forked from gardener/gardener
-
Notifications
You must be signed in to change notification settings - Fork 0
/
10-crd-extensions.gardener.cloud_bastions.yaml
308 lines (308 loc) · 13.2 KB
/
10-crd-extensions.gardener.cloud_bastions.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
name: bastions.extensions.gardener.cloud
spec:
group: extensions.gardener.cloud
names:
kind: Bastion
listKind: BastionList
plural: bastions
singular: bastion
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The public IP address of the temporary bastion host
jsonPath: .status.ingress.ip
name: IP
type: string
- description: The public hostname of the temporary bastion host
jsonPath: .status.ingress.hostname
name: Hostname
type: string
- description: The bastion's age.
jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Bastion is a bastion or jump host that is dynamically created
to provide SSH access to shoot nodes.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec is the specification of this Bastion. If the object's
deletion timestamp is set, this field is immutable.
properties:
ingress:
description: Ingress controls from where the created bastion host
should be reachable.
items:
description: BastionIngressPolicy represents an ingress policy for
SSH bastion hosts.
properties:
ipBlock:
description: IPBlock defines an IP block that is allowed to
access the bastion.
properties:
cidr:
description: CIDR is a string representing the IP Block
Valid examples are "192.168.1.1/24" or "2001:db9::/64"
type: string
except:
description: Except is a slice of CIDRs that should not
be included within an IP Block Valid examples are "192.168.1.1/24"
or "2001:db9::/64" Except values will be rejected if they
are outside the CIDR range
items:
type: string
type: array
required:
- cidr
type: object
required:
- ipBlock
type: object
type: array
providerConfig:
description: ProviderConfig is the provider specific configuration.
type: object
x-kubernetes-preserve-unknown-fields: true
type:
description: Type contains the instance of the resource's kind.
type: string
userData:
description: UserData is the base64-encoded user data for the bastion
instance. This should contain code to provision the SSH key on the
bastion instance. This field is immutable.
format: byte
type: string
required:
- ingress
- type
- userData
type: object
status:
description: Status is the bastion's status.
properties:
conditions:
description: Conditions represents the latest available observations
of a Seed's current state.
items:
description: Condition holds the information about the state of
a resource.
properties:
codes:
description: Well-defined error codes in case the condition
reports a problem.
items:
description: ErrorCode is a string alias.
type: string
type: array
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: Last time the condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of the condition.
type: string
required:
- lastTransitionTime
- lastUpdateTime
- message
- reason
- status
- type
type: object
type: array
ingress:
description: Ingress is the external IP and/or hostname of the bastion
host.
properties:
hostname:
description: Hostname is set for load-balancer ingress points
that are DNS based (typically AWS load-balancers)
type: string
ip:
description: IP is set for load-balancer ingress points that are
IP based (typically GCE or OpenStack load-balancers)
type: string
ports:
description: Ports is a list of records of service ports If used,
every port defined in the service should have an entry in it
items:
properties:
error:
description: 'Error is to record the problem with the service
port The format of the error shall comply with the following
rules: - built-in error values shall be specified in this
file and those shall use CamelCase names - cloud provider
specific error values must have names that comply with
the format foo.example.com/CamelCase. --- The regex it
matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)'
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
port:
description: Port is the port number of the service port
of which status is recorded here
format: int32
type: integer
protocol:
default: TCP
description: 'Protocol is the protocol of the service port
of which status is recorded here The supported values
are: "TCP", "UDP", "SCTP"'
type: string
required:
- port
- protocol
type: object
type: array
x-kubernetes-list-type: atomic
type: object
lastError:
description: LastError holds information about the last occurred error
during an operation.
properties:
codes:
description: Well-defined error codes of the last error(s).
items:
description: ErrorCode is a string alias.
type: string
type: array
description:
description: A human readable message indicating details about
the last error.
type: string
lastUpdateTime:
description: Last time the error was reported
format: date-time
type: string
taskID:
description: ID of the task which caused this last error
type: string
required:
- description
type: object
lastOperation:
description: LastOperation holds information about the last operation
on the resource.
properties:
description:
description: A human readable message indicating details about
the last operation.
type: string
lastUpdateTime:
description: Last time the operation state transitioned from one
to another.
format: date-time
type: string
progress:
description: The progress in percentage (0-100) of the last operation.
format: int32
type: integer
state:
description: Status of the last operation, one of Aborted, Processing,
Succeeded, Error, Failed.
type: string
type:
description: Type of the last operation, one of Create, Reconcile,
Delete.
type: string
required:
- description
- lastUpdateTime
- progress
- state
- type
type: object
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this resource.
format: int64
type: integer
providerStatus:
description: ProviderStatus contains provider-specific status.
type: object
x-kubernetes-preserve-unknown-fields: true
resources:
description: Resources holds a list of named resource references that
can be referred to in the state by their names.
items:
description: NamedResourceReference is a named reference to a resource.
properties:
name:
description: Name of the resource reference.
type: string
resourceRef:
description: ResourceRef is a reference to a resource.
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: 'Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"'
type: string
name:
description: 'Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names'
type: string
required:
- kind
- name
type: object
required:
- name
- resourceRef
type: object
type: array
state:
description: State can be filled by the operating controller with
what ever data it needs.
type: object
x-kubernetes-preserve-unknown-fields: true
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []