charts
diff --git a/charts/metallb/.helmignore b/charts/metallb/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/metallb/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/metallb/Chart.yaml b/charts/metallb/Chart.yaml
new file mode 100644
index 0000000..76e774d
--- /dev/null
+++ b/charts/metallb/Chart.yaml
@@ -0,0 +1,11 @@
+apiVersion: v2
+appVersion: v0.13.7
+description: A network load-balancer implementation for Kubernetes using standard
+ routing protocols
+home: https://metallb.universe.tf
+icon: https://metallb.universe.tf/images/logo/metallb-white.png
+name: metallb
+sources:
+- https://github.com/metallb/metallb
+type: application
+version: 0.13.7
diff --git a/charts/metallb/README.md b/charts/metallb/README.md
new file mode 100644
index 0000000..25cb5d4
--- /dev/null
+++ b/charts/metallb/README.md
@@ -0,0 +1,148 @@
+# metallb
+
+  
+
+A network load-balancer implementation for Kubernetes using standard routing protocols
+
+**Homepage:** <https://metallb.universe.tf>
+
+## Source Code
+
+* <https://github.com/metallb/metallb>
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| | crds | 0.0.0 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| controller.affinity | object | `{}` | |
+| controller.enabled | bool | `true` | |
+| controller.image.pullPolicy | string | `nil` | |
+| controller.image.repository | string | `"quay.io/metallb/controller"` | |
+| controller.image.tag | string | `nil` | |
+| controller.livenessProbe.enabled | bool | `true` | |
+| controller.livenessProbe.failureThreshold | int | `3` | |
+| controller.livenessProbe.initialDelaySeconds | int | `10` | |
+| controller.livenessProbe.periodSeconds | int | `10` | |
+| controller.livenessProbe.successThreshold | int | `1` | |
+| controller.livenessProbe.timeoutSeconds | int | `1` | |
+| controller.logLevel | string | `"info"` | Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` |
+| controller.nodeSelector | object | `{}` | |
+| controller.podAnnotations | object | `{}` | |
+| controller.priorityClassName | string | `""` | |
+| controller.readinessProbe.enabled | bool | `true` | |
+| controller.readinessProbe.failureThreshold | int | `3` | |
+| controller.readinessProbe.initialDelaySeconds | int | `10` | |
+| controller.readinessProbe.periodSeconds | int | `10` | |
+| controller.readinessProbe.successThreshold | int | `1` | |
+| controller.readinessProbe.timeoutSeconds | int | `1` | |
+| controller.resources | object | `{}` | |
+| controller.runtimeClassName | string | `""` | |
+| controller.securityContext.fsGroup | int | `65534` | |
+| controller.securityContext.runAsNonRoot | bool | `true` | |
+| controller.securityContext.runAsUser | int | `65534` | |
+| controller.serviceAccount.annotations | object | `{}` | |
+| controller.serviceAccount.create | bool | `true` | |
+| controller.serviceAccount.name | string | `""` | |
+| controller.strategy.type | string | `"RollingUpdate"` | |
+| controller.tolerations | list | `[]` | |
+| crds.enabled | bool | `true` | |
+| crds.validationFailurePolicy | string | `"Fail"` | |
+| fullnameOverride | string | `""` | |
+| imagePullSecrets | list | `[]` | |
+| loadBalancerClass | string | `""` | |
+| nameOverride | string | `""` | |
+| prometheus.controllerMetricsTLSSecret | string | `""` | |
+| prometheus.metricsPort | int | `7472` | |
+| prometheus.namespace | string | `""` | |
+| prometheus.podMonitor.additionalLabels | object | `{}` | |
+| prometheus.podMonitor.annotations | object | `{}` | |
+| prometheus.podMonitor.enabled | bool | `false` | |
+| prometheus.podMonitor.interval | string | `nil` | |
+| prometheus.podMonitor.jobLabel | string | `"app.kubernetes.io/name"` | |
+| prometheus.podMonitor.metricRelabelings | list | `[]` | |
+| prometheus.podMonitor.relabelings | list | `[]` | |
+| prometheus.prometheusRule.additionalLabels | object | `{}` | |
+| prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | |
+| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | |
+| prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | |
+| prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | |
+| prometheus.prometheusRule.annotations | object | `{}` | |
+| prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | |
+| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | |
+| prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | |
+| prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | |
+| prometheus.prometheusRule.enabled | bool | `false` | |
+| prometheus.prometheusRule.extraAlerts | list | `[]` | |
+| prometheus.prometheusRule.staleConfig.enabled | bool | `true` | |
+| prometheus.prometheusRule.staleConfig.labels.severity | string | `"warning"` | |
+| prometheus.rbacPrometheus | bool | `true` | |
+| prometheus.rbacProxy.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | |
+| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
+| prometheus.scrapeAnnotations | bool | `false` | |
+| prometheus.serviceAccount | string | `""` | |
+| prometheus.serviceMonitor.controller.additionalLabels | object | `{}` | |
+| prometheus.serviceMonitor.controller.annotations | object | `{}` | |
+| prometheus.serviceMonitor.controller.tlsConfig.insecureSkipVerify | bool | `true` | |
+| prometheus.serviceMonitor.enabled | bool | `false` | |
+| prometheus.serviceMonitor.interval | string | `nil` | |
+| prometheus.serviceMonitor.jobLabel | string | `"app.kubernetes.io/name"` | |
+| prometheus.serviceMonitor.metricRelabelings | list | `[]` | |
+| prometheus.serviceMonitor.relabelings | list | `[]` | |
+| prometheus.serviceMonitor.speaker.additionalLabels | object | `{}` | |
+| prometheus.serviceMonitor.speaker.annotations | object | `{}` | |
+| prometheus.serviceMonitor.speaker.tlsConfig.insecureSkipVerify | bool | `true` | |
+| prometheus.speakerMetricsTLSSecret | string | `""` | |
+| rbac.create | bool | `true` | |
+| speaker.affinity | object | `{}` | |
+| speaker.enabled | bool | `true` | |
+| speaker.frr.enabled | bool | `false` | |
+| speaker.frr.image.pullPolicy | string | `nil` | |
+| speaker.frr.image.repository | string | `"frrouting/frr"` | |
+| speaker.frr.image.tag | string | `"v7.5.1"` | |
+| speaker.frr.metricsPort | int | `7473` | |
+| speaker.frr.resources | object | `{}` | |
+| speaker.frrMetrics.resources | object | `{}` | |
+| speaker.image.pullPolicy | string | `nil` | |
+| speaker.image.repository | string | `"quay.io/metallb/speaker"` | |
+| speaker.image.tag | string | `nil` | |
+| speaker.livenessProbe.enabled | bool | `true` | |
+| speaker.livenessProbe.failureThreshold | int | `3` | |
+| speaker.livenessProbe.initialDelaySeconds | int | `10` | |
+| speaker.livenessProbe.periodSeconds | int | `10` | |
+| speaker.livenessProbe.successThreshold | int | `1` | |
+| speaker.livenessProbe.timeoutSeconds | int | `1` | |
+| speaker.logLevel | string | `"info"` | Speaker log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` |
+| speaker.memberlist.enabled | bool | `true` | |
+| speaker.memberlist.mlBindPort | int | `7946` | |
+| speaker.nodeSelector | object | `{}` | |
+| speaker.podAnnotations | object | `{}` | |
+| speaker.priorityClassName | string | `""` | |
+| speaker.readinessProbe.enabled | bool | `true` | |
+| speaker.readinessProbe.failureThreshold | int | `3` | |
+| speaker.readinessProbe.initialDelaySeconds | int | `10` | |
+| speaker.readinessProbe.periodSeconds | int | `10` | |
+| speaker.readinessProbe.successThreshold | int | `1` | |
+| speaker.readinessProbe.timeoutSeconds | int | `1` | |
+| speaker.reloader.resources | object | `{}` | |
+| speaker.resources | object | `{}` | |
+| speaker.runtimeClassName | string | `""` | |
+| speaker.serviceAccount.annotations | object | `{}` | |
+| speaker.serviceAccount.create | bool | `true` | |
+| speaker.serviceAccount.name | string | `""` | |
+| speaker.tolerateMaster | bool | `true` | |
+| speaker.tolerations | list | `[]` | |
+| speaker.updateStrategy.type | string | `"RollingUpdate"` | |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)
diff --git a/charts/metallb/templates/manifest.yaml b/charts/metallb/templates/manifest.yaml
new file mode 100644
index 0000000..bbcf54e
--- /dev/null
+++ b/charts/metallb/templates/manifest.yaml
@@ -0,0 +1,4001 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ name: addresspools.metallb.io
+spec:
+ conversion:
+ strategy: Webhook
+ webhook:
+ clientConfig:
+ caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /convert
+ conversionReviewVersions:
+ - v1alpha1
+ - v1beta1
+ group: metallb.io
+ names:
+ kind: AddressPool
+ listKind: AddressPoolList
+ plural: addresspools
+ singular: addresspool
+ scope: Namespaced
+ versions:
+ - deprecated: true
+ deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: AddressPool is the Schema for the addresspools API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: AddressPoolSpec defines the desired state of AddressPool.
+ properties:
+ addresses:
+ description: A list of IP address ranges over which MetalLB has authority.
+ You can list multiple ranges in a single pool, they will all share
+ the same settings. Each range can be either a CIDR prefix, or an
+ explicit start-end range of IPs.
+ items:
+ type: string
+ type: array
+ autoAssign:
+ default: true
+ description: AutoAssign flag used to prevent MetallB from automatic
+ allocation for a pool.
+ type: boolean
+ bgpAdvertisements:
+ description: When an IP is allocated from this pool, how should it
+ be translated into BGP announcements?
+ items:
+ properties:
+ aggregationLength:
+ default: 32
+ description: The aggregation-length advertisement option lets
+ you “roll up” the /32s into a larger prefix.
+ format: int32
+ minimum: 1
+ type: integer
+ aggregationLengthV6:
+ default: 128
+ description: Optional, defaults to 128 (i.e. no aggregation)
+ if not specified.
+ format: int32
+ type: integer
+ communities:
+ description: BGP communities
+ items:
+ type: string
+ type: array
+ localPref:
+ description: BGP LOCAL_PREF attribute which is used by BGP best
+ path algorithm, Path with higher localpref is preferred over
+ one with lower localpref.
+ format: int32
+ type: integer
+ type: object
+ type: array
+ protocol:
+ description: Protocol can be used to select how the announcement is
+ done.
+ enum:
+ - layer2
+ - bgp
+ type: string
+ required:
+ - addresses
+ - protocol
+ type: object
+ status:
+ description: AddressPoolStatus defines the observed state of AddressPool.
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+ - deprecated: true
+ deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using
+ IPAddressPool
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: AddressPool represents a pool of IP addresses that can be allocated
+ to LoadBalancer services. AddressPool is deprecated and being replaced by
+ IPAddressPool.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: AddressPoolSpec defines the desired state of AddressPool.
+ properties:
+ addresses:
+ description: A list of IP address ranges over which MetalLB has authority.
+ You can list multiple ranges in a single pool, they will all share
+ the same settings. Each range can be either a CIDR prefix, or an
+ explicit start-end range of IPs.
+ items:
+ type: string
+ type: array
+ autoAssign:
+ default: true
+ description: AutoAssign flag used to prevent MetallB from automatic
+ allocation for a pool.
+ type: boolean
+ bgpAdvertisements:
+ description: Drives how an IP allocated from this pool should translated
+ into BGP announcements.
+ items:
+ properties:
+ aggregationLength:
+ default: 32
+ description: The aggregation-length advertisement option lets
+ you “roll up” the /32s into a larger prefix.
+ format: int32
+ minimum: 1
+ type: integer
+ aggregationLengthV6:
+ default: 128
+ description: Optional, defaults to 128 (i.e. no aggregation)
+ if not specified.
+ format: int32
+ type: integer
+ communities:
+ description: BGP communities to be associated with the given
+ advertisement.
+ items:
+ type: string
+ type: array
+ localPref:
+ description: BGP LOCAL_PREF attribute which is used by BGP best
+ path algorithm, Path with higher localpref is preferred over
+ one with lower localpref.
+ format: int32
+ type: integer
+ type: object
+ type: array
+ protocol:
+ description: Protocol can be used to select how the announcement is
+ done.
+ enum:
+ - layer2
+ - bgp
+ type: string
+ required:
+ - addresses
+ - protocol
+ type: object
+ status:
+ description: AddressPoolStatus defines the observed state of AddressPool.
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: bfdprofiles.metallb.io
+spec:
+ group: metallb.io
+ names:
+ kind: BFDProfile
+ listKind: BFDProfileList
+ plural: bfdprofiles
+ singular: bfdprofile
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.passiveMode
+ name: Passive Mode
+ type: boolean
+ - jsonPath: .spec.transmitInterval
+ name: Transmit Interval
+ type: integer
+ - jsonPath: .spec.receiveInterval
+ name: Receive Interval
+ type: integer
+ - jsonPath: .spec.detectMultiplier
+ name: Multiplier
+ type: integer
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: BFDProfile represents the settings of the bfd session that can
+ be optionally associated with a BGP session.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: BFDProfileSpec defines the desired state of BFDProfile.
+ properties:
+ detectMultiplier:
+ description: Configures the detection multiplier to determine packet
+ loss. The remote transmission interval will be multiplied by this
+ value to determine the connection loss detection timer.
+ format: int32
+ maximum: 255
+ minimum: 2
+ type: integer
+ echoInterval:
+ description: Configures the minimal echo receive transmission interval
+ that this system is capable of handling in milliseconds. Defaults
+ to 50ms
+ format: int32
+ maximum: 60000
+ minimum: 10
+ type: integer
+ echoMode:
+ description: Enables or disables the echo transmission mode. This
+ mode is disabled by default, and not supported on multi hops setups.
+ type: boolean
+ minimumTtl:
+ description: 'For multi hop sessions only: configure the minimum expected
+ TTL for an incoming BFD control packet.'
+ format: int32
+ maximum: 254
+ minimum: 1
+ type: integer
+ passiveMode:
+ description: 'Mark session as passive: a passive session will not
+ attempt to start the connection and will wait for control packets
+ from peer before it begins replying.'
+ type: boolean
+ receiveInterval:
+ description: The minimum interval that this system is capable of receiving
+ control packets in milliseconds. Defaults to 300ms.
+ format: int32
+ maximum: 60000
+ minimum: 10
+ type: integer
+ transmitInterval:
+ description: The minimum transmission interval (less jitter) that
+ this system wants to use to send BFD control packets in milliseconds.
+ Defaults to 300ms
+ format: int32
+ maximum: 60000
+ minimum: 10
+ type: integer
+ type: object
+ status:
+ description: BFDProfileStatus defines the observed state of BFDProfile.
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: bgpadvertisements.metallb.io
+spec:
+ group: metallb.io
+ names:
+ kind: BGPAdvertisement
+ listKind: BGPAdvertisementList
+ plural: bgpadvertisements
+ singular: bgpadvertisement
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.ipAddressPools
+ name: IPAddressPools
+ type: string
+ - jsonPath: .spec.ipAddressPoolSelectors
+ name: IPAddressPool Selectors
+ type: string
+ - jsonPath: .spec.peers
+ name: Peers
+ type: string
+ - jsonPath: .spec.nodeSelectors
+ name: Node Selectors
+ priority: 10
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: BGPAdvertisement allows to advertise the IPs coming from the
+ selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement.
+ properties:
+ aggregationLength:
+ default: 32
+ description: The aggregation-length advertisement option lets you
+ “roll up” the /32s into a larger prefix. Defaults to 32. Works for
+ IPv4 addresses.
+ format: int32
+ minimum: 1
+ type: integer
+ aggregationLengthV6:
+ default: 128
+ description: The aggregation-length advertisement option lets you
+ “roll up” the /128s into a larger prefix. Defaults to 128. Works
+ for IPv6 addresses.
+ format: int32
+ type: integer
+ communities:
+ description: The BGP communities to be associated with the announcement.
+ Each item can be a community of the form 1234:1234 or the name of
+ an alias defined in the Community CRD.
+ items:
+ type: string
+ type: array
+ ipAddressPoolSelectors:
+ description: A selector for the IPAddressPools which would get advertised
+ via this advertisement. If no IPAddressPool is selected by this
+ or by the list, the advertisement is applied to all the IPAddressPools.
+ items:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ ipAddressPools:
+ description: The list of IPAddressPools to advertise via this advertisement,
+ selected by name.
+ items:
+ type: string
+ type: array
+ localPref:
+ description: The BGP LOCAL_PREF attribute which is used by BGP best
+ path algorithm, Path with higher localpref is preferred over one
+ with lower localpref.
+ format: int32
+ type: integer
+ nodeSelectors:
+ description: NodeSelectors allows to limit the nodes to announce as
+ next hops for the LoadBalancer IP. When empty, all the nodes having are
+ announced as next hops.
+ items:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ peers:
+ description: Peers limits the bgppeer to advertise the ips of the
+ selected pools to. When empty, the loadbalancer IP is announced
+ to all the BGPPeers configured.
+ items:
+ type: string
+ type: array
+ type: object
+ status:
+ description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement.
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ name: bgppeers.metallb.io
+spec:
+ conversion:
+ strategy: Webhook
+ webhook:
+ clientConfig:
+ caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /convert
+ conversionReviewVersions:
+ - v1beta1
+ - v1beta2
+ group: metallb.io
+ names:
+ kind: BGPPeer
+ listKind: BGPPeerList
+ plural: bgppeers
+ singular: bgppeer
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.peerAddress
+ name: Address
+ type: string
+ - jsonPath: .spec.peerASN
+ name: ASN
+ type: string
+ - jsonPath: .spec.bfdProfile
+ name: BFD Profile
+ type: string
+ - jsonPath: .spec.ebgpMultiHop
+ name: Multi Hops
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: BGPPeer is the Schema for the peers API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: BGPPeerSpec defines the desired state of Peer.
+ properties:
+ bfdProfile:
+ type: string
+ ebgpMultiHop:
+ description: EBGP peer is multi-hops away
+ type: boolean
+ holdTime:
+ description: Requested BGP hold time, per RFC4271.
+ type: string
+ keepaliveTime:
+ description: Requested BGP keepalive time, per RFC4271.
+ type: string
+ myASN:
+ description: AS number to use for the local end of the session.
+ format: int32
+ maximum: 4294967295
+ minimum: 0
+ type: integer
+ nodeSelectors:
+ description: Only connect to this peer on nodes that match one of
+ these selectors.
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ minItems: 1
+ type: array
+ required:
+ - key
+ - operator
+ - values
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: array
+ password:
+ description: Authentication password for routers enforcing TCP MD5
+ authenticated sessions
+ type: string
+ peerASN:
+ description: AS number to expect from the remote end of the session.
+ format: int32
+ maximum: 4294967295
+ minimum: 0
+ type: integer
+ peerAddress:
+ description: Address to dial when establishing the session.
+ type: string
+ peerPort:
+ description: Port to dial when establishing the session.
+ maximum: 16384
+ minimum: 0
+ type: integer
+ routerID:
+ description: BGP router ID to advertise to the peer
+ type: string
+ sourceAddress:
+ description: Source address to use when establishing the session.
+ type: string
+ required:
+ - myASN
+ - peerASN
+ - peerAddress
+ type: object
+ status:
+ description: BGPPeerStatus defines the observed state of Peer.
+ type: object
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .spec.peerAddress
+ name: Address
+ type: string
+ - jsonPath: .spec.peerASN
+ name: ASN
+ type: string
+ - jsonPath: .spec.bfdProfile
+ name: BFD Profile
+ type: string
+ - jsonPath: .spec.ebgpMultiHop
+ name: Multi Hops
+ type: string
+ name: v1beta2
+ schema:
+ openAPIV3Schema:
+ description: BGPPeer is the Schema for the peers API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: BGPPeerSpec defines the desired state of Peer.
+ properties:
+ bfdProfile:
+ description: The name of the BFD Profile to be used for the BFD session
+ associated to the BGP session. If not set, the BFD session won't
+ be set up.
+ type: string
+ ebgpMultiHop:
+ description: To set if the BGPPeer is multi-hops away. Needed for
+ FRR mode only.
+ type: boolean
+ holdTime:
+ description: Requested BGP hold time, per RFC4271.
+ type: string
+ keepaliveTime:
+ description: Requested BGP keepalive time, per RFC4271.
+ type: string
+ myASN:
+ description: AS number to use for the local end of the session.
+ format: int32
+ maximum: 4294967295
+ minimum: 0
+ type: integer
+ nodeSelectors:
+ description: Only connect to this peer on nodes that match one of
+ these selectors.
+ items:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ password:
+ description: Authentication password for routers enforcing TCP MD5
+ authenticated sessions
+ type: string
+ passwordSecret:
+ description: passwordSecret is name of the authentication secret for
+ BGP Peer. the secret must be of type "kubernetes.io/basic-auth",
+ and created in the same namespace as the MetalLB deployment. The
+ password is stored in the secret as the key "password".
+ properties:
+ name:
+ description: name is unique within a namespace to reference a
+ secret resource.
+ type: string
+ namespace:
+ description: namespace defines the space within which the secret
+ name must be unique.
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ peerASN:
+ description: AS number to expect from the remote end of the session.
+ format: int32
+ maximum: 4294967295
+ minimum: 0
+ type: integer
+ peerAddress:
+ description: Address to dial when establishing the session.
+ type: string
+ peerPort:
+ default: 179
+ description: Port to dial when establishing the session.
+ maximum: 16384
+ minimum: 0
+ type: integer
+ routerID:
+ description: BGP router ID to advertise to the peer
+ type: string
+ sourceAddress:
+ description: Source address to use when establishing the session.
+ type: string
+ vrf:
+ description: To set if we want to peer with the BGPPeer using an interface
+ belonging to a host vrf
+ type: string
+ required:
+ - myASN
+ - peerASN
+ - peerAddress
+ type: object
+ status:
+ description: BGPPeerStatus defines the observed state of Peer.
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: communities.metallb.io
+spec:
+ group: metallb.io
+ names:
+ kind: Community
+ listKind: CommunityList
+ plural: communities
+ singular: community
+ scope: Namespaced
+ versions:
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: Community is a collection of aliases for communities. Users can
+ define named aliases to be used in the BGPPeer CRD.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: CommunitySpec defines the desired state of Community.
+ properties:
+ communities:
+ items:
+ properties:
+ name:
+ description: The name of the alias for the community.
+ type: string
+ value:
+ description: The BGP community value corresponding to the given
+ name.
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: CommunityStatus defines the observed state of Community.
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: ipaddresspools.metallb.io
+spec:
+ group: metallb.io
+ names:
+ kind: IPAddressPool
+ listKind: IPAddressPoolList
+ plural: ipaddresspools
+ singular: ipaddresspool
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.autoAssign
+ name: Auto Assign
+ type: boolean
+ - jsonPath: .spec.avoidBuggyIPs
+ name: Avoid Buggy IPs
+ type: boolean
+ - jsonPath: .spec.addresses
+ name: Addresses
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: IPAddressPool represents a pool of IP addresses that can be allocated
+ to LoadBalancer services.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IPAddressPoolSpec defines the desired state of IPAddressPool.
+ properties:
+ addresses:
+ description: A list of IP address ranges over which MetalLB has authority.
+ You can list multiple ranges in a single pool, they will all share
+ the same settings. Each range can be either a CIDR prefix, or an
+ explicit start-end range of IPs.
+ items:
+ type: string
+ type: array
+ autoAssign:
+ default: true
+ description: AutoAssign flag used to prevent MetallB from automatic
+ allocation for a pool.
+ type: boolean
+ avoidBuggyIPs:
+ default: false
+ description: AvoidBuggyIPs prevents addresses ending with .0 and .255
+ to be used by a pool.
+ type: boolean
+ serviceAllocation:
+ description: AllocateTo makes ip pool allocation to specific namespace
+ and/or service. The controller will use the pool with lowest value
+ of priority in case of multiple matches. A pool with no priority
+ set will be used only if the pools with priority can't be used.
+ If multiple matching IPAddressPools are available it will check
+ for the availability of IPs sorting the matching IPAddressPools
+ by priority, starting from the highest to the lowest. If multiple
+ IPAddressPools have the same priority, choice will be random.
+ properties:
+ namespaceSelectors:
+ description: NamespaceSelectors list of label selectors to select
+ namespace(s) for ip pool, an alternative to using namespace
+ list.
+ items:
+ description: A label selector is a label query over a set of
+ resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects. A
+ null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that relates
+ the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists or
+ DoesNotExist, the values array must be empty. This
+ array is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ namespaces:
+ description: Namespaces list of namespace(s) on which ip pool
+ can be attached.
+ items:
+ type: string
+ type: array
+ priority:
+ description: Priority priority given for ip pool while ip allocation
+ on a service.
+ type: integer
+ serviceSelectors:
+ description: ServiceSelectors list of label selector to select
+ service(s) for which ip pool can be used for ip allocation.
+ items:
+ description: A label selector is a label query over a set of
+ resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects. A
+ null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that relates
+ the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists or
+ DoesNotExist, the values array must be empty. This
+ array is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ type: object
+ required:
+ - addresses
+ type: object
+ status:
+ description: IPAddressPoolStatus defines the observed state of IPAddressPool.
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.1
+ creationTimestamp: null
+ name: l2advertisements.metallb.io
+spec:
+ group: metallb.io
+ names:
+ kind: L2Advertisement
+ listKind: L2AdvertisementList
+ plural: l2advertisements
+ singular: l2advertisement
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.ipAddressPools
+ name: IPAddressPools
+ type: string
+ - jsonPath: .spec.ipAddressPoolSelectors
+ name: IPAddressPool Selectors
+ type: string
+ - jsonPath: .spec.interfaces
+ name: Interfaces
+ type: string
+ - jsonPath: .spec.nodeSelectors
+ name: Node Selectors
+ priority: 10
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: L2Advertisement allows to advertise the LoadBalancer IPs provided
+ by the selected pools via L2.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: L2AdvertisementSpec defines the desired state of L2Advertisement.
+ properties:
+ interfaces:
+ description: A list of interfaces to announce from. The LB IP will
+ be announced only from these interfaces. If the field is not set,
+ we advertise from all the interfaces on the host.
+ items:
+ type: string
+ type: array
+ ipAddressPoolSelectors:
+ description: A selector for the IPAddressPools which would get advertised
+ via this advertisement. If no IPAddressPool is selected by this
+ or by the list, the advertisement is applied to all the IPAddressPools.
+ items:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ ipAddressPools:
+ description: The list of IPAddressPools to advertise via this advertisement,
+ selected by name.
+ items:
+ type: string
+ type: array
+ nodeSelectors:
+ description: NodeSelectors allows to limit the nodes to announce as
+ next hops for the LoadBalancer IP. When empty, all the nodes having are
+ announced as next hops.
+ items:
+ description: A label selector is a label query over a set of resources.
+ The result of matchLabels and matchExpressions are ANDed. An empty
+ label selector matches all objects. A null label selector matches
+ no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the
+ key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ type: object
+ status:
+ description: L2AdvertisementStatus defines the observed state of L2Advertisement.
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: metallb
+ name: controller
+ namespace: metallb-system
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: metallb
+ name: speaker
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app: metallb
+ name: controller
+ namespace: metallb-system
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - ""
+ resourceNames:
+ - memberlist
+ resources:
+ - secrets
+ verbs:
+ - list
+- apiGroups:
+ - apps
+ resourceNames:
+ - controller
+ resources:
+ - deployments
+ verbs:
+ - get
+- apiGroups:
+ - metallb.io
+ resources:
+ - bgppeers
+ verbs:
+ - get
+ - list
+- apiGroups:
+ - metallb.io
+ resources:
+ - addresspools
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - bfdprofiles
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - ipaddresspools
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - bgpadvertisements
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - l2advertisements
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - communities
+ verbs:
+ - get
+ - list
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app: metallb
+ name: pod-lister
+ namespace: metallb-system
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - list
+- apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - addresspools
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - bfdprofiles
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - bgppeers
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - l2advertisements
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - bgpadvertisements
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - ipaddresspools
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - metallb.io
+ resources:
+ - communities
+ verbs:
+ - get
+ - list
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:controller
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - services
+ - namespaces
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - services/status
+ verbs:
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - policy
+ resourceNames:
+ - controller
+ resources:
+ - podsecuritypolicies
+ verbs:
+ - use
+- apiGroups:
+ - admissionregistration.k8s.io
+ resourceNames:
+ - metallb-webhook-configuration
+ resources:
+ - validatingwebhookconfigurations
+ - mutatingwebhookconfigurations
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - validatingwebhookconfigurations
+ - mutatingwebhookconfigurations
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - apiextensions.k8s.io
+ resourceNames:
+ - addresspools.metallb.io
+ - bfdprofiles.metallb.io
+ - bgpadvertisements.metallb.io
+ - bgppeers.metallb.io
+ - ipaddresspools.metallb.io
+ - l2advertisements.metallb.io
+ - communities.metallb.io
+ resources:
+ - customresourcedefinitions
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
+- apiGroups:
+ - apiextensions.k8s.io
+ resources:
+ - customresourcedefinitions
+ verbs:
+ - list
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:speaker
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - services
+ - endpoints
+ - nodes
+ - namespaces
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - policy
+ resourceNames:
+ - speaker
+ resources:
+ - podsecuritypolicies
+ verbs:
+ - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: controller
+ namespace: metallb-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: controller
+subjects:
+- kind: ServiceAccount
+ name: controller
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: pod-lister
+ namespace: metallb-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: pod-lister
+subjects:
+- kind: ServiceAccount
+ name: speaker
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:controller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: metallb-system:controller
+subjects:
+- kind: ServiceAccount
+ name: controller
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:speaker
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: metallb-system:speaker
+subjects:
+- kind: ServiceAccount
+ name: speaker
+ namespace: metallb-system
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: webhook-server-cert
+ namespace: metallb-system
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: webhook-service
+ namespace: metallb-system
+spec:
+ ports:
+ - port: 443
+ targetPort: 9443
+ selector:
+ component: controller
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: metallb
+ component: controller
+ name: controller
+ namespace: metallb-system
+spec:
+ revisionHistoryLimit: 3
+ selector:
+ matchLabels:
+ app: metallb
+ component: controller
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: "7472"
+ prometheus.io/scrape: "true"
+ labels:
+ app: metallb
+ component: controller
+ spec:
+ containers:
+ - args:
+ - --port=7472
+ - --log-level=info
+ env:
+ - name: METALLB_ML_SECRET_NAME
+ value: memberlist
+ - name: METALLB_DEPLOYMENT
+ value: controller
+ image: quay.io/metallb/controller:v0.13.9
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /metrics
+ port: monitoring
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ name: controller
+ ports:
+ - containerPort: 7472
+ name: monitoring
+ - containerPort: 9443
+ name: webhook-server
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /metrics
+ port: monitoring
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - all
+ readOnlyRootFilesystem: true
+ volumeMounts:
+ - mountPath: /tmp/k8s-webhook-server/serving-certs
+ name: cert
+ readOnly: true
+ nodeSelector:
+ kubernetes.io/os: linux
+ securityContext:
+ fsGroup: 65534
+ runAsNonRoot: true
+ runAsUser: 65534
+ serviceAccountName: controller
+ terminationGracePeriodSeconds: 0
+ volumes:
+ - name: cert
+ secret:
+ defaultMode: 420
+ secretName: webhook-server-cert
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ app: metallb
+ component: speaker
+ name: speaker
+ namespace: metallb-system
+spec:
+ selector:
+ matchLabels:
+ app: metallb
+ component: speaker
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: "7472"
+ prometheus.io/scrape: "true"
+ labels:
+ app: metallb
+ component: speaker
+ spec:
+ containers:
+ - args:
+ - --port=7472
+ - --log-level=info
+ env:
+ - name: METALLB_NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: METALLB_HOST
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+ - name: METALLB_ML_BIND_ADDR
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: METALLB_ML_LABELS
+ value: app=metallb,component=speaker
+ - name: METALLB_ML_SECRET_KEY_PATH
+ value: /etc/ml_secret_key
+ image: quay.io/metallb/speaker:v0.13.9
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /metrics
+ port: monitoring
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ name: speaker
+ ports:
+ - containerPort: 7472
+ name: monitoring
+ - containerPort: 7946
+ name: memberlist-tcp
+ - containerPort: 7946
+ name: memberlist-udp
+ protocol: UDP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /metrics
+ port: monitoring
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ add:
+ - NET_RAW
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ volumeMounts:
+ - mountPath: /etc/ml_secret_key
+ name: memberlist
+ readOnly: true
+ hostNetwork: true
+ nodeSelector:
+ kubernetes.io/os: linux
+ serviceAccountName: speaker
+ terminationGracePeriodSeconds: 2
+ tolerations:
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/master
+ operator: Exists
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/control-plane
+ operator: Exists
+ volumes:
+ - name: memberlist
+ secret:
+ defaultMode: 420
+ secretName: memberlist
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+ creationTimestamp: null
+ name: metallb-webhook-configuration
+webhooks:
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta2-bgppeer
+ failurePolicy: Fail
+ name: bgppeersvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta2
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - bgppeers
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-addresspool
+ failurePolicy: Fail
+ name: addresspoolvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - addresspools
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-bfdprofile
+ failurePolicy: Fail
+ name: bfdprofilevalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - DELETE
+ resources:
+ - bfdprofiles
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-bgpadvertisement
+ failurePolicy: Fail
+ name: bgpadvertisementvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - bgpadvertisements
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-community
+ failurePolicy: Fail
+ name: communityvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - communities
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-ipaddresspool
+ failurePolicy: Fail
+ name: ipaddresspoolvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - ipaddresspools
+ sideEffects: None
+- admissionReviewVersions:
+ - v1
+ clientConfig:
+ service:
+ name: webhook-service
+ namespace: metallb-system
+ path: /validate-metallb-io-v1beta1-l2advertisement
+ failurePolicy: Fail
+ name: l2advertisementvalidationwebhook.metallb.io
+ rules:
+ - apiGroups:
+ - metallb.io
+ apiVersions:
+ - v1beta1
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - l2advertisements
+ sideEffects: None
+
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# name: addresspools.metallb.io
+# spec:
+# conversion:
+# strategy: Webhook
+# webhook:
+# clientConfig:
+# caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /convert
+# conversionReviewVersions:
+# - v1alpha1
+# - v1beta1
+# group: metallb.io
+# names:
+# kind: AddressPool
+# listKind: AddressPoolList
+# plural: addresspools
+# singular: addresspool
+# scope: Namespaced
+# versions:
+# - deprecated: true
+# deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated
+# name: v1alpha1
+# schema:
+# openAPIV3Schema:
+# description: AddressPool is the Schema for the addresspools API.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: AddressPoolSpec defines the desired state of AddressPool.
+# properties:
+# addresses:
+# description: A list of IP address ranges over which MetalLB has authority.
+# You can list multiple ranges in a single pool, they will all share
+# the same settings. Each range can be either a CIDR prefix, or an
+# explicit start-end range of IPs.
+# items:
+# type: string
+# type: array
+# autoAssign:
+# default: true
+# description: AutoAssign flag used to prevent MetallB from automatic
+# allocation for a pool.
+# type: boolean
+# bgpAdvertisements:
+# description: When an IP is allocated from this pool, how should it
+# be translated into BGP announcements?
+# items:
+# properties:
+# aggregationLength:
+# default: 32
+# description: The aggregation-length advertisement option lets
+# you “roll up” the /32s into a larger prefix.
+# format: int32
+# minimum: 1
+# type: integer
+# aggregationLengthV6:
+# default: 128
+# description: Optional, defaults to 128 (i.e. no aggregation)
+# if not specified.
+# format: int32
+# type: integer
+# communities:
+# description: BGP communities
+# items:
+# type: string
+# type: array
+# localPref:
+# description: BGP LOCAL_PREF attribute which is used by BGP best
+# path algorithm, Path with higher localpref is preferred over
+# one with lower localpref.
+# format: int32
+# type: integer
+# type: object
+# type: array
+# protocol:
+# description: Protocol can be used to select how the announcement is
+# done.
+# enum:
+# - layer2
+# - bgp
+# type: string
+# required:
+# - addresses
+# - protocol
+# type: object
+# status:
+# description: AddressPoolStatus defines the observed state of AddressPool.
+# type: object
+# required:
+# - spec
+# type: object
+# served: true
+# storage: false
+# subresources:
+# status: {}
+# - deprecated: true
+# deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using
+# IPAddressPool
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: AddressPool represents a pool of IP addresses that can be allocated
+# to LoadBalancer services. AddressPool is deprecated and being replaced by
+# IPAddressPool.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: AddressPoolSpec defines the desired state of AddressPool.
+# properties:
+# addresses:
+# description: A list of IP address ranges over which MetalLB has authority.
+# You can list multiple ranges in a single pool, they will all share
+# the same settings. Each range can be either a CIDR prefix, or an
+# explicit start-end range of IPs.
+# items:
+# type: string
+# type: array
+# autoAssign:
+# default: true
+# description: AutoAssign flag used to prevent MetallB from automatic
+# allocation for a pool.
+# type: boolean
+# bgpAdvertisements:
+# description: Drives how an IP allocated from this pool should translated
+# into BGP announcements.
+# items:
+# properties:
+# aggregationLength:
+# default: 32
+# description: The aggregation-length advertisement option lets
+# you “roll up” the /32s into a larger prefix.
+# format: int32
+# minimum: 1
+# type: integer
+# aggregationLengthV6:
+# default: 128
+# description: Optional, defaults to 128 (i.e. no aggregation)
+# if not specified.
+# format: int32
+# type: integer
+# communities:
+# description: BGP communities to be associated with the given
+# advertisement.
+# items:
+# type: string
+# type: array
+# localPref:
+# description: BGP LOCAL_PREF attribute which is used by BGP best
+# path algorithm, Path with higher localpref is preferred over
+# one with lower localpref.
+# format: int32
+# type: integer
+# type: object
+# type: array
+# protocol:
+# description: Protocol can be used to select how the announcement is
+# done.
+# enum:
+# - layer2
+# - bgp
+# type: string
+# required:
+# - addresses
+# - protocol
+# type: object
+# status:
+# description: AddressPoolStatus defines the observed state of AddressPool.
+# type: object
+# required:
+# - spec
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# creationTimestamp: null
+# name: bfdprofiles.metallb.io
+# spec:
+# group: metallb.io
+# names:
+# kind: BFDProfile
+# listKind: BFDProfileList
+# plural: bfdprofiles
+# singular: bfdprofile
+# scope: Namespaced
+# versions:
+# - additionalPrinterColumns:
+# - jsonPath: .spec.passiveMode
+# name: Passive Mode
+# type: boolean
+# - jsonPath: .spec.transmitInterval
+# name: Transmit Interval
+# type: integer
+# - jsonPath: .spec.receiveInterval
+# name: Receive Interval
+# type: integer
+# - jsonPath: .spec.detectMultiplier
+# name: Multiplier
+# type: integer
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: BFDProfile represents the settings of the bfd session that can
+# be optionally associated with a BGP session.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: BFDProfileSpec defines the desired state of BFDProfile.
+# properties:
+# detectMultiplier:
+# description: Configures the detection multiplier to determine packet
+# loss. The remote transmission interval will be multiplied by this
+# value to determine the connection loss detection timer.
+# format: int32
+# maximum: 255
+# minimum: 2
+# type: integer
+# echoInterval:
+# description: Configures the minimal echo receive transmission interval
+# that this system is capable of handling in milliseconds. Defaults
+# to 50ms
+# format: int32
+# maximum: 60000
+# minimum: 10
+# type: integer
+# echoMode:
+# description: Enables or disables the echo transmission mode. This
+# mode is disabled by default, and not supported on multi hops setups.
+# type: boolean
+# minimumTtl:
+# description: 'For multi hop sessions only: configure the minimum expected
+# TTL for an incoming BFD control packet.'
+# format: int32
+# maximum: 254
+# minimum: 1
+# type: integer
+# passiveMode:
+# description: 'Mark session as passive: a passive session will not
+# attempt to start the connection and will wait for control packets
+# from peer before it begins replying.'
+# type: boolean
+# receiveInterval:
+# description: The minimum interval that this system is capable of receiving
+# control packets in milliseconds. Defaults to 300ms.
+# format: int32
+# maximum: 60000
+# minimum: 10
+# type: integer
+# transmitInterval:
+# description: The minimum transmission interval (less jitter) that
+# this system wants to use to send BFD control packets in milliseconds.
+# Defaults to 300ms
+# format: int32
+# maximum: 60000
+# minimum: 10
+# type: integer
+# type: object
+# status:
+# description: BFDProfileStatus defines the observed state of BFDProfile.
+# type: object
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# creationTimestamp: null
+# name: bgpadvertisements.metallb.io
+# spec:
+# group: metallb.io
+# names:
+# kind: BGPAdvertisement
+# listKind: BGPAdvertisementList
+# plural: bgpadvertisements
+# singular: bgpadvertisement
+# scope: Namespaced
+# versions:
+# - additionalPrinterColumns:
+# - jsonPath: .spec.ipAddressPools
+# name: IPAddressPools
+# type: string
+# - jsonPath: .spec.ipAddressPoolSelectors
+# name: IPAddressPool Selectors
+# type: string
+# - jsonPath: .spec.peers
+# name: Peers
+# type: string
+# - jsonPath: .spec.nodeSelectors
+# name: Node Selectors
+# priority: 10
+# type: string
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: BGPAdvertisement allows to advertise the IPs coming from the
+# selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement.
+# properties:
+# aggregationLength:
+# default: 32
+# description: The aggregation-length advertisement option lets you
+# “roll up” the /32s into a larger prefix. Defaults to 32. Works for
+# IPv4 addresses.
+# format: int32
+# minimum: 1
+# type: integer
+# aggregationLengthV6:
+# default: 128
+# description: The aggregation-length advertisement option lets you
+# “roll up” the /128s into a larger prefix. Defaults to 128. Works
+# for IPv6 addresses.
+# format: int32
+# type: integer
+# communities:
+# description: The BGP communities to be associated with the announcement.
+# Each item can be a community of the form 1234:1234 or the name of
+# an alias defined in the Community CRD.
+# items:
+# type: string
+# type: array
+# ipAddressPoolSelectors:
+# description: A selector for the IPAddressPools which would get advertised
+# via this advertisement. If no IPAddressPool is selected by this
+# or by the list, the advertisement is applied to all the IPAddressPools.
+# items:
+# description: A label selector is a label query over a set of resources.
+# The result of matchLabels and matchExpressions are ANDed. An empty
+# label selector matches all objects. A null label selector matches
+# no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector requirements.
+# The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector that
+# contains values, a key, and an operator that relates the
+# key and values.
+# properties:
+# key:
+# description: key is the label key that the selector applies
+# to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn, Exists
+# and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values. If the
+# operator is In or NotIn, the values array must be non-empty.
+# If the operator is Exists or DoesNotExist, the values
+# array must be empty. This array is replaced during a
+# strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs. A single
+# {key,value} in the matchLabels map is equivalent to an element
+# of matchExpressions, whose key field is "key", the operator
+# is "In", and the values array contains only "value". The requirements
+# are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# ipAddressPools:
+# description: The list of IPAddressPools to advertise via this advertisement,
+# selected by name.
+# items:
+# type: string
+# type: array
+# localPref:
+# description: The BGP LOCAL_PREF attribute which is used by BGP best
+# path algorithm, Path with higher localpref is preferred over one
+# with lower localpref.
+# format: int32
+# type: integer
+# nodeSelectors:
+# description: NodeSelectors allows to limit the nodes to announce as
+# next hops for the LoadBalancer IP. When empty, all the nodes having are
+# announced as next hops.
+# items:
+# description: A label selector is a label query over a set of resources.
+# The result of matchLabels and matchExpressions are ANDed. An empty
+# label selector matches all objects. A null label selector matches
+# no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector requirements.
+# The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector that
+# contains values, a key, and an operator that relates the
+# key and values.
+# properties:
+# key:
+# description: key is the label key that the selector applies
+# to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn, Exists
+# and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values. If the
+# operator is In or NotIn, the values array must be non-empty.
+# If the operator is Exists or DoesNotExist, the values
+# array must be empty. This array is replaced during a
+# strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs. A single
+# {key,value} in the matchLabels map is equivalent to an element
+# of matchExpressions, whose key field is "key", the operator
+# is "In", and the values array contains only "value". The requirements
+# are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# peers:
+# description: Peers limits the bgppeer to advertise the ips of the
+# selected pools to. When empty, the loadbalancer IP is announced
+# to all the BGPPeers configured.
+# items:
+# type: string
+# type: array
+# type: object
+# status:
+# description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement.
+# type: object
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# name: bgppeers.metallb.io
+# spec:
+# conversion:
+# strategy: Webhook
+# webhook:
+# clientConfig:
+# caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /convert
+# conversionReviewVersions:
+# - v1beta1
+# - v1beta2
+# group: metallb.io
+# names:
+# kind: BGPPeer
+# listKind: BGPPeerList
+# plural: bgppeers
+# singular: bgppeer
+# scope: Namespaced
+# versions:
+# - additionalPrinterColumns:
+# - jsonPath: .spec.peerAddress
+# name: Address
+# type: string
+# - jsonPath: .spec.peerASN
+# name: ASN
+# type: string
+# - jsonPath: .spec.bfdProfile
+# name: BFD Profile
+# type: string
+# - jsonPath: .spec.ebgpMultiHop
+# name: Multi Hops
+# type: string
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: BGPPeer is the Schema for the peers API.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: BGPPeerSpec defines the desired state of Peer.
+# properties:
+# bfdProfile:
+# type: string
+# ebgpMultiHop:
+# description: EBGP peer is multi-hops away
+# type: boolean
+# holdTime:
+# description: Requested BGP hold time, per RFC4271.
+# type: string
+# keepaliveTime:
+# description: Requested BGP keepalive time, per RFC4271.
+# type: string
+# myASN:
+# description: AS number to use for the local end of the session.
+# format: int32
+# maximum: 4294967295
+# minimum: 0
+# type: integer
+# nodeSelectors:
+# description: Only connect to this peer on nodes that match one of
+# these selectors.
+# items:
+# properties:
+# matchExpressions:
+# items:
+# properties:
+# key:
+# type: string
+# operator:
+# type: string
+# values:
+# items:
+# type: string
+# minItems: 1
+# type: array
+# required:
+# - key
+# - operator
+# - values
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# type: object
+# type: object
+# type: array
+# password:
+# description: Authentication password for routers enforcing TCP MD5
+# authenticated sessions
+# type: string
+# peerASN:
+# description: AS number to expect from the remote end of the session.
+# format: int32
+# maximum: 4294967295
+# minimum: 0
+# type: integer
+# peerAddress:
+# description: Address to dial when establishing the session.
+# type: string
+# peerPort:
+# description: Port to dial when establishing the session.
+# maximum: 16384
+# minimum: 0
+# type: integer
+# routerID:
+# description: BGP router ID to advertise to the peer
+# type: string
+# sourceAddress:
+# description: Source address to use when establishing the session.
+# type: string
+# required:
+# - myASN
+# - peerASN
+# - peerAddress
+# type: object
+# status:
+# description: BGPPeerStatus defines the observed state of Peer.
+# type: object
+# type: object
+# served: true
+# storage: false
+# subresources:
+# status: {}
+# - additionalPrinterColumns:
+# - jsonPath: .spec.peerAddress
+# name: Address
+# type: string
+# - jsonPath: .spec.peerASN
+# name: ASN
+# type: string
+# - jsonPath: .spec.bfdProfile
+# name: BFD Profile
+# type: string
+# - jsonPath: .spec.ebgpMultiHop
+# name: Multi Hops
+# type: string
+# name: v1beta2
+# schema:
+# openAPIV3Schema:
+# description: BGPPeer is the Schema for the peers API.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: BGPPeerSpec defines the desired state of Peer.
+# properties:
+# bfdProfile:
+# description: The name of the BFD Profile to be used for the BFD session
+# associated to the BGP session. If not set, the BFD session won't
+# be set up.
+# type: string
+# ebgpMultiHop:
+# description: To set if the BGPPeer is multi-hops away. Needed for
+# FRR mode only.
+# type: boolean
+# holdTime:
+# description: Requested BGP hold time, per RFC4271.
+# type: string
+# keepaliveTime:
+# description: Requested BGP keepalive time, per RFC4271.
+# type: string
+# myASN:
+# description: AS number to use for the local end of the session.
+# format: int32
+# maximum: 4294967295
+# minimum: 0
+# type: integer
+# nodeSelectors:
+# description: Only connect to this peer on nodes that match one of
+# these selectors.
+# items:
+# description: A label selector is a label query over a set of resources.
+# The result of matchLabels and matchExpressions are ANDed. An empty
+# label selector matches all objects. A null label selector matches
+# no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector requirements.
+# The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector that
+# contains values, a key, and an operator that relates the
+# key and values.
+# properties:
+# key:
+# description: key is the label key that the selector applies
+# to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn, Exists
+# and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values. If the
+# operator is In or NotIn, the values array must be non-empty.
+# If the operator is Exists or DoesNotExist, the values
+# array must be empty. This array is replaced during a
+# strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs. A single
+# {key,value} in the matchLabels map is equivalent to an element
+# of matchExpressions, whose key field is "key", the operator
+# is "In", and the values array contains only "value". The requirements
+# are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# password:
+# description: Authentication password for routers enforcing TCP MD5
+# authenticated sessions
+# type: string
+# passwordSecret:
+# description: passwordSecret is name of the authentication secret for
+# BGP Peer. the secret must be of type "kubernetes.io/basic-auth",
+# and created in the same namespace as the MetalLB deployment. The
+# password is stored in the secret as the key "password".
+# properties:
+# name:
+# description: name is unique within a namespace to reference a
+# secret resource.
+# type: string
+# namespace:
+# description: namespace defines the space within which the secret
+# name must be unique.
+# type: string
+# type: object
+# x-kubernetes-map-type: atomic
+# peerASN:
+# description: AS number to expect from the remote end of the session.
+# format: int32
+# maximum: 4294967295
+# minimum: 0
+# type: integer
+# peerAddress:
+# description: Address to dial when establishing the session.
+# type: string
+# peerPort:
+# default: 179
+# description: Port to dial when establishing the session.
+# maximum: 16384
+# minimum: 0
+# type: integer
+# routerID:
+# description: BGP router ID to advertise to the peer
+# type: string
+# sourceAddress:
+# description: Source address to use when establishing the session.
+# type: string
+# vrf:
+# description: To set if we want to peer with the BGPPeer using an interface
+# belonging to a host vrf
+# type: string
+# required:
+# - myASN
+# - peerASN
+# - peerAddress
+# type: object
+# status:
+# description: BGPPeerStatus defines the observed state of Peer.
+# type: object
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# creationTimestamp: null
+# name: communities.metallb.io
+# spec:
+# group: metallb.io
+# names:
+# kind: Community
+# listKind: CommunityList
+# plural: communities
+# singular: community
+# scope: Namespaced
+# versions:
+# - name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: Community is a collection of aliases for communities. Users can
+# define named aliases to be used in the BGPPeer CRD.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: CommunitySpec defines the desired state of Community.
+# properties:
+# communities:
+# items:
+# properties:
+# name:
+# description: The name of the alias for the community.
+# type: string
+# value:
+# description: The BGP community value corresponding to the given
+# name.
+# type: string
+# type: object
+# type: array
+# type: object
+# status:
+# description: CommunityStatus defines the observed state of Community.
+# type: object
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# creationTimestamp: null
+# name: ipaddresspools.metallb.io
+# spec:
+# group: metallb.io
+# names:
+# kind: IPAddressPool
+# listKind: IPAddressPoolList
+# plural: ipaddresspools
+# singular: ipaddresspool
+# scope: Namespaced
+# versions:
+# - additionalPrinterColumns:
+# - jsonPath: .spec.autoAssign
+# name: Auto Assign
+# type: boolean
+# - jsonPath: .spec.avoidBuggyIPs
+# name: Avoid Buggy IPs
+# type: boolean
+# - jsonPath: .spec.addresses
+# name: Addresses
+# type: string
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: IPAddressPool represents a pool of IP addresses that can be allocated
+# to LoadBalancer services.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: IPAddressPoolSpec defines the desired state of IPAddressPool.
+# properties:
+# addresses:
+# description: A list of IP address ranges over which MetalLB has authority.
+# You can list multiple ranges in a single pool, they will all share
+# the same settings. Each range can be either a CIDR prefix, or an
+# explicit start-end range of IPs.
+# items:
+# type: string
+# type: array
+# autoAssign:
+# default: true
+# description: AutoAssign flag used to prevent MetallB from automatic
+# allocation for a pool.
+# type: boolean
+# avoidBuggyIPs:
+# default: false
+# description: AvoidBuggyIPs prevents addresses ending with .0 and .255
+# to be used by a pool.
+# type: boolean
+# serviceAllocation:
+# description: AllocateTo makes ip pool allocation to specific namespace
+# and/or service. The controller will use the pool with lowest value
+# of priority in case of multiple matches. A pool with no priority
+# set will be used only if the pools with priority can't be used.
+# If multiple matching IPAddressPools are available it will check
+# for the availability of IPs sorting the matching IPAddressPools
+# by priority, starting from the highest to the lowest. If multiple
+# IPAddressPools have the same priority, choice will be random.
+# properties:
+# namespaceSelectors:
+# description: NamespaceSelectors list of label selectors to select
+# namespace(s) for ip pool, an alternative to using namespace
+# list.
+# items:
+# description: A label selector is a label query over a set of
+# resources. The result of matchLabels and matchExpressions
+# are ANDed. An empty label selector matches all objects. A
+# null label selector matches no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector
+# requirements. The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector
+# that contains values, a key, and an operator that relates
+# the key and values.
+# properties:
+# key:
+# description: key is the label key that the selector
+# applies to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn,
+# Exists and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values.
+# If the operator is In or NotIn, the values array
+# must be non-empty. If the operator is Exists or
+# DoesNotExist, the values array must be empty. This
+# array is replaced during a strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs.
+# A single {key,value} in the matchLabels map is equivalent
+# to an element of matchExpressions, whose key field is
+# "key", the operator is "In", and the values array contains
+# only "value". The requirements are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# namespaces:
+# description: Namespaces list of namespace(s) on which ip pool
+# can be attached.
+# items:
+# type: string
+# type: array
+# priority:
+# description: Priority priority given for ip pool while ip allocation
+# on a service.
+# type: integer
+# serviceSelectors:
+# description: ServiceSelectors list of label selector to select
+# service(s) for which ip pool can be used for ip allocation.
+# items:
+# description: A label selector is a label query over a set of
+# resources. The result of matchLabels and matchExpressions
+# are ANDed. An empty label selector matches all objects. A
+# null label selector matches no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector
+# requirements. The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector
+# that contains values, a key, and an operator that relates
+# the key and values.
+# properties:
+# key:
+# description: key is the label key that the selector
+# applies to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn,
+# Exists and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values.
+# If the operator is In or NotIn, the values array
+# must be non-empty. If the operator is Exists or
+# DoesNotExist, the values array must be empty. This
+# array is replaced during a strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs.
+# A single {key,value} in the matchLabels map is equivalent
+# to an element of matchExpressions, whose key field is
+# "key", the operator is "In", and the values array contains
+# only "value". The requirements are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# type: object
+# required:
+# - addresses
+# type: object
+# status:
+# description: IPAddressPoolStatus defines the observed state of IPAddressPool.
+# type: object
+# required:
+# - spec
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: apiextensions.k8s.io/v1
+# kind: CustomResourceDefinition
+# metadata:
+# annotations:
+# controller-gen.kubebuilder.io/version: v0.11.1
+# creationTimestamp: null
+# name: l2advertisements.metallb.io
+# spec:
+# group: metallb.io
+# names:
+# kind: L2Advertisement
+# listKind: L2AdvertisementList
+# plural: l2advertisements
+# singular: l2advertisement
+# scope: Namespaced
+# versions:
+# - additionalPrinterColumns:
+# - jsonPath: .spec.ipAddressPools
+# name: IPAddressPools
+# type: string
+# - jsonPath: .spec.ipAddressPoolSelectors
+# name: IPAddressPool Selectors
+# type: string
+# - jsonPath: .spec.interfaces
+# name: Interfaces
+# type: string
+# - jsonPath: .spec.nodeSelectors
+# name: Node Selectors
+# priority: 10
+# type: string
+# name: v1beta1
+# schema:
+# openAPIV3Schema:
+# description: L2Advertisement allows to advertise the LoadBalancer IPs provided
+# by the selected pools via L2.
+# properties:
+# apiVersion:
+# description: 'APIVersion defines the versioned schema of this representation
+# of an object. Servers should convert recognized schemas to the latest
+# internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+# type: string
+# kind:
+# description: 'Kind is a string value representing the REST resource this
+# object represents. Servers may infer this from the endpoint the client
+# submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+# type: string
+# metadata:
+# type: object
+# spec:
+# description: L2AdvertisementSpec defines the desired state of L2Advertisement.
+# properties:
+# interfaces:
+# description: A list of interfaces to announce from. The LB IP will
+# be announced only from these interfaces. If the field is not set,
+# we advertise from all the interfaces on the host.
+# items:
+# type: string
+# type: array
+# ipAddressPoolSelectors:
+# description: A selector for the IPAddressPools which would get advertised
+# via this advertisement. If no IPAddressPool is selected by this
+# or by the list, the advertisement is applied to all the IPAddressPools.
+# items:
+# description: A label selector is a label query over a set of resources.
+# The result of matchLabels and matchExpressions are ANDed. An empty
+# label selector matches all objects. A null label selector matches
+# no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector requirements.
+# The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector that
+# contains values, a key, and an operator that relates the
+# key and values.
+# properties:
+# key:
+# description: key is the label key that the selector applies
+# to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn, Exists
+# and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values. If the
+# operator is In or NotIn, the values array must be non-empty.
+# If the operator is Exists or DoesNotExist, the values
+# array must be empty. This array is replaced during a
+# strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs. A single
+# {key,value} in the matchLabels map is equivalent to an element
+# of matchExpressions, whose key field is "key", the operator
+# is "In", and the values array contains only "value". The requirements
+# are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# ipAddressPools:
+# description: The list of IPAddressPools to advertise via this advertisement,
+# selected by name.
+# items:
+# type: string
+# type: array
+# nodeSelectors:
+# description: NodeSelectors allows to limit the nodes to announce as
+# next hops for the LoadBalancer IP. When empty, all the nodes having are
+# announced as next hops.
+# items:
+# description: A label selector is a label query over a set of resources.
+# The result of matchLabels and matchExpressions are ANDed. An empty
+# label selector matches all objects. A null label selector matches
+# no objects.
+# properties:
+# matchExpressions:
+# description: matchExpressions is a list of label selector requirements.
+# The requirements are ANDed.
+# items:
+# description: A label selector requirement is a selector that
+# contains values, a key, and an operator that relates the
+# key and values.
+# properties:
+# key:
+# description: key is the label key that the selector applies
+# to.
+# type: string
+# operator:
+# description: operator represents a key's relationship
+# to a set of values. Valid operators are In, NotIn, Exists
+# and DoesNotExist.
+# type: string
+# values:
+# description: values is an array of string values. If the
+# operator is In or NotIn, the values array must be non-empty.
+# If the operator is Exists or DoesNotExist, the values
+# array must be empty. This array is replaced during a
+# strategic merge patch.
+# items:
+# type: string
+# type: array
+# required:
+# - key
+# - operator
+# type: object
+# type: array
+# matchLabels:
+# additionalProperties:
+# type: string
+# description: matchLabels is a map of {key,value} pairs. A single
+# {key,value} in the matchLabels map is equivalent to an element
+# of matchExpressions, whose key field is "key", the operator
+# is "In", and the values array contains only "value". The requirements
+# are ANDed.
+# type: object
+# type: object
+# x-kubernetes-map-type: atomic
+# type: array
+# type: object
+# status:
+# description: L2AdvertisementStatus defines the observed state of L2Advertisement.
+# type: object
+# type: object
+# served: true
+# storage: true
+# subresources:
+# status: {}
+# ---
+# apiVersion: v1
+# kind: ServiceAccount
+# metadata:
+# labels:
+# app: metallb
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: v1
+# kind: ServiceAccount
+# metadata:
+# labels:
+# app: metallb
+# name: speaker
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: Role
+# metadata:
+# labels:
+# app: metallb
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# rules:
+# - apiGroups:
+# - ""
+# resources:
+# - secrets
+# verbs:
+# - create
+# - delete
+# - get
+# - list
+# - patch
+# - update
+# - watch
+# - apiGroups:
+# - ""
+# resourceNames:
+# - memberlist
+# resources:
+# - secrets
+# verbs:
+# - list
+# - apiGroups:
+# - apps
+# resourceNames:
+# - controller
+# resources:
+# - deployments
+# verbs:
+# - get
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bgppeers
+# verbs:
+# - get
+# - list
+# - apiGroups:
+# - metallb.io
+# resources:
+# - addresspools
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bfdprofiles
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - ipaddresspools
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bgpadvertisements
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - l2advertisements
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - communities
+# verbs:
+# - get
+# - list
+# - watch
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: Role
+# metadata:
+# labels:
+# app: metallb
+# name: pod-lister
+# namespace: {{ .Release.Namespace }}
+# rules:
+# - apiGroups:
+# - ""
+# resources:
+# - pods
+# verbs:
+# - list
+# - apiGroups:
+# - ""
+# resources:
+# - secrets
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - addresspools
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bfdprofiles
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bgppeers
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - l2advertisements
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - bgpadvertisements
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - ipaddresspools
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - metallb.io
+# resources:
+# - communities
+# verbs:
+# - get
+# - list
+# - watch
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: ClusterRole
+# metadata:
+# labels:
+# app: metallb
+# name: metallb-system:controller
+# rules:
+# - apiGroups:
+# - ""
+# resources:
+# - services
+# - namespaces
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - ""
+# resources:
+# - services/status
+# verbs:
+# - update
+# - apiGroups:
+# - ""
+# resources:
+# - events
+# verbs:
+# - create
+# - patch
+# - apiGroups:
+# - policy
+# resourceNames:
+# - controller
+# resources:
+# - podsecuritypolicies
+# verbs:
+# - use
+# - apiGroups:
+# - admissionregistration.k8s.io
+# resourceNames:
+# - metallb-webhook-configuration
+# resources:
+# - validatingwebhookconfigurations
+# - mutatingwebhookconfigurations
+# verbs:
+# - create
+# - delete
+# - get
+# - list
+# - patch
+# - update
+# - watch
+# - apiGroups:
+# - admissionregistration.k8s.io
+# resources:
+# - validatingwebhookconfigurations
+# - mutatingwebhookconfigurations
+# verbs:
+# - list
+# - watch
+# - apiGroups:
+# - apiextensions.k8s.io
+# resourceNames:
+# - addresspools.metallb.io
+# - bfdprofiles.metallb.io
+# - bgpadvertisements.metallb.io
+# - bgppeers.metallb.io
+# - ipaddresspools.metallb.io
+# - l2advertisements.metallb.io
+# - communities.metallb.io
+# resources:
+# - customresourcedefinitions
+# verbs:
+# - create
+# - delete
+# - get
+# - list
+# - patch
+# - update
+# - watch
+# - apiGroups:
+# - apiextensions.k8s.io
+# resources:
+# - customresourcedefinitions
+# verbs:
+# - list
+# - watch
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: ClusterRole
+# metadata:
+# labels:
+# app: metallb
+# name: metallb-system:speaker
+# rules:
+# - apiGroups:
+# - ""
+# resources:
+# - services
+# - endpoints
+# - nodes
+# - namespaces
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - discovery.k8s.io
+# resources:
+# - endpointslices
+# verbs:
+# - get
+# - list
+# - watch
+# - apiGroups:
+# - ""
+# resources:
+# - events
+# verbs:
+# - create
+# - patch
+# - apiGroups:
+# - policy
+# resourceNames:
+# - speaker
+# resources:
+# - podsecuritypolicies
+# verbs:
+# - use
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: RoleBinding
+# metadata:
+# labels:
+# app: metallb
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# roleRef:
+# apiGroup: rbac.authorization.k8s.io
+# kind: Role
+# name: controller
+# subjects:
+# - kind: ServiceAccount
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: RoleBinding
+# metadata:
+# labels:
+# app: metallb
+# name: pod-lister
+# namespace: {{ .Release.Namespace }}
+# roleRef:
+# apiGroup: rbac.authorization.k8s.io
+# kind: Role
+# name: pod-lister
+# subjects:
+# - kind: ServiceAccount
+# name: speaker
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: ClusterRoleBinding
+# metadata:
+# labels:
+# app: metallb
+# name: metallb-system:controller
+# roleRef:
+# apiGroup: rbac.authorization.k8s.io
+# kind: ClusterRole
+# name: metallb-system:controller
+# subjects:
+# - kind: ServiceAccount
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: rbac.authorization.k8s.io/v1
+# kind: ClusterRoleBinding
+# metadata:
+# labels:
+# app: metallb
+# name: metallb-system:speaker
+# roleRef:
+# apiGroup: rbac.authorization.k8s.io
+# kind: ClusterRole
+# name: metallb-system:speaker
+# subjects:
+# - kind: ServiceAccount
+# name: speaker
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: v1
+# kind: Secret
+# metadata:
+# name: webhook-server-cert
+# namespace: {{ .Release.Namespace }}
+# ---
+# apiVersion: v1
+# kind: Service
+# metadata:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# spec:
+# ports:
+# - port: 443
+# targetPort: 9443
+# selector:
+# component: controller
+# ---
+# apiVersion: apps/v1
+# kind: Deployment
+# metadata:
+# labels:
+# app: metallb
+# component: controller
+# name: controller
+# namespace: {{ .Release.Namespace }}
+# spec:
+# revisionHistoryLimit: 3
+# selector:
+# matchLabels:
+# app: metallb
+# component: controller
+# template:
+# metadata:
+# annotations:
+# prometheus.io/port: "7472"
+# prometheus.io/scrape: "true"
+# labels:
+# app: metallb
+# component: controller
+# spec:
+# containers:
+# - args:
+# - --port=7472
+# - --log-level={{ .Values.controller.logLevel }}
+# env:
+# - name: METALLB_ML_SECRET_NAME
+# value: memberlist
+# - name: METALLB_DEPLOYMENT
+# value: controller
+# image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}
+# imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
+# livenessProbe:
+# failureThreshold: 3
+# httpGet:
+# path: /metrics
+# port: monitoring
+# initialDelaySeconds: 10
+# periodSeconds: 10
+# successThreshold: 1
+# timeoutSeconds: 1
+# name: controller
+# ports:
+# - containerPort: 7472
+# name: monitoring
+# - containerPort: 9443
+# name: webhook-server
+# protocol: TCP
+# readinessProbe:
+# failureThreshold: 3
+# httpGet:
+# path: /metrics
+# port: monitoring
+# initialDelaySeconds: 10
+# periodSeconds: 10
+# successThreshold: 1
+# timeoutSeconds: 1
+# securityContext:
+# allowPrivilegeEscalation: false
+# capabilities:
+# drop:
+# - all
+# readOnlyRootFilesystem: true
+# volumeMounts:
+# - mountPath: /tmp/k8s-webhook-server/serving-certs
+# name: cert
+# readOnly: true
+# nodeSelector:
+# kubernetes.io/os: linux
+# securityContext:
+# fsGroup: 65534
+# runAsNonRoot: true
+# runAsUser: 65534
+# serviceAccountName: controller
+# terminationGracePeriodSeconds: 0
+# volumes:
+# - name: cert
+# secret:
+# defaultMode: 420
+# secretName: webhook-server-cert
+# ---
+# apiVersion: apps/v1
+# kind: DaemonSet
+# metadata:
+# labels:
+# app: metallb
+# component: speaker
+# name: speaker
+# namespace: {{ .Release.Namespace }}
+# spec:
+# selector:
+# matchLabels:
+# app: metallb
+# component: speaker
+# template:
+# metadata:
+# annotations:
+# prometheus.io/port: "7472"
+# prometheus.io/scrape: "true"
+# labels:
+# app: metallb
+# component: speaker
+# spec:
+# containers:
+# - args:
+# - --port=7472
+# - --log-level={{ .Values.controller.logLevel }}
+# env:
+# - name: METALLB_NODE_NAME
+# valueFrom:
+# fieldRef:
+# fieldPath: spec.nodeName
+# - name: METALLB_HOST
+# valueFrom:
+# fieldRef:
+# fieldPath: status.hostIP
+# - name: METALLB_ML_BIND_ADDR
+# valueFrom:
+# fieldRef:
+# fieldPath: status.podIP
+# - name: METALLB_ML_LABELS
+# value: app=metallb,component=speaker
+# - name: METALLB_ML_SECRET_KEY_PATH
+# value: /etc/ml_secret_key
+# image: {{ .Values.speaker.image.repository }}:{{ .Values.speaker.image.tag }}
+# imagePullPolicy: {{ .Values.speaker.image.pullPolicy }}
+# livenessProbe:
+# failureThreshold: 3
+# httpGet:
+# path: /metrics
+# port: monitoring
+# initialDelaySeconds: 10
+# periodSeconds: 10
+# successThreshold: 1
+# timeoutSeconds: 1
+# name: speaker
+# ports:
+# - containerPort: 7472
+# name: monitoring
+# - containerPort: 7946
+# name: memberlist-tcp
+# - containerPort: 7946
+# name: memberlist-udp
+# protocol: UDP
+# readinessProbe:
+# failureThreshold: 3
+# httpGet:
+# path: /metrics
+# port: monitoring
+# initialDelaySeconds: 10
+# periodSeconds: 10
+# successThreshold: 1
+# timeoutSeconds: 1
+# securityContext:
+# allowPrivilegeEscalation: false
+# capabilities:
+# add:
+# - NET_RAW
+# drop:
+# - ALL
+# readOnlyRootFilesystem: true
+# volumeMounts:
+# - mountPath: /etc/ml_secret_key
+# name: memberlist
+# readOnly: true
+# hostNetwork: true
+# nodeSelector:
+# kubernetes.io/os: linux
+# serviceAccountName: speaker
+# terminationGracePeriodSeconds: 2
+# tolerations:
+# - effect: NoSchedule
+# key: node-role.kubernetes.io/master
+# operator: Exists
+# - effect: NoSchedule
+# key: node-role.kubernetes.io/control-plane
+# operator: Exists
+# volumes:
+# - name: memberlist
+# secret:
+# defaultMode: 420
+# secretName: memberlist
+# ---
+# apiVersion: admissionregistration.k8s.io/v1
+# kind: ValidatingWebhookConfiguration
+# metadata:
+# creationTimestamp: null
+# name: metallb-webhook-configuration
+# webhooks:
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta2-bgppeer
+# failurePolicy: Fail
+# name: bgppeersvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta2
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - bgppeers
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-addresspool
+# failurePolicy: Fail
+# name: addresspoolvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - addresspools
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-bfdprofile
+# failurePolicy: Fail
+# name: bfdprofilevalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - DELETE
+# resources:
+# - bfdprofiles
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-bgpadvertisement
+# failurePolicy: Fail
+# name: bgpadvertisementvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - bgpadvertisements
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-community
+# failurePolicy: Fail
+# name: communityvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - communities
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-ipaddresspool
+# failurePolicy: Fail
+# name: ipaddresspoolvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - ipaddresspools
+# sideEffects: None
+# - admissionReviewVersions:
+# - v1
+# clientConfig:
+# service:
+# name: webhook-service
+# namespace: {{ .Release.Namespace }}
+# path: /validate-metallb-io-v1beta1-l2advertisement
+# failurePolicy: Fail
+# name: l2advertisementvalidationwebhook.metallb.io
+# rules:
+# - apiGroups:
+# - metallb.io
+# apiVersions:
+# - v1beta1
+# operations:
+# - CREATE
+# - UPDATE
+# resources:
+# - l2advertisements
+# sideEffects: None
diff --git a/charts/metallb/values.yaml b/charts/metallb/values.yaml
new file mode 100644
index 0000000..2b990b7
--- /dev/null
+++ b/charts/metallb/values.yaml
@@ -0,0 +1,12 @@
+controller:
+ image:
+ repository: quay.io/metallb/controller
+ tag:
+ pullPolicy:
+ logLevel: info
+speaker:
+ image:
+ repository: quay.io/metallb/speaker
+ tag:
+ pullPolicy:
+ logLevel: info