128 lines
6.3 KiB
Go
128 lines
6.3 KiB
Go
package v1alpha1
|
|
|
|
import (
|
|
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
|
"github.com/traefik/traefik/v3/pkg/types"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/apimachinery/pkg/util/intstr"
|
|
)
|
|
|
|
// IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
|
|
type IngressRouteTCPSpec struct {
|
|
// Routes defines the list of routes.
|
|
Routes []RouteTCP `json:"routes"`
|
|
// EntryPoints defines the list of entry point names to bind to.
|
|
// Entry points have to be configured in the static configuration.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/
|
|
// Default: all.
|
|
EntryPoints []string `json:"entryPoints,omitempty"`
|
|
// TLS defines the TLS configuration on a layer 4 / TCP Route.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
|
TLS *TLSTCP `json:"tls,omitempty"`
|
|
}
|
|
|
|
// RouteTCP holds the TCP route configuration.
|
|
type RouteTCP struct {
|
|
// Match defines the router's rule.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
|
|
Match string `json:"match"`
|
|
// Priority defines the router's priority.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
|
|
Priority int `json:"priority,omitempty"`
|
|
// Syntax defines the router's rule syntax.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
|
|
Syntax string `json:"syntax,omitempty"`
|
|
// Services defines the list of TCP services.
|
|
Services []ServiceTCP `json:"services,omitempty"`
|
|
// Middlewares defines the list of references to MiddlewareTCP resources.
|
|
Middlewares []ObjectReference `json:"middlewares,omitempty"`
|
|
}
|
|
|
|
// TLSTCP holds the TLS configuration for an IngressRouteTCP.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1
|
|
type TLSTCP struct {
|
|
// SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
|
|
SecretName string `json:"secretName,omitempty"`
|
|
// Passthrough defines whether a TLS router will terminate the TLS connection.
|
|
Passthrough bool `json:"passthrough,omitempty"`
|
|
// Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
|
|
// If not defined, the `default` TLSOption is used.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
|
|
Options *ObjectReference `json:"options,omitempty"`
|
|
// Store defines the reference to the TLSStore, that will be used to store certificates.
|
|
// Please note that only `default` TLSStore can be used.
|
|
Store *ObjectReference `json:"store,omitempty"`
|
|
// CertResolver defines the name of the certificate resolver to use.
|
|
// Cert resolvers have to be configured in the static configuration.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
|
|
CertResolver string `json:"certResolver,omitempty"`
|
|
// Domains defines the list of domains that will be used to issue certificates.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains
|
|
Domains []types.Domain `json:"domains,omitempty"`
|
|
}
|
|
|
|
// ServiceTCP defines an upstream TCP service to proxy traffic to.
|
|
type ServiceTCP struct {
|
|
// Name defines the name of the referenced Kubernetes Service.
|
|
Name string `json:"name"`
|
|
// Namespace defines the namespace of the referenced Kubernetes Service.
|
|
Namespace string `json:"namespace,omitempty"`
|
|
// Port defines the port of a Kubernetes Service.
|
|
// This can be a reference to a named port.
|
|
Port intstr.IntOrString `json:"port"`
|
|
// Weight defines the weight used when balancing requests between multiple Kubernetes Service.
|
|
Weight *int `json:"weight,omitempty"`
|
|
// TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
|
|
// it has closed the writing capability of its connection, to close the reading capability as well,
|
|
// hence fully terminating the connection.
|
|
// It is a duration in milliseconds, defaulting to 100.
|
|
// A negative value means an infinite deadline (i.e. the reading capability is never closed).
|
|
// Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead.
|
|
TerminationDelay *int `json:"terminationDelay,omitempty"`
|
|
// ProxyProtocol defines the PROXY protocol configuration.
|
|
// More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol
|
|
ProxyProtocol *dynamic.ProxyProtocol `json:"proxyProtocol,omitempty"`
|
|
// ServersTransport defines the name of ServersTransportTCP resource to use.
|
|
// It allows to configure the transport between Traefik and your servers.
|
|
// Can only be used on a Kubernetes Service.
|
|
ServersTransport string `json:"serversTransport,omitempty"`
|
|
// TLS determines whether to use TLS when dialing with the backend.
|
|
TLS bool `json:"tls,omitempty"`
|
|
// NativeLB controls, when creating the load-balancer,
|
|
// whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
|
|
// The Kubernetes Service itself does load-balance to the pods.
|
|
// By default, NativeLB is false.
|
|
NativeLB *bool `json:"nativeLB,omitempty"`
|
|
// NodePortLB controls, when creating the load-balancer,
|
|
// whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort.
|
|
// It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes.
|
|
// By default, NodePortLB is false.
|
|
NodePortLB bool `json:"nodePortLB,omitempty"`
|
|
}
|
|
|
|
// +genclient
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
// +kubebuilder:storageversion
|
|
|
|
// IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
|
|
type IngressRouteTCP struct {
|
|
metav1.TypeMeta `json:",inline"`
|
|
// Standard object's metadata.
|
|
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
|
|
metav1.ObjectMeta `json:"metadata"`
|
|
|
|
Spec IngressRouteTCPSpec `json:"spec"`
|
|
}
|
|
|
|
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
|
|
|
// IngressRouteTCPList is a collection of IngressRouteTCP.
|
|
type IngressRouteTCPList struct {
|
|
metav1.TypeMeta `json:",inline"`
|
|
// Standard object's metadata.
|
|
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
|
|
metav1.ListMeta `json:"metadata"`
|
|
|
|
// Items is the list of IngressRouteTCP.
|
|
Items []IngressRouteTCP `json:"items"`
|
|
}
|