andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/hashicorp/consul/templates/crd-meshes.yaml

211 lines
10 KiB
YAML
Raw Normal View History

Charts CI ``` Updated: argo/argo-cd: - 5.13.9 asserts/asserts: - 1.13.0 bitnami/mariadb: - 11.4.0 bitnami/mysql: - 9.4.4 bitnami/spark: - 6.3.11 bitnami/wordpress: - 15.2.16 hashicorp/consul: - 1.0.0 instana/instana-agent: - 1.2.48 jenkins/jenkins: - 4.2.14 redpanda/redpanda: - 2.3.1 yugabyte/yugabyte: - 2.14.5 yugabyte/yugaware: - 2.14.5 ```
2022-11-18 23:16:29 +00:00
{{- if .Values.connectInject.enabled }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
name: meshes.consul.hashicorp.com
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: crd
spec:
group: consul.hashicorp.com
names:
kind: Mesh
listKind: MeshList
plural: meshes
singular: mesh
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The sync status of the resource with Consul
jsonPath: .status.conditions[?(@.type=="Synced")].status
name: Synced
type: string
- description: The last successful synced time of the resource with Consul
jsonPath: .status.lastSyncedTime
name: Last Synced
type: date
- description: The age of the resource
jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Mesh is the Schema for the mesh API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MeshSpec defines the desired state of Mesh.
properties:
http:
description: HTTP defines the HTTP configuration for the service mesh.
properties:
sanitizeXForwardedClientCert:
type: boolean
required:
- sanitizeXForwardedClientCert
type: object
peering:
description: Peering defines the peering configuration for the service
mesh.
properties:
peerThroughMeshGateways:
description: PeerThroughMeshGateways determines whether peering
traffic between control planes should flow through mesh gateways.
If enabled, Consul servers will advertise mesh gateway addresses
as their own. Additionally, mesh gateways will configure themselves
to expose the local servers using a peering-specific SNI.
type: boolean
type: object
tls:
description: TLS defines the TLS configuration for the service mesh.
properties:
incoming:
description: Incoming defines the TLS configuration for inbound
mTLS connections targeting the public listener on Connect and
TerminatingGateway proxy kinds.
properties:
cipherSuites:
description: CipherSuites sets the default list of TLS cipher
suites to support when negotiating connections using TLS
1.2 or earlier. If unspecified, Envoy will use a default
server cipher list. The list of supported cipher suites
can be seen in https://github.com/hashicorp/consul/blob/v1.11.2/types/tls.go#L154-L169
and is dependent on underlying support in Envoy. Future
releases of Envoy may remove currently-supported but insecure
cipher suites, and future releases of Consul may add new
supported cipher suites if any are added to Envoy.
items:
type: string
type: array
tlsMaxVersion:
description: TLSMaxVersion sets the default maximum TLS version
supported. Must be greater than or equal to `TLSMinVersion`.
One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`.
If unspecified, Envoy will default to TLS 1.3 as a max version
for incoming connections.
type: string
tlsMinVersion:
description: TLSMinVersion sets the default minimum TLS version
supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`,
or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer will
default to TLS 1.2 as a min version, while older releases
of Envoy default to TLS 1.0.
type: string
type: object
outgoing:
description: Outgoing defines the TLS configuration for outbound
mTLS connections dialing upstreams from Connect and IngressGateway
proxy kinds.
properties:
cipherSuites:
description: CipherSuites sets the default list of TLS cipher
suites to support when negotiating connections using TLS
1.2 or earlier. If unspecified, Envoy will use a default
server cipher list. The list of supported cipher suites
can be seen in https://github.com/hashicorp/consul/blob/v1.11.2/types/tls.go#L154-L169
and is dependent on underlying support in Envoy. Future
releases of Envoy may remove currently-supported but insecure
cipher suites, and future releases of Consul may add new
supported cipher suites if any are added to Envoy.
items:
type: string
type: array
tlsMaxVersion:
description: TLSMaxVersion sets the default maximum TLS version
supported. Must be greater than or equal to `TLSMinVersion`.
One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`, or `TLSv1_3`.
If unspecified, Envoy will default to TLS 1.3 as a max version
for incoming connections.
type: string
tlsMinVersion:
description: TLSMinVersion sets the default minimum TLS version
supported. One of `TLS_AUTO`, `TLSv1_0`, `TLSv1_1`, `TLSv1_2`,
or `TLSv1_3`. If unspecified, Envoy v1.22.0 and newer will
default to TLS 1.2 as a min version, while older releases
of Envoy default to TLS 1.0.
type: string
type: object
type: object
transparentProxy:
description: TransparentProxy controls the configuration specific
to proxies in "transparent" mode. Added in v1.10.0.
properties:
meshDestinationsOnly:
description: MeshDestinationsOnly determines whether sidecar proxies
operating in "transparent" mode can proxy traffic to IP addresses
not registered in Consul's catalog. If enabled, traffic will
only be proxied to upstreams with service registrations in the
catalog.
type: boolean
type: object
type: object
status:
properties:
conditions:
description: Conditions indicate the latest available observations
of a resource's current state.
items:
description: 'Conditions define a readiness condition for a Consul
resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
properties:
lastTransitionTime:
description: LastTransitionTime is the last time the condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition.
type: string
required:
- status
- type
type: object
type: array
lastSyncedTime:
description: LastSyncedTime is the last time the resource successfully
synced with Consul.
format: date-time
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
{{- end }}