Config v1alpha3 API Reference

Config v1alpha3 API reference documentation.

Packages:

config.flomesh.io/v1alpha3

Package v1alpha3 is the v1alpha3 version of the API.

Resource Types:

    CertManagerProviderSpec

    (Appears on:ProviderSpec)

    CertManagerProviderSpec defines the configuration of the cert-manager provider

    FieldDescription
    issuerName
    string

    IssuerName specifies the name of the Issuer resource

    issuerKind
    string

    IssuerKind specifies the kind of Issuer

    issuerGroup
    string

    IssuerGroup specifies the group the Issuer belongs to

    CertificateSpec

    (Appears on:MeshConfigSpec)

    CertificateSpec is the type to reperesent FSM’s certificate management configuration.

    FieldDescription
    serviceCertValidityDuration
    string

    ServiceCertValidityDuration defines the service certificate validity duration.

    certKeyBitSize
    int

    CertKeyBitSize defines the certicate key bit size.

    ingressGateway
    IngressGatewayCertSpec
    (Optional)

    IngressGateway defines the certificate specification for an ingress gateway.

    ClusterPropertySpec

    (Appears on:ClusterSetSpec)

    ClusterPropertySpec is the type to represent cluster property.

    FieldDescription
    name
    string

    Name defines the name of cluster property.

    value
    string

    Value defines the name of cluster property.

    ClusterSetSpec

    (Appears on:MeshConfigSpec)

    ClusterSetSpec is the type to represent cluster set.

    FieldDescription
    isManaged
    bool

    IsManaged defines if the cluster is managed.

    uid
    string

    UID defines Unique ID of cluster.

    region
    string
    (Optional)

    Region defines Region of cluster.

    zone
    string
    (Optional)

    Zone defines Zone of cluster.

    group
    string
    (Optional)

    Group defines Group of cluster.

    name
    string

    Name defines Name of cluster.

    controlPlaneUID
    string

    ControlPlaneUID defines the unique ID of the control plane cluster, in case it’s managed

    properties
    []ClusterPropertySpec

    Properties defines properties for cluster.

    EgressGatewaySpec

    (Appears on:MeshConfigSpec)

    EgressGatewaySpec is the type to represent egress gateway.

    FieldDescription
    enabled
    bool

    Enabled defines if flb is enabled.

    logLevel
    string

    LogLevel defines the log level of gateway api.

    mode
    string

    Mode defines the mode of egress gateway.

    port
    int32

    Port defines the port of egress gateway.

    adminPort
    int32

    AdminPort defines the admin port of egress gateway.

    replicas
    int32

    Replicas defines the replicas of egress gateway.

    ExternalAuthzSpec

    (Appears on:TrafficSpec)

    ExternalAuthzSpec is a type to represent external authorization configuration.

    FieldDescription
    enable
    bool

    Enable defines a boolean indicating if the external authorization policy is to be enabled.

    address
    string

    Address defines the remote address of the external authorization endpoint.

    port
    uint16

    Port defines the destination port of the remote external authorization endpoint.

    statPrefix
    string

    StatPrefix defines a prefix for the stats sink for this external authorization policy.

    timeout
    string

    Timeout defines the timeout in which a response from the external authorization endpoint. is expected to execute.

    failureModeAllow
    bool

    FailureModeAllow defines a boolean indicating if traffic should be allowed on a failure to get a response against the external authorization endpoint.

    FLBSpec

    (Appears on:MeshConfigSpec)

    FLBSpec is the type to represent flb.

    FieldDescription
    enabled
    bool

    Enabled defines if flb is enabled.

    strictMode
    bool

    StrictMode defines if flb is in strict mode.

    upstreamMode
    FLBUpstreamMode

    UpstreamMode defines the upstream mode of flb.

    secretName
    string

    SecretName defines the secret name of flb.

    FLBUpstreamMode (string alias)

    (Appears on:FLBSpec)

    ValueDescription

    "Endpoint"

    "NodePort"

    FeatureFlags

    (Appears on:MeshConfigSpec)

    FeatureFlags is a type to represent FSM’s feature flags.

    FieldDescription
    enableEgressPolicy
    bool

    EnableEgressPolicy defines if FSM’s Egress policy is enabled.

    enableSnapshotCacheMode
    bool

    EnableSnapshotCacheMode defines if XDS server starts with snapshot cache.

    enableAsyncProxyServiceMapping
    bool

    EnableAsyncProxyServiceMapping defines if FSM will map proxies to services asynchronously.

    enableIngressBackendPolicy
    bool

    EnableIngressBackendPolicy defines if FSM will use the IngressBackend API to allow ingress traffic to service mesh backends.

    enableAccessControlPolicy
    bool

    EnableAccessControlPolicy defines if FSM will use the AccessControl API to allow access control traffic to service mesh backends.

    enableAccessCertPolicy
    bool

    EnableAccessCertPolicy defines if FSM can issue certificates for external services..

    enableSidecarActiveHealthChecks
    bool

    EnableSidecarActiveHealthChecks defines if FSM will Sidecar active health checks between services allowed to communicate.

    enableRetryPolicy
    bool

    EnableRetryPolicy defines if retry policy is enabled.

    enablePluginPolicy
    bool

    EnablePluginPolicy defines if plugin policy is enabled.

    enableAutoDefaultRoute
    bool

    EnableAutoDefaultRoute defines if auto default route is enabled.

    enableValidateGatewayListenerHostname
    bool

    EnableValidateGatewayListenerHostname defines if validate gateway listener hostname is enabled.

    enableValidateHTTPRouteHostnames
    bool

    EnableValidateHTTPRouteHostnames defines if validate http route hostnames is enabled.

    enableValidateGRPCRouteHostnames
    bool

    EnableValidateGRPCRouteHostnames defines if validate grpc route hostnames is enabled.

    enableValidateTLSRouteHostnames
    bool

    EnableValidateTCPRouteHostnames defines if validate tcp route hostnames is enabled.

    enableGatewayAgentService
    bool

    EnableGatewayAgentService defines if agent service is enabled.

    enableGatewayProxyTag
    bool

    EnableGatewayProxyTag defines if gateway proxy-tag header is enabled.

    GatewayAPISpec

    (Appears on:MeshConfigSpec)

    GatewayAPISpec is the type to represent gateway api.

    FieldDescription
    enabled
    bool

    Enabled defines if gateway api is enabled.

    logLevel
    string

    LogLevel defines the log level of gateway api.

    fgwLogLevel
    string

    FGWLogLevel defines the log level of FGW.

    StripAnyHostPort
    bool

    StripAnyHostPort defines if strip any host port is enabled.

    sslPassthroughUpstreamPort
    int32

    SSLPassthroughUpstreamPort defines the default upstream port of SSL passthrough.

    http1PerRequestLoadBalancing
    bool

    HTTP1PerRequestLoadBalancing defines if load balancing based on per-request is enabled for http1.

    http2PerRequestLoadBalancing
    bool

    HTTP2PerRequestLoadBalancing defines if load balancing based on per-request is enabled for http2.

    proxyTag
    ProxyTag

    ProxyTag defines the proxy tag configuration of gateway api.

    HTTP

    (Appears on:IngressSpec)

    HTTP is the type to represent http.

    FieldDescription
    enabled
    bool

    Enabled defines if http is enabled.

    bind
    int32

    Bind defines the bind port of http.

    listen
    int32

    Listen defines the listen port of http.

    nodePort
    int32

    NodePort defines the node port of http.

    ImageSpec

    (Appears on:MeshConfigSpec)

    ImageSpec is the type to represent image.

    FieldDescription
    registry
    string

    Registry defines the registry of docker image.

    tag
    string

    Tag defines the tag of docker image.

    pullPolicy
    Kubernetes core/v1.PullPolicy

    PullPolicy defines the pull policy of docker image.

    IngressGatewayCertSpec

    (Appears on:CertificateSpec)

    IngressGatewayCertSpec is the type to represent the certificate specification for an ingress gateway.

    FieldDescription
    subjectAltNames
    []string

    SubjectAltNames defines the Subject Alternative Names (domain names and IP addresses) secured by the certificate.

    validityDuration
    string

    ValidityDuration defines the validity duration of the certificate.

    secret
    Kubernetes core/v1.SecretReference

    Secret defines the secret in which the certificate is stored.

    IngressSpec

    (Appears on:MeshConfigSpec)

    IngressSpec is the type to represent ingress.

    FieldDescription
    enabled
    bool

    Enabled defines if ingress is enabled.

    namespaced
    bool

    Namespaced defines if ingress is namespaced.

    type
    Kubernetes core/v1.ServiceType

    Type defines the type of ingress service.

    logLevel
    string

    LogLevel defines the log level of ingress.

    http
    HTTP
    (Optional)

    HTTP defines the http configuration of ingress.

    tls
    TLS
    (Optional)

    TLS defines the tls configuration of ingress.

    LocalDNSProxy

    (Appears on:SidecarSpec)

    LocalDNSProxy is the type to represent FSM’s local DNS proxy configuration.

    FieldDescription
    enable
    bool

    Enable defines a boolean indicating if the sidecars are enabled for local DNS Proxy.

    primaryUpstreamDNSServerIPAddr
    string
    (Optional)

    PrimaryUpstreamDNSServerIPAddr defines a primary upstream DNS server for local DNS Proxy.

    secondaryUpstreamDNSServerIPAddr
    string
    (Optional)

    SecondaryUpstreamDNSServerIPAddr defines a secondary upstream DNS server for local DNS Proxy.

    wildcard
    WildcardDN

    Wildcard defines Wildcard DN.

    db
    []ResolveDN

    DB defines Resolve DB.

    LocalProxyMode (string alias)

    (Appears on:SidecarSpec)

    LocalProxyMode is a type alias representing the way the sidecar proxies to the main application

    ValueDescription

    "Localhost"

    LocalProxyModeLocalhost indicates the the sidecar should communicate with the main application over localhost

    "PodIP"

    LocalProxyModePodIP indicates that the sidecar should communicate with the main application via the pod ip

    MeshConfig

    MeshConfig is the type used to represent the mesh configuration.

    FieldDescription
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata.

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    MeshConfigSpec
    (Optional)

    Spec is the MeshConfig specification.



    clusterSet
    ClusterSetSpec

    ClusterSetSpec defines the configurations of cluster.

    sidecar
    SidecarSpec

    Sidecar defines the configurations of the proxy sidecar in a mesh.

    repoServer
    RepoServerSpec

    RepoServer defines the configurations of pipy repo server.

    traffic
    TrafficSpec

    Traffic defines the traffic management configurations for a mesh instance.

    observability
    ObservabilitySpec

    Observalility defines the observability configurations for a mesh instance.

    certificate
    CertificateSpec

    Certificate defines the certificate management configurations for a mesh instance.

    featureFlags
    FeatureFlags

    FeatureFlags defines the feature flags for a mesh instance.

    pluginChains
    PluginChainsSpec

    PluginChains defines the default plugin chains.

    ingress
    IngressSpec

    Ingress defines the configurations of Ingress features.

    gatewayAPI
    GatewayAPISpec

    GatewayAPI defines the configurations of GatewayAPI features.

    serviceLB
    ServiceLBSpec

    ServiceLB defines the configurations of ServiceLBServiceLB features.

    flb
    FLBSpec

    FLB defines the configurations of FLB features.

    egressGateway
    EgressGatewaySpec

    EgressGateway defines the configurations of EgressGateway features.

    image
    ImageSpec

    Image defines the configurations of Image info

    misc
    MiscSpec

    Misc defines the configurations of misc info

    MeshConfigSpec

    (Appears on:MeshConfig)

    MeshConfigSpec is the spec for FSM’s configuration.

    FieldDescription
    clusterSet
    ClusterSetSpec

    ClusterSetSpec defines the configurations of cluster.

    sidecar
    SidecarSpec

    Sidecar defines the configurations of the proxy sidecar in a mesh.

    repoServer
    RepoServerSpec

    RepoServer defines the configurations of pipy repo server.

    traffic
    TrafficSpec

    Traffic defines the traffic management configurations for a mesh instance.

    observability
    ObservabilitySpec

    Observalility defines the observability configurations for a mesh instance.

    certificate
    CertificateSpec

    Certificate defines the certificate management configurations for a mesh instance.

    featureFlags
    FeatureFlags

    FeatureFlags defines the feature flags for a mesh instance.

    pluginChains
    PluginChainsSpec

    PluginChains defines the default plugin chains.

    ingress
    IngressSpec

    Ingress defines the configurations of Ingress features.

    gatewayAPI
    GatewayAPISpec

    GatewayAPI defines the configurations of GatewayAPI features.

    serviceLB
    ServiceLBSpec

    ServiceLB defines the configurations of ServiceLBServiceLB features.

    flb
    FLBSpec

    FLB defines the configurations of FLB features.

    egressGateway
    EgressGatewaySpec

    EgressGateway defines the configurations of EgressGateway features.

    image
    ImageSpec

    Image defines the configurations of Image info

    misc
    MiscSpec

    Misc defines the configurations of misc info

    MeshRootCertificate

    MeshRootCertificate defines the configuration for certificate issuing by the mesh control plane

    FieldDescription
    metadata
    Kubernetes meta/v1.ObjectMeta
    (Optional)

    Object’s metadata

    Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    MeshRootCertificateSpec
    (Optional)

    Spec is the MeshRootCertificate config specification



    provider
    ProviderSpec

    Provider specifies the mesh certificate provider

    trustDomain
    string

    TrustDomain is the trust domain to use as a suffix in Common Names for new certificates.

    status
    MeshRootCertificateStatus
    (Optional)

    Status of the MeshRootCertificate resource

    MeshRootCertificateSpec

    (Appears on:MeshRootCertificate)

    MeshRootCertificateSpec defines the mesh root certificate specification

    FieldDescription
    provider
    ProviderSpec

    Provider specifies the mesh certificate provider

    trustDomain
    string

    TrustDomain is the trust domain to use as a suffix in Common Names for new certificates.

    MeshRootCertificateStatus

    (Appears on:MeshRootCertificate)

    MeshRootCertificateStatus defines the status of the MeshRootCertificate resource

    FieldDescription
    state
    string

    State specifies the state of the certificate provider All states are specified in constants.go

    MiscSpec

    (Appears on:MeshConfigSpec)

    MiscSpec is the type to represent misc configs.

    FieldDescription
    curlImage
    string

    CurlImage defines the image of curl.

    repoServerImage
    string

    RepoServerImage defines the image of repo server.

    ObservabilitySpec

    (Appears on:MeshConfigSpec)

    ObservabilitySpec is the type to represent FSM’s observability configurations.

    FieldDescription
    fsmLogLevel
    string

    FSMLogLevel defines the log level for FSM control plane logs.

    enableDebugServer
    bool

    EnableDebugServer defines if the debug endpoint on the FSM controller pod is enabled.

    tracing
    TracingSpec

    Tracing defines FSM’s tracing configuration.

    remoteLogging
    RemoteLoggingSpec

    RemoteLogging defines FSM’s remote logging configuration.

    PluginChainSpec

    (Appears on:PluginChainsSpec)

    PluginChainSpec is the type to represent plugin chain.

    FieldDescription
    plugin
    string

    Plugin defines the name of plugin

    priority
    float32

    Priority defines the priority of plugin

    disable
    bool

    Disable defines the visibility of plugin

    PluginChainsSpec

    (Appears on:MeshConfigSpec)

    PluginChainsSpec is the type to represent plugin chains.

    FieldDescription
    inbound-tcp
    []PluginChainSpec

    InboundTCPChains defines inbound tcp chains

    inbound-http
    []PluginChainSpec

    InboundHTTPChains defines inbound http chains

    outbound-tcp
    []PluginChainSpec

    OutboundTCPChains defines outbound tcp chains

    outbound-http
    []PluginChainSpec

    OutboundHTTPChains defines outbound http chains

    ProviderSpec

    (Appears on:MeshRootCertificateSpec)

    ProviderSpec defines the certificate provider used by the mesh control plane

    FieldDescription
    certManager
    CertManagerProviderSpec
    (Optional)

    CertManager specifies the cert-manager provider configuration

    vault
    VaultProviderSpec
    (Optional)

    Vault specifies the vault provider configuration

    tresor
    TresorProviderSpec
    (Optional)

    Tresor specifies the Tresor provider configuration

    ProxyTag

    (Appears on:GatewayAPISpec)

    FieldDescription
    srcHostHeader
    string

    SrcHostHeader defines the src host header.

    dstHostHeader
    string

    DstHostHeader defines the dst host header.

    RemoteLoggingSpec

    (Appears on:ObservabilitySpec)

    RemoteLoggingSpec is the type to represent FSM’s remote logging configuration.

    FieldDescription
    enable
    bool

    Enable defines a boolean indicating if the sidecars are enabled for remote logging.

    level
    uint16

    Level defines the remote logging’s level.

    port
    int16

    Port defines the remote logging’s port.

    address
    string

    Address defines the remote logging’s hostname.

    endpoint
    string

    Endpoint defines the API endpoint for remote logging requests sent to the collector.

    authorization
    string

    Authorization defines the access entity that allows to authorize someone in remote logging service.

    sampledFraction
    string

    SampledFraction defines the sampled fraction.

    secretName
    string

    SecretName defines the name of the secret that contains the configuration for remote logging.

    RepoServerSpec

    (Appears on:MeshConfigSpec)

    RepoServerSpec is the type to represent repo server.

    FieldDescription
    ipaddr
    string

    IPAddr of the pipy repo server

    port
    int16

    Port defines the pipy repo server’s port.

    codebase
    string

    Codebase is the folder used by fsmController

    ResolveDN

    (Appears on:LocalDNSProxy)

    ResolveDN is the type to represent FSM’s Resolve DN configuration.

    FieldDescription
    dn
    string

    DN defines resolve DN.

    ipv4
    []string

    IPv4 defines a ipv4 address for resolve DN.

    SSLPassthrough

    (Appears on:TLS)

    SSLPassthrough is the type to represent ssl passthrough.

    FieldDescription
    enabled
    bool

    Enabled defines if ssl passthrough is enabled.

    upstreamPort
    int32

    UpstreamPort defines the upstream port of ssl passthrough.

    SecretKeyReferenceSpec

    (Appears on:VaultTokenSpec)

    SecretKeyReferenceSpec defines the configuration of the secret reference

    FieldDescription
    name
    string

    Name specifies the name of the secret in which the Vault token is stored

    key
    string

    Key specifies the key whose value is the Vault token

    namespace
    string

    Namespace specifies the namespace of the secret in which the Vault token is stored

    ServiceLBSpec

    (Appears on:MeshConfigSpec)

    ServiceLBSpec is the type to represent service lb.

    FieldDescription
    enabled
    bool

    Enabled defines if service lb is enabled.

    image
    string

    Image defines the service lb image.

    SidecarSpec

    (Appears on:MeshConfigSpec)

    SidecarSpec is the type used to represent the specifications for the proxy sidecar.

    FieldDescription
    enablePrivilegedInitContainer
    bool

    EnablePrivilegedInitContainer defines a boolean indicating whether the init container for a meshed pod should run as privileged.

    logLevel
    string

    LogLevel defines the logging level for the sidecar’s logs. Non developers should generally never set this value. In production environments the LogLevel should be set to error.

    sidecarImage
    string

    SidecarImage defines the container image used for the proxy sidecar.

    sidecarDisabledMTLS
    bool

    SidecarDisabledMTLS defines whether mTLS is disabled.

    maxDataPlaneConnections
    int

    MaxDataPlaneConnections defines the maximum allowed data plane connections from a proxy sidecar to the FSM controller.

    configResyncInterval
    string

    ConfigResyncInterval defines the resync interval for regular proxy broadcast updates.

    sidecarTimeout
    int

    SidecarTimeout defines the connect/idle/read/write timeout.

    resources
    Kubernetes core/v1.ResourceRequirements

    Resources defines the compute resources for the sidecar.

    tlsMinProtocolVersion
    string

    TLSMinProtocolVersion defines the minimum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0, TLSv1_1, TLSv1_2 and TLSv1_3.

    tlsMaxProtocolVersion
    string

    TLSMaxProtocolVersion defines the maximum TLS protocol version that the sidecar supports. Valid TLS protocol versions are TLS_AUTO, TLSv1_0, TLSv1_1, TLSv1_2 and TLSv1_3.

    cipherSuites
    []string

    CipherSuites defines a list of ciphers that listener supports when negotiating TLS 1.0-1.2. This setting has no effect when negotiating TLS 1.3. For valid cipher names, see the latest OpenSSL ciphers manual page. E.g. https://www.openssl.org/docs/man1.1.1/apps/ciphers.html.

    ecdhCurves
    []string

    ECDHCurves defines a list of ECDH curves that TLS connection supports. If not specified, the curves are [X25519, P-256] for non-FIPS build and P-256 for builds using BoringSSL FIPS.

    localProxyMode
    LocalProxyMode

    LocalProxyMode defines the network interface the proxy will use to send traffic to the backend service application. Acceptable values are [Localhost, PodIP]. The default is Localhost

    localDNSProxy
    LocalDNSProxy

    LocalDNSProxy improves the performance of your computer by caching the responses coming from your DNS servers

    TLS

    (Appears on:IngressSpec)

    TLS is the type to represent tls.

    FieldDescription
    enabled
    bool

    Enabled defines if tls is enabled.

    bind
    int32

    Bind defines the bind port of tls.

    listen
    int32

    Listen defines the listen port of tls.

    nodePort
    int32

    NodePort defines the node port of tls.

    mTLS
    bool

    MTLS defines if mTLS is enabled.

    sslPassthrough
    SSLPassthrough
    (Optional)

    SSLPassthrough defines the ssl passthrough configuration of tls.

    TracingSpec

    (Appears on:ObservabilitySpec)

    TracingSpec is the type to represent FSM’s tracing configuration.

    FieldDescription
    enable
    bool

    Enable defines a boolean indicating if the sidecars are enabled for tracing.

    port
    int16

    Port defines the tracing collector’s port.

    address
    string

    Address defines the tracing collectio’s hostname.

    endpoint
    string

    Endpoint defines the API endpoint for tracing requests sent to the collector.

    sampledFraction
    string

    SampledFraction defines the sampled fraction.

    TrafficSpec

    (Appears on:MeshConfigSpec)

    TrafficSpec is the type used to represent FSM’s traffic management configuration.

    FieldDescription
    interceptionMode
    string

    InterceptionMode defines a string indicating which traffic interception mode is used.

    enableEgress
    bool

    EnableEgress defines a boolean indicating if mesh-wide Egress is enabled.

    outboundIPRangeExclusionList
    []string

    OutboundIPRangeExclusionList defines a global list of IP address ranges to exclude from outbound traffic interception by the sidecar proxy.

    outboundIPRangeInclusionList
    []string

    OutboundIPRangeInclusionList defines a global list of IP address ranges to include for outbound traffic interception by the sidecar proxy. IP addresses outside this range will be excluded from outbound traffic interception by the sidecar proxy.

    outboundPortExclusionList
    []int

    OutboundPortExclusionList defines a global list of ports to exclude from outbound traffic interception by the sidecar proxy.

    inboundPortExclusionList
    []int

    InboundPortExclusionList defines a global list of ports to exclude from inbound traffic interception by the sidecar proxy.

    enablePermissiveTrafficPolicyMode
    bool

    EnablePermissiveTrafficPolicyMode defines a boolean indicating if permissive traffic policy mode is enabled mesh-wide.

    serviceAccessMode
    string

    ServiceAccessMode defines a string indicating service access mode.

    inboundExternalAuthorization
    ExternalAuthzSpec

    InboundExternalAuthorization defines a ruleset that, if enabled, will configure a remote external authorization endpoint for all inbound and ingress traffic in the mesh.

    networkInterfaceExclusionList
    []string

    NetworkInterfaceExclusionList defines a global list of network interface names to exclude from inbound and outbound traffic interception by the sidecar proxy.

    http1PerRequestLoadBalancing
    bool

    HTTP1PerRequestLoadBalancing defines a boolean indicating if load balancing based on request is enabled for http1.

    http2PerRequestLoadBalancing
    bool

    HTTP1PerRequestLoadBalancing defines a boolean indicating if load balancing based on request is enabled for http2.

    TresorCASpec

    (Appears on:TresorProviderSpec)

    TresorCASpec defines the configuration of Tresor’s root certificate

    FieldDescription
    secretRef
    Kubernetes core/v1.SecretReference

    SecretRef specifies the secret in which the root certificate is stored

    TresorProviderSpec

    (Appears on:ProviderSpec)

    TresorProviderSpec defines the configuration of the Tresor provider

    FieldDescription
    ca
    TresorCASpec

    CA specifies Tresor’s ca configuration

    VaultProviderSpec

    (Appears on:ProviderSpec)

    VaultProviderSpec defines the configuration of the Vault provider

    FieldDescription
    host
    string

    Host specifies the name of the Vault server

    port
    int

    Port specifies the port of the Vault server

    role
    string

    Role specifies the name of the role for use by mesh control plane

    protocol
    string

    Protocol specifies the protocol for connections to Vault

    token
    VaultTokenSpec

    Token specifies the configuration of the token to be used by mesh control plane to connect to Vault

    VaultTokenSpec

    (Appears on:VaultProviderSpec)

    VaultTokenSpec defines the configuration of the Vault token

    FieldDescription
    secretKeyRef
    SecretKeyReferenceSpec

    SecretKeyRef specifies the secret in which the Vault token is stored

    WildcardDN

    (Appears on:LocalDNSProxy)

    WildcardDN is the type to represent FSM’s Wildcard DN configuration.

    FieldDescription
    enable
    bool

    Enable defines a boolean indicating if wildcard are enabled for local DNS Proxy.

    ipv4
    []string

    IPv4 defines a ipv4 address for wildcard DN.


    Generated with gen-crd-api-reference-docs on git commit 8abe9ab.

    Feedback

    Was this page helpful?