject Alt Names\n widget: SimpleList\n children:\n - path: '[]'\n - path: sni\n name: SNI\n - path: insecureSkipVerify\n name: Insecure Skip Verify\n - path: tunnel\n name: Tunnel\n widget: FormGroup\n children:\n - path: protocol\n name: Protocol\n - path: targetHost\n name: Target Host\n - path: targetPort\n name: Target Port\n- path: spec.exportTo\n name: Export To\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.workloadSelector.matchLabels\n defaultExpanded: true\n name: Workload Selector Match Labels\n widget: KeyValuePair\n", - "general": "resource:\n kind: DestinationRule\n group: networking.istio.io\n version: v1beta1\nname: Destination Rules\ncategory: Istio\nurlPath: destinationrules\nscope: namespace\ndescription: resource.description", - "list": "- source: spec.host\n name: Host", - "translations": "en:\n metadata.annotations: Annotations\n metadata.labels: Labels\n metadata.creationTimestamp: Created at\n resource.description: >-\n {{[Destination\n Rule](https://istio.io/latest/docs/reference/config/networking/destination-rule)}}\n specifies rules that apply to traffic intended for a service after routing.\n References: References\n probes: Probes\n Export To: Export To\n Workload Selector Match Labels: Workload Selector Match Labels\n Traffic Policy: Traffic Policy\n Interval: Interval\n Name: Name\n time: Time\n interval: Interval\n Host: Host\n Connection Pool: Connection Pool\n TCP Keep Alive: TCP Keep Alive\n Probes: Probes\n Time: Time\n TCP: TCP\n HTTP: HTTP\n HTTP1 Max Pending Requests: HTTP1 Max Pending Requests\n Max Connections: Max Connections\n Connect Timeout: Connect Timeout\n HTTP2 Max Requests: HTTP2 Max Requests\n Max Requests Per Connection: Max Requests Per Connection\n Max Retries: Max Retries\n Idle Timeout: Idle Timeout\n H2 Upgrade Policy: H2 Upgrade Policy\n Use Client Protocol: Use Client Protocol\n Locality LB Settings: Locality LB Settings\n Enabled: Enabled\n Distribute: Distribute\n From: From\n To: To\n Failover: Failover\n Failover Priority: Failover Priority\n HTTP Cookie: HTTP Cookie\n Path: Path\n TTL: TTL\n Consistent Hash: Consistent Hash\n HTTP Header Name: HTTP Header Name\n Use Source IP: Use Source IP\n HTTP Query Parameter Name: HTTP Query Parameter Name\n Minimum Ring Size: Minimum Ring Size\n Load Balancer: Load Balancer\n Simple: Simple\n Warmup Duration Secs: Warmup Duration Secs\n ChooseConsistentHashSelector: Select Hash Type\n ChooseLoadBalancerSelector: Select Balancer Type\n ChooseLbSelector: Select LB Settings\n Split External Local Origin Errors: Split External Local Origin Errors\n Consecutive Local Origin Failures: Consecutive Local Origin Failures\n Consecutive Gateway Errors: Consecutive Gateway Errors\n Consecutive 5xx Errors: Consecutive 5xx Errors\n Base Ejection Time: Base Ejection Time\n Max Ejection Percent: Max Ejection Percent\n Min Health Percent: Min Health Percent\n Port Level Settings: Port Level Settings\n Port Number: Port Number\n TLS: TLS\n Mode: Mode\n Client Certificate: Client Certificate\n Private Key: Private Key\n CA Certificates: CA Certificates\n Credential Name: Credential Name\n Subject Alt Names: Subject Alt Names\n SNI: SNI\n Insecure Skip Verify: Insecure Skip Verify\n Tunnel: Tunnel\n Protocol: Protocol\n Target Host: Target Host\n Target Port: Target Port\n Subsets: Subsets\n Labels: Labels\n consistentHash: Consistent Hash\n simple: Simple\n failover: Failover\n distribute: Distribute\n\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-destinationrules-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n namespace: null\n filter: $matchByLabelSelector($item, $root.spec.selector)\nrelatedVirtualServices:\n resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($item.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $root.metadata.namespace and $substringAfter($g,\n '/') = $root.metadata.name) : ($substringBefore($g, '.') =\n $root.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $root.metadata.namespace) })", - "details": "header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\nbody:\n - widget: Table\n source: spec.servers\n name: spec.servers\n children:\n - source: port.name\n name: spec.servers.port.name\n - widget: JoinedArray\n separator: break\n source: hosts\n name: spec.servers.hosts\n - source: port.number\n name: spec.servers.port.number\n - source: port.protocol\n name: spec.servers.port.protocol\n - source: tls.mode\n name: spec.servers.tls.mode\n - widget: ResourceLink\n source: tls.credentialName\n name: spec.servers.tls.credentialName\n resource:\n name: tls.credentialName\n namespace: '\"istio-system\"'\n kind: '\"Secret\"'\n - widget: Panel\n name: spec.selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n visibility: $exists($root.spec.selector) and $boolean($root.spec.selector)\n - source: spec.selector\n widget: Panel\n name: selector.matchesAllPods\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.selector\n widget: Labels\n name: spec.selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: relatedVirtualServices", - "form": "- path: spec.selector\n widget: KeyValuePair\n simple: true\n required: true\n defaultExpanded: true\n- path: spec.servers\n widget: GenericList\n simple: true\n required: true\n children:\n - widget: FormGroup\n simple: true\n path: '[].port'\n defaultExpanded: true\n children:\n - path: number\n simple: true\n required: true\n inputInfo: inputInfo.spec.servers.port.number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - GRPC-WEB\n - MONGO\n - REDIS\n - MYSQL\n - TCP\n required: true\n placeholder: placeholders.dropdown\n - widget: FormGroup\n simple: true\n path: '[].tls'\n visibility: $item.port.protocol = 'HTTP' or $item.port.protocol = 'HTTPS'\n children:\n - path: httpsRedirect\n simple: true\n visibility: $item.port.protocol = 'HTTP'\n - path: mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: placeholders.dropdown\n - path: credentialName\n simple: true\n widget: Resource\n resource:\n kind: Secret\n version: v1\n namespace: istio-system\n scope: namespace\n filter: >-\n $item.type = 'kubernetes.io/tls' or ($item.type = 'Opaque' and\n $contains($item.data, 'key') and $contains($item.data, 'cert'))\n visibility: $item.port.protocol = 'HTTPS'\n - path: serverCertificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.serverCertificate\n - path: privateKey\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.privateKey\n - path: caCertificates\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: placeholders.caCertificates\n - simple: true\n widget: Alert\n type: warning\n alert: '\"alert.tls.https\"'\n visibility: $item.port.protocol = 'HTTPS'\n - widget: SimpleList\n path: '[].hosts'\n required: true\n simple: true\n placeholder: placeholders.hosts\n children:\n - path: '[]'\n simple: true", - "general": "resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\nurlPath: gateways\ncategory: Istio\nname: Gateways\nscope: namespace\ndescription: >-\n {{[Gateways](https://istio.io/latest/docs/reference/config/networking/gateway/)}}\n describes a load balancer that operates at the edge of the mesh and receives\n incoming or outgoing HTTP/TCP connections.", - "list": "- name: spec.selector\n source: spec.selector\n widget: Labels", - "presets": "- name: Default Gateway\n default: true\n value:\n spec:\n selector:\n istio: ingressgateway\n- name: Ingress Gateway\n value:\n metadata:\n name: httpbin-gateway\n labels:\n app.kubernetes.io/name: httpbin-gateway\n spec:\n selector:\n istio: ingressgateway\n servers:\n - port:\n number: 443\n name: https\n protocol: HTTPS\n tls:\n mode: SIMPLE\n credentialName: ''\n hosts: []", - "translations": "en:\n alert.tls.https: TLS Server of mode SIMPLE or MUTUAL needs either credential name, or private key and server certificate pair.\n spec.selector: Selector\n spec.gateways: Gateways\n spec.servers: Servers\n spec.servers.port: Port\n spec.servers.port.name: Port Name\n spec.servers.port.protocol: Protocol\n spec.servers.port.targetPort: Target Port\n spec.servers.port.number: Port Number\n spec.servers.tls: TLS\n spec.servers.tls.mode: TLS Mode\n spec.servers.tls.httpsRedirect: HTTP Redirect\n spec.servers.tls.credentialName: Credential Name\n spec.servers.tls.serverCertificate: Server Certificate\n spec.servers.tls.privateKey: Private Key\n spec.servers.tls.caCertificates: CA Certificate\n spec.servers.hosts: Hosts\n selector.matchesAllPods: Matches all Pods in the Namespace\n placeholders.dropdown: Type or choose an option\n placeholders.serverCertificate: Enter the certificate path\n placeholders.privateKey: Enter the private key path\n placeholders.caCertificates: Enter the CA certificates path\n placeholders.hosts: For example, *.api.mydomain.com\n inputInfo.spec.servers.port.number: Must be a on-negative number." - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-gateways-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)\n", - "details": "header:\n - source: spec.location\n name: spec.location\n - source: spec.resolution\n name: spec.resolution\nresourceGraph:\n colorVariant: 2\n dataSources:\n - source: podSelector\nbody:\n - name: configuration\n widget: Panel\n source: spec\n visibility: >-\n $boolean($exists($value.hosts) or $exists($value.addresses) or\n $exists($value.subjectAltNames))\n children:\n - name: spec.hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.addresses\n source: addresses\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.exportTo\n source: exportTo\n widget: Labels\n placeholder: Exported to all Namespaces\n - name: spec.subjectAltNames\n source: subjectAltNames\n widget: JoinedArray\n visibility: $exists($value)\n - name: spec.ports\n widget: Table\n source: spec.ports\n visibility: $exists($value)\n children:\n - name: spec.ports.number\n source: number\n sort: true\n - name: spec.ports.protocol\n source: protocol\n sort: true\n - name: spec.ports.name\n source: name\n sort: true\n - name: spec.ports.targetPort\n source: targetPort\n sort: true\n - name: spec.endpoints\n widget: Table\n source: spec.endpoints\n visibility: $exists($value)\n children:\n - name: spec.endpoints.address\n source: address\n sort: true\n - name: spec.endpoints.ports\n source: ports\n widget: Labels\n - name: spec.endpoints.labels\n source: labels\n widget: Labels\n - name: spec.endpoints.network\n source: network\n sort: true\n - name: spec.endpoints.weight\n source: weight\n - name: spec.endpoints.serviceAccount\n source: serviceAccount\n - name: spec.workloadSelector\n widget: Panel\n source: spec.workloadSelector.labels\n visibility: $exists($value)\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n header:\n - widget: Labels\n source: spec.workloadSelector.labels\n visibility: $exists($value)", - "form": "- path: spec.hosts\n name: spec.hosts\n widget: SimpleList\n simple: true\n required: true\n children:\n - path: '[]'\n simple: true\n- path: spec.addresses\n name: spec.addresses\n widget: SimpleList\n placeholder: placeholders.addreses\n children:\n - path: '[]'\n- path: spec.ports\n name: Ports\n widget: GenericList\n children:\n - path: '[].number'\n name: spec.ports.number\n required: true\n - path: '[].protocol'\n name: spec.ports.protocol\n required: true\n placeholder: placeholders.dropdown\n enum:\n - HTTP\n - HTTPS\n - GRPC\n - HTTP2\n - MONGO\n - TCP\n - TLS\n - path: '[].name'\n name: spec.ports.name\n required: true\n - path: '[].targetPort'\n name: spec.ports.targetPort\n- path: spec.location\n name: spec.location\n placeholder: placeholders.dropdown\n- path: spec.resolution\n name: spec.resolution\n placeholder: placeholders.dropdown\n- path: spec.endpoints\n name: spec.endpoints\n widget: GenericList\n children:\n - path: '[].address'\n name: spec.endpoints.address\n - path: '[].ports'\n name: spec.endpoints.ports\n widget: KeyValuePair\n value:\n type: number\n - path: '[].labels'\n name: spec.endpoints.labels\n widget: KeyValuePair\n - path: '[].network'\n name: spec.endpoints.network\n - path: '[].locality'\n name: spec.endpoints.locality\n - path: '[].weight'\n name: spec.endpoints.weight\n - path: '[].serviceAccount'\n name: spec.endpoints.serviceAccount\n- path: spec.workloadSelector.labels\n name: spec.workloadSelector\n widget: KeyValuePair\n defaultExpanded: true\n- path: spec.exportTo\n name: spec.exportTo\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.subjectAltNames\n name: spec.subjectAltNames\n widget: SimpleList\n children:\n - path: '[]'", - "general": "resource:\n kind: ServiceEntry\n group: networking.istio.io\n version: v1beta1\nurlPath: serviceentries\ncategory: Istio\nname: Service Entries\nscope: namespace\ndescription: >-\n {{[ServiceEntry](https://istio.io/latest/docs/reference/config/networking/service-entry/)}}\n allows for adding more entries to the internal service registry of Istio.", - "list": "- source: spec.location\n name: spec.location\n sort: true\n- source: spec.resolution\n name: spec.resolution\n sort: true", - "translations": "en:\n configuration: Configuration\n spec.hosts: Hosts\n spec.addresses: Addresses\n spec.ports: Ports\n spec.ports.number: Number\n spec.ports.protocol: Protocol\n spec.ports.name: Name\n spec.ports.targetPort: Target Port\n spec.location: Location\n spec.resolution: Resolution\n spec.endpoints: Endpoints\n spec.endpoints.address: Address\n spec.endpoints.ports: Ports\n spec.endpoints.labels: Labels\n spec.endpoints.network: Network\n spec.endpoints.locality: Locality\n spec.endpoints.weight: Weight\n spec.endpoints.serviceAccount: Service Account\n spec.workloadSelector: Workload Selector\n spec.exportTo: Export To\n spec.subjectAltNames: Subject Alt Names\n placeholders.dropdown: Type or choose an option\n placeholders.addreses: For example, 127.0.0.1" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-serviceentries-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "podSelector:\n resource:\n kind: Pod\n version: v1\n filter: $matchByLabelSelector($item, $root.spec.workloadSelector.labels)", - "details": "header:\n - name: Outbound Traffic Policy Mode\n source: spec.outboundTrafficPolicy.mode\nbody:\n - widget: Table\n source: spec.egress\n name: Egress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: hosts\n name: Hosts\n widget: Labels\n - widget: Table\n source: spec.ingress\n name: Ingress\n visibility: $exists($value)\n children:\n - source: port\n name: Port\n widget: Panel\n visibility: $exists($value)\n children:\n - source: number\n name: Number\n - source: name\n name: Name\n - source: protocol\n name: Protocol\n - source: targetPoint\n name: Target Point\n - source: $parent.tls.mode\n name: TLS Mode\n - source: bind\n name: Bind\n - source: captureMode\n name: Capture Mode\n - source: defaultEndpoint\n name: Default Endpoint\n widget: Labels\n - widget: Panel\n name: Workload Selector\n disablePadding: true\n children:\n - source: $podSelector()\n widget: ResourceList\n disableCreate: true\n isCompact: true\n visibility: $exists($root.spec.workloadSelector.labels) and $boolean($root.spec.workloadSelector.labels)\n - source: spec.workloadSelector.labels\n widget: Panel\n name: Matches all Pods in the Namespace\n visibility: $not($exists($value)) or $not($boolean($value))\n header:\n - source: spec.workloadSelector.labels\n widget: Labels\n name: Workload Selector\n visibility: $exists($value) and $boolean($value)\nresourceGraph:\n depth: 1\n colorVariant: 1\n dataSources:\n - source: podSelector", - "form": "- path: spec.workloadSelector.labels\n name: Workload Selector\n widget: KeyValuePair\n- widget: FormGroup\n path: spec.egress[].port\n simple: true\n children:\n - path: number\n simple: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n placeholder: Type or choose an option\n- path: spec.egress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.egress[].captureMode\n simple: true\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n placeholder: Type or choose an option\n- widget: SimpleList\n path: spec.egress[].hosts\n required: true\n simple: true\n placeholder: For example, *.api.mydomain.com\n children:\n - path: '[]'\n simple: true\n- widget: FormGroup\n path: spec.ingress[].port\n required: true\n simple: true\n children:\n - path: number\n simple: true\n required: true\n placeholder: Enter the port number\n - path: name\n widget: Name\n inputInfo: null\n simple: true\n required: true\n - path: protocol\n simple: true\n enum:\n - HTTP\n - HTTPS\n - HTTP2\n - GRPC\n - MONGO\n - TCP\n - TLS\n required: true\n placeholder: Type or choose an option\n- path: spec.ingress[].bind\n placeholder: Enter the IPv4 or IPv6\n simple: true\n- path: spec.ingress[].captureMode\n enum:\n - DEFAULT\n - IPTABLES\n - NONE\n simple: true\n placeholder: Type or choose an option\n- path: spec.ingress[].defaultEndpoint\n placeholder: For example, 127.0.0.1:PORT\n required: true\n simple: true\n- widget: FormGroup\n simple: true\n path: spec.ingress[].tls\n name: TLS\n visibility: $item.port.protocol = 'HTTPS'\n children:\n - path: mode\n name: TLS Mode\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n required: true\n placeholder: Type or choose an option\n - path: serverCertificate\n name: Server Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the certificate path\n - path: privateKey\n name: Private Key\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the private key path\n - path: caCertificates\n name: CA Certificate\n simple: true\n visibility: $item.port.protocol = 'HTTPS'\n placeholder: Enter the CA certificates path\n- widget: FormGroup\n path: spec.outboundTrafficPolicy\n name: Outbound Traffic Policy\n children:\n - path: mode\n name: Outbound Traffic Policy Mode\n enum:\n - REGISTRY_ONLY\n - ALLOW_ANY\n placeholder: Type or choose an option", - "general": "resource:\n kind: Sidecar\n group: networking.istio.io\n version: v1beta1\nurlPath: sidecars\ncategory: Istio\nname: Sidecars\nscope: namespace\ndescription: >-\n {{[Sidecar](https://istio.io/latest/docs/reference/config/networking/sidecar/)}}\n manages the incoming and outgoing communication in a workload it is attached\n to.", - "list": "- source: spec.outboundTrafficPolicy.mode\n name: Outbound Traffic Policy Mode\n- source: spec.workloadSelector.labels\n name: Workload Selector Labels\n widget: Labels" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-sidecars-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "body: \n - name: Configuration\n widget: Panel\n source: spec\n children:\n - name: AccessLogging\n source: accessLogging\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: Filter\n source: filter\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Expression\n source: expression\n widget: Labels\n - name: Match\n source: match\n widget: Panel\n visibility: $exists($value)\n children:\n - name: Mode\n source: mode\n widget: Labels\n - name: Tracing\n source: tracing\n widget: Table\n visibility: $exists($value)\n collapsible:\n - name: RandomSamplingPercentage\n source: randomSamplingPercentage\n widget: Text\n visibility: $exists($value)\n - name: Providers\n source: providers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n widget: Text\n name: Name\n \n", - "form": "- path: spec.accessLogging\n widget: GenericList\n simple: true\n name: Access logging configuration\n children:\n - path: '[]'\n children:\n - path: match.mode\n simple: true\n name: Access logging match mode\n - path: filter.expression\n simple: true\n name: Access logging filter expression\n- path: spec.tracing\n simple: true\n widget: GenericList\n name: Tracing configuration\n children:\n - path: '[]'\n children:\n - path: providers\n simple: true\n widget: GenericList\n children:\n - path: '[]'\n children:\n - path: name\n simple: true\n name: Tracing provider name\n - path: randomSamplingPercentage\n type: number\n name: Tracing random sampling percentage\n", - "general": "resource:\n kind: Telemetry\n group: telemetry.istio.io\n version: v1alpha1\nurlPath: telemetries\ncategory: Istio\nname: Telemetries\nscope: namespace\ndescription: >-\n {{[Telemetry](https://istio.io/latest/docs/reference/config/telemetry)}}\n defines how the telemetry is generated for workloads within a mesh.\n\n" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-telemetries-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "details": "header:\n- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\nbody:\n- widget: Panel\n name: Configuration\n children:\n - source: spec.config.gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n visibility: '$exists($value)'\n - source: spec.config.numTrustedProxies\n name: config.numTrustedProxies\n placeholder: '1'\n\n - name: config.authorizers\n widget: Table\n source: spec.config.authorizers\n visibility: $exists($value)\n collapsibleTitle: \"$item.name\"\n collapsible:\n - name: config.authorizers.headers.inCheck.add\n # For some reason $each doesn't return an array that works with JoinedArray widget, when we have only one element. So in this case we return an Array with one element.\n source: '$count($keys(headers.inCheck.add)) = 1 ? $each(headers.inCheck.add, function($v, $k) {[$k & \":\" & $v]}) : $each(headers.inCheck.add, function($v, $k) {$k & \":\" & $v})'\n widget: JoinedArray\n - name: config.authorizers.headers.inCheck.include\n source: headers.inCheck.include\n widget: JoinedArray\n - name: config.authorizers.headers.toUpstream.onAllow\n source: headers.toUpstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onAllow\n source: headers.toDownstream.onAllow\n widget: JoinedArray\n - name: config.authorizers.headers.toDownstream.onDeny\n source: headers.toDownstream.onDeny\n widget: JoinedArray\n children:\n - name: config.authorizers.service\n source: service\n - name: config.authorizers.port\n source: port\n\n - widget: Panel\n name: Pilot\n visibility: '$exists(spec.components.pilot.k8s.hpaSpec.minReplicas) or $exists(spec.components.pilot.k8s.hpaSpec.maxReplicas) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.pilot.k8s.resources.limits.cpu) or $exists(spec.components.pilot.k8s.resources.limits.memory) or $exists(spec.components.pilot.k8s.resources.requests.cpu) or $exists(spec.components.pilot.k8s.resources.requests.memory)'\n children:\n - source: spec.components.pilot.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.pilot.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Ingress Gateway\n visibility: '$exists(spec.components.ingressGateway.k8s.hpaSpec.minReplicas) or $exists(spec.components.ingressGateway.k8s.hpaSpec.maxReplicas) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge) or $exists(spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable) or $exists(spec.components.ingressGateway.k8s.resources.limits.cpu) or $exists(spec.components.ingressGateway.k8s.resources.limits.memory) or $exists(spec.components.ingressGateway.k8s.resources.requests.cpu) or $exists(spec.components.ingressGateway.k8s.resources.requests.memory)'\n children:\n - source: spec.components.ingressGateway.k8s.hpaSpec.minReplicas\n name: k8s.hpaSpec.minReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.hpaSpec.maxReplicas\n name: k8s.hpaSpec.maxReplicas\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxSurge\n name: k8s.strategy.rollingUpdate.maxSurge\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.strategy.rollingUpdate.maxUnavailable\n name: k8s.strategy.rollingUpdate.maxUnavailable\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.ingressGateway.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n - widget: Panel\n name: CNI\n visibility: '$exists(spec.components.cni.k8s.resources.limits.cpu) or $exists(spec.components.cni.k8s.resources.limits.memory) or $exists(spec.components.cni.k8s.resources.requests.cpu) or $exists(spec.components.cni.k8s.resources.requests.memory) or $exists(spec.components.cni.k8s.affinity)'\n children:\n - source: spec.components.cni.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n - source: spec.components.cni.k8s.affinity\n name: k8s.affinity\n widget: CodeViewer\n description: \"Kubernetes documentation for {{[Affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity)}}\"\n language: \"'yaml'\"\n visibility: '$exists($value)'\n\n - widget: Panel\n name: Proxy\n visibility: '$exists(spec.components.proxy.k8s.resources.limits.cpu) or $exists(spec.components.proxy.k8s.resources.limits.memory) or $exists(spec.components.proxy.k8s.resources.requests.cpu) or $exists(spec.components.proxy.k8s.resources.requests.memory)'\n children:\n - source: spec.components.proxy.k8s.resources.limits.cpu\n name: k8s.resources.limits.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.limits.memory\n name: k8s.resources.limits.memory\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.cpu\n name: k8s.resources.requests.cpu\n visibility: '$exists($value)'\n - source: spec.components.proxy.k8s.resources.requests.memory\n name: k8s.resources.requests.memory\n visibility: '$exists($value)'\n\n- source: status.conditions\n widget: Table\n name: Reconciliation Conditions\n children:\n - source: type\n name: Type\n - source: status\n name: Status\n widget: Badge\n highlights:\n success:\n - 'True'\n error:\n - 'False'\n - source: reason\n name: Reason\n - source: message\n name: Message\n - source: '$readableTimestamp(lastTransitionTime)'\n name: Last transition\n sort: true", - "form": "- path: spec.config\n simple: true\n name: General\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: gatewayExternalTrafficPolicy\n name: config.gatewayExternalTrafficPolicy\n simple: true\n description: description.externalTrafficPolicy\n value:\n type: string\n - path: numTrustedProxies\n simple: true\n name: config.numTrustedProxies\n value:\n type: number\n- path: spec.config.authorizers\n name: config.authorizers\n widget: GenericList\n children:\n - path: '[].name'\n name: config.authorizers.name\n - path: '[].service'\n name: config.authorizers.service\n - path: '[].port'\n name: config.authorizers.port\n - path: '[].headers'\n name: config.authorizers.headers\n widget: FormGroup\n children:\n - path: 'inCheck.add'\n name: config.authorizers.headers.inCheck.add\n widget: KeyValuePair\n - path: 'inCheck.include'\n name: config.authorizers.headers.inCheck.include\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toUpstream.onAllow'\n name: config.authorizers.headers.toUpstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onAllow'\n name: config.authorizers.headers.toDownstream.onAllow\n widget: SimpleList\n children:\n - path: '[]'\n - path: 'toDownstream.onDeny'\n name: config.authorizers.headers.toDownstream.onDeny\n widget: SimpleList\n children:\n - path: '[]'\n\n- path: spec.components\n name: Components\n widget: FormGroup\n defaultExpanded: true\n children:\n - path: 'pilot'\n required: false\n name: Pilot\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'ingressGateway'\n required: false\n name: Ingress Gateway\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.hpaSpec'\n name: k8s.hpaSpec\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'minReplicas'\n name: k8s.hpaSpec.minReplicas\n description: description.hpaSpec.minReplicas\n value:\n type: number\n - path: 'maxReplicas'\n name: k8s.hpaSpec.maxReplicas\n description: description.hpaSpec.maxReplicas\n value:\n type: number\n - path: 'k8s.strategy.rollingUpdate'\n required: false\n name: k8s.strategy.rollingUpdate\n widget: FormGroup\n defaultExpanded: false\n type: object\n properties:\n maxSurge:\n type: string\n maxUnavailable:\n type: string\n children:\n - path: 'maxSurge'\n name: k8s.strategy.rollingUpdate.maxSurge\n description: description.rollingUpdate.maxSurge\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'maxUnavailable'\n name: k8s.strategy.rollingUpdate.maxUnavailable\n description: description.rollingUpdate.maxUnvailable\n value:\n type: string\n pattern: ^\\d+%?$\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'cni'\n required: false\n name: CNI\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.affinity'\n widget: CodeEditor\n description: k8s.affinity\n language: \"'yaml'\"\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n - path: 'proxy'\n required: false\n name: Proxy\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'k8s.resources.limits'\n name: Resource Limits\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.limits.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.limits.memory\n - path: 'k8s.resources.requests'\n name: Resource Requests\n widget: FormGroup\n defaultExpanded: false\n children:\n - path: 'cpu'\n name: k8s.resources.cpu\n description: description.requests.cpu\n - path: 'memory'\n name: k8s.resources.memory\n description: description.requests.memory\n", - "general": "resource:\n kind: Istio\n group: operator.kyma-project.io\n version: v1alpha2\nurlPath: istios\ncategory: Kyma\nname: Istio\nscope: namespace\nfeatures:\n actions:\n disableCreate: true\n disableDelete: true\ndescription: >-\n {{[Istio CR](https://github.com/kyma-project/istio/blob/main/config/samples/operator_v1alpha2_istio.yaml)}}\n describes the Istio module", - "list": "- name: Ready\n source: status.state\n widget: Badge\n description: status.description\n highlights:\n positive:\n - 'Ready'\n negative:\n - 'Error'\n critical:\n - 'Warning'\n", - "translations": "en:\n config.numTrustedProxies: Number of trusted proxies\n\n config.authorizers: Authorizers\n config.authorizers.name: Name\n config.authorizers.service: Service\n config.authorizers.port: Port\n config.authorizers.headers: Headers\n config.authorizers.headers.inCheck.include: Forward To Authorization Request\n config.authorizers.headers.inCheck.add: Add To Authorization Request\n config.authorizers.headers.toUpstream.onAllow: Forward To Upstream\n config.authorizers.headers.toDownstream.onAllow: Forward To Downstream On Allow\n config.authorizers.headers.toDownstream.onDeny: Forward To Downstream On Deny\n config.gatewayExternalTrafficPolicy: Gateway external traffic policy\n\n k8s.hpaSpec: Horizontal Pod Autoscaler\n k8s.hpaSpec.minReplicas: Minimum number of replicas\n k8s.hpaSpec.maxReplicas: Maximum number of replicas\n k8s.strategy.rollingUpdate: Rolling update strategy\n k8s.strategy.rollingUpdate.maxSurge: Maximum surge\n k8s.strategy.rollingUpdate.maxUnavailable: Maximum unavailable\n k8s.resources.cpu: CPU\n k8s.resources.memory: Memory\n k8s.resources.limits.cpu: CPU limits\n k8s.resources.limits.memory: Memory limits\n k8s.resources.requests.cpu: CPU requests\n k8s.resources.requests.memory: Memory requests\n k8s.affinity: Affinity (YAML)\n description.hpaSpec.minReplicas: Minimum number of replicas for this deployment\n description.hpaSpec.maxReplicas: Maximum number of replicas for this deployment\n description.rollingUpdate.maxSurge: Maximum number of Pods, or the percentage of Pods that can be created on top during an update\n description.rollingUpdate.maxUnvailable: Maximum number of Pods, or the percentage of Pods that can be unavailable during an update\n description.limits.cpu: Total CPU limits of all Pods that are in a non-terminal state must not exceed this value\n description.limits.memory: Total memory limits of all Pods that are in a non-terminal state must not exceed this value\n description.requests.cpu: Total CPU requests of all Pods that are in a non-terminal state must not exceed this value\n description.requests.memory: Total memory requests of all Pods that are in a non-terminal state must not exceed this value\n description.externalTrafficPolicy: Specifies externalTrafficPolicy for the Istio Ingress Gateway Service" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "data": { - "dataSources": "relatedGateways:\n resource:\n kind: Gateway\n group: networking.istio.io\n version: v1beta1\n namespace: null\n filter: >-\n $filter($root.spec.gateways, function($g){$contains($g,'/') ?\n ($substringBefore($g,'/') = $item.metadata.namespace and $substringAfter($g,\n '/') = $item.metadata.name) : ($substringBefore($g, '.') =\n $item.metadata.name and $substringBefore($substringAfter($g, '.'), '.') =\n $item.metadata.namespace) })\nrelatedServices:\n resource:\n kind: Service\n version: v1\n namespace: null\n filter: >-\n $filter($root.spec.http.route, function($r) { $filter($r.destination.host,\n function($h){($substringBefore($h, '.') = $item.metadata.name) and\n ($split($substringAfter($h, '.'),'.')[0] = $item.metadata.namespace)} ) })", - "details": "resourceGraph:\n dataSources:\n - source: relatedGateways\n - source: relatedServices\nbody:\n - widget: Table\n source: spec.gateways[]\n name: gateways\n visibility: $exists($value)\n children:\n - source: $item\n name: t-name\n widget: ResourceLink\n resource:\n kind: '\"Gateway\"'\n name: >-\n $contains($item,'/') ? $substringAfter($item, '/') :\n $substringBefore($item, '.')\n namespace: >-\n $contains($item,'/') ? $substringBefore($item, '/'):\n $substringBefore($substringAfter($item, '.'), '.')\n - name: summary\n widget: Panel\n source: spec\n visibility: $boolean($exists($value.exportTo) or $exists($value.hosts))\n children:\n - name: exportTo\n source: exportTo\n widget: Labels\n visibility: $exists($value)\n - name: hosts\n source: hosts\n widget: JoinedArray\n visibility: $exists($value)\n - widget: Table\n source: spec.http\n name: http\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: timeout\n name: timeout\n - source: mirrorPercentage.value\n name: mirrorPercentage\n collapsible:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: uri\n name: uri\n widget: Labels\n - source: scheme\n name: scheme\n widget: Labels\n - source: method\n name: method\n widget: Labels\n - source: authority\n name: authority\n widget: Labels\n - source: headers\n name: headers\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: queryParams\n name: queryParams\n - source: ignoreUriCase\n name: ignoreUriCase\n - source: withoutHeaders\n name: withoutHeaders\n - source: sourceNamespace\n name: sourceNamespace\n - source: statPrefix\n name: statPrefix\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: redirect\n name: redirect\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: port\n name: port\n - source: derivePort\n name: derivePort\n widget: Labels\n - source: scheme\n name: scheme\n - source: redirectCode\n name: redirectCode\n - source: directResponse\n name: directResponse\n widget: Panel\n visibility: $exists($value)\n children:\n - source: status\n name: status\n - source: body\n name: body\n widget: Panel\n visibility: $exists($value)\n children:\n - source: string\n name: string\n - source: bytes\n name: bytes\n - source: delegate\n name: delegate\n widget: Panel\n visibility: $exists($value)\n children:\n - source: name\n name: t-name\n - source: namespace\n name: namespace\n - source: rewrite\n name: rewrite\n widget: Panel\n visibility: $exists($value)\n children:\n - source: uri\n name: uri\n - source: authority\n name: authority\n - source: retries\n name: retries\n widget: Panel\n visibility: $exists($value)\n children:\n - source: attempts\n name: attempts\n - source: perTryTimeout\n name: perTryTimeout\n - source: retryOn\n name: retryOn\n - source: retryRemoteLocalities\n name: retryRemoteLocalities\n - source: fault\n name: fault\n widget: Panel\n visibility: $exists($value)\n children:\n - source: delay\n name: delay\n widget: Panel\n visibility: $exists($value)\n children:\n - source: fixedDelay\n name: fixedDelay\n - source: percentage.value\n name: percentage.value\n - source: percent\n name: percent\n - source: abort\n name: Abort\n widget: Panel\n visibility: $exists($value)\n children:\n - source: httpStatus\n name: httpStatus\n - source: percentage.value\n name: percentage.value\n - source: mirror\n name: Mirror\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: corsPolicy\n name: corsPolicy\n widget: Panel\n visibility: $exists($value)\n children:\n - source: allowOrigins\n name: allowOrigins\n - source: allowMethods\n name: allowMethods\n widget: JoinedArray\n - source: allowHeaders\n name: allowHeaders\n widget: JoinedArray\n - source: exposeHeaders\n name: exposeHeaders\n widget: JoinedArray\n - source: maxAge\n name: maxAge\n - source: allowCredentials\n name: allowCredentials\n - source: headers\n name: headers\n widget: Panel\n visibility: $exists($value)\n children:\n - source: request\n name: request\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - source: response\n name: response\n widget: Panel\n visibility: $exists($value)\n children:\n - source: set\n name: set\n widget: Labels\n - source: add\n name: add\n widget: Labels\n - source: remove\n name: remove\n widget: JoinedArray\n - widget: Table\n source: spec.tcp\n name: tcp\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n visibility: $exists($value)\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port\n - source: weight\n name: weight\n - widget: Table\n source: spec.tls\n name: tls\n visibility: $exists($value)\n children:\n - source: match\n name: matches\n widget: Table\n visibility: $exists($value)\n children:\n - source: sniHosts\n name: sniHosts\n widget: JoinedArray\n - source: destinationSubnets\n name: destinationSubnets\n widget: JoinedArray\n - source: port\n name: port\n - source: sourceLabels\n name: sourceLabels\n widget: Labels\n - source: gateways\n name: gateways\n widget: JoinedArray\n - source: sourceNamespace\n name: sourceNamespace\n collapsible:\n - source: route\n name: routes\n widget: Table\n visibility: $exists($value)\n children:\n - source: destination\n name: destination\n widget: Panel\n children:\n - source: host\n name: host\n - source: subset\n name: subset\n - source: port.number\n name: port.number\n - source: weight\n name: weight", - "form": "- path: spec.tls\n widget: GenericList\n name: tls\n children:\n - path: '[].match'\n widget: GenericList\n name: matches\n children:\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n widget: KeyValuePair\n name: sourceLabels\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n widget: GenericList\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.tcp\n name: tcp\n widget: GenericList\n children:\n - path: '[].match'\n name: matches\n children:\n - path: '[].sourceNamespace'\n name: sourceNamespace\n - path: '[].port'\n name: port\n - path: '[].sniHosts'\n widget: SimpleList\n name: sniHosts\n children:\n - path: '[]'\n - path: '[].destinationSubnets'\n widget: SimpleList\n name: destinationSubnets\n children:\n - path: '[]'\n - path: '[].sourceLabels'\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n widget: SimpleList\n name: gateways\n children:\n - path: '[]'\n - path: '[].route'\n name: routes\n children:\n - path: '[].destination'\n widget: FormGroup\n name: destination\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n name: weight\n- path: spec.http\n simple: true\n name: http\n widget: GenericList\n children:\n - path: '[].match'\n simple: true\n name: matches\n widget: GenericList\n children:\n - path: '[].name'\n simple: true\n name: t-name\n - path: '[].uri'\n simple: true\n name: uri\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].scheme'\n simple: true\n name: scheme\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].method'\n simple: true\n name: method\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].authority'\n simple: true\n name: authority\n widget: KeyValuePair\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].headers'\n simple: true\n name: headers\n defaultExpanded: true\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].port'\n simple: true\n name: port\n - path: '[].sourceLabels'\n simple: true\n name: sourceLabels\n widget: KeyValuePair\n - path: '[].gateways'\n simple: true\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n - path: '[].queryParams'\n simple: true\n name: queryParams\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].ignoreUriCase'\n simple: true\n name: ignoreUriCase\n - path: '[].withoutHeaders'\n simple: true\n name: withoutHeaders\n widget: KeyValuePair\n value:\n type: object\n keyEnum:\n - prefix\n - exact\n - regex\n - path: '[].sourceNamespace'\n simple: true\n name: sourceNamespace\n - path: '[].statPrefix'\n simple: true\n name: statPrefix\n - path: '[].route'\n simple: true\n name: routes\n children:\n - path: '[].destination'\n simple: true\n name: destination\n widget: FormGroup\n children:\n - path: host\n name: host\n - path: subset\n name: subset\n - path: port.number\n name: port.number\n - path: '[].weight'\n simple: true\n name: weight\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: '[].redirect'\n simple: true\n name: redirect\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: port\n simple: true\n name: port\n - path: derivePort\n simple: true\n name: derivePort\n - path: scheme\n simple: true\n name: scheme\n - path: redirectCode\n simple: true\n name: redirectCode\n - path: '[].directResponse'\n simple: true\n name: directResponse\n widget: FormGroup\n children:\n - path: status\n simple: true\n name: status\n - path: body\n simple: true\n name: body\n widget: FormGroup\n children:\n - path: string\n simple: true\n name: string\n - path: bytes\n simple: true\n name: bytes\n - path: '[].delegate'\n simple: true\n name: delegate\n widget: FormGroup\n children:\n - path: name\n simple: true\n name: name\n - path: namespace\n simple: true\n name: namespace\n - path: '[].rewrite'\n simple: true\n name: rewrite\n widget: FormGroup\n children:\n - path: uri\n simple: true\n name: uri\n - path: authority\n simple: true\n name: authority\n - path: '[].timeout'\n simple: true\n name: timeout\n - path: '[].retries'\n simple: true\n name: retries\n widget: FormGroup\n children:\n - path: attempts\n simple: true\n name: attempts\n - path: perTryTimeout\n simple: true\n name: perTryTimeout\n - path: retryOn\n simple: true\n name: retryOn\n - path: retryRemoteLocalities\n simple: true\n name: retryRemoteLocalities\n - path: '[].fault'\n simple: true\n name: fault\n widget: FormGroup\n children:\n - path: delay\n simple: true\n name: delay\n widget: FormGroup\n children:\n - path: fixedDelay\n simple: true\n name: fixedDelay\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: percent\n simple: true\n name: percent\n - path: abort\n simple: true\n name: abort\n widget: FormGroup\n children:\n - path: httpStatus\n simple: true\n name: httpStatus\n - path: grpcStatus\n simple: true\n name: grpcStatus\n - path: percentage.value\n simple: true\n name: percentage.value\n - path: '[].mirror'\n simple: true\n name: mirror\n widget: FormGroup\n children:\n - path: host\n simple: true\n name: host\n - path: subset\n simple: true\n name: subset\n - path: port.number\n simple: true\n name: port.number\n - path: '[].mirrorPercentage.value'\n simple: true\n name: mirrorPercentage\n - path: '[].corsPolicy'\n simple: true\n name: corsPolicy\n widget: FormGroup\n children:\n - path: allowCredentials\n simple: true\n name: allowCredentials\n type: boolean\n - path: allowMethods\n simple: true\n name: allowMethods\n widget: SimpleList\n placeholder: allowMethods.placeholder\n children:\n - path: '[]'\n simple: true\n - path: allowHeaders\n simple: true\n name: allowHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: exposeHeaders\n simple: true\n name: exposeHeaders\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: maxAge\n simple: true\n name: maxAge\n placeholder: maxAge.placeholder\n - path: '[].headers'\n simple: true\n name: headers\n widget: FormGroup\n children:\n - path: response\n simple: true\n name: response\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n - path: request\n simple: true\n name: request\n widget: FormGroup\n children:\n - path: set\n simple: true\n name: set\n widget: KeyValuePair\n - path: add\n simple: true\n name: add\n widget: KeyValuePair\n - path: remove\n simple: true\n name: remove\n widget: SimpleList\n children:\n - path: '[]'\n simple: true\n- path: spec.hosts\n name: hosts\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.gateways\n name: gateways\n widget: SimpleList\n children:\n - path: '[]'\n- path: spec.exportTo\n name: exportTo\n widget: SimpleList\n children:\n - path: '[]'", - "general": "resource:\n kind: VirtualService\n group: networking.istio.io\n version: v1beta1\nurlPath: virtualservices\ncategory: Istio\nname: Virtual Services\nscope: namespace\ndescription: >-\n {{[VirtualService](https://istio.io/latest/docs/reference/config/networking/virtual-service/)}}\n describes a configuration that affects traffic routing. .", - "list": "- name: hosts\n source: spec.hosts\n widget: JoinedArray\n- name: gateways\n source: spec.gateways\n widget: JoinedArray", - "translations": "en:\n t-name: Name\n gateways: Gateways\n hosts: Hosts\n exportTo: Export to\n summary: Summary\n http: HTTP\n tls: TLS\n tcp: TCP\n mirror: Mirror\n mirrorPercentage: Mirror Percentage\n timeout: Timeout\n matches: Matches\n uri: URI\n scheme: Scheme\n method: Method\n authority: Authority\n headers: Headers\n port: Port\n sourceLabels: Source Labels\n queryParams: Query Params\n ignoreUriCase: Ignore URI Case\n withoutHeaders: Without Headers\n sourceNamespace: Source Namespace\n statPrefix: Stat Prefix\n routes: Routes\n destination: Destination\n host: Host\n subset: Subset\n port.number: Port Number\n weight: Weight\n request: Request\n response: Response\n set: Set\n add: Add\n remove: Remove\n redirect: Redirect\n derivePort: Derive Port\n redirectCode: Redirect Code\n directResponse: Direct Response\n status: Status\n body: Body\n string: String\n bytes: Bytes\n delegate: Delegate\n namespace: Namespace\n rewrite: Rewrite\n retries: Retries\n attempts: Attempts\n perTryTimeout: Per Try Timeout\n retryOn: Retry On\n retryRemoteLocalities: Retry Remote Localities\n fault: Fault\n delay: Delay\n fixedDelay: Fixed Delay\n abort: Abort\n percentage.value: Percentage Value\n percent: Percent\n httpStatus: HTTP Status\n grpcStatus: GRPC Status\n corsPolicy: CORS Policy\n allowOrigins: Allow Origins\n allowMethods: Allow Methods\n allowMethods.placeholder: For example, GET\n allowHeaders: Allow Headers\n exposeHeaders: Expose Headers\n maxAge: Max Age\n maxAge.placeholder: For example, 24h\n allowCredentials: Allow Credentials\n destinationSubnets: Destination Subnets\n sniHosts: SNI Hosts" - }, - "kind": "ConfigMap", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "busola.io/extension": "resource", - "busola.io/extension-version": "0.5", - "kyma-project.io/module": "istio" - }, - "name": "istio-virtualservices-ui.operator.kyma-project.io", - "namespace": "kyma-system" - } - }, - { - "apiVersion": "v1", - "kind": "Service", - "metadata": { - "labels": { - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-operator-metrics", - "namespace": "kyma-system" - }, - "spec": { - "ports": [ - { - "name": "http-metrics", - "port": 8080, - "targetPort": 8080 - } - ], - "selector": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "control-plane": "controller-manager" - } - } - }, - { - "apiVersion": "scheduling.k8s.io/v1", - "description": "Used for Istio components that are managed by Kyma Istio Manager and must run in the cluster.", - "globalDefault": false, - "kind": "PriorityClass", - "metadata": { - "labels": { - "app.kubernetes.io/component": "operator", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "kyma-project.io/module": "istio" - }, - "name": "istio-kyma-priority" - }, - "value": 2100000 - }, - { - "apiVersion": "apps/v1", - "kind": "Deployment", - "metadata": { - "labels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "control-plane": "controller-manager", - "kyma-project.io/module": "istio" - }, - "name": "istio-controller-manager", - "namespace": "kyma-system" - }, - "spec": { - "replicas": 1, - "selector": { - "matchLabels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "control-plane": "controller-manager" - } - }, - "template": { - "metadata": { - "annotations": { - "kubectl.kubernetes.io/default-container": "manager" - }, - "labels": { - "app.kubernetes.io/component": "istio-operator.kyma-project.io", - "app.kubernetes.io/instance": "istio-operator-default", - "app.kubernetes.io/name": "istio-operator", - "app.kubernetes.io/part-of": "istio", - "app.kubernetes.io/version": "1.6.1", - "control-plane": "controller-manager", - "kyma-project.io/module": "istio", - "sidecar.istio.io/inject": "false" - } - }, - "spec": { - "containers": [ - { - "args": [ - "--leader-elect", - "--health-probe-bind-address=:8081", - "--metrics-bind-address=:8080" - ], - "command": [ - "/manager" - ], - "image": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.1", - "livenessProbe": { - "httpGet": { - "path": "/healthz", - "port": 8081 - }, - "initialDelaySeconds": 15, - "periodSeconds": 20 - }, - "name": "manager", - "readinessProbe": { - "httpGet": { - "path": "/readyz", - "port": 8081 - }, - "initialDelaySeconds": 5, - "periodSeconds": 10 - }, - "resources": { - "limits": { - "cpu": "1000m", - "memory": "512Mi" - }, - "requests": { - "cpu": "10m", - "memory": "64Mi" - } - }, - "securityContext": { - "allowPrivilegeEscalation": false, - "capabilities": { - "drop": [ - "ALL" - ] - } - } - } - ], - "securityContext": { - "runAsNonRoot": true - }, - "serviceAccountName": "istio-controller-manager", - "terminationGracePeriodSeconds": 10 - } - } - } - } - ], - "cr": { - "apiVersion": "operator.kyma-project.io/v1alpha2", - "kind": "Istio", - "metadata": { - "name": "default", - "namespace": "kyma-system", - "labels": { - "app.kubernetes.io/name": "default" - } - } - }, - "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default", - "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.6.1/istio-manager.yaml", - "crYaml": "https://github.com/kyma-project/istio/releases/download/1.6.1/istio-default-cr.yaml" - }, { "version": "1.6.2", "deploymentYaml": "https://github.com/kyma-project/istio/releases/download/1.6.2/istio-manager.yaml", @@ -7041,7 +3537,8 @@ "managerImage": "europe-docker.pkg.dev/kyma-project/prod/istio-manager:1.6.2", "crPath": "/apis/operator.kyma-project.io/v1alpha2/namespaces/kyma-system/istios/default", "channels": [ - "fast" + "fast", + "regular" ], "documentation": "https://kyma-project.io/#/istio/user/README", "repository": "https://github.com/kyma-project/istio.git"