charts: metallb
diff --git a/charts/metallb/templates/manifest.yaml b/charts/metallb/templates/manifest.yaml
index bbcf54e..537ab7f 100644
--- a/charts/metallb/templates/manifest.yaml
+++ b/charts/metallb/templates/manifest.yaml
@@ -3,6 +3,7 @@
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
name: addresspools.metallb.io
spec:
conversion:
@@ -379,8 +380,9 @@
type: integer
communities:
description: The BGP communities to be associated with the announcement.
- Each item can be a community of the form 1234:1234 or the name of
- an alias defined in the Community CRD.
+ Each item can be a standard community of the form 1234:1234, a large
+ community of the form large:1234:1234:1234 or the name of an alias
+ defined in the Community CRD.
items:
type: string
type: array
@@ -524,6 +526,7 @@
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
name: bgppeers.metallb.io
spec:
conversion:
@@ -872,7 +875,8 @@
type: string
value:
description: The BGP community value corresponding to the given
- name.
+ name. Can be a standard community of the form 1234:1234 or
+ a large community of the form large:1234:1234:1234.
type: string
type: object
type: array
@@ -1402,6 +1406,14 @@
- list
- watch
- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
- metallb.io
resources:
- addresspools
@@ -1477,6 +1489,12 @@
- apiGroups:
- ""
resources:
+ - nodes
+ verbs:
+ - list
+- apiGroups:
+ - ""
+ resources:
- services/status
verbs:
- update
@@ -1651,6 +1669,15 @@
namespace: metallb-system
---
apiVersion: v1
+data:
+ excludel2.yaml: |
+ announcedInterfacesToExclude: ["docker.*", "cbr.*", "dummy.*", "virbr.*", "lxcbr.*", "veth.*", "lo", "^cali.*", "^tunl.*", "flannel.*", "kube-ipvs.*", "cni.*", "^nodelocaldns.*"]
+kind: ConfigMap
+metadata:
+ name: metallb-excludel2
+ namespace: metallb-system
+---
+apiVersion: v1
kind: Secret
metadata:
name: webhook-server-cert
@@ -1700,7 +1727,7 @@
value: memberlist
- name: METALLB_DEPLOYMENT
value: controller
- image: quay.io/metallb/controller:v0.13.9
+ image: quay.io/metallb/controller:v0.13.10
livenessProbe:
failureThreshold: 3
httpGet:
@@ -1793,7 +1820,7 @@
value: app=metallb,component=speaker
- name: METALLB_ML_SECRET_KEY_PATH
value: /etc/ml_secret_key
- image: quay.io/metallb/speaker:v0.13.9
+ image: quay.io/metallb/speaker:v0.13.10
livenessProbe:
failureThreshold: 3
httpGet:
@@ -1833,6 +1860,9 @@
- mountPath: /etc/ml_secret_key
name: memberlist
readOnly: true
+ - mountPath: /etc/metallb
+ name: metallb-excludel2
+ readOnly: true
hostNetwork: true
nodeSelector:
kubernetes.io/os: linux
@@ -1850,6 +1880,10 @@
secret:
defaultMode: 420
secretName: memberlist
+ - configMap:
+ defaultMode: 256
+ name: metallb-excludel2
+ name: metallb-excludel2
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
@@ -1997,2005 +2031,3 @@
resources:
- l2advertisements
sideEffects: None
-
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# name: addresspools.metallb.io
-# spec:
-# conversion:
-# strategy: Webhook
-# webhook:
-# clientConfig:
-# caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /convert
-# conversionReviewVersions:
-# - v1alpha1
-# - v1beta1
-# group: metallb.io
-# names:
-# kind: AddressPool
-# listKind: AddressPoolList
-# plural: addresspools
-# singular: addresspool
-# scope: Namespaced
-# versions:
-# - deprecated: true
-# deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated
-# name: v1alpha1
-# schema:
-# openAPIV3Schema:
-# description: AddressPool is the Schema for the addresspools API.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: AddressPoolSpec defines the desired state of AddressPool.
-# properties:
-# addresses:
-# description: A list of IP address ranges over which MetalLB has authority.
-# You can list multiple ranges in a single pool, they will all share
-# the same settings. Each range can be either a CIDR prefix, or an
-# explicit start-end range of IPs.
-# items:
-# type: string
-# type: array
-# autoAssign:
-# default: true
-# description: AutoAssign flag used to prevent MetallB from automatic
-# allocation for a pool.
-# type: boolean
-# bgpAdvertisements:
-# description: When an IP is allocated from this pool, how should it
-# be translated into BGP announcements?
-# items:
-# properties:
-# aggregationLength:
-# default: 32
-# description: The aggregation-length advertisement option lets
-# you “roll up” the /32s into a larger prefix.
-# format: int32
-# minimum: 1
-# type: integer
-# aggregationLengthV6:
-# default: 128
-# description: Optional, defaults to 128 (i.e. no aggregation)
-# if not specified.
-# format: int32
-# type: integer
-# communities:
-# description: BGP communities
-# items:
-# type: string
-# type: array
-# localPref:
-# description: BGP LOCAL_PREF attribute which is used by BGP best
-# path algorithm, Path with higher localpref is preferred over
-# one with lower localpref.
-# format: int32
-# type: integer
-# type: object
-# type: array
-# protocol:
-# description: Protocol can be used to select how the announcement is
-# done.
-# enum:
-# - layer2
-# - bgp
-# type: string
-# required:
-# - addresses
-# - protocol
-# type: object
-# status:
-# description: AddressPoolStatus defines the observed state of AddressPool.
-# type: object
-# required:
-# - spec
-# type: object
-# served: true
-# storage: false
-# subresources:
-# status: {}
-# - deprecated: true
-# deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using
-# IPAddressPool
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: AddressPool represents a pool of IP addresses that can be allocated
-# to LoadBalancer services. AddressPool is deprecated and being replaced by
-# IPAddressPool.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: AddressPoolSpec defines the desired state of AddressPool.
-# properties:
-# addresses:
-# description: A list of IP address ranges over which MetalLB has authority.
-# You can list multiple ranges in a single pool, they will all share
-# the same settings. Each range can be either a CIDR prefix, or an
-# explicit start-end range of IPs.
-# items:
-# type: string
-# type: array
-# autoAssign:
-# default: true
-# description: AutoAssign flag used to prevent MetallB from automatic
-# allocation for a pool.
-# type: boolean
-# bgpAdvertisements:
-# description: Drives how an IP allocated from this pool should translated
-# into BGP announcements.
-# items:
-# properties:
-# aggregationLength:
-# default: 32
-# description: The aggregation-length advertisement option lets
-# you “roll up” the /32s into a larger prefix.
-# format: int32
-# minimum: 1
-# type: integer
-# aggregationLengthV6:
-# default: 128
-# description: Optional, defaults to 128 (i.e. no aggregation)
-# if not specified.
-# format: int32
-# type: integer
-# communities:
-# description: BGP communities to be associated with the given
-# advertisement.
-# items:
-# type: string
-# type: array
-# localPref:
-# description: BGP LOCAL_PREF attribute which is used by BGP best
-# path algorithm, Path with higher localpref is preferred over
-# one with lower localpref.
-# format: int32
-# type: integer
-# type: object
-# type: array
-# protocol:
-# description: Protocol can be used to select how the announcement is
-# done.
-# enum:
-# - layer2
-# - bgp
-# type: string
-# required:
-# - addresses
-# - protocol
-# type: object
-# status:
-# description: AddressPoolStatus defines the observed state of AddressPool.
-# type: object
-# required:
-# - spec
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# creationTimestamp: null
-# name: bfdprofiles.metallb.io
-# spec:
-# group: metallb.io
-# names:
-# kind: BFDProfile
-# listKind: BFDProfileList
-# plural: bfdprofiles
-# singular: bfdprofile
-# scope: Namespaced
-# versions:
-# - additionalPrinterColumns:
-# - jsonPath: .spec.passiveMode
-# name: Passive Mode
-# type: boolean
-# - jsonPath: .spec.transmitInterval
-# name: Transmit Interval
-# type: integer
-# - jsonPath: .spec.receiveInterval
-# name: Receive Interval
-# type: integer
-# - jsonPath: .spec.detectMultiplier
-# name: Multiplier
-# type: integer
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: BFDProfile represents the settings of the bfd session that can
-# be optionally associated with a BGP session.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: BFDProfileSpec defines the desired state of BFDProfile.
-# properties:
-# detectMultiplier:
-# description: Configures the detection multiplier to determine packet
-# loss. The remote transmission interval will be multiplied by this
-# value to determine the connection loss detection timer.
-# format: int32
-# maximum: 255
-# minimum: 2
-# type: integer
-# echoInterval:
-# description: Configures the minimal echo receive transmission interval
-# that this system is capable of handling in milliseconds. Defaults
-# to 50ms
-# format: int32
-# maximum: 60000
-# minimum: 10
-# type: integer
-# echoMode:
-# description: Enables or disables the echo transmission mode. This
-# mode is disabled by default, and not supported on multi hops setups.
-# type: boolean
-# minimumTtl:
-# description: 'For multi hop sessions only: configure the minimum expected
-# TTL for an incoming BFD control packet.'
-# format: int32
-# maximum: 254
-# minimum: 1
-# type: integer
-# passiveMode:
-# description: 'Mark session as passive: a passive session will not
-# attempt to start the connection and will wait for control packets
-# from peer before it begins replying.'
-# type: boolean
-# receiveInterval:
-# description: The minimum interval that this system is capable of receiving
-# control packets in milliseconds. Defaults to 300ms.
-# format: int32
-# maximum: 60000
-# minimum: 10
-# type: integer
-# transmitInterval:
-# description: The minimum transmission interval (less jitter) that
-# this system wants to use to send BFD control packets in milliseconds.
-# Defaults to 300ms
-# format: int32
-# maximum: 60000
-# minimum: 10
-# type: integer
-# type: object
-# status:
-# description: BFDProfileStatus defines the observed state of BFDProfile.
-# type: object
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# creationTimestamp: null
-# name: bgpadvertisements.metallb.io
-# spec:
-# group: metallb.io
-# names:
-# kind: BGPAdvertisement
-# listKind: BGPAdvertisementList
-# plural: bgpadvertisements
-# singular: bgpadvertisement
-# scope: Namespaced
-# versions:
-# - additionalPrinterColumns:
-# - jsonPath: .spec.ipAddressPools
-# name: IPAddressPools
-# type: string
-# - jsonPath: .spec.ipAddressPoolSelectors
-# name: IPAddressPool Selectors
-# type: string
-# - jsonPath: .spec.peers
-# name: Peers
-# type: string
-# - jsonPath: .spec.nodeSelectors
-# name: Node Selectors
-# priority: 10
-# type: string
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: BGPAdvertisement allows to advertise the IPs coming from the
-# selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement.
-# properties:
-# aggregationLength:
-# default: 32
-# description: The aggregation-length advertisement option lets you
-# “roll up” the /32s into a larger prefix. Defaults to 32. Works for
-# IPv4 addresses.
-# format: int32
-# minimum: 1
-# type: integer
-# aggregationLengthV6:
-# default: 128
-# description: The aggregation-length advertisement option lets you
-# “roll up” the /128s into a larger prefix. Defaults to 128. Works
-# for IPv6 addresses.
-# format: int32
-# type: integer
-# communities:
-# description: The BGP communities to be associated with the announcement.
-# Each item can be a community of the form 1234:1234 or the name of
-# an alias defined in the Community CRD.
-# items:
-# type: string
-# type: array
-# ipAddressPoolSelectors:
-# description: A selector for the IPAddressPools which would get advertised
-# via this advertisement. If no IPAddressPool is selected by this
-# or by the list, the advertisement is applied to all the IPAddressPools.
-# items:
-# description: A label selector is a label query over a set of resources.
-# The result of matchLabels and matchExpressions are ANDed. An empty
-# label selector matches all objects. A null label selector matches
-# no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector requirements.
-# The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector that
-# contains values, a key, and an operator that relates the
-# key and values.
-# properties:
-# key:
-# description: key is the label key that the selector applies
-# to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn, Exists
-# and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values. If the
-# operator is In or NotIn, the values array must be non-empty.
-# If the operator is Exists or DoesNotExist, the values
-# array must be empty. This array is replaced during a
-# strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs. A single
-# {key,value} in the matchLabels map is equivalent to an element
-# of matchExpressions, whose key field is "key", the operator
-# is "In", and the values array contains only "value". The requirements
-# are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# ipAddressPools:
-# description: The list of IPAddressPools to advertise via this advertisement,
-# selected by name.
-# items:
-# type: string
-# type: array
-# localPref:
-# description: The BGP LOCAL_PREF attribute which is used by BGP best
-# path algorithm, Path with higher localpref is preferred over one
-# with lower localpref.
-# format: int32
-# type: integer
-# nodeSelectors:
-# description: NodeSelectors allows to limit the nodes to announce as
-# next hops for the LoadBalancer IP. When empty, all the nodes having are
-# announced as next hops.
-# items:
-# description: A label selector is a label query over a set of resources.
-# The result of matchLabels and matchExpressions are ANDed. An empty
-# label selector matches all objects. A null label selector matches
-# no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector requirements.
-# The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector that
-# contains values, a key, and an operator that relates the
-# key and values.
-# properties:
-# key:
-# description: key is the label key that the selector applies
-# to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn, Exists
-# and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values. If the
-# operator is In or NotIn, the values array must be non-empty.
-# If the operator is Exists or DoesNotExist, the values
-# array must be empty. This array is replaced during a
-# strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs. A single
-# {key,value} in the matchLabels map is equivalent to an element
-# of matchExpressions, whose key field is "key", the operator
-# is "In", and the values array contains only "value". The requirements
-# are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# peers:
-# description: Peers limits the bgppeer to advertise the ips of the
-# selected pools to. When empty, the loadbalancer IP is announced
-# to all the BGPPeers configured.
-# items:
-# type: string
-# type: array
-# type: object
-# status:
-# description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement.
-# type: object
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# name: bgppeers.metallb.io
-# spec:
-# conversion:
-# strategy: Webhook
-# webhook:
-# clientConfig:
-# caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /convert
-# conversionReviewVersions:
-# - v1beta1
-# - v1beta2
-# group: metallb.io
-# names:
-# kind: BGPPeer
-# listKind: BGPPeerList
-# plural: bgppeers
-# singular: bgppeer
-# scope: Namespaced
-# versions:
-# - additionalPrinterColumns:
-# - jsonPath: .spec.peerAddress
-# name: Address
-# type: string
-# - jsonPath: .spec.peerASN
-# name: ASN
-# type: string
-# - jsonPath: .spec.bfdProfile
-# name: BFD Profile
-# type: string
-# - jsonPath: .spec.ebgpMultiHop
-# name: Multi Hops
-# type: string
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: BGPPeer is the Schema for the peers API.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: BGPPeerSpec defines the desired state of Peer.
-# properties:
-# bfdProfile:
-# type: string
-# ebgpMultiHop:
-# description: EBGP peer is multi-hops away
-# type: boolean
-# holdTime:
-# description: Requested BGP hold time, per RFC4271.
-# type: string
-# keepaliveTime:
-# description: Requested BGP keepalive time, per RFC4271.
-# type: string
-# myASN:
-# description: AS number to use for the local end of the session.
-# format: int32
-# maximum: 4294967295
-# minimum: 0
-# type: integer
-# nodeSelectors:
-# description: Only connect to this peer on nodes that match one of
-# these selectors.
-# items:
-# properties:
-# matchExpressions:
-# items:
-# properties:
-# key:
-# type: string
-# operator:
-# type: string
-# values:
-# items:
-# type: string
-# minItems: 1
-# type: array
-# required:
-# - key
-# - operator
-# - values
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# type: object
-# type: object
-# type: array
-# password:
-# description: Authentication password for routers enforcing TCP MD5
-# authenticated sessions
-# type: string
-# peerASN:
-# description: AS number to expect from the remote end of the session.
-# format: int32
-# maximum: 4294967295
-# minimum: 0
-# type: integer
-# peerAddress:
-# description: Address to dial when establishing the session.
-# type: string
-# peerPort:
-# description: Port to dial when establishing the session.
-# maximum: 16384
-# minimum: 0
-# type: integer
-# routerID:
-# description: BGP router ID to advertise to the peer
-# type: string
-# sourceAddress:
-# description: Source address to use when establishing the session.
-# type: string
-# required:
-# - myASN
-# - peerASN
-# - peerAddress
-# type: object
-# status:
-# description: BGPPeerStatus defines the observed state of Peer.
-# type: object
-# type: object
-# served: true
-# storage: false
-# subresources:
-# status: {}
-# - additionalPrinterColumns:
-# - jsonPath: .spec.peerAddress
-# name: Address
-# type: string
-# - jsonPath: .spec.peerASN
-# name: ASN
-# type: string
-# - jsonPath: .spec.bfdProfile
-# name: BFD Profile
-# type: string
-# - jsonPath: .spec.ebgpMultiHop
-# name: Multi Hops
-# type: string
-# name: v1beta2
-# schema:
-# openAPIV3Schema:
-# description: BGPPeer is the Schema for the peers API.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: BGPPeerSpec defines the desired state of Peer.
-# properties:
-# bfdProfile:
-# description: The name of the BFD Profile to be used for the BFD session
-# associated to the BGP session. If not set, the BFD session won't
-# be set up.
-# type: string
-# ebgpMultiHop:
-# description: To set if the BGPPeer is multi-hops away. Needed for
-# FRR mode only.
-# type: boolean
-# holdTime:
-# description: Requested BGP hold time, per RFC4271.
-# type: string
-# keepaliveTime:
-# description: Requested BGP keepalive time, per RFC4271.
-# type: string
-# myASN:
-# description: AS number to use for the local end of the session.
-# format: int32
-# maximum: 4294967295
-# minimum: 0
-# type: integer
-# nodeSelectors:
-# description: Only connect to this peer on nodes that match one of
-# these selectors.
-# items:
-# description: A label selector is a label query over a set of resources.
-# The result of matchLabels and matchExpressions are ANDed. An empty
-# label selector matches all objects. A null label selector matches
-# no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector requirements.
-# The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector that
-# contains values, a key, and an operator that relates the
-# key and values.
-# properties:
-# key:
-# description: key is the label key that the selector applies
-# to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn, Exists
-# and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values. If the
-# operator is In or NotIn, the values array must be non-empty.
-# If the operator is Exists or DoesNotExist, the values
-# array must be empty. This array is replaced during a
-# strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs. A single
-# {key,value} in the matchLabels map is equivalent to an element
-# of matchExpressions, whose key field is "key", the operator
-# is "In", and the values array contains only "value". The requirements
-# are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# password:
-# description: Authentication password for routers enforcing TCP MD5
-# authenticated sessions
-# type: string
-# passwordSecret:
-# description: passwordSecret is name of the authentication secret for
-# BGP Peer. the secret must be of type "kubernetes.io/basic-auth",
-# and created in the same namespace as the MetalLB deployment. The
-# password is stored in the secret as the key "password".
-# properties:
-# name:
-# description: name is unique within a namespace to reference a
-# secret resource.
-# type: string
-# namespace:
-# description: namespace defines the space within which the secret
-# name must be unique.
-# type: string
-# type: object
-# x-kubernetes-map-type: atomic
-# peerASN:
-# description: AS number to expect from the remote end of the session.
-# format: int32
-# maximum: 4294967295
-# minimum: 0
-# type: integer
-# peerAddress:
-# description: Address to dial when establishing the session.
-# type: string
-# peerPort:
-# default: 179
-# description: Port to dial when establishing the session.
-# maximum: 16384
-# minimum: 0
-# type: integer
-# routerID:
-# description: BGP router ID to advertise to the peer
-# type: string
-# sourceAddress:
-# description: Source address to use when establishing the session.
-# type: string
-# vrf:
-# description: To set if we want to peer with the BGPPeer using an interface
-# belonging to a host vrf
-# type: string
-# required:
-# - myASN
-# - peerASN
-# - peerAddress
-# type: object
-# status:
-# description: BGPPeerStatus defines the observed state of Peer.
-# type: object
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# creationTimestamp: null
-# name: communities.metallb.io
-# spec:
-# group: metallb.io
-# names:
-# kind: Community
-# listKind: CommunityList
-# plural: communities
-# singular: community
-# scope: Namespaced
-# versions:
-# - name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: Community is a collection of aliases for communities. Users can
-# define named aliases to be used in the BGPPeer CRD.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: CommunitySpec defines the desired state of Community.
-# properties:
-# communities:
-# items:
-# properties:
-# name:
-# description: The name of the alias for the community.
-# type: string
-# value:
-# description: The BGP community value corresponding to the given
-# name.
-# type: string
-# type: object
-# type: array
-# type: object
-# status:
-# description: CommunityStatus defines the observed state of Community.
-# type: object
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# creationTimestamp: null
-# name: ipaddresspools.metallb.io
-# spec:
-# group: metallb.io
-# names:
-# kind: IPAddressPool
-# listKind: IPAddressPoolList
-# plural: ipaddresspools
-# singular: ipaddresspool
-# scope: Namespaced
-# versions:
-# - additionalPrinterColumns:
-# - jsonPath: .spec.autoAssign
-# name: Auto Assign
-# type: boolean
-# - jsonPath: .spec.avoidBuggyIPs
-# name: Avoid Buggy IPs
-# type: boolean
-# - jsonPath: .spec.addresses
-# name: Addresses
-# type: string
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: IPAddressPool represents a pool of IP addresses that can be allocated
-# to LoadBalancer services.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: IPAddressPoolSpec defines the desired state of IPAddressPool.
-# properties:
-# addresses:
-# description: A list of IP address ranges over which MetalLB has authority.
-# You can list multiple ranges in a single pool, they will all share
-# the same settings. Each range can be either a CIDR prefix, or an
-# explicit start-end range of IPs.
-# items:
-# type: string
-# type: array
-# autoAssign:
-# default: true
-# description: AutoAssign flag used to prevent MetallB from automatic
-# allocation for a pool.
-# type: boolean
-# avoidBuggyIPs:
-# default: false
-# description: AvoidBuggyIPs prevents addresses ending with .0 and .255
-# to be used by a pool.
-# type: boolean
-# serviceAllocation:
-# description: AllocateTo makes ip pool allocation to specific namespace
-# and/or service. The controller will use the pool with lowest value
-# of priority in case of multiple matches. A pool with no priority
-# set will be used only if the pools with priority can't be used.
-# If multiple matching IPAddressPools are available it will check
-# for the availability of IPs sorting the matching IPAddressPools
-# by priority, starting from the highest to the lowest. If multiple
-# IPAddressPools have the same priority, choice will be random.
-# properties:
-# namespaceSelectors:
-# description: NamespaceSelectors list of label selectors to select
-# namespace(s) for ip pool, an alternative to using namespace
-# list.
-# items:
-# description: A label selector is a label query over a set of
-# resources. The result of matchLabels and matchExpressions
-# are ANDed. An empty label selector matches all objects. A
-# null label selector matches no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector
-# requirements. The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector
-# that contains values, a key, and an operator that relates
-# the key and values.
-# properties:
-# key:
-# description: key is the label key that the selector
-# applies to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn,
-# Exists and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values.
-# If the operator is In or NotIn, the values array
-# must be non-empty. If the operator is Exists or
-# DoesNotExist, the values array must be empty. This
-# array is replaced during a strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs.
-# A single {key,value} in the matchLabels map is equivalent
-# to an element of matchExpressions, whose key field is
-# "key", the operator is "In", and the values array contains
-# only "value". The requirements are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# namespaces:
-# description: Namespaces list of namespace(s) on which ip pool
-# can be attached.
-# items:
-# type: string
-# type: array
-# priority:
-# description: Priority priority given for ip pool while ip allocation
-# on a service.
-# type: integer
-# serviceSelectors:
-# description: ServiceSelectors list of label selector to select
-# service(s) for which ip pool can be used for ip allocation.
-# items:
-# description: A label selector is a label query over a set of
-# resources. The result of matchLabels and matchExpressions
-# are ANDed. An empty label selector matches all objects. A
-# null label selector matches no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector
-# requirements. The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector
-# that contains values, a key, and an operator that relates
-# the key and values.
-# properties:
-# key:
-# description: key is the label key that the selector
-# applies to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn,
-# Exists and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values.
-# If the operator is In or NotIn, the values array
-# must be non-empty. If the operator is Exists or
-# DoesNotExist, the values array must be empty. This
-# array is replaced during a strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs.
-# A single {key,value} in the matchLabels map is equivalent
-# to an element of matchExpressions, whose key field is
-# "key", the operator is "In", and the values array contains
-# only "value". The requirements are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# type: object
-# required:
-# - addresses
-# type: object
-# status:
-# description: IPAddressPoolStatus defines the observed state of IPAddressPool.
-# type: object
-# required:
-# - spec
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: apiextensions.k8s.io/v1
-# kind: CustomResourceDefinition
-# metadata:
-# annotations:
-# controller-gen.kubebuilder.io/version: v0.11.1
-# creationTimestamp: null
-# name: l2advertisements.metallb.io
-# spec:
-# group: metallb.io
-# names:
-# kind: L2Advertisement
-# listKind: L2AdvertisementList
-# plural: l2advertisements
-# singular: l2advertisement
-# scope: Namespaced
-# versions:
-# - additionalPrinterColumns:
-# - jsonPath: .spec.ipAddressPools
-# name: IPAddressPools
-# type: string
-# - jsonPath: .spec.ipAddressPoolSelectors
-# name: IPAddressPool Selectors
-# type: string
-# - jsonPath: .spec.interfaces
-# name: Interfaces
-# type: string
-# - jsonPath: .spec.nodeSelectors
-# name: Node Selectors
-# priority: 10
-# type: string
-# name: v1beta1
-# schema:
-# openAPIV3Schema:
-# description: L2Advertisement allows to advertise the LoadBalancer IPs provided
-# by the selected pools via L2.
-# properties:
-# apiVersion:
-# description: 'APIVersion defines the versioned schema of this representation
-# of an object. Servers should convert recognized schemas to the latest
-# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-# type: string
-# kind:
-# description: 'Kind is a string value representing the REST resource this
-# object represents. Servers may infer this from the endpoint the client
-# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-# type: string
-# metadata:
-# type: object
-# spec:
-# description: L2AdvertisementSpec defines the desired state of L2Advertisement.
-# properties:
-# interfaces:
-# description: A list of interfaces to announce from. The LB IP will
-# be announced only from these interfaces. If the field is not set,
-# we advertise from all the interfaces on the host.
-# items:
-# type: string
-# type: array
-# ipAddressPoolSelectors:
-# description: A selector for the IPAddressPools which would get advertised
-# via this advertisement. If no IPAddressPool is selected by this
-# or by the list, the advertisement is applied to all the IPAddressPools.
-# items:
-# description: A label selector is a label query over a set of resources.
-# The result of matchLabels and matchExpressions are ANDed. An empty
-# label selector matches all objects. A null label selector matches
-# no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector requirements.
-# The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector that
-# contains values, a key, and an operator that relates the
-# key and values.
-# properties:
-# key:
-# description: key is the label key that the selector applies
-# to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn, Exists
-# and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values. If the
-# operator is In or NotIn, the values array must be non-empty.
-# If the operator is Exists or DoesNotExist, the values
-# array must be empty. This array is replaced during a
-# strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs. A single
-# {key,value} in the matchLabels map is equivalent to an element
-# of matchExpressions, whose key field is "key", the operator
-# is "In", and the values array contains only "value". The requirements
-# are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# ipAddressPools:
-# description: The list of IPAddressPools to advertise via this advertisement,
-# selected by name.
-# items:
-# type: string
-# type: array
-# nodeSelectors:
-# description: NodeSelectors allows to limit the nodes to announce as
-# next hops for the LoadBalancer IP. When empty, all the nodes having are
-# announced as next hops.
-# items:
-# description: A label selector is a label query over a set of resources.
-# The result of matchLabels and matchExpressions are ANDed. An empty
-# label selector matches all objects. A null label selector matches
-# no objects.
-# properties:
-# matchExpressions:
-# description: matchExpressions is a list of label selector requirements.
-# The requirements are ANDed.
-# items:
-# description: A label selector requirement is a selector that
-# contains values, a key, and an operator that relates the
-# key and values.
-# properties:
-# key:
-# description: key is the label key that the selector applies
-# to.
-# type: string
-# operator:
-# description: operator represents a key's relationship
-# to a set of values. Valid operators are In, NotIn, Exists
-# and DoesNotExist.
-# type: string
-# values:
-# description: values is an array of string values. If the
-# operator is In or NotIn, the values array must be non-empty.
-# If the operator is Exists or DoesNotExist, the values
-# array must be empty. This array is replaced during a
-# strategic merge patch.
-# items:
-# type: string
-# type: array
-# required:
-# - key
-# - operator
-# type: object
-# type: array
-# matchLabels:
-# additionalProperties:
-# type: string
-# description: matchLabels is a map of {key,value} pairs. A single
-# {key,value} in the matchLabels map is equivalent to an element
-# of matchExpressions, whose key field is "key", the operator
-# is "In", and the values array contains only "value". The requirements
-# are ANDed.
-# type: object
-# type: object
-# x-kubernetes-map-type: atomic
-# type: array
-# type: object
-# status:
-# description: L2AdvertisementStatus defines the observed state of L2Advertisement.
-# type: object
-# type: object
-# served: true
-# storage: true
-# subresources:
-# status: {}
-# ---
-# apiVersion: v1
-# kind: ServiceAccount
-# metadata:
-# labels:
-# app: metallb
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: v1
-# kind: ServiceAccount
-# metadata:
-# labels:
-# app: metallb
-# name: speaker
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: Role
-# metadata:
-# labels:
-# app: metallb
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# rules:
-# - apiGroups:
-# - ""
-# resources:
-# - secrets
-# verbs:
-# - create
-# - delete
-# - get
-# - list
-# - patch
-# - update
-# - watch
-# - apiGroups:
-# - ""
-# resourceNames:
-# - memberlist
-# resources:
-# - secrets
-# verbs:
-# - list
-# - apiGroups:
-# - apps
-# resourceNames:
-# - controller
-# resources:
-# - deployments
-# verbs:
-# - get
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bgppeers
-# verbs:
-# - get
-# - list
-# - apiGroups:
-# - metallb.io
-# resources:
-# - addresspools
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bfdprofiles
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - ipaddresspools
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bgpadvertisements
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - l2advertisements
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - communities
-# verbs:
-# - get
-# - list
-# - watch
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: Role
-# metadata:
-# labels:
-# app: metallb
-# name: pod-lister
-# namespace: {{ .Release.Namespace }}
-# rules:
-# - apiGroups:
-# - ""
-# resources:
-# - pods
-# verbs:
-# - list
-# - apiGroups:
-# - ""
-# resources:
-# - secrets
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - addresspools
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bfdprofiles
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bgppeers
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - l2advertisements
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - bgpadvertisements
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - ipaddresspools
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - metallb.io
-# resources:
-# - communities
-# verbs:
-# - get
-# - list
-# - watch
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: ClusterRole
-# metadata:
-# labels:
-# app: metallb
-# name: metallb-system:controller
-# rules:
-# - apiGroups:
-# - ""
-# resources:
-# - services
-# - namespaces
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - ""
-# resources:
-# - services/status
-# verbs:
-# - update
-# - apiGroups:
-# - ""
-# resources:
-# - events
-# verbs:
-# - create
-# - patch
-# - apiGroups:
-# - policy
-# resourceNames:
-# - controller
-# resources:
-# - podsecuritypolicies
-# verbs:
-# - use
-# - apiGroups:
-# - admissionregistration.k8s.io
-# resourceNames:
-# - metallb-webhook-configuration
-# resources:
-# - validatingwebhookconfigurations
-# - mutatingwebhookconfigurations
-# verbs:
-# - create
-# - delete
-# - get
-# - list
-# - patch
-# - update
-# - watch
-# - apiGroups:
-# - admissionregistration.k8s.io
-# resources:
-# - validatingwebhookconfigurations
-# - mutatingwebhookconfigurations
-# verbs:
-# - list
-# - watch
-# - apiGroups:
-# - apiextensions.k8s.io
-# resourceNames:
-# - addresspools.metallb.io
-# - bfdprofiles.metallb.io
-# - bgpadvertisements.metallb.io
-# - bgppeers.metallb.io
-# - ipaddresspools.metallb.io
-# - l2advertisements.metallb.io
-# - communities.metallb.io
-# resources:
-# - customresourcedefinitions
-# verbs:
-# - create
-# - delete
-# - get
-# - list
-# - patch
-# - update
-# - watch
-# - apiGroups:
-# - apiextensions.k8s.io
-# resources:
-# - customresourcedefinitions
-# verbs:
-# - list
-# - watch
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: ClusterRole
-# metadata:
-# labels:
-# app: metallb
-# name: metallb-system:speaker
-# rules:
-# - apiGroups:
-# - ""
-# resources:
-# - services
-# - endpoints
-# - nodes
-# - namespaces
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - discovery.k8s.io
-# resources:
-# - endpointslices
-# verbs:
-# - get
-# - list
-# - watch
-# - apiGroups:
-# - ""
-# resources:
-# - events
-# verbs:
-# - create
-# - patch
-# - apiGroups:
-# - policy
-# resourceNames:
-# - speaker
-# resources:
-# - podsecuritypolicies
-# verbs:
-# - use
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: RoleBinding
-# metadata:
-# labels:
-# app: metallb
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# roleRef:
-# apiGroup: rbac.authorization.k8s.io
-# kind: Role
-# name: controller
-# subjects:
-# - kind: ServiceAccount
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: RoleBinding
-# metadata:
-# labels:
-# app: metallb
-# name: pod-lister
-# namespace: {{ .Release.Namespace }}
-# roleRef:
-# apiGroup: rbac.authorization.k8s.io
-# kind: Role
-# name: pod-lister
-# subjects:
-# - kind: ServiceAccount
-# name: speaker
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: ClusterRoleBinding
-# metadata:
-# labels:
-# app: metallb
-# name: metallb-system:controller
-# roleRef:
-# apiGroup: rbac.authorization.k8s.io
-# kind: ClusterRole
-# name: metallb-system:controller
-# subjects:
-# - kind: ServiceAccount
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: rbac.authorization.k8s.io/v1
-# kind: ClusterRoleBinding
-# metadata:
-# labels:
-# app: metallb
-# name: metallb-system:speaker
-# roleRef:
-# apiGroup: rbac.authorization.k8s.io
-# kind: ClusterRole
-# name: metallb-system:speaker
-# subjects:
-# - kind: ServiceAccount
-# name: speaker
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: v1
-# kind: Secret
-# metadata:
-# name: webhook-server-cert
-# namespace: {{ .Release.Namespace }}
-# ---
-# apiVersion: v1
-# kind: Service
-# metadata:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# spec:
-# ports:
-# - port: 443
-# targetPort: 9443
-# selector:
-# component: controller
-# ---
-# apiVersion: apps/v1
-# kind: Deployment
-# metadata:
-# labels:
-# app: metallb
-# component: controller
-# name: controller
-# namespace: {{ .Release.Namespace }}
-# spec:
-# revisionHistoryLimit: 3
-# selector:
-# matchLabels:
-# app: metallb
-# component: controller
-# template:
-# metadata:
-# annotations:
-# prometheus.io/port: "7472"
-# prometheus.io/scrape: "true"
-# labels:
-# app: metallb
-# component: controller
-# spec:
-# containers:
-# - args:
-# - --port=7472
-# - --log-level={{ .Values.controller.logLevel }}
-# env:
-# - name: METALLB_ML_SECRET_NAME
-# value: memberlist
-# - name: METALLB_DEPLOYMENT
-# value: controller
-# image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}
-# imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
-# livenessProbe:
-# failureThreshold: 3
-# httpGet:
-# path: /metrics
-# port: monitoring
-# initialDelaySeconds: 10
-# periodSeconds: 10
-# successThreshold: 1
-# timeoutSeconds: 1
-# name: controller
-# ports:
-# - containerPort: 7472
-# name: monitoring
-# - containerPort: 9443
-# name: webhook-server
-# protocol: TCP
-# readinessProbe:
-# failureThreshold: 3
-# httpGet:
-# path: /metrics
-# port: monitoring
-# initialDelaySeconds: 10
-# periodSeconds: 10
-# successThreshold: 1
-# timeoutSeconds: 1
-# securityContext:
-# allowPrivilegeEscalation: false
-# capabilities:
-# drop:
-# - all
-# readOnlyRootFilesystem: true
-# volumeMounts:
-# - mountPath: /tmp/k8s-webhook-server/serving-certs
-# name: cert
-# readOnly: true
-# nodeSelector:
-# kubernetes.io/os: linux
-# securityContext:
-# fsGroup: 65534
-# runAsNonRoot: true
-# runAsUser: 65534
-# serviceAccountName: controller
-# terminationGracePeriodSeconds: 0
-# volumes:
-# - name: cert
-# secret:
-# defaultMode: 420
-# secretName: webhook-server-cert
-# ---
-# apiVersion: apps/v1
-# kind: DaemonSet
-# metadata:
-# labels:
-# app: metallb
-# component: speaker
-# name: speaker
-# namespace: {{ .Release.Namespace }}
-# spec:
-# selector:
-# matchLabels:
-# app: metallb
-# component: speaker
-# template:
-# metadata:
-# annotations:
-# prometheus.io/port: "7472"
-# prometheus.io/scrape: "true"
-# labels:
-# app: metallb
-# component: speaker
-# spec:
-# containers:
-# - args:
-# - --port=7472
-# - --log-level={{ .Values.controller.logLevel }}
-# env:
-# - name: METALLB_NODE_NAME
-# valueFrom:
-# fieldRef:
-# fieldPath: spec.nodeName
-# - name: METALLB_HOST
-# valueFrom:
-# fieldRef:
-# fieldPath: status.hostIP
-# - name: METALLB_ML_BIND_ADDR
-# valueFrom:
-# fieldRef:
-# fieldPath: status.podIP
-# - name: METALLB_ML_LABELS
-# value: app=metallb,component=speaker
-# - name: METALLB_ML_SECRET_KEY_PATH
-# value: /etc/ml_secret_key
-# image: {{ .Values.speaker.image.repository }}:{{ .Values.speaker.image.tag }}
-# imagePullPolicy: {{ .Values.speaker.image.pullPolicy }}
-# livenessProbe:
-# failureThreshold: 3
-# httpGet:
-# path: /metrics
-# port: monitoring
-# initialDelaySeconds: 10
-# periodSeconds: 10
-# successThreshold: 1
-# timeoutSeconds: 1
-# name: speaker
-# ports:
-# - containerPort: 7472
-# name: monitoring
-# - containerPort: 7946
-# name: memberlist-tcp
-# - containerPort: 7946
-# name: memberlist-udp
-# protocol: UDP
-# readinessProbe:
-# failureThreshold: 3
-# httpGet:
-# path: /metrics
-# port: monitoring
-# initialDelaySeconds: 10
-# periodSeconds: 10
-# successThreshold: 1
-# timeoutSeconds: 1
-# securityContext:
-# allowPrivilegeEscalation: false
-# capabilities:
-# add:
-# - NET_RAW
-# drop:
-# - ALL
-# readOnlyRootFilesystem: true
-# volumeMounts:
-# - mountPath: /etc/ml_secret_key
-# name: memberlist
-# readOnly: true
-# hostNetwork: true
-# nodeSelector:
-# kubernetes.io/os: linux
-# serviceAccountName: speaker
-# terminationGracePeriodSeconds: 2
-# tolerations:
-# - effect: NoSchedule
-# key: node-role.kubernetes.io/master
-# operator: Exists
-# - effect: NoSchedule
-# key: node-role.kubernetes.io/control-plane
-# operator: Exists
-# volumes:
-# - name: memberlist
-# secret:
-# defaultMode: 420
-# secretName: memberlist
-# ---
-# apiVersion: admissionregistration.k8s.io/v1
-# kind: ValidatingWebhookConfiguration
-# metadata:
-# creationTimestamp: null
-# name: metallb-webhook-configuration
-# webhooks:
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta2-bgppeer
-# failurePolicy: Fail
-# name: bgppeersvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta2
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - bgppeers
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-addresspool
-# failurePolicy: Fail
-# name: addresspoolvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - addresspools
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-bfdprofile
-# failurePolicy: Fail
-# name: bfdprofilevalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - DELETE
-# resources:
-# - bfdprofiles
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-bgpadvertisement
-# failurePolicy: Fail
-# name: bgpadvertisementvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - bgpadvertisements
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-community
-# failurePolicy: Fail
-# name: communityvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - communities
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-ipaddresspool
-# failurePolicy: Fail
-# name: ipaddresspoolvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - ipaddresspools
-# sideEffects: None
-# - admissionReviewVersions:
-# - v1
-# clientConfig:
-# service:
-# name: webhook-service
-# namespace: {{ .Release.Namespace }}
-# path: /validate-metallb-io-v1beta1-l2advertisement
-# failurePolicy: Fail
-# name: l2advertisementvalidationwebhook.metallb.io
-# rules:
-# - apiGroups:
-# - metallb.io
-# apiVersions:
-# - v1beta1
-# operations:
-# - CREATE
-# - UPDATE
-# resources:
-# - l2advertisements
-# sideEffects: None