645 lines
35 KiB
YAML
645 lines
35 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.16.1
|
|
name: traefikservices.traefik.io
|
|
spec:
|
|
group: traefik.io
|
|
names:
|
|
kind: TraefikService
|
|
listKind: TraefikServiceList
|
|
plural: traefikservices
|
|
singular: traefikservice
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
TraefikService is the CRD implementation of a Traefik Service.
|
|
TraefikService object allows to:
|
|
- Apply weight to Services on load-balancing
|
|
- Mirror traffic on services
|
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: TraefikServiceSpec defines the desired state of a TraefikService.
|
|
properties:
|
|
mirroring:
|
|
description: Mirroring defines the Mirroring service configuration.
|
|
properties:
|
|
healthCheck:
|
|
description: Healthcheck defines health checks for ExternalName
|
|
services.
|
|
properties:
|
|
followRedirects:
|
|
description: |-
|
|
FollowRedirects defines whether redirects should be followed during the health check calls.
|
|
Default: true
|
|
type: boolean
|
|
headers:
|
|
additionalProperties:
|
|
type: string
|
|
description: Headers defines custom headers to be sent to
|
|
the health check endpoint.
|
|
type: object
|
|
hostname:
|
|
description: Hostname defines the value of hostname in the
|
|
Host header of the health check request.
|
|
type: string
|
|
interval:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Interval defines the frequency of the health check calls.
|
|
Default: 30s
|
|
x-kubernetes-int-or-string: true
|
|
method:
|
|
description: Method defines the healthcheck method.
|
|
type: string
|
|
mode:
|
|
description: |-
|
|
Mode defines the health check mode.
|
|
If defined to grpc, will use the gRPC health check protocol to probe the server.
|
|
Default: http
|
|
type: string
|
|
path:
|
|
description: Path defines the server URL path for the health
|
|
check endpoint.
|
|
type: string
|
|
port:
|
|
description: Port defines the server URL port for the health
|
|
check endpoint.
|
|
type: integer
|
|
scheme:
|
|
description: Scheme replaces the server URL scheme for the
|
|
health check endpoint.
|
|
type: string
|
|
status:
|
|
description: Status defines the expected HTTP status code
|
|
of the response to the health check request.
|
|
type: integer
|
|
timeout:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy.
|
|
Default: 5s
|
|
x-kubernetes-int-or-string: true
|
|
type: object
|
|
kind:
|
|
description: Kind defines the kind of the Service.
|
|
enum:
|
|
- Service
|
|
- TraefikService
|
|
type: string
|
|
maxBodySize:
|
|
description: |-
|
|
MaxBodySize defines the maximum size allowed for the body of the request.
|
|
If the body is larger, the request is not mirrored.
|
|
Default value is -1, which means unlimited size.
|
|
format: int64
|
|
type: integer
|
|
mirrorBody:
|
|
description: |-
|
|
MirrorBody defines whether the body of the request should be mirrored.
|
|
Default value is true.
|
|
type: boolean
|
|
mirrors:
|
|
description: Mirrors defines the list of mirrors where Traefik
|
|
will duplicate the traffic.
|
|
items:
|
|
description: MirrorService holds the mirror configuration.
|
|
properties:
|
|
healthCheck:
|
|
description: Healthcheck defines health checks for ExternalName
|
|
services.
|
|
properties:
|
|
followRedirects:
|
|
description: |-
|
|
FollowRedirects defines whether redirects should be followed during the health check calls.
|
|
Default: true
|
|
type: boolean
|
|
headers:
|
|
additionalProperties:
|
|
type: string
|
|
description: Headers defines custom headers to be sent
|
|
to the health check endpoint.
|
|
type: object
|
|
hostname:
|
|
description: Hostname defines the value of hostname
|
|
in the Host header of the health check request.
|
|
type: string
|
|
interval:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Interval defines the frequency of the health check calls.
|
|
Default: 30s
|
|
x-kubernetes-int-or-string: true
|
|
method:
|
|
description: Method defines the healthcheck method.
|
|
type: string
|
|
mode:
|
|
description: |-
|
|
Mode defines the health check mode.
|
|
If defined to grpc, will use the gRPC health check protocol to probe the server.
|
|
Default: http
|
|
type: string
|
|
path:
|
|
description: Path defines the server URL path for the
|
|
health check endpoint.
|
|
type: string
|
|
port:
|
|
description: Port defines the server URL port for the
|
|
health check endpoint.
|
|
type: integer
|
|
scheme:
|
|
description: Scheme replaces the server URL scheme for
|
|
the health check endpoint.
|
|
type: string
|
|
status:
|
|
description: Status defines the expected HTTP status
|
|
code of the response to the health check request.
|
|
type: integer
|
|
timeout:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy.
|
|
Default: 5s
|
|
x-kubernetes-int-or-string: true
|
|
type: object
|
|
kind:
|
|
description: Kind defines the kind of the Service.
|
|
enum:
|
|
- Service
|
|
- TraefikService
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
|
The differentiation between the two is specified in the Kind field.
|
|
type: string
|
|
namespace:
|
|
description: Namespace defines the namespace of the referenced
|
|
Kubernetes Service or TraefikService.
|
|
type: string
|
|
nativeLB:
|
|
description: |-
|
|
NativeLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
|
The Kubernetes Service itself does load-balance to the pods.
|
|
By default, NativeLB is false.
|
|
type: boolean
|
|
nodePortLB:
|
|
description: |-
|
|
NodePortLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort.
|
|
It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes.
|
|
By default, NodePortLB is false.
|
|
type: boolean
|
|
passHostHeader:
|
|
description: |-
|
|
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
|
By default, passHostHeader is true.
|
|
type: boolean
|
|
percent:
|
|
description: |-
|
|
Percent defines the part of the traffic to mirror.
|
|
Supported values: 0 to 100.
|
|
type: integer
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Port defines the port of a Kubernetes Service.
|
|
This can be a reference to a named port.
|
|
x-kubernetes-int-or-string: true
|
|
responseForwarding:
|
|
description: ResponseForwarding defines how Traefik forwards
|
|
the response from the upstream Kubernetes Service to the
|
|
client.
|
|
properties:
|
|
flushInterval:
|
|
description: |-
|
|
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
|
A negative value means to flush immediately after each write to the client.
|
|
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
|
for such responses, writes are flushed to the client immediately.
|
|
Default: 100ms
|
|
type: string
|
|
type: object
|
|
scheme:
|
|
description: |-
|
|
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
|
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
|
type: string
|
|
serversTransport:
|
|
description: |-
|
|
ServersTransport defines the name of ServersTransport resource to use.
|
|
It allows to configure the transport between Traefik and your servers.
|
|
Can only be used on a Kubernetes Service.
|
|
type: string
|
|
sticky:
|
|
description: |-
|
|
Sticky defines the sticky sessions configuration.
|
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
|
properties:
|
|
cookie:
|
|
description: Cookie defines the sticky cookie configuration.
|
|
properties:
|
|
httpOnly:
|
|
description: HTTPOnly defines whether the cookie
|
|
can be accessed by client-side APIs, such as JavaScript.
|
|
type: boolean
|
|
maxAge:
|
|
description: |-
|
|
MaxAge indicates the number of seconds until the cookie expires.
|
|
When set to a negative number, the cookie expires immediately.
|
|
When set to zero, the cookie never expires.
|
|
type: integer
|
|
name:
|
|
description: Name defines the Cookie name.
|
|
type: string
|
|
sameSite:
|
|
description: |-
|
|
SameSite defines the same site policy.
|
|
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
|
type: string
|
|
secure:
|
|
description: Secure defines whether the cookie can
|
|
only be transmitted over an encrypted connection
|
|
(i.e. HTTPS).
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
strategy:
|
|
description: |-
|
|
Strategy defines the load balancing strategy between the servers.
|
|
RoundRobin is the only supported value at the moment.
|
|
type: string
|
|
weight:
|
|
description: |-
|
|
Weight defines the weight and should only be specified when Name references a TraefikService object
|
|
(and to be precise, one that embeds a Weighted Round Robin).
|
|
type: integer
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
name:
|
|
description: |-
|
|
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
|
The differentiation between the two is specified in the Kind field.
|
|
type: string
|
|
namespace:
|
|
description: Namespace defines the namespace of the referenced
|
|
Kubernetes Service or TraefikService.
|
|
type: string
|
|
nativeLB:
|
|
description: |-
|
|
NativeLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
|
The Kubernetes Service itself does load-balance to the pods.
|
|
By default, NativeLB is false.
|
|
type: boolean
|
|
nodePortLB:
|
|
description: |-
|
|
NodePortLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort.
|
|
It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes.
|
|
By default, NodePortLB is false.
|
|
type: boolean
|
|
passHostHeader:
|
|
description: |-
|
|
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
|
By default, passHostHeader is true.
|
|
type: boolean
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Port defines the port of a Kubernetes Service.
|
|
This can be a reference to a named port.
|
|
x-kubernetes-int-or-string: true
|
|
responseForwarding:
|
|
description: ResponseForwarding defines how Traefik forwards the
|
|
response from the upstream Kubernetes Service to the client.
|
|
properties:
|
|
flushInterval:
|
|
description: |-
|
|
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
|
A negative value means to flush immediately after each write to the client.
|
|
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
|
for such responses, writes are flushed to the client immediately.
|
|
Default: 100ms
|
|
type: string
|
|
type: object
|
|
scheme:
|
|
description: |-
|
|
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
|
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
|
type: string
|
|
serversTransport:
|
|
description: |-
|
|
ServersTransport defines the name of ServersTransport resource to use.
|
|
It allows to configure the transport between Traefik and your servers.
|
|
Can only be used on a Kubernetes Service.
|
|
type: string
|
|
sticky:
|
|
description: |-
|
|
Sticky defines the sticky sessions configuration.
|
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
|
properties:
|
|
cookie:
|
|
description: Cookie defines the sticky cookie configuration.
|
|
properties:
|
|
httpOnly:
|
|
description: HTTPOnly defines whether the cookie can be
|
|
accessed by client-side APIs, such as JavaScript.
|
|
type: boolean
|
|
maxAge:
|
|
description: |-
|
|
MaxAge indicates the number of seconds until the cookie expires.
|
|
When set to a negative number, the cookie expires immediately.
|
|
When set to zero, the cookie never expires.
|
|
type: integer
|
|
name:
|
|
description: Name defines the Cookie name.
|
|
type: string
|
|
sameSite:
|
|
description: |-
|
|
SameSite defines the same site policy.
|
|
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
|
type: string
|
|
secure:
|
|
description: Secure defines whether the cookie can only
|
|
be transmitted over an encrypted connection (i.e. HTTPS).
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
strategy:
|
|
description: |-
|
|
Strategy defines the load balancing strategy between the servers.
|
|
RoundRobin is the only supported value at the moment.
|
|
type: string
|
|
weight:
|
|
description: |-
|
|
Weight defines the weight and should only be specified when Name references a TraefikService object
|
|
(and to be precise, one that embeds a Weighted Round Robin).
|
|
type: integer
|
|
required:
|
|
- name
|
|
type: object
|
|
weighted:
|
|
description: Weighted defines the Weighted Round Robin configuration.
|
|
properties:
|
|
services:
|
|
description: Services defines the list of Kubernetes Service and/or
|
|
TraefikService to load-balance, with weight.
|
|
items:
|
|
description: Service defines an upstream HTTP service to proxy
|
|
traffic to.
|
|
properties:
|
|
healthCheck:
|
|
description: Healthcheck defines health checks for ExternalName
|
|
services.
|
|
properties:
|
|
followRedirects:
|
|
description: |-
|
|
FollowRedirects defines whether redirects should be followed during the health check calls.
|
|
Default: true
|
|
type: boolean
|
|
headers:
|
|
additionalProperties:
|
|
type: string
|
|
description: Headers defines custom headers to be sent
|
|
to the health check endpoint.
|
|
type: object
|
|
hostname:
|
|
description: Hostname defines the value of hostname
|
|
in the Host header of the health check request.
|
|
type: string
|
|
interval:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Interval defines the frequency of the health check calls.
|
|
Default: 30s
|
|
x-kubernetes-int-or-string: true
|
|
method:
|
|
description: Method defines the healthcheck method.
|
|
type: string
|
|
mode:
|
|
description: |-
|
|
Mode defines the health check mode.
|
|
If defined to grpc, will use the gRPC health check protocol to probe the server.
|
|
Default: http
|
|
type: string
|
|
path:
|
|
description: Path defines the server URL path for the
|
|
health check endpoint.
|
|
type: string
|
|
port:
|
|
description: Port defines the server URL port for the
|
|
health check endpoint.
|
|
type: integer
|
|
scheme:
|
|
description: Scheme replaces the server URL scheme for
|
|
the health check endpoint.
|
|
type: string
|
|
status:
|
|
description: Status defines the expected HTTP status
|
|
code of the response to the health check request.
|
|
type: integer
|
|
timeout:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Timeout defines the maximum duration Traefik will wait for a health check request before considering the server unhealthy.
|
|
Default: 5s
|
|
x-kubernetes-int-or-string: true
|
|
type: object
|
|
kind:
|
|
description: Kind defines the kind of the Service.
|
|
enum:
|
|
- Service
|
|
- TraefikService
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name defines the name of the referenced Kubernetes Service or TraefikService.
|
|
The differentiation between the two is specified in the Kind field.
|
|
type: string
|
|
namespace:
|
|
description: Namespace defines the namespace of the referenced
|
|
Kubernetes Service or TraefikService.
|
|
type: string
|
|
nativeLB:
|
|
description: |-
|
|
NativeLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
|
The Kubernetes Service itself does load-balance to the pods.
|
|
By default, NativeLB is false.
|
|
type: boolean
|
|
nodePortLB:
|
|
description: |-
|
|
NodePortLB controls, when creating the load-balancer,
|
|
whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort.
|
|
It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes.
|
|
By default, NodePortLB is false.
|
|
type: boolean
|
|
passHostHeader:
|
|
description: |-
|
|
PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
|
|
By default, passHostHeader is true.
|
|
type: boolean
|
|
port:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Port defines the port of a Kubernetes Service.
|
|
This can be a reference to a named port.
|
|
x-kubernetes-int-or-string: true
|
|
responseForwarding:
|
|
description: ResponseForwarding defines how Traefik forwards
|
|
the response from the upstream Kubernetes Service to the
|
|
client.
|
|
properties:
|
|
flushInterval:
|
|
description: |-
|
|
FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
|
|
A negative value means to flush immediately after each write to the client.
|
|
This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
|
|
for such responses, writes are flushed to the client immediately.
|
|
Default: 100ms
|
|
type: string
|
|
type: object
|
|
scheme:
|
|
description: |-
|
|
Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
|
|
It defaults to https when Kubernetes Service port is 443, http otherwise.
|
|
type: string
|
|
serversTransport:
|
|
description: |-
|
|
ServersTransport defines the name of ServersTransport resource to use.
|
|
It allows to configure the transport between Traefik and your servers.
|
|
Can only be used on a Kubernetes Service.
|
|
type: string
|
|
sticky:
|
|
description: |-
|
|
Sticky defines the sticky sessions configuration.
|
|
More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions
|
|
properties:
|
|
cookie:
|
|
description: Cookie defines the sticky cookie configuration.
|
|
properties:
|
|
httpOnly:
|
|
description: HTTPOnly defines whether the cookie
|
|
can be accessed by client-side APIs, such as JavaScript.
|
|
type: boolean
|
|
maxAge:
|
|
description: |-
|
|
MaxAge indicates the number of seconds until the cookie expires.
|
|
When set to a negative number, the cookie expires immediately.
|
|
When set to zero, the cookie never expires.
|
|
type: integer
|
|
name:
|
|
description: Name defines the Cookie name.
|
|
type: string
|
|
sameSite:
|
|
description: |-
|
|
SameSite defines the same site policy.
|
|
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
|
type: string
|
|
secure:
|
|
description: Secure defines whether the cookie can
|
|
only be transmitted over an encrypted connection
|
|
(i.e. HTTPS).
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
strategy:
|
|
description: |-
|
|
Strategy defines the load balancing strategy between the servers.
|
|
RoundRobin is the only supported value at the moment.
|
|
type: string
|
|
weight:
|
|
description: |-
|
|
Weight defines the weight and should only be specified when Name references a TraefikService object
|
|
(and to be precise, one that embeds a Weighted Round Robin).
|
|
type: integer
|
|
required:
|
|
- name
|
|
type: object
|
|
type: array
|
|
sticky:
|
|
description: |-
|
|
Sticky defines whether sticky sessions are enabled.
|
|
More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
|
|
properties:
|
|
cookie:
|
|
description: Cookie defines the sticky cookie configuration.
|
|
properties:
|
|
httpOnly:
|
|
description: HTTPOnly defines whether the cookie can be
|
|
accessed by client-side APIs, such as JavaScript.
|
|
type: boolean
|
|
maxAge:
|
|
description: |-
|
|
MaxAge indicates the number of seconds until the cookie expires.
|
|
When set to a negative number, the cookie expires immediately.
|
|
When set to zero, the cookie never expires.
|
|
type: integer
|
|
name:
|
|
description: Name defines the Cookie name.
|
|
type: string
|
|
sameSite:
|
|
description: |-
|
|
SameSite defines the same site policy.
|
|
More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
|
|
type: string
|
|
secure:
|
|
description: Secure defines whether the cookie can only
|
|
be transmitted over an encrypted connection (i.e. HTTPS).
|
|
type: boolean
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|