diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index 64399d898f..81696264ad 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* diff --git a/apis/v1alpha2/gateway_types.go b/apis/v1alpha2/gateway_types.go index 8f224e8e90..6a82c2145d 100644 --- a/apis/v1alpha2/gateway_types.go +++ b/apis/v1alpha2/gateway_types.go @@ -141,6 +141,17 @@ type GatewaySpec struct { // combination of Hostname, Port, and Protocol. This will be enforced by a // validating webhook. type Listener struct { + // Name is the name of the Listener. If more than one Listener is present + // each Listener MUST specify a name. The names of Listeners MUST be unique + // within a Gateway. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +optional + Name *string `json:"name,omitempty"` + // Hostname specifies the virtual hostname to match for protocol types that // define this concept. When unspecified, "", or `*`, all hostnames are // matched. This field can be omitted for protocols that don't require @@ -198,18 +209,7 @@ type Listener struct { // +optional TLS *GatewayTLSConfig `json:"tls,omitempty"` - // Routes specifies a schema for associating routes with the - // Listener using selectors. A Route is a resource capable of - // servicing a request and allows a cluster operator to expose - // a cluster resource (i.e. Service) by externally-reachable - // URL, load-balance traffic and terminate SSL/TLS. Typically, - // a route is a "HTTPRoute" or "TCPRoute" in group - // "gateway.networking.k8s.io", however, an implementation may support - // other types of resources. - // - // The Routes selector MUST select a set of objects that - // are compatible with the application protocol specified in - // the Protocol field. + // Routes specifies which Routes may be attached to this Listener. // // Although a client request may technically match multiple route rules, // only one rule may ultimately receive the request. Matching precedence @@ -232,7 +232,9 @@ type Listener struct { // invalid, the rest of the Route should still be supported. // // Support: Core - Routes RouteBindingSelector `json:"routes"` + // +kubebuilder:default={namespaces:{from: Same}} + // +optional + Routes *ListenerRoutes `json:"routes,omitempty"` } // ProtocolType defines the application protocol accepted by a Listener. @@ -383,12 +385,10 @@ const ( TLSModePassthrough TLSModeType = "Passthrough" ) -// RouteBindingSelector defines a schema for associating routes with the Gateway. -// If Namespaces and Selector are defined, only routes matching both selectors are -// associated with the Gateway. -type RouteBindingSelector struct { - // Namespaces indicates in which namespaces Routes should be selected - // for this Gateway. This is restricted to the namespace of this Gateway by +// ListenerRoutes defines which Routes may be attached to this Listener. +type ListenerRoutes struct { + // Namespaces indicates which namespaces Routes may be attached to this + // Listener from. This is restricted to the namespace of this Gateway by // default. // // Support: Core @@ -396,46 +396,22 @@ type RouteBindingSelector struct { // +optional // +kubebuilder:default={from: Same} Namespaces *RouteNamespaces `json:"namespaces,omitempty"` - // Selector specifies a set of route labels used for selecting - // routes to associate with the Gateway. If this Selector is defined, - // only routes matching the Selector are associated with the Gateway. - // An empty Selector matches all routes. - // - // Support: Core - // - // +optional - Selector *metav1.LabelSelector `json:"selector,omitempty"` - // Group is the group of the route resource to select. Omitting the value - // indicates the gateway.networking.k8s.io API group. - // For example, use the following to select an HTTPRoute: - // - // routes: - // kind: HTTPRoute - // - // Otherwise, if an alternative API group is desired, specify the desired - // group: + + // Kinds specifies the groups and kinds of Routes that are allowed to bind + // to this Gateway listener. When unspecified or empty, the kinds of Routes + // selected are determined using the Listener protocol. // - // routes: - // group: acme.io - // kind: FooRoute + // Kind MUST correspond to kinds of Routes that are compatible with the + // application protocol specified in the Listener's Protocol field. If an + // implementation does not support or recognize this resource type, it + // SHOULD set the "ResolvedRefs" condition to false for this listener with + // the "InvalidRoutesRef" reason. // // Support: Core // // +optional - // +kubebuilder:default=gateway.networking.k8s.io - // +kubebuilder:validation:MaxLength=253 - Group *string `json:"group,omitempty"` - // Kind is the kind of the route resource to select. - // - // Kind MUST correspond to kinds of routes that are compatible with the - // application protocol specified in the Listener's Protocol field. - // - // If an implementation does not support or recognize this - // resource type, it SHOULD set the "ResolvedRefs" condition to false for - // this listener with the "InvalidRoutesRef" reason. - // - // Support: Core - Kind string `json:"kind"` + // +kubebuilder:validation:MaxItems=8 + Kinds []RouteGroupKind `json:"kinds,omitempty"` } // RouteSelectType specifies where Routes should be selected by a Gateway. @@ -477,6 +453,26 @@ type RouteNamespaces struct { Selector *metav1.LabelSelector `json:"selector,omitempty"` } +// RouteGroupKind indicates the group and kind of a Route resource. +type RouteGroupKind struct { + // Group is the group of the Route. + // + // Support: Core + // + // +optional + // +kubebuilder:default=gateway.networking.k8s.io + // +kubebuilder:validation:MaxLength=253 + Group *string `json:"group,omitempty"` + + // Kind is the kind of the Route. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Kind string `json:"kind"` +} + // GatewayAddress describes an address that can be bound to a Gateway. type GatewayAddress struct { // Type of the address. @@ -566,8 +562,6 @@ type GatewayStatus struct { // Listeners provide status for each unique listener port defined in the Spec. // // +optional - // +listType=map - // +listMapKey=port // +kubebuilder:validation:MaxItems=64 Listeners []ListenerStatus `json:"listeners,omitempty"` } @@ -672,19 +666,26 @@ const ( // ListenerStatus is the status associated with a Listener. type ListenerStatus struct { - // Port is the unique Listener port value for which this message is - // reporting the status. - Port PortNumber `json:"port"` - - // Protocol is the Listener protocol value for which this message is - // reporting the status. - Protocol ProtocolType `json:"protocol"` - - // Hostname is the Listener hostname value for which this message is - // reporting the status. + // Name is the name of the Listener. // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 // +optional - Hostname *Hostname `json:"hostname,omitempty"` + Name *string `json:"name,omitempty"` + + // SupportedKinds is the list indicating the Kinds supported by this + // listener. When this is not specified on the Listener, this MUST represent + // the kinds an implementation supports for the specified protocol. When + // there are kinds specified on the Listener, this MUST represent the + // intersection of those kinds and the kinds supported by the implementation + // for the specified protocol. + // + // +kubebuilder:validation:MaxItems=8 + SupportedKinds []RouteGroupKind `json:"supportedKinds,omitempty"` + + // AttachedRoutes represents the total number of Routes that have been + // successfully attached to this Listener. + AttachedRoutes int32 `json:"attachedRoutes"` // Conditions describe the current condition of this listener. // diff --git a/apis/v1alpha2/httproute_types.go b/apis/v1alpha2/httproute_types.go index c533f16441..cd1e825edf 100644 --- a/apis/v1alpha2/httproute_types.go +++ b/apis/v1alpha2/httproute_types.go @@ -51,11 +51,29 @@ type HTTPRouteList struct { // HTTPRouteSpec defines the desired state of HTTPRoute type HTTPRouteSpec struct { - // Gateways defines which Gateways can use this Route. + // ParentRefs references the resources (usually Gateways) that a Route wants + // to be attached to. Note that the referenced parent resource needs to + // allow this for the attachment to be complete. For Gateways, that means + // the Gateway needs to allow attachment from Routes of this kind and + // namespace. + // + // The only kind of parent resource with "Core" support is Gateway. This API + // may be extended in the future to support additional kinds of parent + // resources such as one of the route kinds. + // + // It is invalid to reference an identical parent more than once. It is + // valid to reference multiple distinct sections within the same parent + // resource, such as 2 Listeners within a Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. // // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` // Hostnames defines a set of hostname that should match against // the HTTP Host header to select a HTTPRoute to process the request. diff --git a/apis/v1alpha2/shared_types.go b/apis/v1alpha2/shared_types.go index 610298bc97..397ba04a76 100644 --- a/apis/v1alpha2/shared_types.go +++ b/apis/v1alpha2/shared_types.go @@ -20,63 +20,96 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// GatewayAllowType specifies which Gateways should be allowed to use a Route. -type GatewayAllowType string - -const ( - // Any Gateway will be able to use this route. - GatewayAllowAll GatewayAllowType = "All" - // Only Gateways that have been specified in GatewayRefs will be able to use this route. - GatewayAllowFromList GatewayAllowType = "FromList" - // Only Gateways within the same namespace as the route will be able to use this route. - GatewayAllowSameNamespace GatewayAllowType = "SameNamespace" -) +// ParentRef identifies an API object (usually a Gateway) that can be considered +// a parent of this resource (usually a route). The only kind of parent resource +// with "Core" support is Gateway. This API may be extended in the future to +// support additional kinds of parent resources, such as HTTPRoute. +type ParentRef struct { + // Group is the group of the referent. + // + // Support: Core + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:default=gateway.networking.k8s.io + // +default + Group *string `json:"group,omitempty"` -// RouteGateways defines which Gateways will be able to use a route. If this -// field results in preventing the selection of a Route by a Gateway, an -// "Admitted" condition with a status of false must be set for the Gateway on -// that Route. -type RouteGateways struct { - // Allow indicates which Gateways will be allowed to use this route. - // Possible values are: - // * All: Gateways in any namespace can use this route. - // * FromList: Only Gateways specified in GatewayRefs may use this route. - // * SameNamespace: Only Gateways in the same namespace may use this route. + // Kind is kind of the referent. // + // Support: Core (Gateway) + // Support: Extended (Other Resources) + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + // +kubebuilder:default=Gateway // +optional - // +kubebuilder:validation:Enum=All;FromList;SameNamespace - // +kubebuilder:default=SameNamespace - Allow *GatewayAllowType `json:"allow,omitempty"` + Kind *string `json:"kind,omitempty"` - // GatewayRefs must be specified when Allow is set to "FromList". In that - // case, only Gateways referenced in this list will be allowed to use this - // route. This field is ignored for other values of "Allow". + // Namespace is the namespace of the referent. When unspecified (empty + // string), this will either be: + // + // * local namespace of the target is a namespace scoped resource + // * no namespace (not applicable) if the target is cluster-scoped. + // + // Support: Extended // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 // +optional - GatewayRefs []GatewayReference `json:"gatewayRefs,omitempty"` -} + Namespace *string `json:"namespace,omitempty"` -// PortNumber defines a network port. -// -// +kubebuilder:validation:Minimum=1 -// +kubebuilder:validation:Maximum=65535 -type PortNumber int32 + // Scope represents if this refers to a cluster or namespace scoped resource. + // This may be set to "Cluster" or "Namespace". + // + // Support: Core (Namespace) + // Support: Extended (Cluster) + // + // +kubebuilder:validation:Enum=Cluster;Namespace + // +kubebuilder:default=Namespace + // +optional + Scope *string `json:"scope,omitempty"` -// GatewayReference identifies a Gateway in a specified namespace. -type GatewayReference struct { // Name is the name of the referent. // + // Support: Core + // // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Name string `json:"name"` - // Namespace is the namespace of the referent. + // SectionName is the name of a section within the target resource. In the + // following resources, SectionName is interpreted as the following: + // + // * Gateway: Listener Name + // + // Implementations MAY choose to support attaching Routes to other resources. + // If that is the case, they MUST clearly document how SectionName is + // interpreted. + // + // When unspecified (empty string), this will reference the entire resource. + // For the purpose of status, an attachment is considered successful if at + // least one section in the parent resource accepts it. For example, Gateway + // listeners can restrict which Routes can bind to them by Route kind, + // namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + // the referencing Route, the Route MUST be considered successfully + // attached. If no Gateway listeners accept attachment from this Route, the + // Route MUST be considered detached from the Gateway. + // + // Support: Core // // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 - Namespace string `json:"namespace"` + // +optional + SectionName *string `json:"sectionName,omitempty"` } +// PortNumber defines a network port. +// +// +kubebuilder:validation:Minimum=1 +// +kubebuilder:validation:Maximum=65535 +type PortNumber int32 + // BackendRef defines how a Route should forward a request to a Kubernetes // resource. // @@ -118,44 +151,15 @@ const ( ConditionRouteAdmitted RouteConditionType = "Admitted" ) -// RouteGatewayStatus describes the status of a route with respect to an -// associated Gateway. -type RouteGatewayStatus struct { - // GatewayRef is a reference to a Gateway object that is associated with - // the route. - GatewayRef RouteStatusGatewayReference `json:"gatewayRef"` +// RouteParentStatus describes the status of a route with respect to an +// associated Parent. +type RouteParentStatus struct { + // ParentRef is a reference to the parent resource that the route wants to + // be attached to. + ParentRef ParentRef `json:"parentRef"` - // Conditions describes the status of the route with respect to the - // Gateway. The "Admitted" condition must always be specified by controllers - // to indicate whether the route has been admitted or rejected by the Gateway, - // and why. Note that the route's availability is also subject to the Gateway's - // own status conditions and listener status. - // - // +listType=map - // +listMapKey=type - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=8 - Conditions []metav1.Condition `json:"conditions,omitempty"` -} - -// RouteStatusGatewayReference identifies a Gateway in a specified namespace. -// This reference also includes a controller name to simplify cleaning up status -// entries. -type RouteStatusGatewayReference struct { - // Name is the name of the referent. - // - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=253 - Name string `json:"name"` - - // Namespace is the namespace of the referent. - // - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=253 - Namespace string `json:"namespace"` - - // Controller is a domain/path string that indicates the controller - // implementing the Gateway. This corresponds with the controller field on + // Controller is a domain/path string that indicates the controller that + // wrote this status. This corresponds with the controller field on // GatewayClass. // // Example: "acme.io/gateway-controller". @@ -167,6 +171,18 @@ type RouteStatusGatewayReference struct { // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Controller string `json:"controller"` + + // Conditions describes the status of the route with respect to the + // Gateway. The "Admitted" condition must always be specified by controllers + // to indicate whether the route has been admitted or rejected by the Gateway, + // and why. Note that the route's availability is also subject to the Gateway's + // own status conditions and listener status. + // + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=8 + Conditions []metav1.Condition `json:"conditions,omitempty"` } // RouteStatus defines the observed state that is required across @@ -185,7 +201,7 @@ type RouteStatus struct { // by any Gateway. // // +kubebuilder:validation:MaxItems=100 - Gateways []RouteGatewayStatus `json:"gateways"` + Parents []RouteParentStatus `json:"parents"` } // Hostname is the fully qualified domain name of a network host, as defined diff --git a/apis/v1alpha2/tcproute_types.go b/apis/v1alpha2/tcproute_types.go index c561a4a1fd..532aa7e2f7 100644 --- a/apis/v1alpha2/tcproute_types.go +++ b/apis/v1alpha2/tcproute_types.go @@ -41,17 +41,35 @@ type TCPRoute struct { // TCPRouteSpec defines the desired state of TCPRoute type TCPRouteSpec struct { + // ParentRefs references the resources (usually Gateways) that a Route wants + // to be attached to. Note that the referenced parent resource needs to + // allow this for the attachment to be complete. For Gateways, that means + // the Gateway needs to allow attachment from Routes of this kind and + // namespace. + // + // The only kind of parent resource with "Core" support is Gateway. This API + // may be extended in the future to support additional kinds of parent + // resources such as one of the route kinds. + // + // It is invalid to reference an identical parent more than once. It is + // valid to reference multiple distinct sections within the same parent + // resource, such as 2 Listeners within a Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` + // Rules are a list of TCP matchers and actions. // // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=16 Rules []TCPRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // - // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` } // TCPRouteStatus defines the observed state of TCPRoute diff --git a/apis/v1alpha2/tlsroute_types.go b/apis/v1alpha2/tlsroute_types.go index e36ebcf333..5537126b4b 100644 --- a/apis/v1alpha2/tlsroute_types.go +++ b/apis/v1alpha2/tlsroute_types.go @@ -46,11 +46,29 @@ type TLSRoute struct { // TLSRouteSpec defines the desired state of a TLSRoute resource. type TLSRouteSpec struct { - // Gateways defines which Gateways can use this Route. + // ParentRefs references the resources (usually Gateways) that a Route wants + // to be attached to. Note that the referenced parent resource needs to + // allow this for the attachment to be complete. For Gateways, that means + // the Gateway needs to allow attachment from Routes of this kind and + // namespace. + // + // The only kind of parent resource with "Core" support is Gateway. This API + // may be extended in the future to support additional kinds of parent + // resources such as one of the route kinds. + // + // It is invalid to reference an identical parent more than once. It is + // valid to reference multiple distinct sections within the same parent + // resource, such as 2 Listeners within a Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. // // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` // Hostnames defines a set of SNI names that should match against the // SNI attribute of TLS ClientHello message in TLS handshake. diff --git a/apis/v1alpha2/udproute_types.go b/apis/v1alpha2/udproute_types.go index a393efa25c..6dfc2ce9a3 100644 --- a/apis/v1alpha2/udproute_types.go +++ b/apis/v1alpha2/udproute_types.go @@ -41,17 +41,35 @@ type UDPRoute struct { // UDPRouteSpec defines the desired state of UDPRoute. type UDPRouteSpec struct { + // ParentRefs references the resources (usually Gateways) that a Route wants + // to be attached to. Note that the referenced parent resource needs to + // allow this for the attachment to be complete. For Gateways, that means + // the Gateway needs to allow attachment from Routes of this kind and + // namespace. + // + // The only kind of parent resource with "Core" support is Gateway. This API + // may be extended in the future to support additional kinds of parent + // resources such as one of the route kinds. + // + // It is invalid to reference an identical parent more than once. It is + // valid to reference multiple distinct sections within the same parent + // resource, such as 2 Listeners within a Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` + // Rules are a list of UDP matchers and actions. // // +kubebuilder:validation:MinItems=1 // +kubebuilder:validation:MaxItems=16 Rules []UDPRouteRule `json:"rules"` - - // Gateways defines which Gateways can use this Route. - // - // +optional - // +kubebuilder:default={allow: "SameNamespace"} - Gateways *RouteGateways `json:"gateways,omitempty"` } // UDPRouteStatus defines the observed state of UDPRoute. diff --git a/apis/v1alpha2/zz_generated.deepcopy.go b/apis/v1alpha2/zz_generated.deepcopy.go index ce785297e1..be45925c43 100644 --- a/apis/v1alpha2/zz_generated.deepcopy.go +++ b/apis/v1alpha2/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* @@ -266,21 +267,6 @@ func (in *GatewayList) DeepCopyObject() runtime.Object { return nil } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *GatewayReference) DeepCopyInto(out *GatewayReference) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayReference. -func (in *GatewayReference) DeepCopy() *GatewayReference { - if in == nil { - return nil - } - out := new(GatewayReference) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewaySpec) DeepCopyInto(out *GatewaySpec) { *out = *in @@ -748,10 +734,12 @@ func (in *HTTPRouteRule) DeepCopy() *HTTPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPRouteSpec) DeepCopyInto(out *HTTPRouteSpec) { *out = *in - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames @@ -801,6 +789,11 @@ func (in *HTTPRouteStatus) DeepCopy() *HTTPRouteStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Listener) DeepCopyInto(out *Listener) { *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } if in.Hostname != nil { in, out := &in.Hostname, &out.Hostname *out = new(Hostname) @@ -811,7 +804,11 @@ func (in *Listener) DeepCopyInto(out *Listener) { *out = new(GatewayTLSConfig) (*in).DeepCopyInto(*out) } - in.Routes.DeepCopyInto(&out.Routes) + if in.Routes != nil { + in, out := &in.Routes, &out.Routes + *out = new(ListenerRoutes) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Listener. @@ -824,14 +821,48 @@ func (in *Listener) DeepCopy() *Listener { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListenerRoutes) DeepCopyInto(out *ListenerRoutes) { + *out = *in + if in.Namespaces != nil { + in, out := &in.Namespaces, &out.Namespaces + *out = new(RouteNamespaces) + (*in).DeepCopyInto(*out) + } + if in.Kinds != nil { + in, out := &in.Kinds, &out.Kinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListenerRoutes. +func (in *ListenerRoutes) DeepCopy() *ListenerRoutes { + if in == nil { + return nil + } + out := new(ListenerRoutes) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ListenerStatus) DeepCopyInto(out *ListenerStatus) { *out = *in - if in.Hostname != nil { - in, out := &in.Hostname, &out.Hostname - *out = new(Hostname) + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) **out = **in } + if in.SupportedKinds != nil { + in, out := &in.SupportedKinds, &out.SupportedKinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions *out = make([]v1.Condition, len(*in)) @@ -921,6 +952,46 @@ func (in *ParametersReference) DeepCopy() *ParametersReference { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ParentRef) DeepCopyInto(out *ParentRef) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(string) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(string) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } + if in.Scope != nil { + in, out := &in.Scope, &out.Scope + *out = new(string) + **out = **in + } + if in.SectionName != nil { + in, out := &in.SectionName, &out.SectionName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParentRef. +func (in *ParentRef) DeepCopy() *ParentRef { + if in == nil { + return nil + } + out := new(ParentRef) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ReferencePolicy) DeepCopyInto(out *ReferencePolicy) { *out = *in @@ -1035,18 +1106,8 @@ func (in *ReferencePolicyTo) DeepCopy() *ReferencePolicyTo { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteBindingSelector) DeepCopyInto(out *RouteBindingSelector) { +func (in *RouteGroupKind) DeepCopyInto(out *RouteGroupKind) { *out = *in - if in.Namespaces != nil { - in, out := &in.Namespaces, &out.Namespaces - *out = new(RouteNamespaces) - (*in).DeepCopyInto(*out) - } - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } if in.Group != nil { in, out := &in.Group, &out.Group *out = new(string) @@ -1054,60 +1115,12 @@ func (in *RouteBindingSelector) DeepCopyInto(out *RouteBindingSelector) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteBindingSelector. -func (in *RouteBindingSelector) DeepCopy() *RouteBindingSelector { - if in == nil { - return nil - } - out := new(RouteBindingSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteGatewayStatus) DeepCopyInto(out *RouteGatewayStatus) { - *out = *in - out.GatewayRef = in.GatewayRef - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGatewayStatus. -func (in *RouteGatewayStatus) DeepCopy() *RouteGatewayStatus { - if in == nil { - return nil - } - out := new(RouteGatewayStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteGateways) DeepCopyInto(out *RouteGateways) { - *out = *in - if in.Allow != nil { - in, out := &in.Allow, &out.Allow - *out = new(GatewayAllowType) - **out = **in - } - if in.GatewayRefs != nil { - in, out := &in.GatewayRefs, &out.GatewayRefs - *out = make([]GatewayReference, len(*in)) - copy(*out, *in) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGateways. -func (in *RouteGateways) DeepCopy() *RouteGateways { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGroupKind. +func (in *RouteGroupKind) DeepCopy() *RouteGroupKind { if in == nil { return nil } - out := new(RouteGateways) + out := new(RouteGroupKind) in.DeepCopyInto(out) return out } @@ -1138,38 +1151,46 @@ func (in *RouteNamespaces) DeepCopy() *RouteNamespaces { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteStatus) DeepCopyInto(out *RouteStatus) { +func (in *RouteParentStatus) DeepCopyInto(out *RouteParentStatus) { *out = *in - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = make([]RouteGatewayStatus, len(*in)) + in.ParentRef.DeepCopyInto(&out.ParentRef) + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteStatus. -func (in *RouteStatus) DeepCopy() *RouteStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteParentStatus. +func (in *RouteParentStatus) DeepCopy() *RouteParentStatus { if in == nil { return nil } - out := new(RouteStatus) + out := new(RouteParentStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RouteStatusGatewayReference) DeepCopyInto(out *RouteStatusGatewayReference) { +func (in *RouteStatus) DeepCopyInto(out *RouteStatus) { *out = *in + if in.Parents != nil { + in, out := &in.Parents, &out.Parents + *out = make([]RouteParentStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteStatusGatewayReference. -func (in *RouteStatusGatewayReference) DeepCopy() *RouteStatusGatewayReference { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteStatus. +func (in *RouteStatus) DeepCopy() *RouteStatus { if in == nil { return nil } - out := new(RouteStatusGatewayReference) + out := new(RouteStatus) in.DeepCopyInto(out) return out } @@ -1301,6 +1322,13 @@ func (in *TCPRouteRule) DeepCopy() *TCPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TCPRouteSpec) DeepCopyInto(out *TCPRouteSpec) { *out = *in + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Rules != nil { in, out := &in.Rules, &out.Rules *out = make([]TCPRouteRule, len(*in)) @@ -1308,11 +1336,6 @@ func (in *TCPRouteSpec) DeepCopyInto(out *TCPRouteSpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteSpec. @@ -1472,10 +1495,12 @@ func (in *TLSRouteRule) DeepCopy() *TLSRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSRouteSpec) DeepCopyInto(out *TLSRouteSpec) { *out = *in - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames @@ -1628,6 +1653,13 @@ func (in *UDPRouteRule) DeepCopy() *UDPRouteRule { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UDPRouteSpec) DeepCopyInto(out *UDPRouteSpec) { *out = *in + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Rules != nil { in, out := &in.Rules, &out.Rules *out = make([]UDPRouteRule, len(*in)) @@ -1635,11 +1667,6 @@ func (in *UDPRouteSpec) DeepCopyInto(out *UDPRouteSpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.Gateways != nil { - in, out := &in.Gateways, &out.Gateways - *out = new(RouteGateways) - (*in).DeepCopyInto(*out) - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteSpec. diff --git a/config/crd/bases/gateway.networking.k8s.io_gateways.yaml b/config/crd/bases/gateway.networking.k8s.io_gateways.yaml index 1dd340ceff..4761b0477f 100644 --- a/config/crd/bases/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_gateways.yaml @@ -146,6 +146,14 @@ spec: maxLength: 253 minLength: 1 type: string + name: + description: "Name is the name of the Listener. If more than + one Listener is present each Listener MUST specify a name. + The names of Listeners MUST be unique within a Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string port: description: "Port is the network port. Multiple listeners may use the same port, subject to the Listener compatibility rules. @@ -167,16 +175,11 @@ spec: at both the TLS and HTTP protocol layers. \n Support: Core" type: string routes: - description: "Routes specifies a schema for associating routes - with the Listener using selectors. A Route is a resource capable - of servicing a request and allows a cluster operator to expose - a cluster resource (i.e. Service) by externally-reachable - URL, load-balance traffic and terminate SSL/TLS. Typically, - a route is a \"HTTPRoute\" or \"TCPRoute\" in group \"gateway.networking.k8s.io\", - however, an implementation may support other types of resources. - \n The Routes selector MUST select a set of objects that are - compatible with the application protocol specified in the - Protocol field. \n Although a client request may technically + default: + namespaces: + from: Same + description: "Routes specifies which Routes may be attached + to this Listener. \n Although a client request may technically match multiple route rules, only one rule may ultimately receive the request. Matching precedence MUST be determined in order of the following criteria: \n * The most specific match. For @@ -197,31 +200,43 @@ spec: by a Route is invalid, the rest of the Route should still be supported. \n Support: Core" properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the route resource to - select. Omitting the value indicates the gateway.networking.k8s.io - API group. For example, use the following to select an - HTTPRoute: \n routes: kind: HTTPRoute \n Otherwise, - if an alternative API group is desired, specify the desired - group: \n routes: group: acme.io kind: FooRoute \n - Support: Core" - maxLength: 253 - type: string - kind: - description: "Kind is the kind of the route resource to - select. \n Kind MUST correspond to kinds of routes that - are compatible with the application protocol specified - in the Listener's Protocol field. \n If an implementation - does not support or recognize this resource type, it SHOULD - set the \"ResolvedRefs\" condition to false for this listener - with the \"InvalidRoutesRef\" reason. \n Support: Core" - type: string + kinds: + description: "Kinds specifies the groups and kinds of Routes + that are allowed to bind to this Gateway listener. When + unspecified or empty, the kinds of Routes selected are + determined using the Listener protocol. \n Kind MUST correspond + to kinds of Routes that are compatible with the application + protocol specified in the Listener's Protocol field. If + an implementation does not support or recognize this resource + type, it SHOULD set the \"ResolvedRefs\" condition to + false for this listener with the \"InvalidRoutesRef\" + reason. \n Support: Core" + items: + description: RouteGroupKind indicates the group and kind + of a Route resource. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the Route. \n + Support: Core" + maxLength: 253 + type: string + kind: + description: "Kind is the kind of the Route. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + required: + - kind + type: object + maxItems: 8 + type: array namespaces: default: from: Same - description: "Namespaces indicates in which namespaces Routes - should be selected for this Gateway. This is restricted + description: "Namespaces indicates which namespaces Routes + may be attached to this Listener from. This is restricted to the namespace of this Gateway by default. \n Support: Core" properties: @@ -290,57 +305,6 @@ spec: type: object type: object type: object - selector: - description: "Selector specifies a set of route labels used - for selecting routes to associate with the Gateway. If - this Selector is defined, only routes matching the Selector - are associated with the Gateway. An empty Selector matches - all routes. \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - required: - - kind type: object tls: description: "TLS is the TLS configuration for the Listener. @@ -434,7 +398,6 @@ spec: required: - port - protocol - - routes type: object maxItems: 64 minItems: 1 @@ -573,6 +536,11 @@ spec: items: description: ListenerStatus is the status associated with a Listener. properties: + attachedRoutes: + description: AttachedRoutes represents the total number of Routes + that have been successfully attached to this Listener. + format: int32 + type: integer conditions: description: Conditions describe the current condition of this listener. @@ -652,33 +620,46 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - hostname: - description: Hostname is the Listener hostname value for which - this message is reporting the status. + name: + description: Name is the name of the Listener. maxLength: 253 minLength: 1 type: string - port: - description: Port is the unique Listener port value for which - this message is reporting the status. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: Protocol is the Listener protocol value for which - this message is reporting the status. - type: string + supportedKinds: + description: SupportedKinds is the list indicating the Kinds + supported by this listener. When this is not specified on + the Listener, this MUST represent the kinds an implementation + supports for the specified protocol. When there are kinds + specified on the Listener, this MUST represent the intersection + of those kinds and the kinds supported by the implementation + for the specified protocol. + items: + description: RouteGroupKind indicates the group and kind of + a Route resource. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the Route. \n Support: + Core" + maxLength: 253 + type: string + kind: + description: "Kind is the kind of the Route. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + required: + - kind + type: object + maxItems: 8 + type: array required: + - attachedRoutes - conditions - - port - - protocol type: object maxItems: 64 type: array - x-kubernetes-list-map-keys: - - port - x-kubernetes-list-type: map type: object required: - spec diff --git a/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml index 73415a4c3d..85c62623d7 100644 --- a/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_httproutes.yaml @@ -45,48 +45,6 @@ spec: spec: description: Spec defines the desired state of HTTPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object hostnames: description: "Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the @@ -142,6 +100,93 @@ spec: type: string maxItems: 16 type: array + parentRefs: + description: "ParentRefs references the resources (usually Gateways) + that a Route wants to be attached to. Note that the referenced parent + resource needs to allow this for the attachment to be complete. + For Gateways, that means the Gateway needs to allow attachment from + Routes of this kind and namespace. \n The only kind of parent resource + with \"Core\" support is Gateway. This API may be extended in the + future to support additional kinds of parent resources such as one + of the route kinds. \n It is invalid to reference an identical parent + more than once. It is valid to reference multiple distinct sections + within the same parent resource, such as 2 Listeners within a Gateway. + \n It is possible to separately reference multiple distinct objects + that may be collapsed by an implementation. For example, some implementations + may choose to merge compatible Gateway Listeners together. If that + is the case, the list of routes attached to those resources should + also be merged." + items: + description: ParentRef identifies an API object (usually a Gateway) + that can be considered a parent of this resource (usually a route). + The only kind of parent resource with "Core" support is Gateway. + This API may be extended in the future to support additional kinds + of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: default: - matches: @@ -1045,7 +1090,7 @@ spec: status: description: Status defines the current state of HTTPRoute. properties: - gateways: + parents: description: "Gateways is a list of Gateways that are associated with the route, and the status of the route with respect to each Gateway. When a Gateway selects this route, the controller that manages the @@ -1056,8 +1101,8 @@ spec: using this Route that are not included in the list. An empty list means the route has not been admitted by any Gateway." items: - description: RouteGatewayStatus describes the status of a route - with respect to an associated Gateway. + description: RouteParentStatus describes the status of a route with + respect to an associated Parent. properties: conditions: description: Conditions describes the status of the route with @@ -1143,42 +1188,89 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - gatewayRef: - description: GatewayRef is a reference to a Gateway object that - is associated with the route. + controller: + description: "Controller is a domain/path string that indicates + the controller that wrote this status. This corresponds with + the controller field on GatewayClass. \n Example: \"acme.io/gateway-controller\". + \n The format of this field is DOMAIN \"/\" PATH, where DOMAIN + and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + maxLength: 253 + minLength: 1 + type: string + parentRef: + description: ParentRef is a reference to the parent resource + that the route wants to be attached to. properties: - controller: - description: "Controller is a domain/path string that indicates - the controller implementing the Gateway. This corresponds - with the controller field on GatewayClass. \n Example: - \"acme.io/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are - valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: + Core (Gateway) Support: Extended (Other Resources)" maxLength: 253 minLength: 1 type: string name: - description: Name is the name of the referent. + description: "Name is the name of the referent. \n Support: + Core" maxLength: 253 minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. + description: "Namespace is the namespace of the referent. + When unspecified (empty string), this will either be: + \n * local namespace of the target is a namespace scoped + resource * no namespace (not applicable) if the target + is cluster-scoped. \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster + or namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: + Extended (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within + the target resource. In the following resources, SectionName + is interpreted as the following: \n * Gateway: Listener + Name \n Implementations MAY choose to support attaching + Routes to other resources. If that is the case, they MUST + clearly document how SectionName is interpreted. \n When + unspecified (empty string), this will reference the entire + resource. For the purpose of status, an attachment is + considered successful if at least one section in the parent + resource accepts it. For example, Gateway listeners can + restrict which Routes can bind to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept + attachment from the referencing Route, the Route MUST + be considered successfully attached. If no Gateway listeners + accept attachment from this Route, the Route MUST be considered + detached from the Gateway. \n Support: Core" maxLength: 253 minLength: 1 type: string required: - - controller - name - - namespace type: object required: - - gatewayRef + - controller + - parentRef type: object maxItems: 100 type: array required: - - gateways + - parents type: object required: - spec diff --git a/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml index d4e48ce808..41d934c649 100644 --- a/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_tcproutes.yaml @@ -42,48 +42,93 @@ spec: spec: description: Spec defines the desired state of TCPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object + parentRefs: + description: "ParentRefs references the resources (usually Gateways) + that a Route wants to be attached to. Note that the referenced parent + resource needs to allow this for the attachment to be complete. + For Gateways, that means the Gateway needs to allow attachment from + Routes of this kind and namespace. \n The only kind of parent resource + with \"Core\" support is Gateway. This API may be extended in the + future to support additional kinds of parent resources such as one + of the route kinds. \n It is invalid to reference an identical parent + more than once. It is valid to reference multiple distinct sections + within the same parent resource, such as 2 Listeners within a Gateway. + \n It is possible to separately reference multiple distinct objects + that may be collapsed by an implementation. For example, some implementations + may choose to merge compatible Gateway Listeners together. If that + is the case, the list of routes attached to those resources should + also be merged." + items: + description: ParentRef identifies an API object (usually a Gateway) + that can be considered a parent of this resource (usually a route). + The only kind of parent resource with "Core" support is Gateway. + This API may be extended in the future to support additional kinds + of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of TCP matchers and actions. items: @@ -235,7 +280,7 @@ spec: status: description: Status defines the current state of TCPRoute. properties: - gateways: + parents: description: "Gateways is a list of Gateways that are associated with the route, and the status of the route with respect to each Gateway. When a Gateway selects this route, the controller that manages the @@ -246,8 +291,8 @@ spec: using this Route that are not included in the list. An empty list means the route has not been admitted by any Gateway." items: - description: RouteGatewayStatus describes the status of a route - with respect to an associated Gateway. + description: RouteParentStatus describes the status of a route with + respect to an associated Parent. properties: conditions: description: Conditions describes the status of the route with @@ -333,42 +378,89 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - gatewayRef: - description: GatewayRef is a reference to a Gateway object that - is associated with the route. + controller: + description: "Controller is a domain/path string that indicates + the controller that wrote this status. This corresponds with + the controller field on GatewayClass. \n Example: \"acme.io/gateway-controller\". + \n The format of this field is DOMAIN \"/\" PATH, where DOMAIN + and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + maxLength: 253 + minLength: 1 + type: string + parentRef: + description: ParentRef is a reference to the parent resource + that the route wants to be attached to. properties: - controller: - description: "Controller is a domain/path string that indicates - the controller implementing the Gateway. This corresponds - with the controller field on GatewayClass. \n Example: - \"acme.io/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are - valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: + Core (Gateway) Support: Extended (Other Resources)" maxLength: 253 minLength: 1 type: string name: - description: Name is the name of the referent. + description: "Name is the name of the referent. \n Support: + Core" maxLength: 253 minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. + description: "Namespace is the namespace of the referent. + When unspecified (empty string), this will either be: + \n * local namespace of the target is a namespace scoped + resource * no namespace (not applicable) if the target + is cluster-scoped. \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster + or namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: + Extended (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within + the target resource. In the following resources, SectionName + is interpreted as the following: \n * Gateway: Listener + Name \n Implementations MAY choose to support attaching + Routes to other resources. If that is the case, they MUST + clearly document how SectionName is interpreted. \n When + unspecified (empty string), this will reference the entire + resource. For the purpose of status, an attachment is + considered successful if at least one section in the parent + resource accepts it. For example, Gateway listeners can + restrict which Routes can bind to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept + attachment from the referencing Route, the Route MUST + be considered successfully attached. If no Gateway listeners + accept attachment from this Route, the Route MUST be considered + detached from the Gateway. \n Support: Core" maxLength: 253 minLength: 1 type: string required: - - controller - name - - namespace type: object required: - - gatewayRef + - controller + - parentRef type: object maxItems: 100 type: array required: - - gateways + - parents type: object required: - spec diff --git a/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml b/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml index 7bf06164b2..ea883299bc 100644 --- a/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_tlsroutes.yaml @@ -46,48 +46,6 @@ spec: spec: description: Spec defines the desired state of TLSRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object hostnames: description: "Hostnames defines a set of SNI names that should match against the SNI attribute of TLS ClientHello message in TLS handshake. @@ -124,6 +82,93 @@ spec: type: string maxItems: 16 type: array + parentRefs: + description: "ParentRefs references the resources (usually Gateways) + that a Route wants to be attached to. Note that the referenced parent + resource needs to allow this for the attachment to be complete. + For Gateways, that means the Gateway needs to allow attachment from + Routes of this kind and namespace. \n The only kind of parent resource + with \"Core\" support is Gateway. This API may be extended in the + future to support additional kinds of parent resources such as one + of the route kinds. \n It is invalid to reference an identical parent + more than once. It is valid to reference multiple distinct sections + within the same parent resource, such as 2 Listeners within a Gateway. + \n It is possible to separately reference multiple distinct objects + that may be collapsed by an implementation. For example, some implementations + may choose to merge compatible Gateway Listeners together. If that + is the case, the list of routes attached to those resources should + also be merged." + items: + description: ParentRef identifies an API object (usually a Gateway) + that can be considered a parent of this resource (usually a route). + The only kind of parent resource with "Core" support is Gateway. + This API may be extended in the future to support additional kinds + of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of TLS matchers and actions. items: @@ -278,7 +323,7 @@ spec: status: description: Status defines the current state of TLSRoute. properties: - gateways: + parents: description: "Gateways is a list of Gateways that are associated with the route, and the status of the route with respect to each Gateway. When a Gateway selects this route, the controller that manages the @@ -289,8 +334,8 @@ spec: using this Route that are not included in the list. An empty list means the route has not been admitted by any Gateway." items: - description: RouteGatewayStatus describes the status of a route - with respect to an associated Gateway. + description: RouteParentStatus describes the status of a route with + respect to an associated Parent. properties: conditions: description: Conditions describes the status of the route with @@ -376,42 +421,89 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - gatewayRef: - description: GatewayRef is a reference to a Gateway object that - is associated with the route. + controller: + description: "Controller is a domain/path string that indicates + the controller that wrote this status. This corresponds with + the controller field on GatewayClass. \n Example: \"acme.io/gateway-controller\". + \n The format of this field is DOMAIN \"/\" PATH, where DOMAIN + and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + maxLength: 253 + minLength: 1 + type: string + parentRef: + description: ParentRef is a reference to the parent resource + that the route wants to be attached to. properties: - controller: - description: "Controller is a domain/path string that indicates - the controller implementing the Gateway. This corresponds - with the controller field on GatewayClass. \n Example: - \"acme.io/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are - valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: + Core (Gateway) Support: Extended (Other Resources)" maxLength: 253 minLength: 1 type: string name: - description: Name is the name of the referent. + description: "Name is the name of the referent. \n Support: + Core" maxLength: 253 minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. + description: "Namespace is the namespace of the referent. + When unspecified (empty string), this will either be: + \n * local namespace of the target is a namespace scoped + resource * no namespace (not applicable) if the target + is cluster-scoped. \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster + or namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: + Extended (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within + the target resource. In the following resources, SectionName + is interpreted as the following: \n * Gateway: Listener + Name \n Implementations MAY choose to support attaching + Routes to other resources. If that is the case, they MUST + clearly document how SectionName is interpreted. \n When + unspecified (empty string), this will reference the entire + resource. For the purpose of status, an attachment is + considered successful if at least one section in the parent + resource accepts it. For example, Gateway listeners can + restrict which Routes can bind to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept + attachment from the referencing Route, the Route MUST + be considered successfully attached. If no Gateway listeners + accept attachment from this Route, the Route MUST be considered + detached from the Gateway. \n Support: Core" maxLength: 253 minLength: 1 type: string required: - - controller - name - - namespace type: object required: - - gatewayRef + - controller + - parentRef type: object maxItems: 100 type: array required: - - gateways + - parents type: object required: - spec diff --git a/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml b/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml index f20a1b161f..6cc8b566be 100644 --- a/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml +++ b/config/crd/bases/gateway.networking.k8s.io_udproutes.yaml @@ -43,48 +43,93 @@ spec: spec: description: Spec defines the desired state of UDPRoute. properties: - gateways: - default: - allow: SameNamespace - description: Gateways defines which Gateways can use this Route. - properties: - allow: - default: SameNamespace - description: 'Allow indicates which Gateways will be allowed to - use this route. Possible values are: * All: Gateways in any - namespace can use this route. * FromList: Only Gateways specified - in GatewayRefs may use this route. * SameNamespace: Only Gateways - in the same namespace may use this route.' - enum: - - All - - FromList - - SameNamespace - type: string - gatewayRefs: - description: GatewayRefs must be specified when Allow is set to - "FromList". In that case, only Gateways referenced in this list - will be allowed to use this route. This field is ignored for - other values of "Allow". - items: - description: GatewayReference identifies a Gateway in a specified - namespace. - properties: - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - name - - namespace - type: object - type: array - type: object + parentRefs: + description: "ParentRefs references the resources (usually Gateways) + that a Route wants to be attached to. Note that the referenced parent + resource needs to allow this for the attachment to be complete. + For Gateways, that means the Gateway needs to allow attachment from + Routes of this kind and namespace. \n The only kind of parent resource + with \"Core\" support is Gateway. This API may be extended in the + future to support additional kinds of parent resources such as one + of the route kinds. \n It is invalid to reference an identical parent + more than once. It is valid to reference multiple distinct sections + within the same parent resource, such as 2 Listeners within a Gateway. + \n It is possible to separately reference multiple distinct objects + that may be collapsed by an implementation. For example, some implementations + may choose to merge compatible Gateway Listeners together. If that + is the case, the list of routes attached to those resources should + also be merged." + items: + description: ParentRef identifies an API object (usually a Gateway) + that can be considered a parent of this resource (usually a route). + The only kind of parent resource with "Core" support is Gateway. + This API may be extended in the future to support additional kinds + of parent resources, such as HTTPRoute. + properties: + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: Core + (Gateway) Support: Extended (Other Resources)" + maxLength: 253 + minLength: 1 + type: string + name: + description: "Name is the name of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the referent. When + unspecified (empty string), this will either be: \n * local + namespace of the target is a namespace scoped resource * no + namespace (not applicable) if the target is cluster-scoped. + \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster or + namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: Extended + (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within the + target resource. In the following resources, SectionName is + interpreted as the following: \n * Gateway: Listener Name + \n Implementations MAY choose to support attaching Routes + to other resources. If that is the case, they MUST clearly + document how SectionName is interpreted. \n When unspecified + (empty string), this will reference the entire resource. For + the purpose of status, an attachment is considered successful + if at least one section in the parent resource accepts it. + For example, Gateway listeners can restrict which Routes can + bind to them by Route kind, namespace, or hostname. If 1 of + 2 Gateway listeners accept attachment from the referencing + Route, the Route MUST be considered successfully attached. + If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. \n + Support: Core" + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + maxItems: 16 + type: array rules: description: Rules are a list of UDP matchers and actions. items: @@ -236,7 +281,7 @@ spec: status: description: Status defines the current state of UDPRoute. properties: - gateways: + parents: description: "Gateways is a list of Gateways that are associated with the route, and the status of the route with respect to each Gateway. When a Gateway selects this route, the controller that manages the @@ -247,8 +292,8 @@ spec: using this Route that are not included in the list. An empty list means the route has not been admitted by any Gateway." items: - description: RouteGatewayStatus describes the status of a route - with respect to an associated Gateway. + description: RouteParentStatus describes the status of a route with + respect to an associated Parent. properties: conditions: description: Conditions describes the status of the route with @@ -334,42 +379,89 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - gatewayRef: - description: GatewayRef is a reference to a Gateway object that - is associated with the route. + controller: + description: "Controller is a domain/path string that indicates + the controller that wrote this status. This corresponds with + the controller field on GatewayClass. \n Example: \"acme.io/gateway-controller\". + \n The format of this field is DOMAIN \"/\" PATH, where DOMAIN + and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + maxLength: 253 + minLength: 1 + type: string + parentRef: + description: ParentRef is a reference to the parent resource + that the route wants to be attached to. properties: - controller: - description: "Controller is a domain/path string that indicates - the controller implementing the Gateway. This corresponds - with the controller field on GatewayClass. \n Example: - \"acme.io/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are - valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)." + group: + default: gateway.networking.k8s.io + description: "Group is the group of the referent. \n Support: + Core" + maxLength: 253 + minLength: 1 + type: string + kind: + default: Gateway + description: "Kind is kind of the referent. \n Support: + Core (Gateway) Support: Extended (Other Resources)" maxLength: 253 minLength: 1 type: string name: - description: Name is the name of the referent. + description: "Name is the name of the referent. \n Support: + Core" maxLength: 253 minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. + description: "Namespace is the namespace of the referent. + When unspecified (empty string), this will either be: + \n * local namespace of the target is a namespace scoped + resource * no namespace (not applicable) if the target + is cluster-scoped. \n Support: Extended" + maxLength: 253 + minLength: 1 + type: string + scope: + default: Namespace + description: "Scope represents if this refers to a cluster + or namespace scoped resource. This may be set to \"Cluster\" + or \"Namespace\". \n Support: Core (Namespace) Support: + Extended (Cluster)" + enum: + - Cluster + - Namespace + type: string + sectionName: + description: "SectionName is the name of a section within + the target resource. In the following resources, SectionName + is interpreted as the following: \n * Gateway: Listener + Name \n Implementations MAY choose to support attaching + Routes to other resources. If that is the case, they MUST + clearly document how SectionName is interpreted. \n When + unspecified (empty string), this will reference the entire + resource. For the purpose of status, an attachment is + considered successful if at least one section in the parent + resource accepts it. For example, Gateway listeners can + restrict which Routes can bind to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept + attachment from the referencing Route, the Route MUST + be considered successfully attached. If no Gateway listeners + accept attachment from this Route, the Route MUST be considered + detached from the Gateway. \n Support: Core" maxLength: 253 minLength: 1 type: string required: - - controller - name - - namespace type: object required: - - gatewayRef + - controller + - parentRef type: object maxItems: 100 type: array required: - - gateways + - parents type: object required: - spec diff --git a/examples/v1alpha2/basic-http.yaml b/examples/v1alpha2/basic-http.yaml index a3961e51ce..b9b68afa60 100644 --- a/examples/v1alpha2/basic-http.yaml +++ b/examples/v1alpha2/basic-http.yaml @@ -18,21 +18,14 @@ spec: listeners: # Use GatewayClass defaults for listener definition. - protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: foo - namespaces: - from: "Same" --- kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: http-app-1 - labels: - app: foo spec: + parentRefs: + - name: my-gateway hostnames: - "foo.com" rules: diff --git a/examples/v1alpha2/default-match-http.yaml b/examples/v1alpha2/default-match-http.yaml index d358fe71b5..0faa95dce3 100644 --- a/examples/v1alpha2/default-match-http.yaml +++ b/examples/v1alpha2/default-match-http.yaml @@ -14,13 +14,6 @@ spec: listeners: - protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: default-match - namespaces: - from: "All" --- # This HTTPRoute demonstrates patch match defaulting. If no path match is # specified, CRD defaults adds a default prefix match on the path "/". This @@ -33,6 +26,8 @@ metadata: labels: app: default-match spec: + parentRefs: + - name: default-match-gw hostnames: - default-match.com rules: diff --git a/examples/v1alpha2/http-redirect.yaml b/examples/v1alpha2/http-redirect.yaml index 8077f89eb4..d641a85c6d 100644 --- a/examples/v1alpha2/http-redirect.yaml +++ b/examples/v1alpha2/http-redirect.yaml @@ -2,7 +2,7 @@ kind: GatewayClass apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: filter-lb -spec: +spec: controller: acme.io/gateway-controller parametersRef: name: acme-lb @@ -22,41 +22,26 @@ metadata: spec: gatewayClassName: filter-lb listeners: - - protocol: HTTP + - name: http + protocol: HTTP port: 80 - routes: - kind: HTTPRoute - selector: - matchLabels: - protocol: http - namespaces: - from: "Same" - - protocol: HTTPS + - name: https + protocol: HTTPS port: 443 - routes: - kind: HTTPRoute - selector: - matchLabels: - app: filter - namespaces: - from: "All" --- kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: http-filter-1 namespace: gateway-api-example-ns1 - labels: - protocol: http spec: + parentRefs: + - name: my-filter-gateway + sectionName: http hostnames: - my-filter.example.com rules: - - matches: - - path: - type: Prefix - value: / - filters: + - filters: - type: RequestRedirect requestRedirect: protocol: HTTPS @@ -64,10 +49,12 @@ spec: kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: - name: http-filter-1 - labels: - app: filter + name: http-filter-2 + namespace: gateway-api-example-ns1 spec: + parentRefs: + - name: my-filter-gateway + sectionName: https hostnames: - my-filter.example.com rules: diff --git a/examples/v1alpha2/traffic-split-1.yaml b/examples/v1alpha2/traffic-split-1.yaml index e8d32cb638..8fb7a93db8 100644 --- a/examples/v1alpha2/traffic-split-1.yaml +++ b/examples/v1alpha2/traffic-split-1.yaml @@ -2,9 +2,9 @@ kind: HTTPRoute apiVersion: gateway.networking.k8s.io/v1alpha2 metadata: name: foo-route - labels: - gateway: prod-web-gw spec: + parentRefs: + - name: prod-web-gw hostnames: - foo.example.com rules: diff --git a/site-src/geps/gep-724.md b/site-src/geps/gep-724.md index 248ce9267a..7577ee483d 100644 --- a/site-src/geps/gep-724.md +++ b/site-src/geps/gep-724.md @@ -1,7 +1,7 @@ # GEP-724: Refresh Route-Gateway Binding * Issue URL: [#724](https://github.com/kubernetes-sigs/gateway-api/issues/724) -* Status: Implementable +* Status: Implemented ## TLDR