From 215f440ace86339be05be3cefcc1dfe61919b9e6 Mon Sep 17 00:00:00 2001 From: Charly Molter Date: Wed, 11 Oct 2023 09:27:09 +0200 Subject: [PATCH] Revert "feat(docs): add generated openapi docs (#7975)" This reverts commit 65a5e0ce325a332c6b94f084a6890e8fdf6b45c4. Signed-off-by: Charly Molter --- .circleci/config.yml | 59 +- api/openapi/specs/global_insight.yaml | 3 +- docs/generated/openapi.yaml | 6229 ----------------- mk/docs.mk | 19 +- .../donothingpolicy/api/v1alpha1/rest.yaml | 129 + .../meshaccesslog/api/v1alpha1/rest.yaml | 75 +- .../meshcircuitbreaker/api/v1alpha1/rest.yaml | 75 +- .../meshfaultinjection/api/v1alpha1/rest.yaml | 75 +- .../meshhealthcheck/api/v1alpha1/rest.yaml | 75 +- .../meshhttproute/api/v1alpha1/rest.yaml | 75 +- .../api/v1alpha1/rest.yaml | 75 +- .../meshproxypatch/api/v1alpha1/rest.yaml | 75 +- .../meshratelimit/api/v1alpha1/rest.yaml | 75 +- .../policies/meshretry/api/v1alpha1/rest.yaml | 75 +- .../meshtcproute/api/v1alpha1/rest.yaml | 75 +- .../meshtimeout/api/v1alpha1/rest.yaml | 75 +- .../policies/meshtrace/api/v1alpha1/rest.yaml | 75 +- .../api/v1alpha1/rest.yaml | 75 +- tools/policy-gen/generator/cmd/openapi.go | 3 - tools/policy-gen/templates/endpoints.yaml | 75 +- 20 files changed, 734 insertions(+), 6758 deletions(-) delete mode 100644 docs/generated/openapi.yaml create mode 100644 pkg/plugins/policies/donothingpolicy/api/v1alpha1/rest.yaml diff --git a/.circleci/config.yml b/.circleci/config.yml index f2eb347d3618..adbfaa36888e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -125,27 +125,13 @@ commands: echo "PR doesn't have label <> keep running job" exit 0 executors: - golang-amd64: + golang: resource_class: xlarge docker: - image: "cimg/go:<< pipeline.parameters.go_version >>" environment: KUMA_DIR: . GO_VERSION: << pipeline.parameters.go_version >> - golang-arm64: - resource_class: arm.xlarge - docker: - - image: "cimg/go:<< pipeline.parameters.go_version >>" - environment: - KUMA_DIR: . - GO_VERSION: << pipeline.parameters.go_version >> - vm-xlarge-amd64: - resource_class: xlarge - machine: - image: << pipeline.parameters.ubuntu_image >> - environment: - KUMA_DIR: . - GO_VERSION: << pipeline.parameters.go_version >> vm-amd64: resource_class: large machine: @@ -162,16 +148,26 @@ executors: GO_VERSION: << pipeline.parameters.go_version >> jobs: go_cache: - executor: golang-<< parameters.arch >> + executor: << parameters.executor >> parameters: - arch: + executor: description: the executor to run on type: string default: golang steps: + - when: + condition: {equal: [vm-amd64, << parameters.executor >>]} + steps: + - install_build_tools: + go_arch: amd64 + - when: + condition: {equal: [vm-arm64, << parameters.executor >>]} + steps: + - install_build_tools: + go_arch: arm64 - checkout - restore_cache: - key: vm-<< parameters.arch >>_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} + key: << parameters.executor >>_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} - run: command: make dev/tools - run: @@ -179,7 +175,7 @@ jobs: command: | go mod download -x - save_cache: - key: vm-<< parameters.arch >>_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} + key: << parameters.executor >>_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} paths: - "/home/circleci/go/pkg/mod" - "/home/circleci/.kuma-dev" @@ -357,16 +353,19 @@ jobs: name: "Store logs" path: /tmp/e2e build: - executor: vm-xlarge-amd64 + executor: + name: golang steps: - - install_build_tools - checkout + - setup_remote_docker + - run: + command: ssh remote-docker "sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support" - setenv_depending_on_priority: label: "ci/run-full-matrix" env: ENABLED_GOARCHES="arm64 amd64" ENABLED_GOOSES="linux darwin" - restore_cache: keys: - - build_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} + - docker_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} - run: command: make dev/tools - run: @@ -382,7 +381,7 @@ jobs: - run: command: make -j docker/save - save_cache: - key: build_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} + key: docker_go.mod_{{ checksum "go.sum" }}_{{ checksum "mk/dependencies/deps.lock" }}_{{ checksum ".circleci/config.yml" }} paths: - "/home/circleci/go/pkg/mod" - "/home/circleci/.kuma-dev" @@ -456,11 +455,11 @@ workflows: kuma-commit: jobs: - go_cache: - name: go_cache-<< matrix.arch >> + name: go_cache-<< matrix.executor >> matrix: alias: go_cache parameters: - arch: [amd64, arm64] + executor: [vm-amd64, vm-arm64] - build: name: build - test: @@ -469,7 +468,7 @@ workflows: alias: test parameters: arch: [amd64, arm64] - requires: [build, go_cache-<< matrix.arch >>] + requires: [build, go_cache-vm-<< matrix.arch >>] - e2e: name: legacy-k8s:<< matrix.arch >>-<< matrix.k8sVersion >> matrix: @@ -479,7 +478,7 @@ workflows: arch: [amd64, arm64] parallelism: 3 target: "" - requires: [build, go_cache-<< matrix.arch >>] + requires: [build, go_cache-vm-<< matrix.arch >>] - e2e: name: << matrix.target >>:<< matrix.arch >>-<< matrix.k8sVersion >> matrix: @@ -488,7 +487,7 @@ workflows: k8sVersion: [<< pipeline.parameters.first_k8s_version >>, << pipeline.parameters.last_k8s_version >>, kind, kindIpv6] target: [kubernetes, universal, multizone] arch: [amd64, arm64] - requires: [build, go_cache-<< matrix.arch >>] + requires: [build, go_cache-vm-<< matrix.arch >>] - e2e: name: << matrix.target >>:<< matrix.arch >>-<< matrix.k8sVersion >>-delta-kds matrix: @@ -498,7 +497,7 @@ workflows: target: [multizone] arch: [amd64] deltaKDS: [true] - requires: [build, go_cache-amd64] + requires: [build, go_cache-vm-amd64] - e2e: name: << matrix.target >>:<< matrix.arch >>-<< matrix.k8sVersion >>-calico matrix: @@ -508,7 +507,7 @@ workflows: target: [multizone] arch: [amd64] cniNetworkPlugin: [calico] - requires: [build, go_cache-amd64] + requires: [build, go_cache-vm-amd64] - container-structure: name: container-structure requires: [build] diff --git a/api/openapi/specs/global_insight.yaml b/api/openapi/specs/global_insight.yaml index 4dcbb507e0d0..b1d172701e92 100644 --- a/api/openapi/specs/global_insight.yaml +++ b/api/openapi/specs/global_insight.yaml @@ -7,7 +7,6 @@ paths: /global-insight: get: summary: Get Global Insight - tags: ["GlobalInsight"] responses: '200': $ref: '#/components/responses/GlobalInsightResponse' @@ -233,4 +232,4 @@ components: policies: total: 100 meshes: - total: 3 + total: 3 \ No newline at end of file diff --git a/docs/generated/openapi.yaml b/docs/generated/openapi.yaml deleted file mode 100644 index eeaa8db2bd85..000000000000 --- a/docs/generated/openapi.yaml +++ /dev/null @@ -1,6229 +0,0 @@ -openapi: 3.0.3 -info: - title: Kuma API - description: Kuma API - version: v1alpha1 - x-ref-schema-name: MeshTrafficPermission -paths: - /global-insight: - get: - summary: Get Global Insight - tags: - - GlobalInsight - responses: - '200': - $ref: '#/components/responses/GlobalInsightResponse' - '400': - $ref: '#/components/responses/BadRequest' - '500': - $ref: '#/components/responses/InternalServerError' - operationId: get-global-insight - description: Returns a Global Insight object - /meshes/{mesh}/meshaccesslogs/{name}: - get: - summary: Returns MeshAccessLog entity - tags: - - MeshAccessLog - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshAccessLog - responses: - '200': - $ref: '#/components/responses/MeshAccessLogItem' - put: - summary: Creates or Updates MeshAccessLog entity - tags: - - MeshAccessLog - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshAccessLog - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshAccessLogItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshAccessLog entity - tags: - - MeshAccessLog - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshAccessLog - responses: - '200': - description: Successful response - /meshes/{mesh}/meshaccesslogs: - get: - summary: Returns a list of MeshAccessLog in the mesh. - tags: - - MeshAccessLog - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshAccessLogList' - /meshes/{mesh}/meshcircuitbreakers/{name}: - get: - summary: Returns MeshCircuitBreaker entity - tags: - - MeshCircuitBreaker - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshCircuitBreaker - responses: - '200': - $ref: '#/components/responses/MeshCircuitBreakerItem' - put: - summary: Creates or Updates MeshCircuitBreaker entity - tags: - - MeshCircuitBreaker - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshCircuitBreaker - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshCircuitBreakerItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshCircuitBreaker entity - tags: - - MeshCircuitBreaker - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshCircuitBreaker - responses: - '200': - description: Successful response - /meshes/{mesh}/meshcircuitbreakers: - get: - summary: Returns a list of MeshCircuitBreaker in the mesh. - tags: - - MeshCircuitBreaker - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshCircuitBreakerList' - /meshes/{mesh}/meshfaultinjections/{name}: - get: - summary: Returns MeshFaultInjection entity - tags: - - MeshFaultInjection - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshFaultInjection - responses: - '200': - $ref: '#/components/responses/MeshFaultInjectionItem' - put: - summary: Creates or Updates MeshFaultInjection entity - tags: - - MeshFaultInjection - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshFaultInjection - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshFaultInjectionItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshFaultInjection entity - tags: - - MeshFaultInjection - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshFaultInjection - responses: - '200': - description: Successful response - /meshes/{mesh}/meshfaultinjections: - get: - summary: Returns a list of MeshFaultInjection in the mesh. - tags: - - MeshFaultInjection - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshFaultInjectionList' - /meshes/{mesh}/meshhealthchecks/{name}: - get: - summary: Returns MeshHealthCheck entity - tags: - - MeshHealthCheck - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHealthCheck - responses: - '200': - $ref: '#/components/responses/MeshHealthCheckItem' - put: - summary: Creates or Updates MeshHealthCheck entity - tags: - - MeshHealthCheck - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHealthCheck - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHealthCheckItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshHealthCheck entity - tags: - - MeshHealthCheck - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHealthCheck - responses: - '200': - description: Successful response - /meshes/{mesh}/meshhealthchecks: - get: - summary: Returns a list of MeshHealthCheck in the mesh. - tags: - - MeshHealthCheck - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshHealthCheckList' - /meshes/{mesh}/meshhttproutes/{name}: - get: - summary: Returns MeshHTTPRoute entity - tags: - - MeshHTTPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHTTPRoute - responses: - '200': - $ref: '#/components/responses/MeshHTTPRouteItem' - put: - summary: Creates or Updates MeshHTTPRoute entity - tags: - - MeshHTTPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHTTPRoute - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHTTPRouteItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshHTTPRoute entity - tags: - - MeshHTTPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshHTTPRoute - responses: - '200': - description: Successful response - /meshes/{mesh}/meshhttproutes: - get: - summary: Returns a list of MeshHTTPRoute in the mesh. - tags: - - MeshHTTPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshHTTPRouteList' - /meshes/{mesh}/meshloadbalancingstrategies/{name}: - get: - summary: Returns MeshLoadBalancingStrategy entity - tags: - - MeshLoadBalancingStrategy - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshLoadBalancingStrategy - responses: - '200': - $ref: '#/components/responses/MeshLoadBalancingStrategyItem' - put: - summary: Creates or Updates MeshLoadBalancingStrategy entity - tags: - - MeshLoadBalancingStrategy - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshLoadBalancingStrategy - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshLoadBalancingStrategyItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshLoadBalancingStrategy entity - tags: - - MeshLoadBalancingStrategy - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshLoadBalancingStrategy - responses: - '200': - description: Successful response - /meshes/{mesh}/meshloadbalancingstrategies: - get: - summary: Returns a list of MeshLoadBalancingStrategy in the mesh. - tags: - - MeshLoadBalancingStrategy - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshLoadBalancingStrategyList' - /meshes/{mesh}/meshproxypatches/{name}: - get: - summary: Returns MeshProxyPatch entity - tags: - - MeshProxyPatch - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshProxyPatch - responses: - '200': - $ref: '#/components/responses/MeshProxyPatchItem' - put: - summary: Creates or Updates MeshProxyPatch entity - tags: - - MeshProxyPatch - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshProxyPatch - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshProxyPatchItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshProxyPatch entity - tags: - - MeshProxyPatch - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshProxyPatch - responses: - '200': - description: Successful response - /meshes/{mesh}/meshproxypatches: - get: - summary: Returns a list of MeshProxyPatch in the mesh. - tags: - - MeshProxyPatch - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshProxyPatchList' - /meshes/{mesh}/meshratelimits/{name}: - get: - summary: Returns MeshRateLimit entity - tags: - - MeshRateLimit - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRateLimit - responses: - '200': - $ref: '#/components/responses/MeshRateLimitItem' - put: - summary: Creates or Updates MeshRateLimit entity - tags: - - MeshRateLimit - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRateLimit - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRateLimitItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshRateLimit entity - tags: - - MeshRateLimit - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRateLimit - responses: - '200': - description: Successful response - /meshes/{mesh}/meshratelimits: - get: - summary: Returns a list of MeshRateLimit in the mesh. - tags: - - MeshRateLimit - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshRateLimitList' - /meshes/{mesh}/meshretries/{name}: - get: - summary: Returns MeshRetry entity - tags: - - MeshRetry - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRetry - responses: - '200': - $ref: '#/components/responses/MeshRetryItem' - put: - summary: Creates or Updates MeshRetry entity - tags: - - MeshRetry - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRetry - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRetryItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshRetry entity - tags: - - MeshRetry - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshRetry - responses: - '200': - description: Successful response - /meshes/{mesh}/meshretries: - get: - summary: Returns a list of MeshRetry in the mesh. - tags: - - MeshRetry - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshRetryList' - /meshes/{mesh}/meshtcproutes/{name}: - get: - summary: Returns MeshTCPRoute entity - tags: - - MeshTCPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTCPRoute - responses: - '200': - $ref: '#/components/responses/MeshTCPRouteItem' - put: - summary: Creates or Updates MeshTCPRoute entity - tags: - - MeshTCPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTCPRoute - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTCPRouteItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshTCPRoute entity - tags: - - MeshTCPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTCPRoute - responses: - '200': - description: Successful response - /meshes/{mesh}/meshtcproutes: - get: - summary: Returns a list of MeshTCPRoute in the mesh. - tags: - - MeshTCPRoute - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshTCPRouteList' - /meshes/{mesh}/meshtimeouts/{name}: - get: - summary: Returns MeshTimeout entity - tags: - - MeshTimeout - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTimeout - responses: - '200': - $ref: '#/components/responses/MeshTimeoutItem' - put: - summary: Creates or Updates MeshTimeout entity - tags: - - MeshTimeout - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTimeout - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTimeoutItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshTimeout entity - tags: - - MeshTimeout - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTimeout - responses: - '200': - description: Successful response - /meshes/{mesh}/meshtimeouts: - get: - summary: Returns a list of MeshTimeout in the mesh. - tags: - - MeshTimeout - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshTimeoutList' - /meshes/{mesh}/meshtraces/{name}: - get: - summary: Returns MeshTrace entity - tags: - - MeshTrace - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrace - responses: - '200': - $ref: '#/components/responses/MeshTraceItem' - put: - summary: Creates or Updates MeshTrace entity - tags: - - MeshTrace - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrace - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTraceItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshTrace entity - tags: - - MeshTrace - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrace - responses: - '200': - description: Successful response - /meshes/{mesh}/meshtraces: - get: - summary: Returns a list of MeshTrace in the mesh. - tags: - - MeshTrace - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshTraceList' - /meshes/{mesh}/meshtrafficpermissions/{name}: - get: - summary: Returns MeshTrafficPermission entity - tags: - - MeshTrafficPermission - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrafficPermission - responses: - '200': - $ref: '#/components/responses/MeshTrafficPermissionItem' - put: - summary: Creates or Updates MeshTrafficPermission entity - tags: - - MeshTrafficPermission - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrafficPermission - requestBody: - description: Put request - required: true - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTrafficPermissionItem' - responses: - '200': - description: Updated - '201': - description: Created - delete: - summary: Deletes MeshTrafficPermission entity - tags: - - MeshTrafficPermission - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - - in: path - name: name - schema: - type: string - required: true - description: name of the MeshTrafficPermission - responses: - '200': - description: Successful response - /meshes/{mesh}/meshtrafficpermissions: - get: - summary: Returns a list of MeshTrafficPermission in the mesh. - tags: - - MeshTrafficPermission - parameters: - - in: path - name: mesh - schema: - type: string - required: true - description: name of the mesh - responses: - '200': - $ref: '#/components/responses/MeshTrafficPermissionList' -components: - schemas: - BaseStatus: - type: object - title: Status - required: - - online - - total - properties: - online: - type: integer - example: 10 - total: - type: integer - example: 30 - FullStatus: - allOf: - - $ref: '#/components/schemas/BaseStatus' - - type: object - required: - - offline - - partiallyDegraded - properties: - offline: - type: integer - example: 15 - partiallyDegraded: - type: integer - example: 5 - ServicesStats: - type: object - title: ServicesStats - description: Services statistics - required: - - total - - internal - - external - - gatewayBuiltin - - gatewayDelegated - properties: - internal: - description: Internal services statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - external: - type: object - description: External services statistics - required: - - total - properties: - total: - type: integer - example: 5 - gatewayBuiltin: - description: Builtin Gateway services statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - gatewayDelegated: - description: Delegated Gateway services statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - ZonesStats: - type: object - title: Zones Stats - description: Zone statistics - required: - - controlPlanes - - zoneEgresses - - zoneIngresses - properties: - controlPlanes: - description: Control Planes statistics - allOf: - - $ref: '#/components/schemas/BaseStatus' - zoneEgresses: - description: Zone Egresses statistics - allOf: - - $ref: '#/components/schemas/BaseStatus' - zoneIngresses: - description: Zone Ingresses statistics - allOf: - - $ref: '#/components/schemas/BaseStatus' - DataplanesStats: - type: object - title: Dataplanes Stats - description: Dataplanes statistics - required: - - standard - - gatewayBuiltin - - gatewayDelegated - properties: - standard: - description: Standard dataplane proxy statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - gatewayBuiltin: - description: Builtin Gateway dataplane proxy statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - gatewayDelegated: - description: Delegated Gateway dataplane proxy statistics - allOf: - - $ref: '#/components/schemas/FullStatus' - PoliciesStats: - type: object - title: Policies Stats - description: Policies statistics - required: - - total - properties: - total: - type: integer - description: Number of policies - example: 30 - MeshesStats: - type: object - title: Meshes Stats - description: Mesh statistics - required: - - total - properties: - total: - type: integer - description: Number of meshes - example: 3 - GlobalInsight: - type: object - title: GlobalInsight - description: Global Insight contains statistics for all main resources - required: - - createdAt - - services - - zones - - dataplanes - - policies - - meshes - properties: - createdAt: - type: string - description: Time of Global Insight creation - format: date-time - example: '2023-01-11T02:30:42.227Z' - services: - description: Mesh services statistics - allOf: - - $ref: '#/components/schemas/ServicesStats' - zones: - description: Zones statistics - allOf: - - $ref: '#/components/schemas/ZonesStats' - dataplanes: - description: Dataplane proxy statistics - allOf: - - $ref: '#/components/schemas/DataplanesStats' - policies: - description: Policies statistics - allOf: - - $ref: '#/components/schemas/PoliciesStats' - meshes: - description: Mesh statistics - allOf: - - $ref: '#/components/schemas/MeshesStats' - InvalidParameters: - type: object - title: Invalid Parameters - properties: - field: - type: string - reason: - type: string - rule: - type: string - choices: - type: array - items: - type: string - Error: - type: object - title: Error - description: standard error - x-examples: - Example 1: - status: 404 - title: Not Found - type: https://kongapi.info/konnect/not-found - instance: portal:trace:2287285207635123011 - detail: The requested document was not found - required: - - status - - title - - instance - properties: - status: - type: integer - description: The HTTP status code. - example: 404 - title: - type: string - description: The error response code. - example: Not Found - type: - type: string - description: The error type. - example: Not Found - instance: - type: string - example: portal:trace:2287285207635123011 - description: The portal traceback code - detail: - type: string - example: The requested team was not found - description: Details about the error. - invalid_parameters: - type: array - description: TODO - items: - $ref: '#/components/schemas/InvalidParameters' - MeshAccessLogItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshAccessLog - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshAccessLog resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - clients referenced in 'targetRef' - properties: - backends: - items: - properties: - file: - description: >- - FileBackend defines configuration for file based - access logs - properties: - format: - description: >- - Format of access logs. Placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - properties: - json: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - omitEmptyValues: - type: boolean - plain: - type: string - type: - enum: - - Plain - - Json - type: string - required: - - type - type: object - path: - description: Path to a file that logs will be written to - type: string - required: - - path - type: object - openTelemetry: - description: Defines an OpenTelemetry logging backend. - properties: - attributes: - description: >- - Attributes can contain placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - body: - description: >- - Body is a raw string or an OTLP any value as - described at - https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body - It can contain placeholders available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - x-kubernetes-preserve-unknown-fields: true - endpoint: - description: >- - Endpoint of OpenTelemetry collector. An - empty port defaults to 4317. - example: otel-collector:4317 - minLength: 1 - type: string - required: - - endpoint - type: object - tcp: - description: TCPBackend defines a TCP logging backend. - properties: - address: - description: Address of the TCP logging backend - type: string - format: - description: >- - Format of access logs. Placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - properties: - json: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - omitEmptyValues: - type: boolean - plain: - type: string - type: - enum: - - Plain - - Json - type: string - required: - - type - type: object - required: - - address - type: object - type: - enum: - - Tcp - - File - - OpenTelemetry - type: string - required: - - type - type: object - type: array - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of clients. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - backends: - items: - properties: - file: - description: >- - FileBackend defines configuration for file based - access logs - properties: - format: - description: >- - Format of access logs. Placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - properties: - json: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - omitEmptyValues: - type: boolean - plain: - type: string - type: - enum: - - Plain - - Json - type: string - required: - - type - type: object - path: - description: Path to a file that logs will be written to - type: string - required: - - path - type: object - openTelemetry: - description: Defines an OpenTelemetry logging backend. - properties: - attributes: - description: >- - Attributes can contain placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - body: - description: >- - Body is a raw string or an OTLP any value as - described at - https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/logs/data-model.md#field-body - It can contain placeholders available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - x-kubernetes-preserve-unknown-fields: true - endpoint: - description: >- - Endpoint of OpenTelemetry collector. An - empty port defaults to 4317. - example: otel-collector:4317 - minLength: 1 - type: string - required: - - endpoint - type: object - tcp: - description: TCPBackend defines a TCP logging backend. - properties: - address: - description: Address of the TCP logging backend - type: string - format: - description: >- - Format of access logs. Placeholders - available on - https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#command-operators - properties: - json: - items: - properties: - key: - type: string - value: - type: string - type: object - type: array - omitEmptyValues: - type: boolean - plain: - type: string - type: - enum: - - Plain - - Json - type: string - required: - - type - type: object - required: - - address - type: object - type: - enum: - - Tcp - - File - - OpenTelemetry - type: string - required: - - type - type: object - type: array - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshCircuitBreakerItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshCircuitBreaker - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshCircuitBreaker resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - connectionLimits: - description: >- - ConnectionLimits contains configuration of each - circuit breaking limit, which when exceeded makes the - circuit breaker to become open (no traffic is allowed - like no current is allowed in the circuits when - physical circuit breaker ir open) - properties: - maxConnectionPools: - description: >- - The maximum number of connection pools per cluster - that are concurrently supported at once. Set this - for clusters which create a large number of - connection pools. - format: int32 - type: integer - maxConnections: - description: >- - The maximum number of connections allowed to be - made to the upstream cluster. - format: int32 - type: integer - maxPendingRequests: - description: >- - The maximum number of pending requests that are - allowed to the upstream cluster. This limit is - applied as a connection limit for non-HTTP - traffic. - format: int32 - type: integer - maxRequests: - description: >- - The maximum number of parallel requests that are - allowed to be made to the upstream cluster. This - limit does not apply to non-HTTP traffic. - format: int32 - type: integer - maxRetries: - description: >- - The maximum number of parallel retries that will - be allowed to the upstream cluster. - format: int32 - type: integer - type: object - outlierDetection: - description: >- - OutlierDetection contains the configuration of the - process of dynamically determining whether some number - of hosts in an upstream cluster are performing unlike - the others and removing them from the healthy load - balancing set. Performance might be along different - axes such as consecutive failures, temporal success - rate, temporal latency, etc. Outlier detection is a - form of passive health checking. - properties: - baseEjectionTime: - description: >- - The base time that a host is ejected for. The real - time is equal to the base time multiplied by the - number of times the host has been ejected. - type: string - detectors: - description: >- - Contains configuration for supported outlier - detectors - properties: - failurePercentage: - description: >- - Failure Percentage based outlier detection - functions similarly to success rate detection, - in that it relies on success rate data from - each host in a cluster. However, rather than - compare those values to the mean success rate - of the cluster as a whole, they are compared - to a flat user-configured threshold. This - threshold is configured via the - outlierDetection.failurePercentageThreshold - field. The other configuration fields for - failure percentage based detection are similar - to the fields for success rate detection. As - with success rate detection, detection will - not be performed for a host if its request - volume over the aggregation interval is less - than the - outlierDetection.detectors.failurePercentage.requestVolume - value. Detection also will not be performed - for a cluster if the number of hosts with the - minimum required request volume in an interval - is less than the - outlierDetection.detectors.failurePercentage.minimumHosts - value. - properties: - minimumHosts: - description: >- - The minimum number of hosts in a cluster - in order to perform failure - percentage-based ejection. If the total - number of hosts in the cluster is less - than this value, failure percentage-based - ejection will not be performed. - format: int32 - type: integer - requestVolume: - description: >- - The minimum number of total requests that - must be collected in one interval (as - defined by the interval duration above) to - perform failure percentage-based ejection - for this host. If the volume is lower than - this setting, failure percentage-based - ejection will not be performed for this - host. - format: int32 - type: integer - threshold: - description: >- - The failure percentage to use when - determining failure percentage-based - outlier detection. If the failure - percentage of a given host is greater than - or equal to this value, it will be - ejected. - format: int32 - type: integer - type: object - gatewayFailures: - description: >- - In the default mode - (outlierDetection.splitExternalLocalOriginErrors - is false) this detection type takes into - account a subset of 5xx errors, called - "gateway errors" (502, 503 or 504 status code) - and local origin failures, such as timeout, - TCP reset etc. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true) this detection type takes into - account a subset of 5xx errors, called - "gateway errors" (502, 503 or 504 status code) - and is supported only by the http router. - properties: - consecutive: - description: >- - The number of consecutive gateway failures - (502, 503, 504 status codes) before a - consecutive gateway failure ejection - occurs. - format: int32 - type: integer - type: object - localOriginFailures: - description: >- - This detection type is enabled only when - outlierDetection.splitExternalLocalOriginErrors - is true and takes into account only locally - originated errors (timeout, reset, etc). If - Envoy repeatedly cannot connect to an upstream - host or communication with the upstream host - is repeatedly interrupted, it will be ejected. - Various locally originated problems are - detected: timeout, TCP reset, ICMP errors, - etc. This detection type is supported by http - router and tcp proxy. - properties: - consecutive: - description: >- - The number of consecutive locally - originated failures before ejection - occurs. Parameter takes effect only when - splitExternalAndLocalErrors is set to - true. - format: int32 - type: integer - type: object - successRate: - description: >- - Success Rate based outlier detection - aggregates success rate data from every host - in a cluster. Then at given intervals ejects - hosts based on statistical outlier detection. - Success Rate outlier detection will not be - calculated for a host if its request volume - over the aggregation interval is less than the - outlierDetection.detectors.successRate.requestVolume - value. Moreover, detection will not be - performed for a cluster if the number of hosts - with the minimum required request volume in an - interval is less than the - outlierDetection.detectors.successRate.minimumHosts - value. In the default configuration mode - (outlierDetection.splitExternalLocalOriginErrors - is false) this detection type takes into - account all types of errors: locally and - externally originated. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true), locally originated errors and - externally originated (transaction) errors are - counted and treated separately. - properties: - minimumHosts: - description: >- - The number of hosts in a cluster that must - have enough request volume to detect - success rate outliers. If the number of - hosts is less than this setting, outlier - detection via success rate statistics is - not performed for any host in the cluster. - format: int32 - type: integer - requestVolume: - description: >- - The minimum number of total requests that - must be collected in one interval (as - defined by the interval duration - configured in outlierDetection section) to - include this host in success rate based - outlier detection. If the volume is lower - than this setting, outlier detection via - success rate statistics is not performed - for that host. - format: int32 - type: integer - standardDeviationFactor: - anyOf: - - type: integer - - type: string - description: >- - This factor is used to determine the - ejection threshold for success rate - outlier ejection. The ejection threshold - is the difference between the mean success - rate, and the product of this factor and - the standard deviation of the mean success - rate: mean - (standard_deviation * - success_rate_standard_deviation_factor). - Either int or decimal represented as - string. - x-kubernetes-int-or-string: true - type: object - totalFailures: - description: >- - In the default mode - (outlierDetection.splitExternalAndLocalErrors - is false) this detection type takes into - account all generated errors: locally - originated and externally originated - (transaction) errors. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true) this detection type takes into - account only externally originated - (transaction) errors, ignoring locally - originated errors. If an upstream host is an - HTTP-server, only 5xx types of error are taken - into account (see Consecutive Gateway Failure - for exceptions). Properly formatted responses, - even when they carry an operational error - (like index not found, access denied) are not - taken into account. - properties: - consecutive: - description: >- - The number of consecutive server-side - error responses (for HTTP traffic, 5xx - responses; for TCP traffic, connection - failures; for Redis, failure to respond - PONG; etc.) before a consecutive total - failure ejection occurs. - format: int32 - type: integer - type: object - type: object - disabled: - description: >- - When set to true, outlierDetection configuration - won't take any effect - type: boolean - interval: - description: >- - The time interval between ejection analysis - sweeps. This can result in both new ejections and - hosts being returned to service. - type: string - maxEjectionPercent: - description: >- - The maximum % of an upstream cluster that can be - ejected due to outlier detection. Defaults to 10% - but will eject at least one host regardless of the - value. - format: int32 - type: integer - splitExternalAndLocalErrors: - description: >- - Determines whether to distinguish local origin - failures from external errors. If set to true the - following configuration parameters are taken into - account: detectors.localOriginFailures.consecutive - type: boolean - type: object - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined in place. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - connectionLimits: - description: >- - ConnectionLimits contains configuration of each - circuit breaking limit, which when exceeded makes the - circuit breaker to become open (no traffic is allowed - like no current is allowed in the circuits when - physical circuit breaker ir open) - properties: - maxConnectionPools: - description: >- - The maximum number of connection pools per cluster - that are concurrently supported at once. Set this - for clusters which create a large number of - connection pools. - format: int32 - type: integer - maxConnections: - description: >- - The maximum number of connections allowed to be - made to the upstream cluster. - format: int32 - type: integer - maxPendingRequests: - description: >- - The maximum number of pending requests that are - allowed to the upstream cluster. This limit is - applied as a connection limit for non-HTTP - traffic. - format: int32 - type: integer - maxRequests: - description: >- - The maximum number of parallel requests that are - allowed to be made to the upstream cluster. This - limit does not apply to non-HTTP traffic. - format: int32 - type: integer - maxRetries: - description: >- - The maximum number of parallel retries that will - be allowed to the upstream cluster. - format: int32 - type: integer - type: object - outlierDetection: - description: >- - OutlierDetection contains the configuration of the - process of dynamically determining whether some number - of hosts in an upstream cluster are performing unlike - the others and removing them from the healthy load - balancing set. Performance might be along different - axes such as consecutive failures, temporal success - rate, temporal latency, etc. Outlier detection is a - form of passive health checking. - properties: - baseEjectionTime: - description: >- - The base time that a host is ejected for. The real - time is equal to the base time multiplied by the - number of times the host has been ejected. - type: string - detectors: - description: >- - Contains configuration for supported outlier - detectors - properties: - failurePercentage: - description: >- - Failure Percentage based outlier detection - functions similarly to success rate detection, - in that it relies on success rate data from - each host in a cluster. However, rather than - compare those values to the mean success rate - of the cluster as a whole, they are compared - to a flat user-configured threshold. This - threshold is configured via the - outlierDetection.failurePercentageThreshold - field. The other configuration fields for - failure percentage based detection are similar - to the fields for success rate detection. As - with success rate detection, detection will - not be performed for a host if its request - volume over the aggregation interval is less - than the - outlierDetection.detectors.failurePercentage.requestVolume - value. Detection also will not be performed - for a cluster if the number of hosts with the - minimum required request volume in an interval - is less than the - outlierDetection.detectors.failurePercentage.minimumHosts - value. - properties: - minimumHosts: - description: >- - The minimum number of hosts in a cluster - in order to perform failure - percentage-based ejection. If the total - number of hosts in the cluster is less - than this value, failure percentage-based - ejection will not be performed. - format: int32 - type: integer - requestVolume: - description: >- - The minimum number of total requests that - must be collected in one interval (as - defined by the interval duration above) to - perform failure percentage-based ejection - for this host. If the volume is lower than - this setting, failure percentage-based - ejection will not be performed for this - host. - format: int32 - type: integer - threshold: - description: >- - The failure percentage to use when - determining failure percentage-based - outlier detection. If the failure - percentage of a given host is greater than - or equal to this value, it will be - ejected. - format: int32 - type: integer - type: object - gatewayFailures: - description: >- - In the default mode - (outlierDetection.splitExternalLocalOriginErrors - is false) this detection type takes into - account a subset of 5xx errors, called - "gateway errors" (502, 503 or 504 status code) - and local origin failures, such as timeout, - TCP reset etc. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true) this detection type takes into - account a subset of 5xx errors, called - "gateway errors" (502, 503 or 504 status code) - and is supported only by the http router. - properties: - consecutive: - description: >- - The number of consecutive gateway failures - (502, 503, 504 status codes) before a - consecutive gateway failure ejection - occurs. - format: int32 - type: integer - type: object - localOriginFailures: - description: >- - This detection type is enabled only when - outlierDetection.splitExternalLocalOriginErrors - is true and takes into account only locally - originated errors (timeout, reset, etc). If - Envoy repeatedly cannot connect to an upstream - host or communication with the upstream host - is repeatedly interrupted, it will be ejected. - Various locally originated problems are - detected: timeout, TCP reset, ICMP errors, - etc. This detection type is supported by http - router and tcp proxy. - properties: - consecutive: - description: >- - The number of consecutive locally - originated failures before ejection - occurs. Parameter takes effect only when - splitExternalAndLocalErrors is set to - true. - format: int32 - type: integer - type: object - successRate: - description: >- - Success Rate based outlier detection - aggregates success rate data from every host - in a cluster. Then at given intervals ejects - hosts based on statistical outlier detection. - Success Rate outlier detection will not be - calculated for a host if its request volume - over the aggregation interval is less than the - outlierDetection.detectors.successRate.requestVolume - value. Moreover, detection will not be - performed for a cluster if the number of hosts - with the minimum required request volume in an - interval is less than the - outlierDetection.detectors.successRate.minimumHosts - value. In the default configuration mode - (outlierDetection.splitExternalLocalOriginErrors - is false) this detection type takes into - account all types of errors: locally and - externally originated. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true), locally originated errors and - externally originated (transaction) errors are - counted and treated separately. - properties: - minimumHosts: - description: >- - The number of hosts in a cluster that must - have enough request volume to detect - success rate outliers. If the number of - hosts is less than this setting, outlier - detection via success rate statistics is - not performed for any host in the cluster. - format: int32 - type: integer - requestVolume: - description: >- - The minimum number of total requests that - must be collected in one interval (as - defined by the interval duration - configured in outlierDetection section) to - include this host in success rate based - outlier detection. If the volume is lower - than this setting, outlier detection via - success rate statistics is not performed - for that host. - format: int32 - type: integer - standardDeviationFactor: - anyOf: - - type: integer - - type: string - description: >- - This factor is used to determine the - ejection threshold for success rate - outlier ejection. The ejection threshold - is the difference between the mean success - rate, and the product of this factor and - the standard deviation of the mean success - rate: mean - (standard_deviation * - success_rate_standard_deviation_factor). - Either int or decimal represented as - string. - x-kubernetes-int-or-string: true - type: object - totalFailures: - description: >- - In the default mode - (outlierDetection.splitExternalAndLocalErrors - is false) this detection type takes into - account all generated errors: locally - originated and externally originated - (transaction) errors. In split mode - (outlierDetection.splitExternalLocalOriginErrors - is true) this detection type takes into - account only externally originated - (transaction) errors, ignoring locally - originated errors. If an upstream host is an - HTTP-server, only 5xx types of error are taken - into account (see Consecutive Gateway Failure - for exceptions). Properly formatted responses, - even when they carry an operational error - (like index not found, access denied) are not - taken into account. - properties: - consecutive: - description: >- - The number of consecutive server-side - error responses (for HTTP traffic, 5xx - responses; for TCP traffic, connection - failures; for Redis, failure to respond - PONG; etc.) before a consecutive total - failure ejection occurs. - format: int32 - type: integer - type: object - type: object - disabled: - description: >- - When set to true, outlierDetection configuration - won't take any effect - type: boolean - interval: - description: >- - The time interval between ejection analysis - sweeps. This can result in both new ejections and - hosts being returned to service. - type: string - maxEjectionPercent: - description: >- - The maximum % of an upstream cluster that can be - ejected due to outlier detection. Defaults to 10% - but will eject at least one host regardless of the - value. - format: int32 - type: integer - splitExternalAndLocalErrors: - description: >- - Determines whether to distinguish local origin - failures from external errors. If set to true the - following configuration parameters are taken into - account: detectors.localOriginFailures.consecutive - type: boolean - type: object - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshFaultInjectionItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshFaultInjection - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshFaultInjection resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - http: - description: >- - Http allows to define list of Http faults between - dataplanes. - items: - description: >- - FaultInjection defines the configuration of faults - between dataplanes. - properties: - abort: - description: >- - Abort defines a configuration of not delivering - requests to destination service and replacing - the responses from destination dataplane by - predefined status code - properties: - httpStatus: - description: >- - HTTP status code which will be returned to - source side - format: int32 - type: integer - percentage: - anyOf: - - type: integer - - type: string - description: >- - Percentage of requests on which abort will - be injected, has to be either int or decimal - represented as string. - x-kubernetes-int-or-string: true - required: - - httpStatus - - percentage - type: object - delay: - description: >- - Delay defines configuration of delaying a - response from a destination - properties: - percentage: - anyOf: - - type: integer - - type: string - description: >- - Percentage of requests on which delay will - be injected, has to be either int or decimal - represented as string. - x-kubernetes-int-or-string: true - value: - description: >- - The duration during which the response will - be delayed - type: string - required: - - percentage - - value - type: object - responseBandwidth: - description: >- - ResponseBandwidth defines a configuration to - limit the speed of responding to the requests - properties: - limit: - description: >- - Limit is represented by value measure in - gbps, mbps, kbps or bps, e.g. 10kbps - type: string - percentage: - anyOf: - - type: integer - - type: string - description: >- - Percentage of requests on which response - bandwidth limit will be either int or - decimal represented as string. - x-kubernetes-int-or-string: true - required: - - limit - - percentage - type: object - type: object - type: array - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - MeshHealthCheckItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshHealthCheck - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshHealthCheck resource. - properties: - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - alwaysLogHealthCheckFailures: - description: >- - If set to true, health check failure events will - always be logged. If set to false, only the initial - health check failure event will be logged. The default - value is false. - type: boolean - eventLogPath: - description: >- - Specifies the path to the file where Envoy can log - health check events. If empty, no event log will be - written. - type: string - failTrafficOnPanic: - description: >- - If set to true, Envoy will not consider any hosts when - the cluster is in 'panic mode'. Instead, the cluster - will fail all requests as if all hosts are unhealthy. - This can help avoid potentially overwhelming a failing - service. - type: boolean - grpc: - description: >- - GrpcHealthCheck defines gRPC configuration which will - instruct the service the health check will be made for - is a gRPC service. - properties: - authority: - description: >- - The value of the :authority header in the gRPC - health check request, by default name of the - cluster this health check is associated with - type: string - disabled: - description: If true the GrpcHealthCheck is disabled - type: boolean - serviceName: - description: >- - Service name parameter which will be sent to gRPC - service - type: string - type: object - healthyPanicThreshold: - anyOf: - - type: integer - - type: string - description: >- - Allows to configure panic threshold for Envoy cluster. - If not specified, the default is 50%. To disable panic - mode, set to 0%. Either int or decimal represented as - string. - x-kubernetes-int-or-string: true - healthyThreshold: - default: 1 - description: >- - Number of consecutive healthy checks before - considering a host healthy. - format: int32 - type: integer - http: - description: >- - HttpHealthCheck defines HTTP configuration which will - instruct the service the health check will be made for - is an HTTP service. - properties: - disabled: - description: If true the HttpHealthCheck is disabled - type: boolean - expectedStatuses: - description: >- - List of HTTP response statuses which are - considered healthy - items: - format: int32 - type: integer - type: array - path: - default: / - description: >- - The HTTP path which will be requested during the - health check (ie. /health) - type: string - requestHeadersToAdd: - description: >- - The list of HTTP headers which should be added to - each health check request - properties: - add: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - set: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - initialJitter: - description: >- - If specified, Envoy will start health checking after a - random time in ms between 0 and initialJitter. This - only applies to the first health check. - type: string - interval: - default: 1m - description: Interval between consecutive health checks. - type: string - intervalJitter: - description: >- - If specified, during every interval Envoy will add - IntervalJitter to the wait time. - type: string - intervalJitterPercent: - description: >- - If specified, during every interval Envoy will add - IntervalJitter * IntervalJitterPercent / 100 to the - wait time. If IntervalJitter and IntervalJitterPercent - are both set, both of them will be used to increase - the wait time. - format: int32 - type: integer - noTrafficInterval: - description: >- - The "no traffic interval" is a special health check - interval that is used when a cluster has never had - traffic routed to it. This lower interval allows - cluster information to be kept up to date, without - sending a potentially large amount of active health - checking traffic for no reason. Once a cluster has - been used for traffic routing, Envoy will shift back - to using the standard health check interval that is - defined. Note that this interval takes precedence over - any other. The default value for "no traffic interval" - is 60 seconds. - type: string - reuseConnection: - description: >- - Reuse health check connection between health checks. - Default is true. - type: boolean - tcp: - description: >- - TcpHealthCheck defines configuration for specifying - bytes to send and expected response during the health - check - properties: - disabled: - description: If true the TcpHealthCheck is disabled - type: boolean - receive: - description: >- - List of Base64 encoded blocks of strings expected - as a response. When checking the response, "fuzzy" - matching is performed such that each block must be - found, and in the order specified, but not - necessarily contiguous. If not provided or empty, - checks will be performed as "connect only" and be - marked as successful when TCP connection is - successfully established. - items: - type: string - type: array - send: - description: >- - Base64 encoded content of the message which will - be sent during the health check to the target - type: string - type: object - timeout: - default: 15s - description: Maximum time to wait for a health check response. - type: string - unhealthyThreshold: - default: 5 - description: >- - Number of consecutive unhealthy checks before - considering a host unhealthy. - format: int32 - type: integer - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshHTTPRouteItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshHTTPRoute - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshHTTPRoute resource. - properties: - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To matches destination services of requests and holds - configuration. - items: - properties: - rules: - description: >- - Rules contains the routing rules applies to a combination - of top-level targetRef and the targetRef in this entry. - items: - properties: - default: - description: >- - Default holds routing rules that can be merged with - rules from other policies. - properties: - backendRefs: - items: - description: BackendRef defines where to forward traffic. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to - identify cross mesh resources. - type: string - name: - description: >- - Name of the referenced resource. Can only - be used with kinds: `MeshService`, - `MeshServiceSubset` and `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by - tags. Can only be used with kinds - `MeshSubset` and `MeshServiceSubset` - type: object - weight: - default: 1 - minimum: 0 - type: integer - type: object - type: array - filters: - items: - properties: - requestHeaderModifier: - description: >- - Only one action is supported per header - name. Configuration to set or add multiple - values for a header must use RFC 7230 - header value formatting, separating each - value with a comma. - properties: - add: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - items: - type: string - maxItems: 16 - type: array - set: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - properties: - backendRef: - description: >- - TargetRef defines structure that allows - attaching policy to various objects - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to - identify cross mesh resources. - type: string - name: - description: >- - Name of the referenced resource. Can - only be used with kinds: `MeshService`, - `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies - by tags. Can only be used with kinds - `MeshSubset` and `MeshServiceSubset` - type: object - type: object - percentage: - anyOf: - - type: integer - - type: string - description: >- - Percentage of requests to mirror. If not - specified, all requests to the target - cluster will be mirrored. - x-kubernetes-int-or-string: true - required: - - backendRef - type: object - requestRedirect: - properties: - hostname: - description: >- - PreciseHostname is the fully qualified - domain name of a network host. This - matches the RFC 1123 definition of a - hostname with 1 notable exception that - numeric IP addresses are not allowed. - Note that as per RFC1035 and RFC1123, a *label* must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character. No other punctuation is allowed. - maxLength: 253 - minLength: 1 - pattern: >- - ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: >- - Path defines parameters used to modify - the path of the incoming request. The - modified path is then used to construct - the location header. When empty, the - request path is used as-is. - properties: - replaceFullPath: - type: string - replacePrefixMatch: - type: string - type: - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - port: - description: >- - Port is the port to be used in the value - of the `Location` header in the - response. When empty, port (if - specified) of the request is used. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - enum: - - http - - https - type: string - statusCode: - default: 302 - description: >- - StatusCode is the HTTP status code to be - used in response. - enum: - - 301 - - 302 - - 303 - - 307 - - 308 - type: integer - type: object - responseHeaderModifier: - description: >- - Only one action is supported per header - name. Configuration to set or add multiple - values for a header must use RFC 7230 - header value formatting, separating each - value with a comma. - properties: - add: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - items: - type: string - maxItems: 16 - type: array - set: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestRedirect - - URLRewrite - - RequestMirror - type: string - urlRewrite: - properties: - hostname: - description: >- - Hostname is the value to be used to - replace the host header value during - forwarding. - maxLength: 253 - minLength: 1 - pattern: >- - ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: Path defines a path rewrite. - properties: - replaceFullPath: - type: string - replacePrefixMatch: - type: string - type: - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - type: object - required: - - type - type: object - type: array - type: object - matches: - description: >- - Matches describes how to match HTTP requests this - rule should be applied to. - items: - properties: - headers: - items: - description: >- - HeaderMatch describes how to select an HTTP - route by matching HTTP request headers. - properties: - name: - description: >- - Name is the name of the HTTP Header to - be matched. Name MUST be lower case as - they will be handled with case - insensitivity (See - https://tools.ietf.org/html/rfc7230#section-3.2). - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: >- - Type specifies how to match against the - value of the header. - enum: - - Exact - - Present - - RegularExpression - - Absent - - Prefix - type: string - value: - description: >- - Value is the value of HTTP Header to be - matched. - type: string - required: - - name - type: object - type: array - method: - enum: - - CONNECT - - DELETE - - GET - - HEAD - - OPTIONS - - PATCH - - POST - - PUT - - TRACE - type: string - path: - properties: - type: - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - description: >- - Exact or prefix matches must be an - absolute path. A prefix matches only if - separated by a slash or the entire path. - minLength: 1 - type: string - required: - - type - - value - type: object - queryParams: - description: >- - QueryParams matches based on HTTP URL query - parameters. Multiple matches are ANDed - together such that all listed matches must - succeed. - items: - properties: - name: - minLength: 1 - type: string - type: - enum: - - Exact - - RegularExpression - type: string - value: - type: string - required: - - name - - type - - value - type: object - type: array - type: object - minItems: 1 - type: array - required: - - default - - matches - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of request destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - type: object - type: array - type: object - MeshLoadBalancingStrategyItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshLoadBalancingStrategy - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: >- - Spec is the specification of the Kuma MeshLoadBalancingStrategy - resource. - properties: - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - loadBalancer: - description: >- - LoadBalancer allows to specify load balancing - algorithm. - properties: - leastRequest: - description: >- - LeastRequest selects N random available hosts as - specified in 'choiceCount' (2 by default) and - picks the host which has the fewest active - requests - properties: - choiceCount: - description: >- - ChoiceCount is the number of random healthy - hosts from which the host with the fewest - active requests will be chosen. Defaults to 2 - so that Envoy performs two-choice selection if - the field is not set. - format: int32 - minimum: 2 - type: integer - type: object - maglev: - description: >- - Maglev implements consistent hashing to upstream - hosts. Maglev can be used as a drop in replacement - for the ring hash load balancer any place in which - consistent hashing is desired. - properties: - hashPolicies: - description: >- - HashPolicies specify a list of - request/connection properties that are used to - calculate a hash. These hash policies are - executed in the specified order. If a hash - policy has the “terminal” attribute set to - true, and there is already a hash generated, - the hash is returned immediately, ignoring the - rest of the hash policy list. - items: - properties: - connection: - properties: - sourceIP: - description: Hash on source IP address. - type: boolean - type: object - cookie: - properties: - name: - description: >- - The name of the cookie that will be used - to obtain the hash key. - minLength: 1 - type: string - path: - description: The name of the path for the cookie. - type: string - ttl: - description: >- - If specified, a cookie with the TTL will - be generated if the cookie is not - present. - type: string - required: - - name - type: object - filterState: - properties: - key: - description: >- - The name of the Object in the - per-request filterState, which is an - Envoy::Hashable object. If there is no - data associated with the key, or the - stored object is not Envoy::Hashable, no - hash will be produced. - minLength: 1 - type: string - required: - - key - type: object - header: - properties: - name: - description: >- - The name of the request header that will - be used to obtain the hash key. - minLength: 1 - type: string - required: - - name - type: object - queryParameter: - properties: - name: - description: >- - The name of the URL query parameter that - will be used to obtain the hash key. If - the parameter is not present, no hash - will be produced. Query parameter names - are case-sensitive. - minLength: 1 - type: string - required: - - name - type: object - terminal: - description: >- - Terminal is a flag that short-circuits - the hash computing. This field provides - a ‘fallback’ style of configuration: “if - a terminal policy doesn’t work, fallback - to rest of the policy list”, it saves - time when the terminal policy works. If - true, and there is already a hash - computed, ignore rest of the list of - hash polices. - type: boolean - type: - enum: - - Header - - Cookie - - SourceIP - - QueryParameter - - FilterState - type: string - required: - - type - type: object - type: array - tableSize: - description: >- - The table size for Maglev hashing. Maglev aims - for “minimal disruption” rather than an - absolute guarantee. Minimal disruption means - that when the set of upstream hosts change, a - connection will likely be sent to the same - upstream as it was before. Increasing the - table size reduces the amount of disruption. - The table size must be prime number limited to - 5000011. If it is not specified, the default - is 65537. - format: int32 - maximum: 5000011 - minimum: 1 - type: integer - type: object - random: - description: >- - Random selects a random available host. The random - load balancer generally performs better than - round-robin if no health checking policy is - configured. Random selection avoids bias towards - the host in the set that comes after a failed - host. - type: object - ringHash: - description: >- - RingHash implements consistent hashing to - upstream hosts. Each host is mapped onto a circle - (the “ring”) by hashing its address; each request - is then routed to a host by hashing some property - of the request, and finding the nearest - corresponding host clockwise around the ring. - properties: - hashFunction: - description: >- - HashFunction is a function used to hash hosts - onto the ketama ring. The value defaults to - XX_HASH. Available values – XX_HASH, - MURMUR_HASH_2. - enum: - - XXHash - - MurmurHash2 - type: string - hashPolicies: - description: >- - HashPolicies specify a list of - request/connection properties that are used to - calculate a hash. These hash policies are - executed in the specified order. If a hash - policy has the “terminal” attribute set to - true, and there is already a hash generated, - the hash is returned immediately, ignoring the - rest of the hash policy list. - items: - properties: - connection: - properties: - sourceIP: - description: Hash on source IP address. - type: boolean - type: object - cookie: - properties: - name: - description: >- - The name of the cookie that will be used - to obtain the hash key. - minLength: 1 - type: string - path: - description: The name of the path for the cookie. - type: string - ttl: - description: >- - If specified, a cookie with the TTL will - be generated if the cookie is not - present. - type: string - required: - - name - type: object - filterState: - properties: - key: - description: >- - The name of the Object in the - per-request filterState, which is an - Envoy::Hashable object. If there is no - data associated with the key, or the - stored object is not Envoy::Hashable, no - hash will be produced. - minLength: 1 - type: string - required: - - key - type: object - header: - properties: - name: - description: >- - The name of the request header that will - be used to obtain the hash key. - minLength: 1 - type: string - required: - - name - type: object - queryParameter: - properties: - name: - description: >- - The name of the URL query parameter that - will be used to obtain the hash key. If - the parameter is not present, no hash - will be produced. Query parameter names - are case-sensitive. - minLength: 1 - type: string - required: - - name - type: object - terminal: - description: >- - Terminal is a flag that short-circuits - the hash computing. This field provides - a ‘fallback’ style of configuration: “if - a terminal policy doesn’t work, fallback - to rest of the policy list”, it saves - time when the terminal policy works. If - true, and there is already a hash - computed, ignore rest of the list of - hash polices. - type: boolean - type: - enum: - - Header - - Cookie - - SourceIP - - QueryParameter - - FilterState - type: string - required: - - type - type: object - type: array - maxRingSize: - description: >- - Maximum hash ring size. Defaults to 8M - entries, and limited to 8M entries, but can be - lowered to further constrain resource use. - format: int32 - maximum: 8000000 - minimum: 1 - type: integer - minRingSize: - description: >- - Minimum hash ring size. The larger the ring is - (that is, the more hashes there are for each - provided host) the better the request - distribution will reflect the desired weights. - Defaults to 1024 entries, and limited to 8M - entries. - format: int32 - maximum: 8000000 - minimum: 1 - type: integer - type: object - roundRobin: - description: >- - RoundRobin is a load balancing algorithm that - distributes requests across available upstream - hosts in round-robin order. - type: object - type: - enum: - - RoundRobin - - LeastRequest - - RingHash - - Random - - Maglev - type: string - required: - - type - type: object - localityAwareness: - description: >- - LocalityAwareness contains configuration for locality - aware load balancing. - properties: - disabled: - description: >- - Disabled allows to disable locality-aware load - balancing. When disabled requests are distributed - across all endpoints regardless of locality. - type: boolean - type: object - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshProxyPatchItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshProxyPatch - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshProxyPatch resource. - properties: - default: - description: >- - Default is a configuration specific to the group of destinations - referenced in 'targetRef'. - properties: - appendModifications: - description: >- - AppendModifications is a list of modifications applied on - the selected proxy. - items: - properties: - cluster: - description: Cluster is a modification of Envoy's Cluster resource. - properties: - jsonPatches: - description: >- - JsonPatches specifies list of jsonpatches to apply - to on Envoy's Cluster resource - items: - description: >- - JsonPatchBlock is one json patch operation - block. - properties: - from: - description: >- - From is a jsonpatch from string, used by - move and copy operations. - type: string - op: - description: Op is a jsonpatch operation string. - enum: - - add - - remove - - replace - - move - - copy - type: string - path: - description: Path is a jsonpatch path string. - type: string - value: - description: >- - Value must be a valid json value used by - replace and add operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - match: - description: >- - Match is a set of conditions that have to be - matched for modification operation to happen. - properties: - name: - description: Name of the cluster to match. - type: string - origin: - description: >- - Origin is the name of the component or plugin - that generated the resource. - Here is the list of well-known origins: inbound - resources generated for handling incoming traffic. outbound - resources generated for handling outgoing traffic. transparent - resources generated for transparent proxy functionality. prometheus - resources generated when Prometheus metrics are enabled. direct-access - resources generated for Direct Access functionality. ingress - resources generated for Zone Ingress. egress - resources generated for Zone Egress. gateway - resources generated for MeshGateway. - The list is not complete, because policy plugins can introduce new resources. For example MeshTrace plugin can create Cluster with "mesh-trace" origin. - type: string - type: object - operation: - description: Operation to execute on matched cluster. - enum: - - Add - - Remove - - Patch - type: string - value: - description: >- - Value of xDS resource in YAML format to add or - patch. - type: string - required: - - operation - type: object - httpFilter: - description: >- - HTTPFilter is a modification of Envoy HTTP Filter - available in HTTP Connection Manager in a Listener - resource. - properties: - jsonPatches: - description: >- - JsonPatches specifies list of jsonpatches to apply - to on Envoy's HTTP Filter available in HTTP - Connection Manager in a Listener resource. - items: - description: >- - JsonPatchBlock is one json patch operation - block. - properties: - from: - description: >- - From is a jsonpatch from string, used by - move and copy operations. - type: string - op: - description: Op is a jsonpatch operation string. - enum: - - add - - remove - - replace - - move - - copy - type: string - path: - description: Path is a jsonpatch path string. - type: string - value: - description: >- - Value must be a valid json value used by - replace and add operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - match: - description: >- - Match is a set of conditions that have to be - matched for modification operation to happen. - properties: - listenerName: - description: Name of the listener to match. - type: string - listenerTags: - additionalProperties: - type: string - description: >- - Listener tags available in - Listener#Metadata#FilterMetadata[io.kuma.tags] - type: object - name: - description: >- - Name of the HTTP filter. For example - "envoy.filters.http.local_ratelimit" - type: string - origin: - description: >- - Origin is the name of the component or plugin - that generated the resource. - Here is the list of well-known origins: inbound - resources generated for handling incoming traffic. outbound - resources generated for handling outgoing traffic. transparent - resources generated for transparent proxy functionality. prometheus - resources generated when Prometheus metrics are enabled. direct-access - resources generated for Direct Access functionality. ingress - resources generated for Zone Ingress. egress - resources generated for Zone Egress. gateway - resources generated for MeshGateway. - The list is not complete, because policy plugins can introduce new resources. For example MeshTrace plugin can create Cluster with "mesh-trace" origin. - type: string - type: object - operation: - description: Operation to execute on matched listener. - enum: - - Remove - - Patch - - AddFirst - - AddBefore - - AddAfter - - AddLast - type: string - value: - description: >- - Value of xDS resource in YAML format to add or - patch. - type: string - required: - - operation - type: object - listener: - description: >- - Listener is a modification of Envoy's Listener - resource. - properties: - jsonPatches: - description: >- - JsonPatches specifies list of jsonpatches to apply - to on Envoy's Listener resource - items: - description: >- - JsonPatchBlock is one json patch operation - block. - properties: - from: - description: >- - From is a jsonpatch from string, used by - move and copy operations. - type: string - op: - description: Op is a jsonpatch operation string. - enum: - - add - - remove - - replace - - move - - copy - type: string - path: - description: Path is a jsonpatch path string. - type: string - value: - description: >- - Value must be a valid json value used by - replace and add operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - match: - description: >- - Match is a set of conditions that have to be - matched for modification operation to happen. - properties: - name: - description: Name of the listener to match. - type: string - origin: - description: >- - Origin is the name of the component or plugin - that generated the resource. - Here is the list of well-known origins: inbound - resources generated for handling incoming traffic. outbound - resources generated for handling outgoing traffic. transparent - resources generated for transparent proxy functionality. prometheus - resources generated when Prometheus metrics are enabled. direct-access - resources generated for Direct Access functionality. ingress - resources generated for Zone Ingress. egress - resources generated for Zone Egress. gateway - resources generated for MeshGateway. - The list is not complete, because policy plugins can introduce new resources. For example MeshTrace plugin can create Cluster with "mesh-trace" origin. - type: string - tags: - additionalProperties: - type: string - description: >- - Tags available in - Listener#Metadata#FilterMetadata[io.kuma.tags] - type: object - type: object - operation: - description: Operation to execute on matched listener. - enum: - - Add - - Remove - - Patch - type: string - value: - description: >- - Value of xDS resource in YAML format to add or - patch. - type: string - required: - - operation - type: object - networkFilter: - description: >- - NetworkFilter is a modification of Envoy Listener's - filter. - properties: - jsonPatches: - description: >- - JsonPatches specifies list of jsonpatches to apply - to on Envoy Listener's filter. - items: - description: >- - JsonPatchBlock is one json patch operation - block. - properties: - from: - description: >- - From is a jsonpatch from string, used by - move and copy operations. - type: string - op: - description: Op is a jsonpatch operation string. - enum: - - add - - remove - - replace - - move - - copy - type: string - path: - description: Path is a jsonpatch path string. - type: string - value: - description: >- - Value must be a valid json value used by - replace and add operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - match: - description: >- - Match is a set of conditions that have to be - matched for modification operation to happen. - properties: - listenerName: - description: Name of the listener to match. - type: string - listenerTags: - additionalProperties: - type: string - description: >- - Listener tags available in - Listener#Metadata#FilterMetadata[io.kuma.tags] - type: object - name: - description: >- - Name of the network filter. For example - "envoy.filters.network.ratelimit" - type: string - origin: - description: >- - Origin is the name of the component or plugin - that generated the resource. - Here is the list of well-known origins: inbound - resources generated for handling incoming traffic. outbound - resources generated for handling outgoing traffic. transparent - resources generated for transparent proxy functionality. prometheus - resources generated when Prometheus metrics are enabled. direct-access - resources generated for Direct Access functionality. ingress - resources generated for Zone Ingress. egress - resources generated for Zone Egress. gateway - resources generated for MeshGateway. - The list is not complete, because policy plugins can introduce new resources. For example MeshTrace plugin can create Cluster with "mesh-trace" origin. - type: string - type: object - operation: - description: Operation to execute on matched listener. - enum: - - Remove - - Patch - - AddFirst - - AddBefore - - AddAfter - - AddLast - type: string - value: - description: >- - Value of xDS resource in YAML format to add or - patch. - type: string - required: - - operation - type: object - virtualHost: - description: >- - VirtualHost is a modification of Envoy's VirtualHost - referenced in HTTP Connection Manager in a Listener - resource. - properties: - jsonPatches: - description: >- - JsonPatches specifies list of jsonpatches to apply - to on Envoy's VirtualHost resource - items: - description: >- - JsonPatchBlock is one json patch operation - block. - properties: - from: - description: >- - From is a jsonpatch from string, used by - move and copy operations. - type: string - op: - description: Op is a jsonpatch operation string. - enum: - - add - - remove - - replace - - move - - copy - type: string - path: - description: Path is a jsonpatch path string. - type: string - value: - description: >- - Value must be a valid json value used by - replace and add operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path - type: object - type: array - match: - description: >- - Match is a set of conditions that have to be - matched for modification operation to happen. - properties: - name: - description: Name of the VirtualHost to match. - type: string - origin: - description: >- - Origin is the name of the component or plugin - that generated the resource. - Here is the list of well-known origins: inbound - resources generated for handling incoming traffic. outbound - resources generated for handling outgoing traffic. transparent - resources generated for transparent proxy functionality. prometheus - resources generated when Prometheus metrics are enabled. direct-access - resources generated for Direct Access functionality. ingress - resources generated for Zone Ingress. egress - resources generated for Zone Egress. gateway - resources generated for MeshGateway. - The list is not complete, because policy plugins can introduce new resources. For example MeshTrace plugin can create Cluster with "mesh-trace" origin. - type: string - routeConfigurationName: - description: >- - Name of the RouteConfiguration resource to - match. - type: string - type: object - operation: - description: Operation to execute on matched listener. - enum: - - Add - - Remove - - Patch - type: string - value: - description: >- - Value of xDS resource in YAML format to add or - patch. - type: string - required: - - match - - operation - type: object - type: object - type: array - required: - - appendModifications - type: object - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - required: - - default - - targetRef - type: object - MeshRateLimitItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshRateLimit - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshRateLimit resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - clients referenced in 'targetRef' - properties: - local: - description: >- - LocalConf defines local http or/and tcp rate limit - configuration - properties: - http: - description: >- - LocalHTTP defines confguration of local HTTP rate - limiting - https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter - properties: - disabled: - description: Define if rate limiting should be disabled. - type: boolean - onRateLimit: - description: >- - Describes the actions to take on a rate limit - event - properties: - headers: - description: >- - The Headers to be added to the HTTP - response on a rate limit event - properties: - add: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - set: - items: - properties: - name: - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - status: - description: >- - The HTTP status code to be set on a rate - limit event - format: int32 - type: integer - type: object - requestRate: - description: >- - Defines how many requests are allowed per - interval. - properties: - interval: - description: >- - The interval the number of units is - accounted for. - type: string - num: - description: >- - Number of units per interval (depending on - usage it can be a number of requests, or a - number of connections). - format: int32 - type: integer - required: - - interval - - num - type: object - type: object - tcp: - description: >- - LocalTCP defines confguration of local TCP rate - limiting - https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/local_rate_limit_filter - properties: - connectionRate: - description: >- - Defines how many connections are allowed per - interval. - properties: - interval: - description: >- - The interval the number of units is - accounted for. - type: string - num: - description: >- - Number of units per interval (depending on - usage it can be a number of requests, or a - number of connections). - format: int32 - type: integer - required: - - interval - - num - type: object - disabled: - description: >- - Define if rate limiting should be disabled. - Default: false - type: boolean - type: object - type: object - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of clients. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - MeshRetryItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshRetry - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshRetry resource. - properties: - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - grpc: - description: >- - GRPC defines a configuration of retries for GRPC - traffic - properties: - backOff: - description: >- - BackOff is a configuration of durations which will - be used in exponential backoff strategy between - retries. - properties: - baseInterval: - description: >- - BaseInterval is an amount of time which should - be taken between retries. Must be greater than - zero. Values less than 1 ms are rounded up to - 1 ms. Default is 25ms. - type: string - maxInterval: - description: >- - MaxInterval is a maximal amount of time which - will be taken between retries. Default is 10 - times the "BaseInterval". - type: string - type: object - numRetries: - description: >- - NumRetries is the number of attempts that will be - made on failed (and retriable) requests. - format: int32 - type: integer - perTryTimeout: - description: >- - PerTryTimeout is the amount of time after which - retry attempt should timeout. Setting this timeout - to 0 will disable it. Default is 15s. - type: string - rateLimitedBackOff: - description: >- - RateLimitedBackOff is a configuration of backoff - which will be used when the upstream returns one - of the headers configured. - properties: - maxInterval: - description: >- - MaxInterval is a maximal amount of time which - will be taken between retries. Default is 300 - seconds. - type: string - resetHeaders: - description: >- - ResetHeaders specifies the list of headers - (like Retry-After or X-RateLimit-Reset) to - match against the response. Headers are tried - in order, and matched case-insensitive. The - first header to be parsed successfully is - used. If no headers match the default - exponential BackOff is used instead. - items: - properties: - format: - description: >- - The format of the reset header, either - Seconds or UnixTimestamp. - enum: - - Seconds - - UnixTimestamp - type: string - name: - description: The Name of the reset header. - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - required: - - format - - name - type: object - type: array - type: object - retryOn: - description: >- - RetryOn is a list of conditions which will cause a - retry. Available values are: [Canceled, - DeadlineExceeded, Internal, ResourceExhausted, - Unavailable]. - items: - type: string - type: array - type: object - http: - description: >- - HTTP defines a configuration of retries for HTTP - traffic - properties: - backOff: - description: >- - BackOff is a configuration of durations which will - be used in exponential backoff strategy between - retries - properties: - baseInterval: - description: >- - BaseInterval is an amount of time which should - be taken between retries. Must be greater than - zero. Values less than 1 ms are rounded up to - 1 ms. Default is 25ms. - type: string - maxInterval: - description: >- - MaxInterval is a maximal amount of time which - will be taken between retries. Default is 10 - times the "BaseInterval". - type: string - type: object - hostSelection: - description: >- - HostSelection is a list of predicates that dictate - how hosts should be selected when requests are - retried. - items: - properties: - predicate: - description: >- - Type is requested predicate mode. Available - values are OmitPreviousHosts, - OmitHostsWithTags, and - OmitPreviousPriorities. - type: string - tags: - additionalProperties: - type: string - description: >- - Tags is a map of metadata to match against - for selecting the omitted hosts. Required if - Type is OmitHostsWithTags - type: object - updateFrequency: - description: >- - UpdateFrequency is how often the priority - load should be updated based on previously - attempted priorities. Used for - OmitPreviousPriorities. Default is 2 if not - set. - format: int32 - type: integer - required: - - predicate - type: object - type: array - hostSelectionMaxAttempts: - description: >- - HostSelectionMaxAttempts is the maximum number of - times host selection will be reattempted before - giving up, at which point the host that was last - selected will be routed to. If unspecified, this - will default to retrying once. - format: int64 - type: integer - numRetries: - description: >- - NumRetries is the number of attempts that will be - made on failed (and retriable) requests - format: int32 - type: integer - perTryTimeout: - description: >- - PerTryTimeout is the amount of time after which - retry attempt should timeout. Setting this timeout - to 0 will disable it. Default is 15s. - type: string - rateLimitedBackOff: - description: >- - RateLimitedBackOff is a configuration of backoff - which will be used when the upstream returns one - of the headers configured. - properties: - maxInterval: - description: >- - MaxInterval is a maximal amount of time which - will be taken between retries. Default is 300 - seconds. - type: string - resetHeaders: - description: >- - ResetHeaders specifies the list of headers - (like Retry-After or X-RateLimit-Reset) to - match against the response. Headers are tried - in order, and matched case-insensitive. The - first header to be parsed successfully is - used. If no headers match the default - exponential BackOff is used instead. - items: - properties: - format: - description: >- - The format of the reset header, either - Seconds or UnixTimestamp. - enum: - - Seconds - - UnixTimestamp - type: string - name: - description: The Name of the reset header. - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - required: - - format - - name - type: object - type: array - type: object - retriableRequestHeaders: - description: >- - RetriableRequestHeaders is an HTTP headers which - must be present in the request for retries to be - attempted. - items: - description: >- - HeaderMatch describes how to select an HTTP - route by matching HTTP request headers. - properties: - name: - description: >- - Name is the name of the HTTP Header to be - matched. Name MUST be lower case as they - will be handled with case insensitivity (See - https://tools.ietf.org/html/rfc7230#section-3.2). - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: >- - Type specifies how to match against the - value of the header. - enum: - - Exact - - Present - - RegularExpression - - Absent - - Prefix - type: string - value: - description: >- - Value is the value of HTTP Header to be - matched. - type: string - required: - - name - type: object - type: array - retriableResponseHeaders: - description: >- - RetriableResponseHeaders is an HTTP response - headers that trigger a retry if present in the - response. A retry will be triggered if any of the - header matches match the upstream response - headers. - items: - description: >- - HeaderMatch describes how to select an HTTP - route by matching HTTP request headers. - properties: - name: - description: >- - Name is the name of the HTTP Header to be - matched. Name MUST be lower case as they - will be handled with case insensitivity (See - https://tools.ietf.org/html/rfc7230#section-3.2). - maxLength: 256 - minLength: 1 - pattern: ^[a-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: >- - Type specifies how to match against the - value of the header. - enum: - - Exact - - Present - - RegularExpression - - Absent - - Prefix - type: string - value: - description: >- - Value is the value of HTTP Header to be - matched. - type: string - required: - - name - type: object - type: array - retryOn: - description: >- - RetryOn is a list of conditions which will cause a - retry. Available values are: [5XX, GatewayError, - Reset, Retriable4xx, ConnectFailure, - EnvoyRatelimited, RefusedStream, - Http3PostConnectFailure, HttpMethodConnect, - HttpMethodDelete, HttpMethodGet, HttpMethodHead, - HttpMethodOptions, HttpMethodPatch, - HttpMethodPost, HttpMethodPut, HttpMethodTrace]. - Also, any HTTP status code (500, 503, etc). - items: - type: string - type: array - type: object - tcp: - description: TCP defines a configuration of retries for TCP traffic - properties: - maxConnectAttempt: - description: >- - MaxConnectAttempt is a maximal amount of TCP - connection attempts which will be made before - giving up - format: int32 - type: integer - type: object - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshTCPRouteItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshTCPRoute - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshTCPRoute resource. - properties: - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined in-place. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - rules: - description: >- - Rules contains the routing rules applies to a combination - of top-level targetRef and the targetRef in this entry. - items: - properties: - default: - description: >- - Default holds routing rules that can be merged with - rules from other policies. - properties: - backendRefs: - items: - description: BackendRef defines where to forward traffic. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to - identify cross mesh resources. - type: string - name: - description: >- - Name of the referenced resource. Can only - be used with kinds: `MeshService`, - `MeshServiceSubset` and `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by - tags. Can only be used with kinds - `MeshSubset` and `MeshServiceSubset` - type: object - weight: - default: 1 - minimum: 0 - type: integer - type: object - minItems: 1 - type: array - required: - - backendRefs - type: object - required: - - default - type: object - maxItems: 1 - type: array - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - minItems: 1 - type: array - required: - - targetRef - type: object - MeshTimeoutItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshTimeout - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshTimeout resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - clients referenced in 'targetRef' - properties: - connectionTimeout: - description: >- - ConnectionTimeout specifies the amount of time proxy - will wait for an TCP connection to be established. - Default value is 5 seconds. Cannot be set to 0. - type: string - http: - description: Http provides configuration for HTTP specific timeouts - properties: - maxConnectionDuration: - description: >- - MaxConnectionDuration is the time after which a - connection will be drained and/or closed, starting - from when it was first established. Setting this - timeout to 0 will disable it. Disabled by default. - type: string - maxStreamDuration: - description: >- - MaxStreamDuration is the maximum time that a - stream’s lifetime will span. Setting this timeout - to 0 will disable it. Disabled by default. - type: string - requestTimeout: - description: >- - RequestTimeout The amount of time that proxy will - wait for the entire request to be received. The - timer is activated when the request is initiated, - and is disarmed when the last byte of the request - is sent, OR when the response is initiated. - Setting this timeout to 0 will disable it. Default - is 15s. - type: string - streamIdleTimeout: - description: >- - StreamIdleTimeout is the amount of time that proxy - will allow a stream to exist with no activity. - Setting this timeout to 0 will disable it. Default - is 30m - type: string - type: object - idleTimeout: - description: >- - IdleTimeout is defined as the period in which there - are no bytes sent or received on connection Setting - this timeout to 0 will disable it. Be cautious when - disabling it because it can lead to connection - leaking. Default value is 1h. - type: string - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of clients. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - to: - description: >- - To list makes a match between the consumed services and - corresponding configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - destinations referenced in 'targetRef' - properties: - connectionTimeout: - description: >- - ConnectionTimeout specifies the amount of time proxy - will wait for an TCP connection to be established. - Default value is 5 seconds. Cannot be set to 0. - type: string - http: - description: Http provides configuration for HTTP specific timeouts - properties: - maxConnectionDuration: - description: >- - MaxConnectionDuration is the time after which a - connection will be drained and/or closed, starting - from when it was first established. Setting this - timeout to 0 will disable it. Disabled by default. - type: string - maxStreamDuration: - description: >- - MaxStreamDuration is the maximum time that a - stream’s lifetime will span. Setting this timeout - to 0 will disable it. Disabled by default. - type: string - requestTimeout: - description: >- - RequestTimeout The amount of time that proxy will - wait for the entire request to be received. The - timer is activated when the request is initiated, - and is disarmed when the last byte of the request - is sent, OR when the response is initiated. - Setting this timeout to 0 will disable it. Default - is 15s. - type: string - streamIdleTimeout: - description: >- - StreamIdleTimeout is the amount of time that proxy - will allow a stream to exist with no activity. - Setting this timeout to 0 will disable it. Default - is 30m - type: string - type: object - idleTimeout: - description: >- - IdleTimeout is defined as the period in which there - are no bytes sent or received on connection Setting - this timeout to 0 will disable it. Be cautious when - disabling it because it can lead to connection - leaking. Default value is 1h. - type: string - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of destinations. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - required: - - targetRef - type: object - MeshTraceItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshTrace - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: Spec is the specification of the Kuma MeshTrace resource. - properties: - default: - description: MeshTrace configuration. - properties: - backends: - description: >- - A one element array of backend definition. Envoy allows - configuring only 1 backend, so the natural way of - representing that would be just one object. Unfortunately - due to the reasons explained in MADR 009-tracing-policy this - has to be a one element array for now. - items: - description: Only one of zipkin, datadog or openTelemetry can be used. - properties: - datadog: - description: Datadog backend configuration. - properties: - splitService: - description: >- - Determines if datadog service name should be split - based on traffic direction and destination. For - example, with `splitService: true` and a `backend` - service that communicates with a couple of - databases, you would get service names like - `backend_INBOUND`, `backend_OUTBOUND_db1`, and - `backend_OUTBOUND_db2` in Datadog. Default: false - type: boolean - url: - description: >- - Address of Datadog collector, only host and port - are allowed (no paths, fragments etc.) - type: string - required: - - url - type: object - openTelemetry: - description: OpenTelemetry backend configuration. - properties: - endpoint: - description: Address of OpenTelemetry collector. - example: otel-collector:4317 - minLength: 1 - type: string - required: - - endpoint - type: object - type: - enum: - - Zipkin - - Datadog - - OpenTelemetry - type: string - zipkin: - description: Zipkin backend configuration. - properties: - apiVersion: - default: httpJson - description: >- - Version of the API. values: httpJson, httpProto. - Default: httpJson see - https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/trace/v3/zipkin.proto#L66 - enum: - - httpJson - - httpProto - type: string - sharedSpanContext: - description: >- - Determines whether client and server spans will - share the same span context. Default: true. - https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/trace/v3/zipkin.proto#L63 - type: boolean - traceId128bit: - description: 'Generate 128bit traces. Default: false' - type: boolean - url: - description: Address of Zipkin collector. - type: string - required: - - url - type: object - required: - - type - type: object - type: array - sampling: - description: >- - Sampling configuration. Sampling is the process by which a - decision is made on whether to process/export a span or not. - properties: - client: - anyOf: - - type: integer - - type: string - description: >- - Target percentage of requests that will be force traced - if the 'x-client-trace-id' header is set. Default: 100% - Mirror of client_sampling in Envoy - https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L127-L133 - Either int or decimal represented as string. - x-kubernetes-int-or-string: true - overall: - anyOf: - - type: integer - - type: string - description: >- - Target percentage of requests will be traced after all - other sampling checks have been applied (client, force - tracing, random sampling). This field functions as an - upper limit on the total configured sampling rate. For - instance, setting client_sampling to 100% but - overall_sampling to 1% will result in only 1% of client - requests with the appropriate headers to be force - traced. Default: 100% Mirror of overall_sampling in - Envoy - https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L142-L150 - Either int or decimal represented as string. - x-kubernetes-int-or-string: true - random: - anyOf: - - type: integer - - type: string - description: >- - Target percentage of requests that will be randomly - selected for trace generation, if not requested by the - client or not forced. Default: 100% Mirror of - random_sampling in Envoy - https://github.com/envoyproxy/envoy/blob/v1.22.0/api/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto#L135-L140 - Either int or decimal represented as string. - x-kubernetes-int-or-string: true - type: object - tags: - description: >- - Custom tags configuration. You can add custom tags to traces - based on headers or literal values. - items: - description: >- - Custom tags configuration. Only one of literal or header - can be used. - properties: - header: - description: Tag taken from a header. - properties: - default: - description: >- - Default value to use if header is missing. If the - default is missing and there is no value the tag - will not be included. - type: string - name: - description: Name of the header. - type: string - required: - - name - type: object - literal: - description: Tag taken from literal value. - type: string - name: - description: Name of the tag. - type: string - required: - - name - type: object - type: array - type: object - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - MeshTrafficPermissionItem: - type: object - properties: - type: - description: the type of the resource - type: string - enum: - - MeshTrafficPermission - mesh: - description: >- - Mesh is the name of the Kuma mesh this resource belongs to. It may - be omitted for cluster-scoped resources. - type: string - default: default - name: - description: Name of the Kuma resource - type: string - spec: - description: >- - Spec is the specification of the Kuma MeshTrafficPermission - resource. - properties: - from: - description: >- - From list makes a match between clients and corresponding - configurations - items: - properties: - default: - description: >- - Default is a configuration specific to the group of - clients referenced in 'targetRef' - properties: - action: - description: >- - Action defines a behavior for the specified group of - clients: - enum: - - Allow - - Deny - - AllowWithShadowDeny - type: string - type: object - targetRef: - description: >- - TargetRef is a reference to the resource that represents a - group of clients. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can - only be used with kinds `MeshSubset` and - `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - type: array - targetRef: - description: >- - TargetRef is a reference to the resource the policy takes an - effect on. The resource could be either a real store object or - virtual resource defined inplace. - properties: - kind: - description: Kind of the referenced resource - enum: - - Mesh - - MeshSubset - - MeshGateway - - MeshService - - MeshServiceSubset - - MeshHTTPRoute - type: string - mesh: - description: >- - Mesh is reserved for future use to identify cross mesh - resources. - type: string - name: - description: >- - Name of the referenced resource. Can only be used with - kinds: `MeshService`, `MeshServiceSubset` and - `MeshGatewayRoute` - type: string - tags: - additionalProperties: - type: string - description: >- - Tags used to select a subset of proxies by tags. Can only be - used with kinds `MeshSubset` and `MeshServiceSubset` - type: object - type: object - required: - - targetRef - type: object - responses: - GlobalInsightResponse: - description: A response containing global insight. - content: - application/json: - schema: - $ref: '#/components/schemas/GlobalInsight' - examples: - Single control plane response: - $ref: '#/components/examples/GlobalInsightExample' - BadRequest: - description: Bad Request - content: - application/problem+json: - schema: - $ref: '#/components/schemas/Error' - InternalServerError: - description: Internal Server Error - content: - application/problem+json: - schema: - $ref: '#/components/schemas/Error' - MeshAccessLogItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshAccessLogItem' - MeshAccessLogList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshAccessLogItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshCircuitBreakerItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshCircuitBreakerItem' - MeshCircuitBreakerList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshCircuitBreakerItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshFaultInjectionItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshFaultInjectionItem' - MeshFaultInjectionList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshFaultInjectionItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshHealthCheckItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHealthCheckItem' - MeshHealthCheckList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshHealthCheckItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshHTTPRouteItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHTTPRouteItem' - MeshHTTPRouteList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshHTTPRouteItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshLoadBalancingStrategyItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshLoadBalancingStrategyItem' - MeshLoadBalancingStrategyList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshLoadBalancingStrategyItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshProxyPatchItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshProxyPatchItem' - MeshProxyPatchList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshProxyPatchItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshRateLimitItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRateLimitItem' - MeshRateLimitList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshRateLimitItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshRetryItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRetryItem' - MeshRetryList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshRetryItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshTCPRouteItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTCPRouteItem' - MeshTCPRouteList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshTCPRouteItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshTimeoutItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTimeoutItem' - MeshTimeoutList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshTimeoutItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshTraceItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTraceItem' - MeshTraceList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshTraceItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - MeshTrafficPermissionItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTrafficPermissionItem' - MeshTrafficPermissionList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: '#/components/schemas/MeshTrafficPermissionItem' - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page - examples: - GlobalInsightExample: - value: - services: - total: 5 - internal: 4 - external: 1 - gatewayBuiltin: 1 - gatewayProvided: 2 - internalByStatus: - online: 2 - offline: 1 - partiallyDegraded: 1 - zones: - controlPlanes: - online: 1 - total: 1 - zoneEgresses: - online: 1 - total: 1 - zoneIngresses: - online: 1 - total: 1 - dataplanes: - online: 23 - offline: 10 - partiallyDegraded: 17 - total: 50 - policies: - total: 100 - meshes: - total: 3 - diff --git a/mk/docs.mk b/mk/docs.mk index d6828e80d738..656edcf155ec 100644 --- a/mk/docs.mk +++ b/mk/docs.mk @@ -6,7 +6,7 @@ clean/docs: rm -rf docs/generated .PHONY: docs -docs: docs/generated/cmd docs/generated/kuma-cp.md docs/generated/resources helm-docs docs/generated/raw docs/generated/openapi.yaml ## Dev: Generate local documentation +docs: docs/generated/cmd docs/generated/kuma-cp.md docs/generated/resources helm-docs docs/generated/raw ## Dev: Generate local documentation .PHONY: helm-docs helm-docs: ## Dev: Runs helm-docs generator @@ -47,20 +47,3 @@ docs/generated/raw: --jsonschema_out=$@/protos \ --plugin=protoc-gen-jsonschema=$(PROTOC_GEN_JSONSCHEMA) \ $(DOCS_PROTOS) - -OAPI_TMP_DIR ?= $(BUILD_DIR)/oapitmp -API_DIRS="$(TOP)/api/openapi/specs:base" - -.PHONY: docs/generated/openapi.yaml -docs/generated/openapi.yaml: - rm -rf $(OAPI_TMP_DIR) - mkdir -p $(dir $@) - mkdir -p $(OAPI_TMP_DIR)/policies - for i in $(API_DIRS); do mkdir -p $(OAPI_TMP_DIR)/$$(echo $${i} | cut -d: -f2); cp -r $$(echo $${i} | cut -d: -f1) $(OAPI_TMP_DIR)/$$(echo $${i} | cut -d: -f2); done - for i in $$( find $(POLICIES_DIR) -name '*.yaml' | grep '/api/'); do DIR=$(OAPI_TMP_DIR)/policies/$$(echo $${i} | awk -F/ '{print $$(NF-3)}'); mkdir -p $${DIR}; cp $${i} $${DIR}/$$(echo $${i} | awk -F/ '{print $$(NF)}'); done - -ifdef BASE_API - docker run --rm -v $$PWD/$(dir $(BASE_API)):/base -v $(OAPI_TMP_DIR):/specs ghcr.io/kumahq/openapi-tool:v0.8.0 generate /base/$(notdir $(BASE_API)) '/specs/**/*.yaml' '!/specs/kuma/**' > $@ -else - docker run --rm -v $(OAPI_TMP_DIR):/specs ghcr.io/kumahq/openapi-tool:v0.8.0 generate '/specs/**/*.yaml' > $@ -endif diff --git a/pkg/plugins/policies/donothingpolicy/api/v1alpha1/rest.yaml b/pkg/plugins/policies/donothingpolicy/api/v1alpha1/rest.yaml new file mode 100644 index 000000000000..5d86cd149331 --- /dev/null +++ b/pkg/plugins/policies/donothingpolicy/api/v1alpha1/rest.yaml @@ -0,0 +1,129 @@ +openapi: 3.0.1 +info: + version: v1alpha1 + title: Kuma API + description: Kuma API + +paths: + /meshes/{mesh}/donothingpolicies/{name}: + get: + summary: Returns DoNothingPolicy entity + tags: [ "DoNothingPolicy" ] + parameters: + - in: path + name: mesh + schema: + type: string + required: true + description: name of the mesh + - in: path + name: name + schema: + type: string + required: true + description: name of the DoNothingPolicy + responses: + '200': + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' + + put: + summary: Creates or Updates DoNothingPolicy entity + tags: [ "DoNothingPolicy" ] + parameters: + - in: path + name: mesh + schema: + type: string + required: true + description: name of the mesh + - in: path + name: name + schema: + type: string + required: true + description: name of the DoNothingPolicy + requestBody: + description: DoNothingPolicy entity + required: true + content: + application/json: + schema: + $ref: 'schema.yaml' + responses: + '200': + description: Updated + '201': + description: Created + + delete: + summary: Deletes DoNothingPolicy entity + tags: [ "DoNothingPolicy" ] + parameters: + - in: path + name: mesh + schema: + type: string + required: true + description: name of the mesh + - in: path + name: name + schema: + type: string + required: true + description: name of the DoNothingPolicy + responses: + '200': + description: Successful response + + + /meshes/{mesh}/donothingpolicies: + get: + summary: Returns a list of DoNothingPolicy in the mesh. + tags: [ "DoNothingPolicy" ] + parameters: + - in: path + name: mesh + schema: + type: string + required: true + description: name of the mesh + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page + + + /donothingpolicies: + get: + summary: Returns a list of DoNothingPolicy from all meshes + tags: [ "DoNothingPolicy" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshaccesslog/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshaccesslog/api/v1alpha1/rest.yaml index c2125c0032fe..c198455f2a6b 100644 --- a/pkg/plugins/policies/meshaccesslog/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshaccesslog/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshAccessLog" paths: /meshes/{mesh}/meshaccesslogs/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshAccessLog responses: '200': - $ref: "#/components/responses/MeshAccessLogItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshAccessLog entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshAccessLog requestBody: - description: Put request + description: MeshAccessLog entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshAccessLogItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshAccessLogList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshAccessLogItem: - $ref: 'schema.yaml' - responses: - MeshAccessLogItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshAccessLogItem' - MeshAccessLogList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshAccessLogItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshaccesslogs: + get: + summary: Returns a list of MeshAccessLog from all meshes + tags: [ "MeshAccessLog" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshcircuitbreaker/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshcircuitbreaker/api/v1alpha1/rest.yaml index 0e1fd2de5420..6613b6793b51 100644 --- a/pkg/plugins/policies/meshcircuitbreaker/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshcircuitbreaker/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshCircuitBreaker" paths: /meshes/{mesh}/meshcircuitbreakers/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshCircuitBreaker responses: '200': - $ref: "#/components/responses/MeshCircuitBreakerItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshCircuitBreaker entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshCircuitBreaker requestBody: - description: Put request + description: MeshCircuitBreaker entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshCircuitBreakerItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshCircuitBreakerList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshCircuitBreakerItem: - $ref: 'schema.yaml' - responses: - MeshCircuitBreakerItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshCircuitBreakerItem' - MeshCircuitBreakerList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshCircuitBreakerItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshcircuitbreakers: + get: + summary: Returns a list of MeshCircuitBreaker from all meshes + tags: [ "MeshCircuitBreaker" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshfaultinjection/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshfaultinjection/api/v1alpha1/rest.yaml index f8957289d0ea..c095eadca8e6 100644 --- a/pkg/plugins/policies/meshfaultinjection/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshfaultinjection/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshFaultInjection" paths: /meshes/{mesh}/meshfaultinjections/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshFaultInjection responses: '200': - $ref: "#/components/responses/MeshFaultInjectionItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshFaultInjection entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshFaultInjection requestBody: - description: Put request + description: MeshFaultInjection entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshFaultInjectionItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshFaultInjectionList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshFaultInjectionItem: - $ref: 'schema.yaml' - responses: - MeshFaultInjectionItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshFaultInjectionItem' - MeshFaultInjectionList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshFaultInjectionItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshfaultinjections: + get: + summary: Returns a list of MeshFaultInjection from all meshes + tags: [ "MeshFaultInjection" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshhealthcheck/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshhealthcheck/api/v1alpha1/rest.yaml index c1774909ab8a..643c8c4d3a81 100644 --- a/pkg/plugins/policies/meshhealthcheck/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshhealthcheck/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshHealthCheck" paths: /meshes/{mesh}/meshhealthchecks/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshHealthCheck responses: '200': - $ref: "#/components/responses/MeshHealthCheckItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshHealthCheck entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshHealthCheck requestBody: - description: Put request + description: MeshHealthCheck entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshHealthCheckItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshHealthCheckList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshHealthCheckItem: - $ref: 'schema.yaml' - responses: - MeshHealthCheckItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHealthCheckItem' - MeshHealthCheckList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshHealthCheckItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshhealthchecks: + get: + summary: Returns a list of MeshHealthCheck from all meshes + tags: [ "MeshHealthCheck" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshhttproute/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshhttproute/api/v1alpha1/rest.yaml index 3c3f341f76e2..df064cd58189 100644 --- a/pkg/plugins/policies/meshhttproute/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshhttproute/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshHTTPRoute" paths: /meshes/{mesh}/meshhttproutes/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshHTTPRoute responses: '200': - $ref: "#/components/responses/MeshHTTPRouteItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshHTTPRoute entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshHTTPRoute requestBody: - description: Put request + description: MeshHTTPRoute entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshHTTPRouteItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshHTTPRouteList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshHTTPRouteItem: - $ref: 'schema.yaml' - responses: - MeshHTTPRouteItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshHTTPRouteItem' - MeshHTTPRouteList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshHTTPRouteItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshhttproutes: + get: + summary: Returns a list of MeshHTTPRoute from all meshes + tags: [ "MeshHTTPRoute" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/rest.yaml index c2b626757605..686307cf9b34 100644 --- a/pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshLoadBalancingStrategy" paths: /meshes/{mesh}/meshloadbalancingstrategies/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshLoadBalancingStrategy responses: '200': - $ref: "#/components/responses/MeshLoadBalancingStrategyItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshLoadBalancingStrategy entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshLoadBalancingStrategy requestBody: - description: Put request + description: MeshLoadBalancingStrategy entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshLoadBalancingStrategyItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshLoadBalancingStrategyList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshLoadBalancingStrategyItem: - $ref: 'schema.yaml' - responses: - MeshLoadBalancingStrategyItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshLoadBalancingStrategyItem' - MeshLoadBalancingStrategyList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshLoadBalancingStrategyItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshloadbalancingstrategies: + get: + summary: Returns a list of MeshLoadBalancingStrategy from all meshes + tags: [ "MeshLoadBalancingStrategy" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshproxypatch/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshproxypatch/api/v1alpha1/rest.yaml index f3adf2ae2836..de4b84951aad 100644 --- a/pkg/plugins/policies/meshproxypatch/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshproxypatch/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshProxyPatch" paths: /meshes/{mesh}/meshproxypatches/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshProxyPatch responses: '200': - $ref: "#/components/responses/MeshProxyPatchItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshProxyPatch entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshProxyPatch requestBody: - description: Put request + description: MeshProxyPatch entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshProxyPatchItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshProxyPatchList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshProxyPatchItem: - $ref: 'schema.yaml' - responses: - MeshProxyPatchItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshProxyPatchItem' - MeshProxyPatchList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshProxyPatchItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshproxypatches: + get: + summary: Returns a list of MeshProxyPatch from all meshes + tags: [ "MeshProxyPatch" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshratelimit/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshratelimit/api/v1alpha1/rest.yaml index 9a599843562f..100d03f34217 100644 --- a/pkg/plugins/policies/meshratelimit/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshratelimit/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshRateLimit" paths: /meshes/{mesh}/meshratelimits/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshRateLimit responses: '200': - $ref: "#/components/responses/MeshRateLimitItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshRateLimit entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshRateLimit requestBody: - description: Put request + description: MeshRateLimit entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshRateLimitItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshRateLimitList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshRateLimitItem: - $ref: 'schema.yaml' - responses: - MeshRateLimitItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRateLimitItem' - MeshRateLimitList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshRateLimitItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshratelimits: + get: + summary: Returns a list of MeshRateLimit from all meshes + tags: [ "MeshRateLimit" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshretry/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshretry/api/v1alpha1/rest.yaml index 86249e6ab6cd..4c7ba9d1d803 100644 --- a/pkg/plugins/policies/meshretry/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshretry/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshRetry" paths: /meshes/{mesh}/meshretries/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshRetry responses: '200': - $ref: "#/components/responses/MeshRetryItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshRetry entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshRetry requestBody: - description: Put request + description: MeshRetry entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshRetryItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshRetryList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshRetryItem: - $ref: 'schema.yaml' - responses: - MeshRetryItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshRetryItem' - MeshRetryList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshRetryItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshretries: + get: + summary: Returns a list of MeshRetry from all meshes + tags: [ "MeshRetry" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshtcproute/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshtcproute/api/v1alpha1/rest.yaml index 0ec803d24875..1a1fed358adf 100644 --- a/pkg/plugins/policies/meshtcproute/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshtcproute/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshTCPRoute" paths: /meshes/{mesh}/meshtcproutes/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshTCPRoute responses: '200': - $ref: "#/components/responses/MeshTCPRouteItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshTCPRoute entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshTCPRoute requestBody: - description: Put request + description: MeshTCPRoute entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshTCPRouteItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshTCPRouteList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshTCPRouteItem: - $ref: 'schema.yaml' - responses: - MeshTCPRouteItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTCPRouteItem' - MeshTCPRouteList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshTCPRouteItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshtcproutes: + get: + summary: Returns a list of MeshTCPRoute from all meshes + tags: [ "MeshTCPRoute" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshtimeout/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshtimeout/api/v1alpha1/rest.yaml index a1368336bd41..606152aa8451 100644 --- a/pkg/plugins/policies/meshtimeout/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshtimeout/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshTimeout" paths: /meshes/{mesh}/meshtimeouts/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshTimeout responses: '200': - $ref: "#/components/responses/MeshTimeoutItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshTimeout entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshTimeout requestBody: - description: Put request + description: MeshTimeout entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshTimeoutItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshTimeoutList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshTimeoutItem: - $ref: 'schema.yaml' - responses: - MeshTimeoutItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTimeoutItem' - MeshTimeoutList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshTimeoutItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshtimeouts: + get: + summary: Returns a list of MeshTimeout from all meshes + tags: [ "MeshTimeout" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshtrace/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshtrace/api/v1alpha1/rest.yaml index 691207fad542..2cd6c22078c6 100644 --- a/pkg/plugins/policies/meshtrace/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshtrace/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshTrace" paths: /meshes/{mesh}/meshtraces/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshTrace responses: '200': - $ref: "#/components/responses/MeshTraceItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshTrace entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshTrace requestBody: - description: Put request + description: MeshTrace entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshTraceItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshTraceList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshTraceItem: - $ref: 'schema.yaml' - responses: - MeshTraceItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTraceItem' - MeshTraceList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshTraceItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshtraces: + get: + summary: Returns a list of MeshTrace from all meshes + tags: [ "MeshTrace" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/pkg/plugins/policies/meshtrafficpermission/api/v1alpha1/rest.yaml b/pkg/plugins/policies/meshtrafficpermission/api/v1alpha1/rest.yaml index 1a2d9afac632..ccf0443adbba 100644 --- a/pkg/plugins/policies/meshtrafficpermission/api/v1alpha1/rest.yaml +++ b/pkg/plugins/policies/meshtrafficpermission/api/v1alpha1/rest.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: v1alpha1 title: Kuma API description: Kuma API - x-ref-schema-name: "MeshTrafficPermission" paths: /meshes/{mesh}/meshtrafficpermissions/{name}: @@ -25,7 +24,11 @@ paths: description: name of the MeshTrafficPermission responses: '200': - $ref: "#/components/responses/MeshTrafficPermissionItem" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates MeshTrafficPermission entity @@ -44,12 +47,12 @@ paths: required: true description: name of the MeshTrafficPermission requestBody: - description: Put request + description: MeshTrafficPermission entity required: true content: application/json: schema: - $ref: '#/components/schemas/MeshTrafficPermissionItem' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/MeshTrafficPermissionList" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - MeshTrafficPermissionItem: - $ref: 'schema.yaml' - responses: - MeshTrafficPermissionItem: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/MeshTrafficPermissionItem' - MeshTrafficPermissionList: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/MeshTrafficPermissionItem" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /meshtrafficpermissions: + get: + summary: Returns a list of MeshTrafficPermission from all meshes + tags: [ "MeshTrafficPermission" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page diff --git a/tools/policy-gen/generator/cmd/openapi.go b/tools/policy-gen/generator/cmd/openapi.go index 352ef43d77fc..1fa559bd0367 100644 --- a/tools/policy-gen/generator/cmd/openapi.go +++ b/tools/policy-gen/generator/cmd/openapi.go @@ -30,9 +30,6 @@ func newOpenAPI(rootArgs *args) *cobra.Command { if err != nil { return err } - if pconfig.SkipRegistration { - return nil - } tmpl, err := template.ParseFiles(localArgs.openAPITemplate) if err != nil { diff --git a/tools/policy-gen/templates/endpoints.yaml b/tools/policy-gen/templates/endpoints.yaml index 1c63e029b204..4b48a166fbf1 100644 --- a/tools/policy-gen/templates/endpoints.yaml +++ b/tools/policy-gen/templates/endpoints.yaml @@ -1,9 +1,8 @@ -openapi: 3.0.3 +openapi: 3.0.1 info: version: {{ .Package }} title: Kuma API description: Kuma API - x-ref-schema-name: "{{ .Name }}" paths: /meshes/{mesh}/{{ .Path }}/{name}: @@ -25,7 +24,11 @@ paths: description: name of the {{ .Name }} responses: '200': - $ref: "#/components/responses/{{.Name}}Item" + description: Successful response + content: + application/json: + schema: + $ref: 'schema.yaml' put: summary: Creates or Updates {{ .Name }} entity @@ -44,12 +47,12 @@ paths: required: true description: name of the {{ .Name }} requestBody: - description: Put request + description: {{ .Name }} entity required: true content: application/json: schema: - $ref: '#/components/schemas/{{.Name}}Item' + $ref: 'schema.yaml' responses: '200': description: Updated @@ -90,33 +93,37 @@ paths: description: name of the mesh responses: '200': - $ref: "#/components/responses/{{.Name}}List" + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page -components: - schemas: - {{.Name}}Item: - $ref: 'schema.yaml' - responses: - {{.Name}}Item: - description: Successful response - content: - application/json: - schema: - $ref: '#/components/schemas/{{.Name}}Item' - {{.Name}}List: - description: List - content: - application/json: - schema: - type: object - properties: - items: - type: array - items: - $ref: "#/components/schemas/{{.Name}}Item" - total: - type: number - description: The total number of entities - next: - type: string - description: URL to the next page + + /{{ .Path }}: + get: + summary: Returns a list of {{ .Name }} from all meshes + tags: [ "{{ .Name }}" ] + responses: + '200': + description: Successful response + content: + application/json: + schema: + type: object + properties: + items: + type: array + items: + $ref: 'schema.yaml' + next: + type: string + description: URL to the next page