diff --git a/eks.amazonaws.com/ingressclassparams_v1.json b/eks.amazonaws.com/ingressclassparams_v1.json new file mode 100644 index 00000000..b68313e4 --- /dev/null +++ b/eks.amazonaws.com/ingressclassparams_v1.json @@ -0,0 +1,276 @@ +{ + "description": "IngressClassParams is the Schema for the IngressClassParams API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "IngressClassParamsSpec defines the desired state of IngressClassParams", + "properties": { + "certificateARNs": { + "description": "CertificateARNs specifies ARNs of the certificates for all Ingresses that belong to IngressClass with this IngressClassParams.", + "items": { + "type": "string" + }, + "type": "array" + }, + "group": { + "description": "Group defines the IngressGroup for all Ingresses that belong to IngressClass with this IngressClassParams.", + "properties": { + "name": { + "description": "Name is the name of IngressGroup.", + "maxLength": 63, + "minLength": 1, + "pattern": "^([a-z0-9][-a-z0-9.]*)?[a-z0-9]$", + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "inboundCIDRs": { + "description": "InboundCIDRs specifies the CIDRs that are allowed to access the Ingresses that belong to IngressClass with this IngressClassParams.", + "items": { + "type": "string" + }, + "type": "array" + }, + "ipAddressType": { + "description": "IPAddressType defines the ip address type for all Ingresses that belong to IngressClass with this IngressClassParams.", + "enum": [ + "ipv4", + "dualstack", + "dualstack-without-public-ipv4" + ], + "type": "string" + }, + "listeners": { + "description": "Listeners define a list of listeners with their protocol, port and attributes.", + "items": { + "description": "Listener defines listeners settings for load balancers", + "properties": { + "attributes": { + "description": "The attributes of the listener", + "items": { + "description": "ListenerAttribute defines attributes on listeners", + "properties": { + "key": { + "description": "The key of the attribute.", + "maxLength": 256, + "minLength": 1, + "type": "string" + }, + "value": { + "description": "The value of the attribute.", + "maxLength": 1024, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "port": { + "description": "The port of the listener", + "format": "int32", + "maximum": 65535, + "minimum": 1, + "type": "integer" + }, + "protocol": { + "description": "The protocol of the listener", + "enum": [ + "HTTP", + "HTTPS" + ], + "type": "string" + } + }, + "required": [ + "port", + "protocol" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "loadBalancerAttributes": { + "description": "LoadBalancerAttributes define the custom attributes to LoadBalancers for all Ingress that belong to IngressClass with this IngressClassParams.", + "items": { + "description": "LoadBalancerAttribute defines attributes on load balancer", + "properties": { + "key": { + "description": "The key of the attribute.", + "maxLength": 256, + "minLength": 1, + "type": "string" + }, + "value": { + "description": "The value of the attribute.", + "maxLength": 1024, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "namespaceSelector": { + "description": "NamespaceSelector restrict the namespaces of Ingresses that are allowed to specify the IngressClass with this IngressClassParams.\nIf absent or present but empty, it selects all namespaces.", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "scheme": { + "description": "Scheme defines the scheme for all Ingresses that belong to IngressClass with this IngressClassParams.", + "enum": [ + "internal", + "internet-facing" + ], + "type": "string" + }, + "sslPolicy": { + "description": "SSLPolicy specifies the SSL Policy for all Ingresses that belong to IngressClass with this IngressClassParams.", + "type": "string" + }, + "subnets": { + "description": "Subnets defines the subnets for all Ingresses that belong to IngressClass with this IngressClassParams.", + "properties": { + "ids": { + "description": "ids specify the resource IDs of subnets within the load balancer's VPC\nMust specify exactly one of `ids` or `matchTags`\"", + "items": { + "pattern": "^subnet-[0-9a-f]+$", + "type": "string" + }, + "type": "array" + }, + "matchTags": { + "description": "matchTags specify the tag requirements of subnets within the load balancer's VPC.\nMust specify exactly one of `ids` or `matchTags`\"", + "items": { + "description": "TagSelectorRequirement is the tag requirement to select subnets by tags", + "properties": { + "key": { + "description": "key is the tag key that the selector applies to.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "values": { + "description": "values is an array of string values.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "required": [ + "key" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + }, + "tags": { + "description": "Tags defines list of Tags on AWS resources provisioned for Ingresses that belong to IngressClass with this IngressClassParams.", + "items": { + "description": "Tag defines an AWS Tag assigned to resources.", + "properties": { + "key": { + "description": "The key of the tag.", + "maxLength": 128, + "minLength": 1, + "type": "string" + }, + "value": { + "description": "The value of the tag.", + "maxLength": 256, + "minLength": 0, + "type": "string" + } + }, + "required": [ + "key", + "value" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.amazonaws.com/nodeclass_v1.json b/eks.amazonaws.com/nodeclass_v1.json new file mode 100644 index 00000000..b17921ac --- /dev/null +++ b/eks.amazonaws.com/nodeclass_v1.json @@ -0,0 +1,358 @@ +{ + "description": "NodeClass is the Schema for the NodeClass API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "NodeClassSpec is the top level specification for the AWS Karpenter Provider.\nThis will contain configuration necessary to launch instances in AWS.", + "properties": { + "ephemeralStorage": { + "default": { + "iops": 3000, + "size": "80Gi", + "throughput": 125 + }, + "description": "EphemeralStorage specifies the default data volume storage attached to the node", + "properties": { + "iops": { + "default": 3000, + "description": "The IOPS for ephemeral storage", + "format": "int64", + "maximum": 16000, + "minimum": 3000, + "type": "integer" + }, + "size": { + "default": "80Gi", + "description": "The size of the ephemeral storage", + "pattern": "^((?:[1-9][0-9]{0,3}|[1-4][0-9]{4}|[5][0-8][0-9]{3}|59000)Gi|(?:[1-9][0-9]{0,3}|[1-5][0-9]{4}|[6][0-3][0-9]{3}|64000)G|([1-9]||[1-5][0-7]|58)Ti|([1-9]||[1-5][0-9]|6[0-3]|64)T)$", + "type": "string" + }, + "throughput": { + "default": 125, + "description": "The throughput for ephemeral storage", + "format": "int64", + "maximum": 1000, + "minimum": 125, + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + }, + "networkPolicy": { + "default": "DefaultAllow", + "description": "NetworkPolicy tells the network policy agent how it should enforce network policies against pods\nBy default, the Amazon VPC CNI plugin for Kubernetes configures network policies for pods in parallel with the pod provisioning\nIn the DefaultAllow mode, until all of the policies are configured for the new pod, containers in the new pod will start with a default allow policy.\nA default allow policy means that all ingress and egress traffic is allowed to and from the new pods\nIn the DefaultDeny mode, a new pod will be blocked from Egress and Ingress connections till a qualifying Network Policy is applied\nIn this mode, you must have a network policy defined for every pod in your cluster. Host Networking pods are exempted from this requirement.", + "enum": [ + "DefaultAllow", + "DefaultDeny" + ], + "type": "string" + }, + "networkPolicyEventLogs": { + "default": "Disabled", + "description": "NetworkPolicyEventLogs controls whether Network Policy event logging is enabled on the nodes.\nBy default, this value is set to Disabled. When set to Enabled, the Network Policy Agent on the node will log the outcomes of network policy decisions.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string" + }, + "role": { + "description": "Role is the AWS identity that nodes use. This field is immutable.\nThis field is mutually exclusive from instanceProfile.\nMarking this field as immutable avoids concerns around terminating managed instance profiles from running instances.\nThis field may be made mutable in the future, assuming the correct garbage collection and drift handling is implemented\nfor the old instance profiles on an update.", + "maxLength": 64, + "type": "string", + "x-kubernetes-validations": [ + { + "message": "role cannot be empty", + "rule": "self != ''" + }, + { + "message": "immutable field changed", + "rule": "self == oldSelf" + } + ] + }, + "securityGroupSelectorTerms": { + "description": "SecurityGroupSelectorTerms is a list of or security group selector terms. The terms are ORed.", + "items": { + "description": "SecurityGroupSelectorTerm defines selection logic for a security group used by Karpenter to launch nodes.\nIf multiple fields are used for selection, the requirements are ANDed.", + "properties": { + "id": { + "description": "ID is the security group id in EC2", + "pattern": "sg-[0-9a-z]+", + "type": "string" + }, + "name": { + "description": "Name is the security group name in EC2.\nThis value is the name field, which is different from the name tag.", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags is a map of key/value tags used to select subnets\nSpecifying '*' for a value selects all values for a given tag key.", + "maxProperties": 20, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "empty tag keys or values aren't supported", + "rule": "self.all(k, k != '' && self[k] != '')" + } + ] + } + }, + "type": "object", + "additionalProperties": false + }, + "maxItems": 30, + "type": "array", + "x-kubernetes-validations": [ + { + "message": "securityGroupSelectorTerms cannot be empty", + "rule": "self.size() != 0" + }, + { + "message": "expected at least one, got none, ['tags', 'id', 'name']", + "rule": "self.all(x, has(x.tags) || has(x.id) || has(x.name))" + }, + { + "message": "'id' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms", + "rule": "!self.all(x, has(x.id) && (has(x.tags) || has(x.name)))" + }, + { + "message": "'name' is mutually exclusive, cannot be set with a combination of other fields in securityGroupSelectorTerms", + "rule": "!self.all(x, has(x.name) && (has(x.tags) || has(x.id)))" + } + ] + }, + "snatPolicy": { + "default": "Random", + "description": "SNATPolicy specifies how SNAT (Source Network Address Translation) is configured on the node\nIf SNATPolicy is set to Disabled, the SNAT iptables rule and off-VPC IP rule are not applied, and these rules are removed if they have already been applied\nDo not use SNATPolicy Disabled if you need to allow inbound communication to your pods from external VPNs, direct connections, and external VPCs,\nand your pods do not need to access the Internet directly via an Internet Gateway.\nIf SNATPolicy is set to Random, the CNI will use PRNG, meaning that --random-fully will be added to the SNAT iptables rule\nEnabling this functionality means that outbound connections will be assigned a source port that is not necessarily part of the ephemeral port range set at the OS level", + "enum": [ + "Random", + "Disabled" + ], + "type": "string" + }, + "subnetSelectorTerms": { + "description": "SubnetSelectorTerms is a list of or subnet selector terms. The terms are ORed.", + "items": { + "description": "SubnetSelectorTerm defines selection logic for a subnet used by Karpenter to launch nodes.\nIf multiple fields are used for selection, the requirements are ANDed.", + "properties": { + "id": { + "description": "ID is the subnet id in EC2", + "pattern": "subnet-[0-9a-z]+", + "type": "string" + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags is a map of key/value tags used to select subnets\nSpecifying '*' for a value selects all values for a given tag key.", + "maxProperties": 20, + "type": "object", + "x-kubernetes-validations": [ + { + "message": "empty tag keys or values aren't supported", + "rule": "self.all(k, k != '' && self[k] != '')" + } + ] + } + }, + "type": "object", + "additionalProperties": false + }, + "maxItems": 30, + "type": "array", + "x-kubernetes-validations": [ + { + "message": "subnetSelectorTerms cannot be empty", + "rule": "self.size() != 0" + }, + { + "message": "expected at least one, got none, ['tags', 'id']", + "rule": "self.all(x, has(x.tags) || has(x.id))" + }, + { + "message": "'id' is mutually exclusive, cannot be set with a combination of other fields in subnetSelectorTerms", + "rule": "!self.all(x, has(x.id) && has(x.tags))" + } + ] + }, + "tags": { + "additionalProperties": { + "type": "string" + }, + "description": "Tags to be applied on ec2 resources like instances and launch templates.", + "type": "object", + "x-kubernetes-validations": [ + { + "message": "empty tag keys aren't supported", + "rule": "self.all(k, k != '')" + }, + { + "message": "tag contains a restricted tag matching kubernetes.io/cluster/", + "rule": "self.all(k, !k.startsWith('kubernetes.io/cluster') )" + }, + { + "message": "tag contains a restricted tag matching karpenter.sh/provisioner-name", + "rule": "self.all(k, k != 'karpenter.sh/provisioner-name')" + }, + { + "message": "tag contains a restricted tag matching karpenter.sh/nodepool", + "rule": "self.all(k, k != 'karpenter.sh/nodepool')" + }, + { + "message": "tag contains a restricted tag matching karpenter.sh/nodeclaim", + "rule": "self.all(k, k != 'karpenter.sh/nodeclaim')" + }, + { + "message": "tag contains a restricted tag matching karpenter.sh/managed-by", + "rule": "self.all(k, k !='karpenter.sh/managed-by')" + }, + { + "message": "tag contains a restricted tag matching eks.amazonaws.com/nodeclass", + "rule": "self.all(k, k !='eks.amazonaws.com/nodeclass')" + } + ] + } + }, + "required": [ + "role", + "securityGroupSelectorTerms", + "subnetSelectorTerms" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "NodeClassStatus contains the resolved state of the EKSNodeClass", + "properties": { + "conditions": { + "items": { + "description": "Condition aliases the upstream type and adds additional helper methods", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "instanceProfile": { + "description": "InstanceProfile contains the resolved instance profile for the role", + "type": "string" + }, + "securityGroups": { + "description": "SecurityGroups contains the current Security Groups values that are available to the\ncluster under the SecurityGroups selectors.", + "items": { + "description": "SecurityGroup contains resolved SecurityGroup selector values utilized for node launch", + "properties": { + "id": { + "description": "ID of the security group", + "type": "string" + }, + "name": { + "description": "Name of the security group", + "type": "string" + } + }, + "required": [ + "id" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "subnets": { + "description": "Subnets contains the current Subnet values that are available to the\ncluster under the subnet selectors.", + "items": { + "description": "Subnet contains resolved Subnet selector values utilized for node launch", + "properties": { + "id": { + "description": "ID of the subnet", + "type": "string" + }, + "zone": { + "description": "The associated availability zone", + "type": "string" + }, + "zoneID": { + "description": "The associated availability zone ID", + "type": "string" + } + }, + "required": [ + "id", + "zone" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "required": [ + "spec" + ], + "type": "object" +} diff --git a/eks.amazonaws.com/nodediagnostic_v1alpha1.json b/eks.amazonaws.com/nodediagnostic_v1alpha1.json new file mode 100644 index 00000000..045f3944 --- /dev/null +++ b/eks.amazonaws.com/nodediagnostic_v1alpha1.json @@ -0,0 +1,180 @@ +{ + "description": "The name of the NodeDiagnostic resource is meant to match the name of the\nnode which should perform the diagnostic tasks", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "logCapture": { + "description": "LogCapture is a definition for a diagnostic task that will package relevant\nlogs and stats into a tarball and deliver it to a provided destination.", + "properties": { + "categories": { + "default": [ + "All" + ], + "description": "Categories are log source groups for the LogCapture task.", + "items": { + "description": "LogCategory is a grouping of log sources to read from when performing a\nLogCapture task.", + "enum": [ + "Base", + "Device", + "Networking", + "Runtime", + "System", + "All" + ], + "type": "string" + }, + "type": "array" + }, + "destination": { + "description": "UploadDestination is a URL describing where to deliver a diagnostic artifact.", + "type": "string" + } + }, + "required": [ + "destination" + ], + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "status": { + "properties": { + "captureStatuses": { + "items": { + "description": "CaptureStatus describes the type and state of a capture task.", + "properties": { + "state": { + "properties": { + "completed": { + "properties": { + "finishedAt": { + "format": "date-time", + "type": "string" + }, + "message": { + "type": "string" + }, + "reason": { + "type": "string" + }, + "startedAt": { + "format": "date-time", + "type": "string" + } + }, + "required": [ + "finishedAt", + "message", + "reason", + "startedAt" + ], + "type": "object", + "additionalProperties": false + }, + "running": { + "properties": { + "startedAt": { + "format": "date-time", + "type": "string" + } + }, + "required": [ + "startedAt" + ], + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "type": { + "description": "The set of diagnostic tasks supported by the NodeDiagnostic resource.", + "type": "string" + } + }, + "required": [ + "state", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + }, + "conditions": { + "items": { + "description": "Condition aliases the upstream type and adds additional helper methods", + "properties": { + "lastTransitionTime": { + "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", + "format": "date-time", + "type": "string" + }, + "message": { + "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "description": "status of the condition, one of True, False, Unknown.", + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +} diff --git a/eks.amazonaws.com/targetgroupbinding_v1.json b/eks.amazonaws.com/targetgroupbinding_v1.json new file mode 100644 index 00000000..8b8ac637 --- /dev/null +++ b/eks.amazonaws.com/targetgroupbinding_v1.json @@ -0,0 +1,212 @@ +{ + "description": "TargetGroupBinding is the Schema for the TargetGroupBinding API", + "properties": { + "apiVersion": { + "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + "type": "string" + }, + "kind": { + "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "description": "TargetGroupBindingSpec defines the desired state of TargetGroupBinding", + "properties": { + "networking": { + "description": "networking defines the networking rules to allow ELBv2 LoadBalancer to access targets in TargetGroup.", + "properties": { + "ingress": { + "description": "List of ingress rules to allow ELBv2 LoadBalancer to access targets in TargetGroup.", + "items": { + "description": "NetworkingIngressRule defines a particular set of traffic that is allowed to access TargetGroup's targets.", + "properties": { + "from": { + "description": "List of peers which should be able to access the targets in TargetGroup.\nAt least one NetworkingPeer should be specified.", + "items": { + "description": "NetworkingPeer defines the source/destination peer for networking rules.", + "properties": { + "securityGroup": { + "description": "SecurityGroup defines a SecurityGroup peer.\nIf specified, none of the other fields can be set.", + "properties": { + "groupID": { + "description": "GroupID is the EC2 SecurityGroupID.", + "minLength": 1, + "type": "string" + } + }, + "required": [ + "groupID" + ], + "type": "object", + "additionalProperties": false + } + }, + "type": "object", + "additionalProperties": false + }, + "minItems": 1, + "type": "array" + }, + "ports": { + "description": "List of ports which should be made accessible on the targets in TargetGroup.\nIf ports is empty or unspecified, it defaults to all ports with TCP.", + "items": { + "description": "NetworkingPort defines the port and protocol for networking rules.", + "properties": { + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "The port which traffic must match.\nWhen NodePort endpoints(instance TargetType) is used, this must be a numerical port.\nWhen Port endpoints(ip TargetType) is used, this can be either numerical or named port on pods.\nif port is unspecified, it defaults to all ports.", + "x-kubernetes-int-or-string": true + }, + "protocol": { + "description": "The protocol which traffic must match.\nIf protocol is unspecified, it defaults to TCP.", + "enum": [ + "TCP", + "UDP" + ], + "type": "string" + } + }, + "type": "object", + "additionalProperties": false + }, + "type": "array" + } + }, + "required": [ + "from" + ], + "type": "object", + "additionalProperties": false + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "ingress" + ], + "type": "object", + "additionalProperties": false + }, + "nodeSelector": { + "description": "node selector for instance type target groups to only register certain nodes", + "properties": { + "matchExpressions": { + "description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.", + "items": { + "description": "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values.", + "properties": { + "key": { + "description": "key is the label key that the selector applies to.", + "type": "string" + }, + "operator": { + "description": "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist.", + "type": "string" + }, + "values": { + "description": "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch.", + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object", + "additionalProperties": false + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed.", + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic", + "additionalProperties": false + }, + "serviceRef": { + "description": "serviceRef is a reference to a Kubernetes Service and ServicePort.", + "properties": { + "name": { + "description": "Name is the name of the Service.", + "minLength": 1, + "type": "string" + }, + "port": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "description": "Port is the port of the ServicePort.", + "x-kubernetes-int-or-string": true + } + }, + "required": [ + "name", + "port" + ], + "type": "object", + "additionalProperties": false + }, + "targetGroupARN": { + "description": "targetGroupARN is the Amazon Resource Name (ARN) for the TargetGroup.", + "minLength": 1, + "type": "string" + }, + "targetType": { + "description": "targetType defines how to bind targets into targetGroup.", + "enum": [ + "instance", + "ip" + ], + "type": "string" + } + }, + "required": [ + "serviceRef", + "targetGroupARN", + "targetType" + ], + "type": "object", + "additionalProperties": false + }, + "status": { + "description": "TargetGroupBindingStatus defines the observed state of TargetGroupBinding", + "properties": { + "observedGeneration": { + "description": "The generation observed by the TargetGroupBinding controller.", + "format": "int64", + "type": "integer" + } + }, + "type": "object", + "additionalProperties": false + } + }, + "type": "object" +}