Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / af940c87b4c70277b5abfdfe2c54d90b174edaa9 / . / charts / metallb / templates / manifest.yaml
blob: 537ab7f9c23aa067b584300e05c7e55b57dbe07d [file] [log] [blame]
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 controller-gen.kubebuilder.io/version: v0.11.1
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]6 creationTimestamp: null
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]7 name: addresspools.metallb.io
8spec:
9 conversion:
10 strategy: Webhook
11 webhook:
12 clientConfig:
13 caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
14 service:
15 name: webhook-service
16 namespace: metallb-system
17 path: /convert
18 conversionReviewVersions:
19 - v1alpha1
20 - v1beta1
21 group: metallb.io
22 names:
23 kind: AddressPool
24 listKind: AddressPoolList
25 plural: addresspools
26 singular: addresspool
27 scope: Namespaced
28 versions:
29 - deprecated: true
30 deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated
31 name: v1alpha1
32 schema:
33 openAPIV3Schema:
34 description: AddressPool is the Schema for the addresspools API.
35 properties:
36 apiVersion:
37 description: 'APIVersion defines the versioned schema of this representation
38 of an object. Servers should convert recognized schemas to the latest
39 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
40 type: string
41 kind:
42 description: 'Kind is a string value representing the REST resource this
43 object represents. Servers may infer this from the endpoint the client
44 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
45 type: string
46 metadata:
47 type: object
48 spec:
49 description: AddressPoolSpec defines the desired state of AddressPool.
50 properties:
51 addresses:
52 description: A list of IP address ranges over which MetalLB has authority.
53 You can list multiple ranges in a single pool, they will all share
54 the same settings. Each range can be either a CIDR prefix, or an
55 explicit start-end range of IPs.
56 items:
57 type: string
58 type: array
59 autoAssign:
60 default: true
61 description: AutoAssign flag used to prevent MetallB from automatic
62 allocation for a pool.
63 type: boolean
64 bgpAdvertisements:
65 description: When an IP is allocated from this pool, how should it
66 be translated into BGP announcements?
67 items:
68 properties:
69 aggregationLength:
70 default: 32
71 description: The aggregation-length advertisement option lets
72 you “roll up” the /32s into a larger prefix.
73 format: int32
74 minimum: 1
75 type: integer
76 aggregationLengthV6:
77 default: 128
78 description: Optional, defaults to 128 (i.e. no aggregation)
79 if not specified.
80 format: int32
81 type: integer
82 communities:
83 description: BGP communities
84 items:
85 type: string
86 type: array
87 localPref:
88 description: BGP LOCAL_PREF attribute which is used by BGP best
89 path algorithm, Path with higher localpref is preferred over
90 one with lower localpref.
91 format: int32
92 type: integer
93 type: object
94 type: array
95 protocol:
96 description: Protocol can be used to select how the announcement is
97 done.
98 enum:
99 - layer2
100 - bgp
101 type: string
102 required:
103 - addresses
104 - protocol
105 type: object
106 status:
107 description: AddressPoolStatus defines the observed state of AddressPool.
108 type: object
109 required:
110 - spec
111 type: object
112 served: true
113 storage: false
114 subresources:
115 status: {}
116 - deprecated: true
117 deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using
118 IPAddressPool
119 name: v1beta1
120 schema:
121 openAPIV3Schema:
122 description: AddressPool represents a pool of IP addresses that can be allocated
123 to LoadBalancer services. AddressPool is deprecated and being replaced by
124 IPAddressPool.
125 properties:
126 apiVersion:
127 description: 'APIVersion defines the versioned schema of this representation
128 of an object. Servers should convert recognized schemas to the latest
129 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
130 type: string
131 kind:
132 description: 'Kind is a string value representing the REST resource this
133 object represents. Servers may infer this from the endpoint the client
134 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
135 type: string
136 metadata:
137 type: object
138 spec:
139 description: AddressPoolSpec defines the desired state of AddressPool.
140 properties:
141 addresses:
142 description: A list of IP address ranges over which MetalLB has authority.
143 You can list multiple ranges in a single pool, they will all share
144 the same settings. Each range can be either a CIDR prefix, or an
145 explicit start-end range of IPs.
146 items:
147 type: string
148 type: array
149 autoAssign:
150 default: true
151 description: AutoAssign flag used to prevent MetallB from automatic
152 allocation for a pool.
153 type: boolean
154 bgpAdvertisements:
155 description: Drives how an IP allocated from this pool should translated
156 into BGP announcements.
157 items:
158 properties:
159 aggregationLength:
160 default: 32
161 description: The aggregation-length advertisement option lets
162 you “roll up” the /32s into a larger prefix.
163 format: int32
164 minimum: 1
165 type: integer
166 aggregationLengthV6:
167 default: 128
168 description: Optional, defaults to 128 (i.e. no aggregation)
169 if not specified.
170 format: int32
171 type: integer
172 communities:
173 description: BGP communities to be associated with the given
174 advertisement.
175 items:
176 type: string
177 type: array
178 localPref:
179 description: BGP LOCAL_PREF attribute which is used by BGP best
180 path algorithm, Path with higher localpref is preferred over
181 one with lower localpref.
182 format: int32
183 type: integer
184 type: object
185 type: array
186 protocol:
187 description: Protocol can be used to select how the announcement is
188 done.
189 enum:
190 - layer2
191 - bgp
192 type: string
193 required:
194 - addresses
195 - protocol
196 type: object
197 status:
198 description: AddressPoolStatus defines the observed state of AddressPool.
199 type: object
200 required:
201 - spec
202 type: object
203 served: true
204 storage: true
205 subresources:
206 status: {}
207---
208apiVersion: apiextensions.k8s.io/v1
209kind: CustomResourceDefinition
210metadata:
211 annotations:
212 controller-gen.kubebuilder.io/version: v0.11.1
213 creationTimestamp: null
214 name: bfdprofiles.metallb.io
215spec:
216 group: metallb.io
217 names:
218 kind: BFDProfile
219 listKind: BFDProfileList
220 plural: bfdprofiles
221 singular: bfdprofile
222 scope: Namespaced
223 versions:
224 - additionalPrinterColumns:
225 - jsonPath: .spec.passiveMode
226 name: Passive Mode
227 type: boolean
228 - jsonPath: .spec.transmitInterval
229 name: Transmit Interval
230 type: integer
231 - jsonPath: .spec.receiveInterval
232 name: Receive Interval
233 type: integer
234 - jsonPath: .spec.detectMultiplier
235 name: Multiplier
236 type: integer
237 name: v1beta1
238 schema:
239 openAPIV3Schema:
240 description: BFDProfile represents the settings of the bfd session that can
241 be optionally associated with a BGP session.
242 properties:
243 apiVersion:
244 description: 'APIVersion defines the versioned schema of this representation
245 of an object. Servers should convert recognized schemas to the latest
246 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
247 type: string
248 kind:
249 description: 'Kind is a string value representing the REST resource this
250 object represents. Servers may infer this from the endpoint the client
251 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
252 type: string
253 metadata:
254 type: object
255 spec:
256 description: BFDProfileSpec defines the desired state of BFDProfile.
257 properties:
258 detectMultiplier:
259 description: Configures the detection multiplier to determine packet
260 loss. The remote transmission interval will be multiplied by this
261 value to determine the connection loss detection timer.
262 format: int32
263 maximum: 255
264 minimum: 2
265 type: integer
266 echoInterval:
267 description: Configures the minimal echo receive transmission interval
268 that this system is capable of handling in milliseconds. Defaults
269 to 50ms
270 format: int32
271 maximum: 60000
272 minimum: 10
273 type: integer
274 echoMode:
275 description: Enables or disables the echo transmission mode. This
276 mode is disabled by default, and not supported on multi hops setups.
277 type: boolean
278 minimumTtl:
279 description: 'For multi hop sessions only: configure the minimum expected
280 TTL for an incoming BFD control packet.'
281 format: int32
282 maximum: 254
283 minimum: 1
284 type: integer
285 passiveMode:
286 description: 'Mark session as passive: a passive session will not
287 attempt to start the connection and will wait for control packets
288 from peer before it begins replying.'
289 type: boolean
290 receiveInterval:
291 description: The minimum interval that this system is capable of receiving
292 control packets in milliseconds. Defaults to 300ms.
293 format: int32
294 maximum: 60000
295 minimum: 10
296 type: integer
297 transmitInterval:
298 description: The minimum transmission interval (less jitter) that
299 this system wants to use to send BFD control packets in milliseconds.
300 Defaults to 300ms
301 format: int32
302 maximum: 60000
303 minimum: 10
304 type: integer
305 type: object
306 status:
307 description: BFDProfileStatus defines the observed state of BFDProfile.
308 type: object
309 type: object
310 served: true
311 storage: true
312 subresources:
313 status: {}
314---
315apiVersion: apiextensions.k8s.io/v1
316kind: CustomResourceDefinition
317metadata:
318 annotations:
319 controller-gen.kubebuilder.io/version: v0.11.1
320 creationTimestamp: null
321 name: bgpadvertisements.metallb.io
322spec:
323 group: metallb.io
324 names:
325 kind: BGPAdvertisement
326 listKind: BGPAdvertisementList
327 plural: bgpadvertisements
328 singular: bgpadvertisement
329 scope: Namespaced
330 versions:
331 - additionalPrinterColumns:
332 - jsonPath: .spec.ipAddressPools
333 name: IPAddressPools
334 type: string
335 - jsonPath: .spec.ipAddressPoolSelectors
336 name: IPAddressPool Selectors
337 type: string
338 - jsonPath: .spec.peers
339 name: Peers
340 type: string
341 - jsonPath: .spec.nodeSelectors
342 name: Node Selectors
343 priority: 10
344 type: string
345 name: v1beta1
346 schema:
347 openAPIV3Schema:
348 description: BGPAdvertisement allows to advertise the IPs coming from the
349 selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement.
350 properties:
351 apiVersion:
352 description: 'APIVersion defines the versioned schema of this representation
353 of an object. Servers should convert recognized schemas to the latest
354 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
355 type: string
356 kind:
357 description: 'Kind is a string value representing the REST resource this
358 object represents. Servers may infer this from the endpoint the client
359 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
360 type: string
361 metadata:
362 type: object
363 spec:
364 description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement.
365 properties:
366 aggregationLength:
367 default: 32
368 description: The aggregation-length advertisement option lets you
369 “roll up” the /32s into a larger prefix. Defaults to 32. Works for
370 IPv4 addresses.
371 format: int32
372 minimum: 1
373 type: integer
374 aggregationLengthV6:
375 default: 128
376 description: The aggregation-length advertisement option lets you
377 “roll up” the /128s into a larger prefix. Defaults to 128. Works
378 for IPv6 addresses.
379 format: int32
380 type: integer
381 communities:
382 description: The BGP communities to be associated with the announcement.
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]383 Each item can be a standard community of the form 1234:1234, a large
384 community of the form large:1234:1234:1234 or the name of an alias
385 defined in the Community CRD.
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]386 items:
387 type: string
388 type: array
389 ipAddressPoolSelectors:
390 description: A selector for the IPAddressPools which would get advertised
391 via this advertisement. If no IPAddressPool is selected by this
392 or by the list, the advertisement is applied to all the IPAddressPools.
393 items:
394 description: A label selector is a label query over a set of resources.
395 The result of matchLabels and matchExpressions are ANDed. An empty
396 label selector matches all objects. A null label selector matches
397 no objects.
398 properties:
399 matchExpressions:
400 description: matchExpressions is a list of label selector requirements.
401 The requirements are ANDed.
402 items:
403 description: A label selector requirement is a selector that
404 contains values, a key, and an operator that relates the
405 key and values.
406 properties:
407 key:
408 description: key is the label key that the selector applies
409 to.
410 type: string
411 operator:
412 description: operator represents a key's relationship
413 to a set of values. Valid operators are In, NotIn, Exists
414 and DoesNotExist.
415 type: string
416 values:
417 description: values is an array of string values. If the
418 operator is In or NotIn, the values array must be non-empty.
419 If the operator is Exists or DoesNotExist, the values
420 array must be empty. This array is replaced during a
421 strategic merge patch.
422 items:
423 type: string
424 type: array
425 required:
426 - key
427 - operator
428 type: object
429 type: array
430 matchLabels:
431 additionalProperties:
432 type: string
433 description: matchLabels is a map of {key,value} pairs. A single
434 {key,value} in the matchLabels map is equivalent to an element
435 of matchExpressions, whose key field is "key", the operator
436 is "In", and the values array contains only "value". The requirements
437 are ANDed.
438 type: object
439 type: object
440 x-kubernetes-map-type: atomic
441 type: array
442 ipAddressPools:
443 description: The list of IPAddressPools to advertise via this advertisement,
444 selected by name.
445 items:
446 type: string
447 type: array
448 localPref:
449 description: The BGP LOCAL_PREF attribute which is used by BGP best
450 path algorithm, Path with higher localpref is preferred over one
451 with lower localpref.
452 format: int32
453 type: integer
454 nodeSelectors:
455 description: NodeSelectors allows to limit the nodes to announce as
456 next hops for the LoadBalancer IP. When empty, all the nodes having are
457 announced as next hops.
458 items:
459 description: A label selector is a label query over a set of resources.
460 The result of matchLabels and matchExpressions are ANDed. An empty
461 label selector matches all objects. A null label selector matches
462 no objects.
463 properties:
464 matchExpressions:
465 description: matchExpressions is a list of label selector requirements.
466 The requirements are ANDed.
467 items:
468 description: A label selector requirement is a selector that
469 contains values, a key, and an operator that relates the
470 key and values.
471 properties:
472 key:
473 description: key is the label key that the selector applies
474 to.
475 type: string
476 operator:
477 description: operator represents a key's relationship
478 to a set of values. Valid operators are In, NotIn, Exists
479 and DoesNotExist.
480 type: string
481 values:
482 description: values is an array of string values. If the
483 operator is In or NotIn, the values array must be non-empty.
484 If the operator is Exists or DoesNotExist, the values
485 array must be empty. This array is replaced during a
486 strategic merge patch.
487 items:
488 type: string
489 type: array
490 required:
491 - key
492 - operator
493 type: object
494 type: array
495 matchLabels:
496 additionalProperties:
497 type: string
498 description: matchLabels is a map of {key,value} pairs. A single
499 {key,value} in the matchLabels map is equivalent to an element
500 of matchExpressions, whose key field is "key", the operator
501 is "In", and the values array contains only "value". The requirements
502 are ANDed.
503 type: object
504 type: object
505 x-kubernetes-map-type: atomic
506 type: array
507 peers:
508 description: Peers limits the bgppeer to advertise the ips of the
509 selected pools to. When empty, the loadbalancer IP is announced
510 to all the BGPPeers configured.
511 items:
512 type: string
513 type: array
514 type: object
515 status:
516 description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement.
517 type: object
518 type: object
519 served: true
520 storage: true
521 subresources:
522 status: {}
523---
524apiVersion: apiextensions.k8s.io/v1
525kind: CustomResourceDefinition
526metadata:
527 annotations:
528 controller-gen.kubebuilder.io/version: v0.11.1
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]529 creationTimestamp: null
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]530 name: bgppeers.metallb.io
531spec:
532 conversion:
533 strategy: Webhook
534 webhook:
535 clientConfig:
536 caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlGWlRDQ0EwMmdBd0lCQWdJVU5GRW1XcTM3MVpKdGkrMmlSQzk1WmpBV1MxZ3dEUVlKS29aSWh2Y05BUUVMDQpCUUF3UWpFTE1Ba0dBMVVFQmhNQ1dGZ3hGVEFUQmdOVkJBY01ERVJsWm1GMWJIUWdRMmwwZVRFY01Cb0dBMVVFDQpDZ3dUUkdWbVlYVnNkQ0JEYjIxd1lXNTVJRXgwWkRBZUZ3MHlNakEzTVRrd09UTXlNek5hRncweU1qQTRNVGd3DQpPVE15TXpOYU1FSXhDekFKQmdOVkJBWVRBbGhZTVJVd0V3WURWUVFIREF4RVpXWmhkV3gwSUVOcGRIa3hIREFhDQpCZ05WQkFvTUUwUmxabUYxYkhRZ1EyOXRjR0Z1ZVNCTWRHUXdnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDDQpEd0F3Z2dJS0FvSUNBUUNxVFpxMWZRcC9vYkdlenhES0o3OVB3Ny94azJwellualNzMlkzb1ZYSm5sRmM4YjVlDQpma2ZZQnY2bndscW1keW5PL2phWFBaQmRQSS82aFdOUDBkdVhadEtWU0NCUUpyZzEyOGNXb3F0MGNTN3pLb1VpDQpvcU1tQ0QvRXVBeFFNZjhRZDF2c1gvVllkZ0poVTZBRXJLZEpIaXpFOUJtUkNkTDBGMW1OVW55Rk82UnRtWFZUDQpidkxsTDVYeTc2R0FaQVBLOFB4aVlDa0NtbDdxN0VnTWNiOXlLWldCYmlxQ3VkTXE5TGJLNmdKNzF6YkZnSXV4DQo1L1pXK2JraTB2RlplWk9ZODUxb1psckFUNzJvMDI4NHNTWW9uN0pHZVZkY3NoUnh5R1VpSFpSTzdkaXZVTDVTDQpmM2JmSDFYbWY1ZDQzT0NWTWRuUUV2NWVaOG8zeWVLa3ZrbkZQUGVJMU9BbjdGbDlFRVNNR2dhOGFaSG1URSttDQpsLzlMSmdDYjBnQmtPT0M0WnV4bWh2aERKV1EzWnJCS3pMQlNUZXN0NWlLNVlwcXRWVVk2THRyRW9FelVTK1lsDQpwWndXY2VQWHlHeHM5ZURsR3lNVmQraW15Y3NTU1UvVno2Mmx6MnZCS21NTXBkYldDQWhud0RsRTVqU2dyMjRRDQp0eGNXLys2N3d5KzhuQlI3UXdqVTFITndVRjBzeERWdEwrZ1NHVERnSEVZSlhZelYvT05zMy94TkpoVFNPSkxNDQpoeXNVdyttaGdackdhbUdXcHVIVU1DUitvTWJzMTc1UkcrQjJnUFFHVytPTjJnUTRyOXN2b0ZBNHBBQm8xd1dLDQpRYjRhY3pmeVVscElBOVFoSmFsZEY3S3dPSHVlV3gwRUNrNXg0T2tvVDBvWVp0dzFiR0JjRGtaSmF3SURBUUFCDQpvMU13VVRBZEJnTlZIUTRFRmdRVW90UlNIUm9IWTEyRFZ4R0NCdEhpb1g2ZmVFQXdId1lEVlIwakJCZ3dGb0FVDQpvdFJTSFJvSFkxMkRWeEdDQnRIaW9YNmZlRUF3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCDQpBUXNGQUFPQ0FnRUFSbkpsWWRjMTFHd0VxWnh6RDF2R3BDR2pDN2VWTlQ3aVY1d3IybXlybHdPYi9aUWFEa0xYDQpvVStaOVVXT1VlSXJTdzUydDdmQUpvVVAwSm5iYkMveVIrU1lqUGhvUXNiVHduOTc2ZldBWTduM3FMOXhCd1Y0DQphek41OXNjeUp0dlhMeUtOL2N5ak1ReDRLajBIMFg0bWJ6bzVZNUtzWWtYVU0vOEFPdWZMcEd0S1NGVGgrSEFDDQpab1Q5YnZHS25adnNHd0tYZFF0Wnh0akhaUjVqK3U3ZGtQOTJBT051RFNabS8rWVV4b2tBK09JbzdSR3BwSHNXDQo1ZTdNY0FTVXRtb1FORXd6dVFoVkJaRWQ1OGtKYjUrV0VWbGNzanlXNnRTbzErZ25tTWNqR1BsMWgxR2hVbjV4DQpFY0lWRnBIWXM5YWo1NmpBSjk1MVQvZjhMaWxmTlVnanBLQ0c1bnl0SUt3emxhOHNtdGlPdm1UNEpYbXBwSkI2DQo4bmdHRVluVjUrUTYwWFJ2OEhSSGp1VG9CRHVhaERrVDA2R1JGODU1d09FR2V4bkZpMXZYWUxLVllWb1V2MXRKDQo4dVdUR1pwNllDSVJldlBqbzg5ZytWTlJSaVFYUThJd0dybXE5c0RoVTlqTjA0SjdVL1RvRDFpNHE3VnlsRUc5DQorV1VGNkNLaEdBeTJIaEhwVncyTGFoOS9lUzdZMUZ1YURrWmhPZG1laG1BOCtqdHNZamJadnR5Mm1SWlF0UUZzDQpUU1VUUjREbUR2bVVPRVRmeStpRHdzK2RkWXVNTnJGeVVYV2dkMnpBQU4ydVl1UHFGY2pRcFNPODFzVTJTU3R3DQoxVzAyeUtYOGJEYmZFdjBzbUh3UzliQnFlSGo5NEM1Mjg0YXpsdTBmaUdpTm1OUEM4ckJLRmhBPQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==
537 service:
538 name: webhook-service
539 namespace: metallb-system
540 path: /convert
541 conversionReviewVersions:
542 - v1beta1
543 - v1beta2
544 group: metallb.io
545 names:
546 kind: BGPPeer
547 listKind: BGPPeerList
548 plural: bgppeers
549 singular: bgppeer
550 scope: Namespaced
551 versions:
552 - additionalPrinterColumns:
553 - jsonPath: .spec.peerAddress
554 name: Address
555 type: string
556 - jsonPath: .spec.peerASN
557 name: ASN
558 type: string
559 - jsonPath: .spec.bfdProfile
560 name: BFD Profile
561 type: string
562 - jsonPath: .spec.ebgpMultiHop
563 name: Multi Hops
564 type: string
565 name: v1beta1
566 schema:
567 openAPIV3Schema:
568 description: BGPPeer is the Schema for the peers API.
569 properties:
570 apiVersion:
571 description: 'APIVersion defines the versioned schema of this representation
572 of an object. Servers should convert recognized schemas to the latest
573 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
574 type: string
575 kind:
576 description: 'Kind is a string value representing the REST resource this
577 object represents. Servers may infer this from the endpoint the client
578 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
579 type: string
580 metadata:
581 type: object
582 spec:
583 description: BGPPeerSpec defines the desired state of Peer.
584 properties:
585 bfdProfile:
586 type: string
587 ebgpMultiHop:
588 description: EBGP peer is multi-hops away
589 type: boolean
590 holdTime:
591 description: Requested BGP hold time, per RFC4271.
592 type: string
593 keepaliveTime:
594 description: Requested BGP keepalive time, per RFC4271.
595 type: string
596 myASN:
597 description: AS number to use for the local end of the session.
598 format: int32
599 maximum: 4294967295
600 minimum: 0
601 type: integer
602 nodeSelectors:
603 description: Only connect to this peer on nodes that match one of
604 these selectors.
605 items:
606 properties:
607 matchExpressions:
608 items:
609 properties:
610 key:
611 type: string
612 operator:
613 type: string
614 values:
615 items:
616 type: string
617 minItems: 1
618 type: array
619 required:
620 - key
621 - operator
622 - values
623 type: object
624 type: array
625 matchLabels:
626 additionalProperties:
627 type: string
628 type: object
629 type: object
630 type: array
631 password:
632 description: Authentication password for routers enforcing TCP MD5
633 authenticated sessions
634 type: string
635 peerASN:
636 description: AS number to expect from the remote end of the session.
637 format: int32
638 maximum: 4294967295
639 minimum: 0
640 type: integer
641 peerAddress:
642 description: Address to dial when establishing the session.
643 type: string
644 peerPort:
645 description: Port to dial when establishing the session.
646 maximum: 16384
647 minimum: 0
648 type: integer
649 routerID:
650 description: BGP router ID to advertise to the peer
651 type: string
652 sourceAddress:
653 description: Source address to use when establishing the session.
654 type: string
655 required:
656 - myASN
657 - peerASN
658 - peerAddress
659 type: object
660 status:
661 description: BGPPeerStatus defines the observed state of Peer.
662 type: object
663 type: object
664 served: true
665 storage: false
666 subresources:
667 status: {}
668 - additionalPrinterColumns:
669 - jsonPath: .spec.peerAddress
670 name: Address
671 type: string
672 - jsonPath: .spec.peerASN
673 name: ASN
674 type: string
675 - jsonPath: .spec.bfdProfile
676 name: BFD Profile
677 type: string
678 - jsonPath: .spec.ebgpMultiHop
679 name: Multi Hops
680 type: string
681 name: v1beta2
682 schema:
683 openAPIV3Schema:
684 description: BGPPeer is the Schema for the peers API.
685 properties:
686 apiVersion:
687 description: 'APIVersion defines the versioned schema of this representation
688 of an object. Servers should convert recognized schemas to the latest
689 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
690 type: string
691 kind:
692 description: 'Kind is a string value representing the REST resource this
693 object represents. Servers may infer this from the endpoint the client
694 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
695 type: string
696 metadata:
697 type: object
698 spec:
699 description: BGPPeerSpec defines the desired state of Peer.
700 properties:
701 bfdProfile:
702 description: The name of the BFD Profile to be used for the BFD session
703 associated to the BGP session. If not set, the BFD session won't
704 be set up.
705 type: string
706 ebgpMultiHop:
707 description: To set if the BGPPeer is multi-hops away. Needed for
708 FRR mode only.
709 type: boolean
710 holdTime:
711 description: Requested BGP hold time, per RFC4271.
712 type: string
713 keepaliveTime:
714 description: Requested BGP keepalive time, per RFC4271.
715 type: string
716 myASN:
717 description: AS number to use for the local end of the session.
718 format: int32
719 maximum: 4294967295
720 minimum: 0
721 type: integer
722 nodeSelectors:
723 description: Only connect to this peer on nodes that match one of
724 these selectors.
725 items:
726 description: A label selector is a label query over a set of resources.
727 The result of matchLabels and matchExpressions are ANDed. An empty
728 label selector matches all objects. A null label selector matches
729 no objects.
730 properties:
731 matchExpressions:
732 description: matchExpressions is a list of label selector requirements.
733 The requirements are ANDed.
734 items:
735 description: A label selector requirement is a selector that
736 contains values, a key, and an operator that relates the
737 key and values.
738 properties:
739 key:
740 description: key is the label key that the selector applies
741 to.
742 type: string
743 operator:
744 description: operator represents a key's relationship
745 to a set of values. Valid operators are In, NotIn, Exists
746 and DoesNotExist.
747 type: string
748 values:
749 description: values is an array of string values. If the
750 operator is In or NotIn, the values array must be non-empty.
751 If the operator is Exists or DoesNotExist, the values
752 array must be empty. This array is replaced during a
753 strategic merge patch.
754 items:
755 type: string
756 type: array
757 required:
758 - key
759 - operator
760 type: object
761 type: array
762 matchLabels:
763 additionalProperties:
764 type: string
765 description: matchLabels is a map of {key,value} pairs. A single
766 {key,value} in the matchLabels map is equivalent to an element
767 of matchExpressions, whose key field is "key", the operator
768 is "In", and the values array contains only "value". The requirements
769 are ANDed.
770 type: object
771 type: object
772 x-kubernetes-map-type: atomic
773 type: array
774 password:
775 description: Authentication password for routers enforcing TCP MD5
776 authenticated sessions
777 type: string
778 passwordSecret:
779 description: passwordSecret is name of the authentication secret for
780 BGP Peer. the secret must be of type "kubernetes.io/basic-auth",
781 and created in the same namespace as the MetalLB deployment. The
782 password is stored in the secret as the key "password".
783 properties:
784 name:
785 description: name is unique within a namespace to reference a
786 secret resource.
787 type: string
788 namespace:
789 description: namespace defines the space within which the secret
790 name must be unique.
791 type: string
792 type: object
793 x-kubernetes-map-type: atomic
794 peerASN:
795 description: AS number to expect from the remote end of the session.
796 format: int32
797 maximum: 4294967295
798 minimum: 0
799 type: integer
800 peerAddress:
801 description: Address to dial when establishing the session.
802 type: string
803 peerPort:
804 default: 179
805 description: Port to dial when establishing the session.
806 maximum: 16384
807 minimum: 0
808 type: integer
809 routerID:
810 description: BGP router ID to advertise to the peer
811 type: string
812 sourceAddress:
813 description: Source address to use when establishing the session.
814 type: string
815 vrf:
816 description: To set if we want to peer with the BGPPeer using an interface
817 belonging to a host vrf
818 type: string
819 required:
820 - myASN
821 - peerASN
822 - peerAddress
823 type: object
824 status:
825 description: BGPPeerStatus defines the observed state of Peer.
826 type: object
827 type: object
828 served: true
829 storage: true
830 subresources:
831 status: {}
832---
833apiVersion: apiextensions.k8s.io/v1
834kind: CustomResourceDefinition
835metadata:
836 annotations:
837 controller-gen.kubebuilder.io/version: v0.11.1
838 creationTimestamp: null
839 name: communities.metallb.io
840spec:
841 group: metallb.io
842 names:
843 kind: Community
844 listKind: CommunityList
845 plural: communities
846 singular: community
847 scope: Namespaced
848 versions:
849 - name: v1beta1
850 schema:
851 openAPIV3Schema:
852 description: Community is a collection of aliases for communities. Users can
853 define named aliases to be used in the BGPPeer CRD.
854 properties:
855 apiVersion:
856 description: 'APIVersion defines the versioned schema of this representation
857 of an object. Servers should convert recognized schemas to the latest
858 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
859 type: string
860 kind:
861 description: 'Kind is a string value representing the REST resource this
862 object represents. Servers may infer this from the endpoint the client
863 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
864 type: string
865 metadata:
866 type: object
867 spec:
868 description: CommunitySpec defines the desired state of Community.
869 properties:
870 communities:
871 items:
872 properties:
873 name:
874 description: The name of the alias for the community.
875 type: string
876 value:
877 description: The BGP community value corresponding to the given
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]878 name. Can be a standard community of the form 1234:1234 or
879 a large community of the form large:1234:1234:1234.
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]880 type: string
881 type: object
882 type: array
883 type: object
884 status:
885 description: CommunityStatus defines the observed state of Community.
886 type: object
887 type: object
888 served: true
889 storage: true
890 subresources:
891 status: {}
892---
893apiVersion: apiextensions.k8s.io/v1
894kind: CustomResourceDefinition
895metadata:
896 annotations:
897 controller-gen.kubebuilder.io/version: v0.11.1
898 creationTimestamp: null
899 name: ipaddresspools.metallb.io
900spec:
901 group: metallb.io
902 names:
903 kind: IPAddressPool
904 listKind: IPAddressPoolList
905 plural: ipaddresspools
906 singular: ipaddresspool
907 scope: Namespaced
908 versions:
909 - additionalPrinterColumns:
910 - jsonPath: .spec.autoAssign
911 name: Auto Assign
912 type: boolean
913 - jsonPath: .spec.avoidBuggyIPs
914 name: Avoid Buggy IPs
915 type: boolean
916 - jsonPath: .spec.addresses
917 name: Addresses
918 type: string
919 name: v1beta1
920 schema:
921 openAPIV3Schema:
922 description: IPAddressPool represents a pool of IP addresses that can be allocated
923 to LoadBalancer services.
924 properties:
925 apiVersion:
926 description: 'APIVersion defines the versioned schema of this representation
927 of an object. Servers should convert recognized schemas to the latest
928 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
929 type: string
930 kind:
931 description: 'Kind is a string value representing the REST resource this
932 object represents. Servers may infer this from the endpoint the client
933 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
934 type: string
935 metadata:
936 type: object
937 spec:
938 description: IPAddressPoolSpec defines the desired state of IPAddressPool.
939 properties:
940 addresses:
941 description: A list of IP address ranges over which MetalLB has authority.
942 You can list multiple ranges in a single pool, they will all share
943 the same settings. Each range can be either a CIDR prefix, or an
944 explicit start-end range of IPs.
945 items:
946 type: string
947 type: array
948 autoAssign:
949 default: true
950 description: AutoAssign flag used to prevent MetallB from automatic
951 allocation for a pool.
952 type: boolean
953 avoidBuggyIPs:
954 default: false
955 description: AvoidBuggyIPs prevents addresses ending with .0 and .255
956 to be used by a pool.
957 type: boolean
958 serviceAllocation:
959 description: AllocateTo makes ip pool allocation to specific namespace
960 and/or service. The controller will use the pool with lowest value
961 of priority in case of multiple matches. A pool with no priority
962 set will be used only if the pools with priority can't be used.
963 If multiple matching IPAddressPools are available it will check
964 for the availability of IPs sorting the matching IPAddressPools
965 by priority, starting from the highest to the lowest. If multiple
966 IPAddressPools have the same priority, choice will be random.
967 properties:
968 namespaceSelectors:
969 description: NamespaceSelectors list of label selectors to select
970 namespace(s) for ip pool, an alternative to using namespace
971 list.
972 items:
973 description: A label selector is a label query over a set of
974 resources. The result of matchLabels and matchExpressions
975 are ANDed. An empty label selector matches all objects. A
976 null label selector matches no objects.
977 properties:
978 matchExpressions:
979 description: matchExpressions is a list of label selector
980 requirements. The requirements are ANDed.
981 items:
982 description: A label selector requirement is a selector
983 that contains values, a key, and an operator that relates
984 the key and values.
985 properties:
986 key:
987 description: key is the label key that the selector
988 applies to.
989 type: string
990 operator:
991 description: operator represents a key's relationship
992 to a set of values. Valid operators are In, NotIn,
993 Exists and DoesNotExist.
994 type: string
995 values:
996 description: values is an array of string values.
997 If the operator is In or NotIn, the values array
998 must be non-empty. If the operator is Exists or
999 DoesNotExist, the values array must be empty. This
1000 array is replaced during a strategic merge patch.
1001 items:
1002 type: string
1003 type: array
1004 required:
1005 - key
1006 - operator
1007 type: object
1008 type: array
1009 matchLabels:
1010 additionalProperties:
1011 type: string
1012 description: matchLabels is a map of {key,value} pairs.
1013 A single {key,value} in the matchLabels map is equivalent
1014 to an element of matchExpressions, whose key field is
1015 "key", the operator is "In", and the values array contains
1016 only "value". The requirements are ANDed.
1017 type: object
1018 type: object
1019 x-kubernetes-map-type: atomic
1020 type: array
1021 namespaces:
1022 description: Namespaces list of namespace(s) on which ip pool
1023 can be attached.
1024 items:
1025 type: string
1026 type: array
1027 priority:
1028 description: Priority priority given for ip pool while ip allocation
1029 on a service.
1030 type: integer
1031 serviceSelectors:
1032 description: ServiceSelectors list of label selector to select
1033 service(s) for which ip pool can be used for ip allocation.
1034 items:
1035 description: A label selector is a label query over a set of
1036 resources. The result of matchLabels and matchExpressions
1037 are ANDed. An empty label selector matches all objects. A
1038 null label selector matches no objects.
1039 properties:
1040 matchExpressions:
1041 description: matchExpressions is a list of label selector
1042 requirements. The requirements are ANDed.
1043 items:
1044 description: A label selector requirement is a selector
1045 that contains values, a key, and an operator that relates
1046 the key and values.
1047 properties:
1048 key:
1049 description: key is the label key that the selector
1050 applies to.
1051 type: string
1052 operator:
1053 description: operator represents a key's relationship
1054 to a set of values. Valid operators are In, NotIn,
1055 Exists and DoesNotExist.
1056 type: string
1057 values:
1058 description: values is an array of string values.
1059 If the operator is In or NotIn, the values array
1060 must be non-empty. If the operator is Exists or
1061 DoesNotExist, the values array must be empty. This
1062 array is replaced during a strategic merge patch.
1063 items:
1064 type: string
1065 type: array
1066 required:
1067 - key
1068 - operator
1069 type: object
1070 type: array
1071 matchLabels:
1072 additionalProperties:
1073 type: string
1074 description: matchLabels is a map of {key,value} pairs.
1075 A single {key,value} in the matchLabels map is equivalent
1076 to an element of matchExpressions, whose key field is
1077 "key", the operator is "In", and the values array contains
1078 only "value". The requirements are ANDed.
1079 type: object
1080 type: object
1081 x-kubernetes-map-type: atomic
1082 type: array
1083 type: object
1084 required:
1085 - addresses
1086 type: object
1087 status:
1088 description: IPAddressPoolStatus defines the observed state of IPAddressPool.
1089 type: object
1090 required:
1091 - spec
1092 type: object
1093 served: true
1094 storage: true
1095 subresources:
1096 status: {}
1097---
1098apiVersion: apiextensions.k8s.io/v1
1099kind: CustomResourceDefinition
1100metadata:
1101 annotations:
1102 controller-gen.kubebuilder.io/version: v0.11.1
1103 creationTimestamp: null
1104 name: l2advertisements.metallb.io
1105spec:
1106 group: metallb.io
1107 names:
1108 kind: L2Advertisement
1109 listKind: L2AdvertisementList
1110 plural: l2advertisements
1111 singular: l2advertisement
1112 scope: Namespaced
1113 versions:
1114 - additionalPrinterColumns:
1115 - jsonPath: .spec.ipAddressPools
1116 name: IPAddressPools
1117 type: string
1118 - jsonPath: .spec.ipAddressPoolSelectors
1119 name: IPAddressPool Selectors
1120 type: string
1121 - jsonPath: .spec.interfaces
1122 name: Interfaces
1123 type: string
1124 - jsonPath: .spec.nodeSelectors
1125 name: Node Selectors
1126 priority: 10
1127 type: string
1128 name: v1beta1
1129 schema:
1130 openAPIV3Schema:
1131 description: L2Advertisement allows to advertise the LoadBalancer IPs provided
1132 by the selected pools via L2.
1133 properties:
1134 apiVersion:
1135 description: 'APIVersion defines the versioned schema of this representation
1136 of an object. Servers should convert recognized schemas to the latest
1137 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
1138 type: string
1139 kind:
1140 description: 'Kind is a string value representing the REST resource this
1141 object represents. Servers may infer this from the endpoint the client
1142 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
1143 type: string
1144 metadata:
1145 type: object
1146 spec:
1147 description: L2AdvertisementSpec defines the desired state of L2Advertisement.
1148 properties:
1149 interfaces:
1150 description: A list of interfaces to announce from. The LB IP will
1151 be announced only from these interfaces. If the field is not set,
1152 we advertise from all the interfaces on the host.
1153 items:
1154 type: string
1155 type: array
1156 ipAddressPoolSelectors:
1157 description: A selector for the IPAddressPools which would get advertised
1158 via this advertisement. If no IPAddressPool is selected by this
1159 or by the list, the advertisement is applied to all the IPAddressPools.
1160 items:
1161 description: A label selector is a label query over a set of resources.
1162 The result of matchLabels and matchExpressions are ANDed. An empty
1163 label selector matches all objects. A null label selector matches
1164 no objects.
1165 properties:
1166 matchExpressions:
1167 description: matchExpressions is a list of label selector requirements.
1168 The requirements are ANDed.
1169 items:
1170 description: A label selector requirement is a selector that
1171 contains values, a key, and an operator that relates the
1172 key and values.
1173 properties:
1174 key:
1175 description: key is the label key that the selector applies
1176 to.
1177 type: string
1178 operator:
1179 description: operator represents a key's relationship
1180 to a set of values. Valid operators are In, NotIn, Exists
1181 and DoesNotExist.
1182 type: string
1183 values:
1184 description: values is an array of string values. If the
1185 operator is In or NotIn, the values array must be non-empty.
1186 If the operator is Exists or DoesNotExist, the values
1187 array must be empty. This array is replaced during a
1188 strategic merge patch.
1189 items:
1190 type: string
1191 type: array
1192 required:
1193 - key
1194 - operator
1195 type: object
1196 type: array
1197 matchLabels:
1198 additionalProperties:
1199 type: string
1200 description: matchLabels is a map of {key,value} pairs. A single
1201 {key,value} in the matchLabels map is equivalent to an element
1202 of matchExpressions, whose key field is "key", the operator
1203 is "In", and the values array contains only "value". The requirements
1204 are ANDed.
1205 type: object
1206 type: object
1207 x-kubernetes-map-type: atomic
1208 type: array
1209 ipAddressPools:
1210 description: The list of IPAddressPools to advertise via this advertisement,
1211 selected by name.
1212 items:
1213 type: string
1214 type: array
1215 nodeSelectors:
1216 description: NodeSelectors allows to limit the nodes to announce as
1217 next hops for the LoadBalancer IP. When empty, all the nodes having are
1218 announced as next hops.
1219 items:
1220 description: A label selector is a label query over a set of resources.
1221 The result of matchLabels and matchExpressions are ANDed. An empty
1222 label selector matches all objects. A null label selector matches
1223 no objects.
1224 properties:
1225 matchExpressions:
1226 description: matchExpressions is a list of label selector requirements.
1227 The requirements are ANDed.
1228 items:
1229 description: A label selector requirement is a selector that
1230 contains values, a key, and an operator that relates the
1231 key and values.
1232 properties:
1233 key:
1234 description: key is the label key that the selector applies
1235 to.
1236 type: string
1237 operator:
1238 description: operator represents a key's relationship
1239 to a set of values. Valid operators are In, NotIn, Exists
1240 and DoesNotExist.
1241 type: string
1242 values:
1243 description: values is an array of string values. If the
1244 operator is In or NotIn, the values array must be non-empty.
1245 If the operator is Exists or DoesNotExist, the values
1246 array must be empty. This array is replaced during a
1247 strategic merge patch.
1248 items:
1249 type: string
1250 type: array
1251 required:
1252 - key
1253 - operator
1254 type: object
1255 type: array
1256 matchLabels:
1257 additionalProperties:
1258 type: string
1259 description: matchLabels is a map of {key,value} pairs. A single
1260 {key,value} in the matchLabels map is equivalent to an element
1261 of matchExpressions, whose key field is "key", the operator
1262 is "In", and the values array contains only "value". The requirements
1263 are ANDed.
1264 type: object
1265 type: object
1266 x-kubernetes-map-type: atomic
1267 type: array
1268 type: object
1269 status:
1270 description: L2AdvertisementStatus defines the observed state of L2Advertisement.
1271 type: object
1272 type: object
1273 served: true
1274 storage: true
1275 subresources:
1276 status: {}
1277---
1278apiVersion: v1
1279kind: ServiceAccount
1280metadata:
1281 labels:
1282 app: metallb
1283 name: controller
1284 namespace: metallb-system
1285---
1286apiVersion: v1
1287kind: ServiceAccount
1288metadata:
1289 labels:
1290 app: metallb
1291 name: speaker
1292 namespace: metallb-system
1293---
1294apiVersion: rbac.authorization.k8s.io/v1
1295kind: Role
1296metadata:
1297 labels:
1298 app: metallb
1299 name: controller
1300 namespace: metallb-system
1301rules:
1302- apiGroups:
1303 - ""
1304 resources:
1305 - secrets
1306 verbs:
1307 - create
1308 - delete
1309 - get
1310 - list
1311 - patch
1312 - update
1313 - watch
1314- apiGroups:
1315 - ""
1316 resourceNames:
1317 - memberlist
1318 resources:
1319 - secrets
1320 verbs:
1321 - list
1322- apiGroups:
1323 - apps
1324 resourceNames:
1325 - controller
1326 resources:
1327 - deployments
1328 verbs:
1329 - get
1330- apiGroups:
1331 - metallb.io
1332 resources:
1333 - bgppeers
1334 verbs:
1335 - get
1336 - list
1337- apiGroups:
1338 - metallb.io
1339 resources:
1340 - addresspools
1341 verbs:
1342 - get
1343 - list
1344 - watch
1345- apiGroups:
1346 - metallb.io
1347 resources:
1348 - bfdprofiles
1349 verbs:
1350 - get
1351 - list
1352 - watch
1353- apiGroups:
1354 - metallb.io
1355 resources:
1356 - ipaddresspools
1357 verbs:
1358 - get
1359 - list
1360 - watch
1361- apiGroups:
1362 - metallb.io
1363 resources:
1364 - bgpadvertisements
1365 verbs:
1366 - get
1367 - list
1368 - watch
1369- apiGroups:
1370 - metallb.io
1371 resources:
1372 - l2advertisements
1373 verbs:
1374 - get
1375 - list
1376 - watch
1377- apiGroups:
1378 - metallb.io
1379 resources:
1380 - communities
1381 verbs:
1382 - get
1383 - list
1384 - watch
1385---
1386apiVersion: rbac.authorization.k8s.io/v1
1387kind: Role
1388metadata:
1389 labels:
1390 app: metallb
1391 name: pod-lister
1392 namespace: metallb-system
1393rules:
1394- apiGroups:
1395 - ""
1396 resources:
1397 - pods
1398 verbs:
1399 - list
1400- apiGroups:
1401 - ""
1402 resources:
1403 - secrets
1404 verbs:
1405 - get
1406 - list
1407 - watch
1408- apiGroups:
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1409 - ""
1410 resources:
1411 - configmaps
1412 verbs:
1413 - get
1414 - list
1415 - watch
1416- apiGroups:
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1417 - metallb.io
1418 resources:
1419 - addresspools
1420 verbs:
1421 - get
1422 - list
1423 - watch
1424- apiGroups:
1425 - metallb.io
1426 resources:
1427 - bfdprofiles
1428 verbs:
1429 - get
1430 - list
1431 - watch
1432- apiGroups:
1433 - metallb.io
1434 resources:
1435 - bgppeers
1436 verbs:
1437 - get
1438 - list
1439 - watch
1440- apiGroups:
1441 - metallb.io
1442 resources:
1443 - l2advertisements
1444 verbs:
1445 - get
1446 - list
1447 - watch
1448- apiGroups:
1449 - metallb.io
1450 resources:
1451 - bgpadvertisements
1452 verbs:
1453 - get
1454 - list
1455 - watch
1456- apiGroups:
1457 - metallb.io
1458 resources:
1459 - ipaddresspools
1460 verbs:
1461 - get
1462 - list
1463 - watch
1464- apiGroups:
1465 - metallb.io
1466 resources:
1467 - communities
1468 verbs:
1469 - get
1470 - list
1471 - watch
1472---
1473apiVersion: rbac.authorization.k8s.io/v1
1474kind: ClusterRole
1475metadata:
1476 labels:
1477 app: metallb
1478 name: metallb-system:controller
1479rules:
1480- apiGroups:
1481 - ""
1482 resources:
1483 - services
1484 - namespaces
1485 verbs:
1486 - get
1487 - list
1488 - watch
1489- apiGroups:
1490 - ""
1491 resources:
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1492 - nodes
1493 verbs:
1494 - list
1495- apiGroups:
1496 - ""
1497 resources:
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1498 - services/status
1499 verbs:
1500 - update
1501- apiGroups:
1502 - ""
1503 resources:
1504 - events
1505 verbs:
1506 - create
1507 - patch
1508- apiGroups:
1509 - policy
1510 resourceNames:
1511 - controller
1512 resources:
1513 - podsecuritypolicies
1514 verbs:
1515 - use
1516- apiGroups:
1517 - admissionregistration.k8s.io
1518 resourceNames:
1519 - metallb-webhook-configuration
1520 resources:
1521 - validatingwebhookconfigurations
1522 - mutatingwebhookconfigurations
1523 verbs:
1524 - create
1525 - delete
1526 - get
1527 - list
1528 - patch
1529 - update
1530 - watch
1531- apiGroups:
1532 - admissionregistration.k8s.io
1533 resources:
1534 - validatingwebhookconfigurations
1535 - mutatingwebhookconfigurations
1536 verbs:
1537 - list
1538 - watch
1539- apiGroups:
1540 - apiextensions.k8s.io
1541 resourceNames:
1542 - addresspools.metallb.io
1543 - bfdprofiles.metallb.io
1544 - bgpadvertisements.metallb.io
1545 - bgppeers.metallb.io
1546 - ipaddresspools.metallb.io
1547 - l2advertisements.metallb.io
1548 - communities.metallb.io
1549 resources:
1550 - customresourcedefinitions
1551 verbs:
1552 - create
1553 - delete
1554 - get
1555 - list
1556 - patch
1557 - update
1558 - watch
1559- apiGroups:
1560 - apiextensions.k8s.io
1561 resources:
1562 - customresourcedefinitions
1563 verbs:
1564 - list
1565 - watch
1566---
1567apiVersion: rbac.authorization.k8s.io/v1
1568kind: ClusterRole
1569metadata:
1570 labels:
1571 app: metallb
1572 name: metallb-system:speaker
1573rules:
1574- apiGroups:
1575 - ""
1576 resources:
1577 - services
1578 - endpoints
1579 - nodes
1580 - namespaces
1581 verbs:
1582 - get
1583 - list
1584 - watch
1585- apiGroups:
1586 - discovery.k8s.io
1587 resources:
1588 - endpointslices
1589 verbs:
1590 - get
1591 - list
1592 - watch
1593- apiGroups:
1594 - ""
1595 resources:
1596 - events
1597 verbs:
1598 - create
1599 - patch
1600- apiGroups:
1601 - policy
1602 resourceNames:
1603 - speaker
1604 resources:
1605 - podsecuritypolicies
1606 verbs:
1607 - use
1608---
1609apiVersion: rbac.authorization.k8s.io/v1
1610kind: RoleBinding
1611metadata:
1612 labels:
1613 app: metallb
1614 name: controller
1615 namespace: metallb-system
1616roleRef:
1617 apiGroup: rbac.authorization.k8s.io
1618 kind: Role
1619 name: controller
1620subjects:
1621- kind: ServiceAccount
1622 name: controller
1623 namespace: metallb-system
1624---
1625apiVersion: rbac.authorization.k8s.io/v1
1626kind: RoleBinding
1627metadata:
1628 labels:
1629 app: metallb
1630 name: pod-lister
1631 namespace: metallb-system
1632roleRef:
1633 apiGroup: rbac.authorization.k8s.io
1634 kind: Role
1635 name: pod-lister
1636subjects:
1637- kind: ServiceAccount
1638 name: speaker
1639 namespace: metallb-system
1640---
1641apiVersion: rbac.authorization.k8s.io/v1
1642kind: ClusterRoleBinding
1643metadata:
1644 labels:
1645 app: metallb
1646 name: metallb-system:controller
1647roleRef:
1648 apiGroup: rbac.authorization.k8s.io
1649 kind: ClusterRole
1650 name: metallb-system:controller
1651subjects:
1652- kind: ServiceAccount
1653 name: controller
1654 namespace: metallb-system
1655---
1656apiVersion: rbac.authorization.k8s.io/v1
1657kind: ClusterRoleBinding
1658metadata:
1659 labels:
1660 app: metallb
1661 name: metallb-system:speaker
1662roleRef:
1663 apiGroup: rbac.authorization.k8s.io
1664 kind: ClusterRole
1665 name: metallb-system:speaker
1666subjects:
1667- kind: ServiceAccount
1668 name: speaker
1669 namespace: metallb-system
1670---
1671apiVersion: v1
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1672data:
1673 excludel2.yaml: |
1674 announcedInterfacesToExclude: ["docker.*", "cbr.*", "dummy.*", "virbr.*", "lxcbr.*", "veth.*", "lo", "^cali.*", "^tunl.*", "flannel.*", "kube-ipvs.*", "cni.*", "^nodelocaldns.*"]
1675kind: ConfigMap
1676metadata:
1677 name: metallb-excludel2
1678 namespace: metallb-system
1679---
1680apiVersion: v1
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1681kind: Secret
1682metadata:
1683 name: webhook-server-cert
1684 namespace: metallb-system
1685---
1686apiVersion: v1
1687kind: Service
1688metadata:
1689 name: webhook-service
1690 namespace: metallb-system
1691spec:
1692 ports:
1693 - port: 443
1694 targetPort: 9443
1695 selector:
1696 component: controller
1697---
1698apiVersion: apps/v1
1699kind: Deployment
1700metadata:
1701 labels:
1702 app: metallb
1703 component: controller
1704 name: controller
1705 namespace: metallb-system
1706spec:
1707 revisionHistoryLimit: 3
1708 selector:
1709 matchLabels:
1710 app: metallb
1711 component: controller
1712 template:
1713 metadata:
1714 annotations:
1715 prometheus.io/port: "7472"
1716 prometheus.io/scrape: "true"
1717 labels:
1718 app: metallb
1719 component: controller
1720 spec:
1721 containers:
1722 - args:
1723 - --port=7472
1724 - --log-level=info
1725 env:
1726 - name: METALLB_ML_SECRET_NAME
1727 value: memberlist
1728 - name: METALLB_DEPLOYMENT
1729 value: controller
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1730 image: quay.io/metallb/controller:v0.13.10
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1731 livenessProbe:
1732 failureThreshold: 3
1733 httpGet:
1734 path: /metrics
1735 port: monitoring
1736 initialDelaySeconds: 10
1737 periodSeconds: 10
1738 successThreshold: 1
1739 timeoutSeconds: 1
1740 name: controller
1741 ports:
1742 - containerPort: 7472
1743 name: monitoring
1744 - containerPort: 9443
1745 name: webhook-server
1746 protocol: TCP
1747 readinessProbe:
1748 failureThreshold: 3
1749 httpGet:
1750 path: /metrics
1751 port: monitoring
1752 initialDelaySeconds: 10
1753 periodSeconds: 10
1754 successThreshold: 1
1755 timeoutSeconds: 1
1756 securityContext:
1757 allowPrivilegeEscalation: false
1758 capabilities:
1759 drop:
1760 - all
1761 readOnlyRootFilesystem: true
1762 volumeMounts:
1763 - mountPath: /tmp/k8s-webhook-server/serving-certs
1764 name: cert
1765 readOnly: true
1766 nodeSelector:
1767 kubernetes.io/os: linux
1768 securityContext:
1769 fsGroup: 65534
1770 runAsNonRoot: true
1771 runAsUser: 65534
1772 serviceAccountName: controller
1773 terminationGracePeriodSeconds: 0
1774 volumes:
1775 - name: cert
1776 secret:
1777 defaultMode: 420
1778 secretName: webhook-server-cert
1779---
1780apiVersion: apps/v1
1781kind: DaemonSet
1782metadata:
1783 labels:
1784 app: metallb
1785 component: speaker
1786 name: speaker
1787 namespace: metallb-system
1788spec:
1789 selector:
1790 matchLabels:
1791 app: metallb
1792 component: speaker
1793 template:
1794 metadata:
1795 annotations:
1796 prometheus.io/port: "7472"
1797 prometheus.io/scrape: "true"
1798 labels:
1799 app: metallb
1800 component: speaker
1801 spec:
1802 containers:
1803 - args:
1804 - --port=7472
1805 - --log-level=info
1806 env:
1807 - name: METALLB_NODE_NAME
1808 valueFrom:
1809 fieldRef:
1810 fieldPath: spec.nodeName
1811 - name: METALLB_HOST
1812 valueFrom:
1813 fieldRef:
1814 fieldPath: status.hostIP
1815 - name: METALLB_ML_BIND_ADDR
1816 valueFrom:
1817 fieldRef:
1818 fieldPath: status.podIP
1819 - name: METALLB_ML_LABELS
1820 value: app=metallb,component=speaker
1821 - name: METALLB_ML_SECRET_KEY_PATH
1822 value: /etc/ml_secret_key
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1823 image: quay.io/metallb/speaker:v0.13.10
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1824 livenessProbe:
1825 failureThreshold: 3
1826 httpGet:
1827 path: /metrics
1828 port: monitoring
1829 initialDelaySeconds: 10
1830 periodSeconds: 10
1831 successThreshold: 1
1832 timeoutSeconds: 1
1833 name: speaker
1834 ports:
1835 - containerPort: 7472
1836 name: monitoring
1837 - containerPort: 7946
1838 name: memberlist-tcp
1839 - containerPort: 7946
1840 name: memberlist-udp
1841 protocol: UDP
1842 readinessProbe:
1843 failureThreshold: 3
1844 httpGet:
1845 path: /metrics
1846 port: monitoring
1847 initialDelaySeconds: 10
1848 periodSeconds: 10
1849 successThreshold: 1
1850 timeoutSeconds: 1
1851 securityContext:
1852 allowPrivilegeEscalation: false
1853 capabilities:
1854 add:
1855 - NET_RAW
1856 drop:
1857 - ALL
1858 readOnlyRootFilesystem: true
1859 volumeMounts:
1860 - mountPath: /etc/ml_secret_key
1861 name: memberlist
1862 readOnly: true
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1863 - mountPath: /etc/metallb
1864 name: metallb-excludel2
1865 readOnly: true
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1866 hostNetwork: true
1867 nodeSelector:
1868 kubernetes.io/os: linux
1869 serviceAccountName: speaker
1870 terminationGracePeriodSeconds: 2
1871 tolerations:
1872 - effect: NoSchedule
1873 key: node-role.kubernetes.io/master
1874 operator: Exists
1875 - effect: NoSchedule
1876 key: node-role.kubernetes.io/control-plane
1877 operator: Exists
1878 volumes:
1879 - name: memberlist
1880 secret:
1881 defaultMode: 420
1882 secretName: memberlist
Giorgi Lekveishvili26224802023-06-09 13:08:28 +0400[diff] [blame]1883 - configMap:
1884 defaultMode: 256
1885 name: metallb-excludel2
1886 name: metallb-excludel2
Giorgi Lekveishvili725bb392023-05-05 18:24:27 +0400[diff] [blame]1887---
1888apiVersion: admissionregistration.k8s.io/v1
1889kind: ValidatingWebhookConfiguration
1890metadata:
1891 creationTimestamp: null
1892 name: metallb-webhook-configuration
1893webhooks:
1894- admissionReviewVersions:
1895 - v1
1896 clientConfig:
1897 service:
1898 name: webhook-service
1899 namespace: metallb-system
1900 path: /validate-metallb-io-v1beta2-bgppeer
1901 failurePolicy: Fail
1902 name: bgppeersvalidationwebhook.metallb.io
1903 rules:
1904 - apiGroups:
1905 - metallb.io
1906 apiVersions:
1907 - v1beta2
1908 operations:
1909 - CREATE
1910 - UPDATE
1911 resources:
1912 - bgppeers
1913 sideEffects: None
1914- admissionReviewVersions:
1915 - v1
1916 clientConfig:
1917 service:
1918 name: webhook-service
1919 namespace: metallb-system
1920 path: /validate-metallb-io-v1beta1-addresspool
1921 failurePolicy: Fail
1922 name: addresspoolvalidationwebhook.metallb.io
1923 rules:
1924 - apiGroups:
1925 - metallb.io
1926 apiVersions:
1927 - v1beta1
1928 operations:
1929 - CREATE
1930 - UPDATE
1931 resources:
1932 - addresspools
1933 sideEffects: None
1934- admissionReviewVersions:
1935 - v1
1936 clientConfig:
1937 service:
1938 name: webhook-service
1939 namespace: metallb-system
1940 path: /validate-metallb-io-v1beta1-bfdprofile
1941 failurePolicy: Fail
1942 name: bfdprofilevalidationwebhook.metallb.io
1943 rules:
1944 - apiGroups:
1945 - metallb.io
1946 apiVersions:
1947 - v1beta1
1948 operations:
1949 - CREATE
1950 - DELETE
1951 resources:
1952 - bfdprofiles
1953 sideEffects: None
1954- admissionReviewVersions:
1955 - v1
1956 clientConfig:
1957 service:
1958 name: webhook-service
1959 namespace: metallb-system
1960 path: /validate-metallb-io-v1beta1-bgpadvertisement
1961 failurePolicy: Fail
1962 name: bgpadvertisementvalidationwebhook.metallb.io
1963 rules:
1964 - apiGroups:
1965 - metallb.io
1966 apiVersions:
1967 - v1beta1
1968 operations:
1969 - CREATE
1970 - UPDATE
1971 resources:
1972 - bgpadvertisements
1973 sideEffects: None
1974- admissionReviewVersions:
1975 - v1
1976 clientConfig:
1977 service:
1978 name: webhook-service
1979 namespace: metallb-system
1980 path: /validate-metallb-io-v1beta1-community
1981 failurePolicy: Fail
1982 name: communityvalidationwebhook.metallb.io
1983 rules:
1984 - apiGroups:
1985 - metallb.io
1986 apiVersions:
1987 - v1beta1
1988 operations:
1989 - CREATE
1990 - UPDATE
1991 resources:
1992 - communities
1993 sideEffects: None
1994- admissionReviewVersions:
1995 - v1
1996 clientConfig:
1997 service:
1998 name: webhook-service
1999 namespace: metallb-system
2000 path: /validate-metallb-io-v1beta1-ipaddresspool
2001 failurePolicy: Fail
2002 name: ipaddresspoolvalidationwebhook.metallb.io
2003 rules:
2004 - apiGroups:
2005 - metallb.io
2006 apiVersions:
2007 - v1beta1
2008 operations:
2009 - CREATE
2010 - UPDATE
2011 resources:
2012 - ipaddresspools
2013 sideEffects: None
2014- admissionReviewVersions:
2015 - v1
2016 clientConfig:
2017 service:
2018 name: webhook-service
2019 namespace: metallb-system
2020 path: /validate-metallb-io-v1beta1-l2advertisement
2021 failurePolicy: Fail
2022 name: l2advertisementvalidationwebhook.metallb.io
2023 rules:
2024 - apiGroups:
2025 - metallb.io
2026 apiVersions:
2027 - v1beta1
2028 operations:
2029 - CREATE
2030 - UPDATE
2031 resources:
2032 - l2advertisements
2033 sideEffects: None