diff --git a/apis/v1alpha2/gateway_types.go b/apis/v1alpha2/gateway_types.go index 6cb91ae534..be64c0aa87 100644 --- a/apis/v1alpha2/gateway_types.go +++ b/apis/v1alpha2/gateway_types.go @@ -141,6 +141,17 @@ type GatewaySpec struct { // combination of Hostname, Port, and Protocol. This will be enforced by a // validating webhook. type Listener struct { + // Name is the name of the Listener. If more than one Listener is present + // each Listener MUST specify a name. The names of Listeners MUST be unique + // within a Gateway. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +optional + Name *string `json:"name,omitempty"` + // Hostname specifies the virtual hostname to match for protocol types that // define this concept. When unspecified, "", or `*`, all hostnames are // matched. This field can be omitted for protocols that don't require @@ -198,18 +209,7 @@ type Listener struct { // +optional TLS *GatewayTLSConfig `json:"tls,omitempty"` - // Routes specifies a schema for associating routes with the - // Listener using selectors. A Route is a resource capable of - // servicing a request and allows a cluster operator to expose - // a cluster resource (i.e. Service) by externally-reachable - // URL, load-balance traffic and terminate SSL/TLS. Typically, - // a route is a "HTTPRoute" or "TCPRoute" in group - // "gateway.networking.k8s.io", however, an implementation may support - // other types of resources. - // - // The Routes selector MUST select a set of objects that - // are compatible with the application protocol specified in - // the Protocol field. + // Routes specifies which Routes may be attached to this Listener. // // Although a client request may technically match multiple route rules, // only one rule may ultimately receive the request. Matching precedence @@ -232,7 +232,9 @@ type Listener struct { // invalid, the rest of the Route should still be supported. // // Support: Core - Routes RouteBindingSelector `json:"routes"` + // +kubebuilder:default={namespaces:{from: Same}} + // +optional + Routes *ListenerRoutes `json:"routes,omitempty"` } // ProtocolType defines the application protocol accepted by a Listener. @@ -383,12 +385,10 @@ const ( TLSModePassthrough TLSModeType = "Passthrough" ) -// RouteBindingSelector defines a schema for associating routes with the Gateway. -// If Namespaces and Selector are defined, only routes matching both selectors are -// associated with the Gateway. -type RouteBindingSelector struct { - // Namespaces indicates in which namespaces Routes should be selected - // for this Gateway. This is restricted to the namespace of this Gateway by +// ListenerRoutes defines which Routes may be attached to this Listener. +type ListenerRoutes struct { + // Namespaces indicates which namespaces Routes may be attached to this + // Listener from. This is restricted to the namespace of this Gateway by // default. // // Support: Core @@ -396,46 +396,21 @@ type RouteBindingSelector struct { // +optional // +kubebuilder:default={from: Same} Namespaces *RouteNamespaces `json:"namespaces,omitempty"` - // Selector specifies a set of route labels used for selecting - // routes to associate with the Gateway. If this Selector is defined, - // only routes matching the Selector are associated with the Gateway. - // An empty Selector matches all routes. - // - // Support: Core - // - // +optional - Selector *metav1.LabelSelector `json:"selector,omitempty"` - // Group is the group of the route resource to select. Omitting the value - // indicates the gateway.networking.k8s.io API group. - // For example, use the following to select an HTTPRoute: - // - // routes: - // kind: HTTPRoute - // - // Otherwise, if an alternative API group is desired, specify the desired - // group: - // - // routes: - // group: acme.io - // kind: FooRoute + + // Kinds specifies the groups and kinds of Routes that are allowed to bind to + // this Gateway listener. When unspecified or empty, the only limitation on + // the kinds of Routes supported is the Listener protocol. Kind MUST + // correspond to kinds of Routes that are compatible with the application + // protocol specified in the Listener's Protocol field. If an implementation + // does not support or recognize this resource type, it SHOULD set the + // "ResolvedRefs" condition to false for this listener with the + // "InvalidRoutesRef" reason. // // Support: Core // // +optional - // +kubebuilder:default=gateway.networking.k8s.io - // +kubebuilder:validation:MaxLength=253 - Group *string `json:"group,omitempty"` - // Kind is the kind of the route resource to select. - // - // Kind MUST correspond to kinds of routes that are compatible with the - // application protocol specified in the Listener's Protocol field. - // - // If an implementation does not support or recognize this - // resource type, it SHOULD set the "ResolvedRefs" condition to false for - // this listener with the "InvalidRoutesRef" reason. - // - // Support: Core - Kind string `json:"kind"` + // +kubebuilder:validation:MaxItems=10 + Kinds []RouteGroupKind `json:"kinds,omitempty"` } // RouteSelectType specifies where Routes should be selected by a Gateway. @@ -477,6 +452,24 @@ type RouteNamespaces struct { Selector *metav1.LabelSelector `json:"selector,omitempty"` } +type RouteGroupKind struct { + // Group is the group of the Route. + // + // Support: Core + // + // +optional + // +kubebuilder:default=gateway.networking.k8s.io + // +kubebuilder:validation:MaxLength=253 + Group *string `json:"group,omitempty"` + // Kind is the kind of the Route. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Kind string `json:"kind"` +} + // GatewayAddress describes an address that can be bound to a Gateway. type GatewayAddress struct { // Type of the address. @@ -566,8 +559,6 @@ type GatewayStatus struct { // Listeners provide status for each unique listener port defined in the Spec. // // +optional - // +listType=map - // +listMapKey=port // +kubebuilder:validation:MaxItems=64 Listeners []ListenerStatus `json:"listeners,omitempty"` } @@ -672,19 +663,27 @@ const ( // ListenerStatus is the status associated with a Listener. type ListenerStatus struct { - // Port is the unique Listener port value for which this message is - // reporting the status. - Port PortNumber `json:"port"` - - // Protocol is the Listener protocol value for which this message is - // reporting the status. - Protocol ProtocolType `json:"protocol"` + // Name is the name of the Listener. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +optional + Name *string `json:"name,omitempty"` - // Hostname is the Listener hostname value for which this message is - // reporting the status. + // SupportedKinds is the list indicating the Kinds supported by this + // listener. When this is not specified on the Listener, this MUST represent + // the kinds an implementation supports for the specified protocol. When + // there are kinds specified on the Listener, this MUST represent the + // intersection of those kinds and the kinds supported by the implementation + // for the specified protocol. // + // +kubebuilder:validation:MaxItems=10 // +optional - Hostname *Hostname `json:"hostname,omitempty"` + SupportedKinds []RouteGroupKind `json:"supportedKinds,omitempty"` + + // AttachedRoutes represents the total number of Routes that have been + // successfully attached to this Listener. + AttachedRoutes int32 `json:"attachedRoutes"` // Conditions describe the current condition of this listener. // diff --git a/apis/v1alpha2/httproute_types.go b/apis/v1alpha2/httproute_types.go index b8ec846480..bbf70fa199 100644 --- a/apis/v1alpha2/httproute_types.go +++ b/apis/v1alpha2/httproute_types.go @@ -51,11 +51,23 @@ type HTTPRouteList struct { // HTTPRouteSpec defines the desired state of HTTPRoute type HTTPRouteSpec struct { - // Gateways defines which Gateways can use this Route. + // ParentRefs references the resources that can attach to this Route. The + // only kind of parent resource with "Core" support is Gateway. This API may + // be extended in the future to support additional kinds of parent resources + // such as one of the route kinds. It is invalid to reference an identical + // parent more than once. It is valid to reference multiple distinct + // sections within the same parent resource, such as 2 Listeners within a + // Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. // // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` // Hostnames defines a set of hostname that should match against // the HTTP Host header to select a HTTPRoute to process the request. diff --git a/apis/v1alpha2/shared_types.go b/apis/v1alpha2/shared_types.go index bdbc7abc1c..1e2ccfe8a5 100644 --- a/apis/v1alpha2/shared_types.go +++ b/apis/v1alpha2/shared_types.go @@ -20,63 +20,96 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// GatewayAllowType specifies which Gateways should be allowed to use a Route. -type GatewayAllowType string - -const ( - // Any Gateway will be able to use this route. - GatewayAllowAll GatewayAllowType = "All" - // Only Gateways that have been specified in GatewayRefs will be able to use this route. - GatewayAllowFromList GatewayAllowType = "FromList" - // Only Gateways within the same namespace as the route will be able to use this route. - GatewayAllowSameNamespace GatewayAllowType = "SameNamespace" -) +// ParentRef identifies an API object that should be considered a parent of this +// resource. The only kind of parent resource with "Core" support is Gateway. +// This API may be extended in the future to support additional kinds of parent +// resources, such as HTTPRoute. +type ParentRef struct { + // Group is the group of the referent. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:default=gateway.networking.k8s.io + // +default + Group *string `json:"group,omitempty"` -// RouteGateways defines which Gateways will be able to use a route. If this -// field results in preventing the selection of a Route by a Gateway, an -// "Admitted" condition with a status of false must be set for the Gateway on -// that Route. -type RouteGateways struct { - // Allow indicates which Gateways will be allowed to use this route. - // Possible values are: - // * All: Gateways in any namespace can use this route. - // * FromList: Only Gateways specified in GatewayRefs may use this route. - // * SameNamespace: Only Gateways in the same namespace may use this route. + // Kind is kind of the referent. + // + // Support: Core (Gateway) + // Support: Extended (Other Resources) // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:default=Gateway // +optional - // +kubebuilder:validation:Enum=All;FromList;SameNamespace - // +kubebuilder:default=SameNamespace - Allow *GatewayAllowType `json:"allow,omitempty"` + Kind *string `json:"kind,omitempty"` - // GatewayRefs must be specified when Allow is set to "FromList". In that - // case, only Gateways referenced in this list will be allowed to use this - // route. This field is ignored for other values of "Allow". + // Namespace is the namespace of the referent. When unspecified (empty + // string), this will either be: + // + // * local namespace of the target is a namespace scoped resource + // * no namespace (not applicable) if the target is cluster-scoped. // + // Support: Extended + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 // +optional - GatewayRefs []GatewayReference `json:"gatewayRefs,omitempty"` -} + Namespace *string `json:"namespace,omitempty"` -// PortNumber defines a network port. -// -// +kubebuilder:validation:Minimum=1 -// +kubebuilder:validation:Maximum=65535 -type PortNumber int32 + // Scope represents if this refers to a cluster or namespace scoped resource. + // This may be set to "Cluster" or "Namespace". + // + // Support: Core (Namespace) + // Support: Extended (Cluster) + // + // +kubebuilder:validation:Enum=Cluster;Namespace + // +kubebuilder:default=Namespace + // +optional + Scope *string `json:"scope,omitempty"` -// GatewayReference identifies a Gateway in a specified namespace. -type GatewayReference struct { // Name is the name of the referent. // + // Support: Core + // // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` - // Namespace is the namespace of the referent. + // SectionName is the name of a section within the target resource. In the + // following resources, SectionName is interpreted as the following: + // + // * Gateway: Listener Name + // + // Implementations MAY choose to support attaching Routes to other resources. + // If that is the case, they MUST clearly document how SectionName is + // interpreted. + // + // When unspecified (empty string), this will reference the entire resource. + // For the purpose of status, an attachment is considered successful if at + // least one section in the parent resource accepts it. For example, Gateway + // listeners can restrict which Routes can bind to them by Route kind, + // namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + // the referencing Route, the Route MUST be considered successfully + // attached. If no Gateway listeners accept attachment from this Route, the + // Route MUST be considered detached from the Gateway. + // + // Support: Core // // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 - Namespace string `json:"namespace"` + // +optional + SectionName *string `json:"sectionName,omitempty"` } +// PortNumber defines a network port. +// +// +kubebuilder:validation:Minimum=1 +// +kubebuilder:validation:Maximum=65535 +type PortNumber int32 + // BackendObjectReference defines how an ObjectReference that is // specific to BackendRef. It includes a few additional fields and features // than a regular ObjectReference. diff --git a/apis/v1alpha2/tcproute_types.go b/apis/v1alpha2/tcproute_types.go index c561a4a1fd..55eefd00d2 100644 --- a/apis/v1alpha2/tcproute_types.go +++ b/apis/v1alpha2/tcproute_types.go @@ -41,17 +41,29 @@ type TCPRoute struct { // TCPRouteSpec defines the desired state of TCPRoute type TCPRouteSpec struct { + // ParentRefs references the resources that can attach to this Route. The + // only kind of parent resource with "Core" support is Gateway. This API may + // be extended in the future to support additional kinds of parent resources + // such as one of the route kinds. It is invalid to reference an identical + // parent more than once. It is valid to reference multiple distinct + // sections within the same parent resource, such as 2 Listeners within a + // Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` + // Rules are a list of TCP matchers and actions. // // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=16 Rules []TCPRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // - // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` } // TCPRouteStatus defines the observed state of TCPRoute diff --git a/apis/v1alpha2/tlsroute_types.go b/apis/v1alpha2/tlsroute_types.go index e36ebcf333..2741452a4f 100644 --- a/apis/v1alpha2/tlsroute_types.go +++ b/apis/v1alpha2/tlsroute_types.go @@ -46,11 +46,23 @@ type TLSRoute struct { // TLSRouteSpec defines the desired state of a TLSRoute resource. type TLSRouteSpec struct { - // Gateways defines which Gateways can use this Route. + // ParentRefs references the resources that can attach to this Route. The + // only kind of parent resource with "Core" support is Gateway. This API may + // be extended in the future to support additional kinds of parent resources + // such as one of the route kinds. It is invalid to reference an identical + // parent more than once. It is valid to reference multiple distinct + // sections within the same parent resource, such as 2 Listeners within a + // Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. // // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` // Hostnames defines a set of SNI names that should match against the // SNI attribute of TLS ClientHello message in TLS handshake. diff --git a/apis/v1alpha2/udproute_types.go b/apis/v1alpha2/udproute_types.go index a393efa25c..8b0b604229 100644 --- a/apis/v1alpha2/udproute_types.go +++ b/apis/v1alpha2/udproute_types.go @@ -41,17 +41,29 @@ type UDPRoute struct { // UDPRouteSpec defines the desired state of UDPRoute. type UDPRouteSpec struct { + // ParentRefs references the resources that can attach to this Route. The + // only kind of parent resource with "Core" support is Gateway. This API may + // be extended in the future to support additional kinds of parent resources + // such as one of the route kinds. It is invalid to reference an identical + // parent more than once. It is valid to reference multiple distinct + // sections within the same parent resource, such as 2 Listeners within a + // Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` + // Rules are a list of UDP matchers and actions. // // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=16 Rules []UDPRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // - // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` } // UDPRouteStatus defines the observed state of UDPRoute. diff --git a/apis/v1alpha2/zz_generated.deepcopy.go b/apis/v1alpha2/zz_generated.deepcopy.go index e097759f38..a0dae68004 100644 --- a/apis/v1alpha2/zz_generated.deepcopy.go +++ b/apis/v1alpha2/zz_generated.deepcopy.go @@ -261,21 +261,6 @@ func (in *GatewayList) DeepCopyObject() runtime.Object { return nil } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GatewayReference) DeepCopyInto(out *GatewayReference) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayReference. -func (in *GatewayReference) DeepCopy() *GatewayReference { - if in == nil { - return nil - } - out := new(GatewayReference) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewaySpec) DeepCopyInto(out *GatewaySpec) { *out = *in @@ -743,10 +728,12 @@ func (in *HTTPRouteRule) DeepCopy() *HTTPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPRouteSpec) DeepCopyInto(out *HTTPRouteSpec) { *out = *in - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames @@ -796,6 +783,11 @@ func (in *HTTPRouteStatus) DeepCopy() *HTTPRouteStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Listener) DeepCopyInto(out *Listener) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Hostname != nil { in, out := &in.Hostname, &out.Hostname *out = new(Hostname) @@ -806,7 +798,11 @@ func (in *Listener) DeepCopyInto(out *Listener) { *out = new(GatewayTLSConfig) (*in).DeepCopyInto(*out) } - in.Routes.DeepCopyInto(&out.Routes) + if in.Routes != nil { + in, out := &in.Routes, &out.Routes + *out = new(ListenerRoutes) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Listener. @@ -819,14 +815,48 @@ func (in *Listener) DeepCopy() *Listener { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListenerRoutes) DeepCopyInto(out *ListenerRoutes) { + *out = *in + if in.Namespaces != nil { + in, out := &in.Namespaces, &out.Namespaces + *out = new(RouteNamespaces) + (*in).DeepCopyInto(*out) + } + if in.Kinds != nil { + in, out := &in.Kinds, &out.Kinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListenerRoutes. +func (in *ListenerRoutes) DeepCopy() *ListenerRoutes { + if in == nil { + return nil + } + out := new(ListenerRoutes) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListenerStatus) DeepCopyInto(out *ListenerStatus) { *out = *in - if in.Hostname != nil { - in, out := &in.Hostname, &out.Hostname - *out = new(Hostname) + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) **out = **in } + if in.SupportedKinds != nil { + in, out := &in.SupportedKinds, &out.SupportedKinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions *out = make([]v1.Condition, len(*in)) @@ -887,31 +917,41 @@ func (in *ParametersReference) DeepCopy() *ParametersReference { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteBindingSelector) DeepCopyInto(out *RouteBindingSelector) { +func (in *ParentRef) DeepCopyInto(out *ParentRef) { *out = *in - if in.Namespaces != nil { - in, out := &in.Namespaces, &out.Namespaces - *out = new(RouteNamespaces) - (*in).DeepCopyInto(*out) - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } if in.Group != nil { in, out := &in.Group, &out.Group *out = new(string) **out = **in } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.SectionName != nil { + in, out := &in.SectionName, &out.SectionName + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteBindingSelector. -func (in *RouteBindingSelector) DeepCopy() *RouteBindingSelector { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParentRef. +func (in *ParentRef) DeepCopy() *ParentRef { if in == nil { return nil } - out := new(RouteBindingSelector) + out := new(ParentRef) in.DeepCopyInto(out) return out } @@ -940,26 +980,21 @@ func (in *RouteGatewayStatus) DeepCopy() *RouteGatewayStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteGateways) DeepCopyInto(out *RouteGateways) { +func (in *RouteGroupKind) DeepCopyInto(out *RouteGroupKind) { *out = *in - if in.Allow != nil { - in, out := &in.Allow, &out.Allow - *out = new(GatewayAllowType) + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(string) **out = **in } - if in.GatewayRefs != nil { - in, out := &in.GatewayRefs, &out.GatewayRefs - *out = make([]GatewayReference, len(*in)) - copy(*out, *in) - } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGateways. -func (in *RouteGateways) DeepCopy() *RouteGateways { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGroupKind. +func (in *RouteGroupKind) DeepCopy() *RouteGroupKind { if in == nil { return nil } - out := new(RouteGateways) + out := new(RouteGroupKind) in.DeepCopyInto(out) return out } @@ -1153,6 +1188,13 @@ func (in *TCPRouteRule) DeepCopy() *TCPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TCPRouteSpec) DeepCopyInto(out *TCPRouteSpec) { *out = *in + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Rules != nil { in, out := &in.Rules, &out.Rules *out = make([]TCPRouteRule, len(*in)) @@ -1160,11 +1202,6 @@ func (in *TCPRouteSpec) DeepCopyInto(out *TCPRouteSpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteSpec. @@ -1324,10 +1361,12 @@ func (in *TLSRouteRule) DeepCopy() *TLSRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSRouteSpec) DeepCopyInto(out *TLSRouteSpec) { *out = *in - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames @@ -1480,6 +1519,13 @@ func (in *UDPRouteRule) DeepCopy() *UDPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UDPRouteSpec) DeepCopyInto(out *UDPRouteSpec) { *out = *in + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Rules != nil { in, out := &in.Rules, &out.Rules *out = make([]UDPRouteRule, len(*in)) @@ -1487,11 +1533,6 @@ func (in *UDPRouteSpec) DeepCopyInto(out *UDPRouteSpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteSpec. diff --git a/config/crd/bases/gateway.networking.k8s.io_gateways.yaml b/config/crd/bases/gateway.networking.k8s.io_gateways.yaml index 1dd340ceff..dcff3dae8f 100644 --- a/config/crd/bases/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_gateways.yaml @@ -146,6 +146,14 @@ spec: maxLength: 253 minLength: 1 type: string + name: + description: "Name is the name of the Listener. If more than + one Listener is present each Listener MUST specify a name. + The names of Listeners MUST be unique within a Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string port: description: "Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. @@ -167,16 +175,11 @@ spec: at both the TLS and HTTP protocol layers. \n Support: Core" type: string routes: - description: "Routes specifies a schema for associating routes - with the Listener using selectors. A Route is a resource capable - of servicing a request and allows a cluster operator to expose - a cluster resource (i.e. Service) by externally-reachable - URL, load-balance traffic and terminate SSL/TLS. Typically, - a route is a \"HTTPRoute\" or \"TCPRoute\" in group \"gateway.networking.k8s.io\", - however, an implementation may support other types of resources. - \n The Routes selector MUST select a set of objects that are - compatible with the application protocol specified in the - Protocol field. \n Although a client request may technically + default: + namespaces: + from: Same + description: "Routes specifies which Routes may be attached + to this Listener. \n Although a client request may technically match multiple route rules, only one rule may ultimately receive the request. Matching precedence MUST be determined in order of the following criteria: \n * The most specific match. For @@ -197,31 +200,41 @@ spec: by a Route is invalid, the rest of the Route should still be supported. \n Support: Core" properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the route resource to - select. Omitting the value indicates the gateway.networking.k8s.io - API group. For example, use the following to select an - HTTPRoute: \n routes: kind: HTTPRoute \n Otherwise, - if an alternative API group is desired, specify the desired - group: \n routes: group: acme.io kind: FooRoute \n - Support: Core" - maxLength: 253 - type: string - kind: - description: "Kind is the kind of the route resource to - select. \n Kind MUST correspond to kinds of routes that - are compatible with the application protocol specified - in the Listener's Protocol field. \n If an implementation - does not support or recognize this resource type, it SHOULD - set the \"ResolvedRefs\" condition to false for this listener - with the \"InvalidRoutesRef\" reason. \n Support: Core" - type: string + kinds: + description: "Kinds specifies the groups and kinds of Routes + that are allowed to bind to this Gateway listener. When + unspecified or empty, the only limitation on the kinds + of Routes supported is the Listener protocol. Kind MUST + correspond to kinds of Routes that are compatible with + the application protocol specified in the Listener's Protocol + field. If an implementation does not support or recognize + this resource type, it SHOULD set the \"ResolvedRefs\" + condition to false for this listener with the \"InvalidRoutesRef\" + reason. \n Support: Core" + items: + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the Route. \n + Support: Core" + maxLength: 253 + type: string + kind: + description: "Kind is the kind of the Route. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + required: + - kind + type: object + maxItems: 10 + type: array namespaces: default: from: Same - description: "Namespaces indicates in which namespaces Routes - should be selected for this Gateway. This is restricted + description: "Namespaces indicates which namespaces Routes + may be attached to this Listener from. This is restricted to the namespace of this Gateway by default. \n Support: Core" properties: @@ -290,57 +303,6 @@ spec: type: object type: object type: object - selector: - description: "Selector specifies a set of route labels used - for selecting routes to associate with the Gateway. If - this Selector is defined, only routes matching the Selector - are associated with the Gateway. An empty Selector matches - all routes. \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - required: - - kind type: object tls: description: "TLS is the TLS configuration for the Listener. @@ -434,7 +396,6 @@ spec: required: - port - protocol - - routes type: object maxItems: 64 minItems: 1 @@ -573,6 +534,11 @@ spec: items: description: ListenerStatus is the status associated with a Listener. properties: + attachedRoutes: + description: AttachedRoutes represents the total number of Routes + that have been successfully attached to this Listener. + format: int32 + type: integer conditions: description: Conditions describe the current condition of this listener. @@ -652,33 +618,44 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - hostname: - description: Hostname is the Listener hostname value for which - this message is reporting the status. + name: + description: Name is the name of the Listener. maxLength: 253 minLength: 1 type: string - port: - description: Port is the unique Listener port value for which - this message is reporting the status. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: Protocol is the Listener protocol value for which - this message is reporting the status. - type: string + supportedKinds: + description: SupportedKinds is the list indicating the Kinds + supported by this listener. When this is not specified on + the Listener, this MUST represent the kinds an implementation + supports for the specified protocol. When there are kinds + specified on the Listener, this MUST represent the intersection + of those kinds and the kinds supported by the implementation + for the specified protocol. + items: + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the Route. \n Support: + Core" + maxLength: 253 + type: string + kind: + description: "Kind is the kind of the Route. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + required: + - kind + type: object + maxItems: 10 + type: array required: + - attachedRoutes - conditions - - port - - protocol type: object maxItems: 64 type: array - x-kubernetes-list-map-keys: - - port - x-kubernetes-list-type: map type: object required: - spec diff --git a/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml index 05a4882730..db05994400 100644 --- a/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml @@ -45,48 +45,6 @@ spec: spec: description: Spec defines the desired state of HTTPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object hostnames: description: "Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the @@ -142,6 +100,88 @@ spec: type: string maxItems: 16 type: array + parentRefs: + description: "ParentRefs references the resources that can attach + to this Route. The only kind of parent resource with \"Core\" support + is Gateway. This API may be extended in the future to support additional + kinds of parent resources such as one of the route kinds. It is + invalid to reference an identical parent more than once. It is valid + to reference multiple distinct sections within the same parent resource, + such as 2 Listeners within a Gateway. \n It is possible to separately + reference multiple distinct objects that may be collapsed by an + implementation. For example, some implementations may choose to + merge compatible Gateway Listeners together. If that is the case, + the list of routes attached to those resources should also be merged." + items: + description: ParentRef identifies an API object that should be considered + a parent of this resource. The only kind of parent resource with + "Core" support is Gateway. This API may be extended in the future + to support additional kinds of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: default: - matches: diff --git a/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml index 97002843a1..fb42d455e8 100644 --- a/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml @@ -42,48 +42,88 @@ spec: spec: description: Spec defines the desired state of TCPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object + parentRefs: + description: "ParentRefs references the resources that can attach + to this Route. The only kind of parent resource with \"Core\" support + is Gateway. This API may be extended in the future to support additional + kinds of parent resources such as one of the route kinds. It is + invalid to reference an identical parent more than once. It is valid + to reference multiple distinct sections within the same parent resource, + such as 2 Listeners within a Gateway. \n It is possible to separately + reference multiple distinct objects that may be collapsed by an + implementation. For example, some implementations may choose to + merge compatible Gateway Listeners together. If that is the case, + the list of routes attached to those resources should also be merged." + items: + description: ParentRef identifies an API object that should be considered + a parent of this resource. The only kind of parent resource with + "Core" support is Gateway. This API may be extended in the future + to support additional kinds of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of TCP matchers and actions. items: diff --git a/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml b/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml index 0f90b2c914..d398bcd65e 100644 --- a/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml @@ -46,48 +46,6 @@ spec: spec: description: Spec defines the desired state of TLSRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object hostnames: description: "Hostnames defines a set of SNI names that should match against the SNI attribute of TLS ClientHello message in TLS handshake. @@ -124,6 +82,88 @@ spec: type: string maxItems: 16 type: array + parentRefs: + description: "ParentRefs references the resources that can attach + to this Route. The only kind of parent resource with \"Core\" support + is Gateway. This API may be extended in the future to support additional + kinds of parent resources such as one of the route kinds. It is + invalid to reference an identical parent more than once. It is valid + to reference multiple distinct sections within the same parent resource, + such as 2 Listeners within a Gateway. \n It is possible to separately + reference multiple distinct objects that may be collapsed by an + implementation. For example, some implementations may choose to + merge compatible Gateway Listeners together. If that is the case, + the list of routes attached to those resources should also be merged." + items: + description: ParentRef identifies an API object that should be considered + a parent of this resource. The only kind of parent resource with + "Core" support is Gateway. This API may be extended in the future + to support additional kinds of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of TLS matchers and actions. items: diff --git a/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml index 9284ee6de5..4ac2f3d5d9 100644 --- a/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml @@ -43,48 +43,88 @@ spec: spec: description: Spec defines the desired state of UDPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object + parentRefs: + description: "ParentRefs references the resources that can attach + to this Route. The only kind of parent resource with \"Core\" support + is Gateway. This API may be extended in the future to support additional + kinds of parent resources such as one of the route kinds. It is + invalid to reference an identical parent more than once. It is valid + to reference multiple distinct sections within the same parent resource, + such as 2 Listeners within a Gateway. \n It is possible to separately + reference multiple distinct objects that may be collapsed by an + implementation. For example, some implementations may choose to + merge compatible Gateway Listeners together. If that is the case, + the list of routes attached to those resources should also be merged." + items: + description: ParentRef identifies an API object that should be considered + a parent of this resource. The only kind of parent resource with + "Core" support is Gateway. This API may be extended in the future + to support additional kinds of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of UDP matchers and actions. items: diff --git a/examples/v1alpha2/basic-http.yaml b/examples/v1alpha2/basic-http.yaml index a3961e51ce..b9b68afa60 100644 --- a/examples/v1alpha2/basic-http.yaml +++ b/examples/v1alpha2/basic-http.yaml @@ -18,21 +18,14 @@ spec: listeners: # Use GatewayClass defaults for listener definition. - protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: foo - namespaces: - from: "Same" --- kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: http-app-1 - labels: - app: foo spec: + parentRefs: + - name: my-gateway hostnames: - "foo.com" rules: diff --git a/examples/v1alpha2/default-match-http.yaml b/examples/v1alpha2/default-match-http.yaml index d358fe71b5..0faa95dce3 100644 --- a/examples/v1alpha2/default-match-http.yaml +++ b/examples/v1alpha2/default-match-http.yaml @@ -14,13 +14,6 @@ spec: listeners: - protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: default-match - namespaces: - from: "All" --- # This HTTPRoute demonstrates patch match defaulting. If no path match is # specified, CRD defaults adds a default prefix match on the path "/". This @@ -33,6 +26,8 @@ metadata: labels: app: default-match spec: + parentRefs: + - name: default-match-gw hostnames: - default-match.com rules: diff --git a/examples/v1alpha2/http-redirect.yaml b/examples/v1alpha2/http-redirect.yaml index 8077f89eb4..d641a85c6d 100644 --- a/examples/v1alpha2/http-redirect.yaml +++ b/examples/v1alpha2/http-redirect.yaml @@ -2,7 +2,7 @@ kind: GatewayClass apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: filter-lb -spec: +spec: controller: acme.io/gateway-controller parametersRef: name: acme-lb @@ -22,41 +22,26 @@ metadata: spec: gatewayClassName: filter-lb listeners: - - protocol: HTTP + - name: http + protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - protocol: http - namespaces: - from: "Same" - - protocol: HTTPS + - name: https + protocol: HTTPS port: 443 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: filter - namespaces: - from: "All" --- kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: http-filter-1 namespace: gateway-api-example-ns1 - labels: - protocol: http spec: + parentRefs: + - name: my-filter-gateway + sectionName: http hostnames: - my-filter.example.com rules: - - matches: - - path: - type: Prefix - value: / - filters: + - filters: - type: RequestRedirect requestRedirect: protocol: HTTPS @@ -64,10 +49,12 @@ spec: kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: - name: http-filter-1 - labels: - app: filter + name: http-filter-2 + namespace: gateway-api-example-ns1 spec: + parentRefs: + - name: my-filter-gateway + sectionName: https hostnames: - my-filter.example.com rules: diff --git a/examples/v1alpha2/traffic-split-1.yaml b/examples/v1alpha2/traffic-split-1.yaml index e8d32cb638..8fb7a93db8 100644 --- a/examples/v1alpha2/traffic-split-1.yaml +++ b/examples/v1alpha2/traffic-split-1.yaml @@ -2,9 +2,9 @@ kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: foo-route - labels: - gateway: prod-web-gw spec: + parentRefs: + - name: prod-web-gw hostnames: - foo.example.com rules: diff --git a/site-src/geps/gep-724.md b/site-src/geps/gep-724.md index 248ce9267a..7577ee483d 100644 --- a/site-src/geps/gep-724.md +++ b/site-src/geps/gep-724.md @@ -1,7 +1,7 @@ # GEP-724: Refresh Route-Gateway Binding * Issue URL: [#724](https://github.com/kubernetes-sigs/gateway-api/issues/724) -* Status: Implementable +* Status: Implemented ## TLDR