Kubernetes Configuration Reference

Dynamic configuration with Kubernetes Gateway provider.

Definitions

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: gatewayclasses.networking.x-k8s.io
spec:
  group: networking.x-k8s.io
  names:
    categories:
    - gateway-api
    kind: GatewayClass
    listKind: GatewayClassList
    plural: gatewayclasses
    shortNames:
    - gc
    singular: gatewayclass
  scope: Cluster
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.controller
      name: Controller
      type: string
    - jsonPath: .metadata.creationTimestamp
      name: Age
      type: date
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: "GatewayClass describes a class of Gateways available to the
          user for creating Gateway resources. \n GatewayClass is a Cluster level
          resource."
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: Spec defines the desired state of GatewayClass.
            properties:
              controller:
                description: "Controller is a domain/path string that indicates the
                  controller that is managing Gateways of this class. \n Example:
                  \"acme.io/gateway-controller\". \n This field is not mutable and
                  cannot be empty. \n The format of this field is DOMAIN \"/\" PATH,
                  where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names).
                  \n Support: Core"
                maxLength: 253
                type: string
              parametersRef:
                description: "ParametersRef is a reference to a resource that contains
                  the configuration parameters corresponding to the GatewayClass.
                  This is optional if the controller does not require any additional
                  configuration. \n ParametersRef can reference a standard Kubernetes
                  resource, i.e. ConfigMap, or an implementation-specific custom resource.
                  The resource can be cluster-scoped or namespace-scoped. \n If the
                  referent cannot be found, the GatewayClass's \"InvalidParameters\"
                  status condition will be true. \n Support: Custom"
                properties:
                  group:
                    description: Group is the group of the referent.
                    maxLength: 253
                    minLength: 1
                    type: string
                  kind:
                    description: Kind is kind of the referent.
                    maxLength: 253
                    minLength: 1
                    type: string
                  name:
                    description: Name is the name of the referent.
                    maxLength: 253
                    minLength: 1
                    type: string
                  namespace:
                    description: Namespace is the namespace of the referent. This
                      field is required when scope is set to "Namespace" and ignored
                      when scope is set to "Cluster".
                    maxLength: 253
                    minLength: 1
                    type: string
                  scope:
                    default: Cluster
                    description: Scope represents if the referent is a Cluster or
                      Namespace scoped resource. This may be set to "Cluster" or "Namespace".
                    enum:
                    - Cluster
                    - Namespace
                    type: string
                required:
                - group
                - kind
                - name
                type: object
            required:
            - controller
            type: object
          status:
            default:
              conditions:
              - lastTransitionTime: "1970-01-01T00:00:00Z"
                message: Waiting for controller
                reason: Waiting
                status: "False"
                type: Admitted
            description: Status defines the current state of GatewayClass.
            properties:
              conditions:
                default:
                - lastTransitionTime: "1970-01-01T00:00:00Z"
                  message: Waiting for controller
                  reason: Waiting
                  status: "False"
                  type: Admitted
                description: "Conditions is the current status from the controller
                  for this GatewayClass. \n Controllers should prefer to publish conditions
                  using values of GatewayClassConditionType for the type of each Condition."
                items:
                  description: "Condition contains details for one aspect of the current
                    state of this API Resource. --- This struct is intended for direct
                    use as an array at the field path .status.conditions.  For example,
                    type FooStatus struct{     // Represents the observations of a
                    foo's current state.     // Known .status.conditions.type are:
                    \"Available\", \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                    \    // +patchStrategy=merge     // +listType=map     // +listMapKey=type
                    \    Conditions []metav1.Condition `json:\"conditions,omitempty\"
                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                    \n     // other fields }"
                  properties:
                    lastTransitionTime:
                      description: lastTransitionTime is the last time the condition
                        transitioned from one status to another. This should be when
                        the underlying condition changed.  If that is not known, then
                        using the time when the API field changed is acceptable.
                      format: date-time
                      type: string
                    message:
                      description: message is a human readable message indicating
                        details about the transition. This may be an empty string.
                      maxLength: 32768
                      type: string
                    observedGeneration:
                      description: observedGeneration represents the .metadata.generation
                        that the condition was set based upon. For instance, if .metadata.generation
                        is currently 12, but the .status.conditions[x].observedGeneration
                        is 9, the condition is out of date with respect to the current
                        state of the instance.
                      format: int64
                      minimum: 0
                      type: integer
                    reason:
                      description: reason contains a programmatic identifier indicating
                        the reason for the condition's last transition. Producers
                        of specific condition types may define expected values and
                        meanings for this field, and whether the values are considered
                        a guaranteed API. The value should be a CamelCase string.
                        This field may not be empty.
                      maxLength: 1024
                      minLength: 1
                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                      type: string
                    status:
                      description: status of the condition, one of True, False, Unknown.
                      enum:
                      - "True"
                      - "False"
                      - Unknown
                      type: string
                    type:
                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
                        --- Many .condition.type values are consistent across resources
                        like Available, but because arbitrary conditions can be useful
                        (see .node.status.conditions), the ability to deconflict is
                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                      maxLength: 316
                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                      type: string
                  required:
                  - lastTransitionTime
                  - message
                  - reason
                  - status
                  - type
                  type: object
                maxItems: 8
                type: array
                x-kubernetes-list-map-keys:
                - type
                x-kubernetes-list-type: map
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: gateways.networking.x-k8s.io
spec:
  group: networking.x-k8s.io
  names:
    categories:
    - gateway-api
    kind: Gateway
    listKind: GatewayList
    plural: gateways
    shortNames:
    - gtw
    singular: gateway
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.gatewayClassName
      name: Class
      type: string
    - jsonPath: .metadata.creationTimestamp
      name: Age
      type: date
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: "Gateway represents an instantiation of a service-traffic handling
          infrastructure by binding Listeners to a set of IP addresses. \n Implementations
          should add the `gateway-exists-finalizer.networking.x-k8s.io` finalizer
          on the associated GatewayClass whenever Gateway(s) is running. This ensures
          that a GatewayClass associated with a Gateway(s) is not deleted while in
          use."
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: Spec defines the desired state of Gateway.
            properties:
              addresses:
                description: "Addresses requested for this gateway. This is optional
                  and behavior can depend on the GatewayClass. If a value is set in
                  the spec and the requested address is invalid, the GatewayClass
                  MUST indicate this in the associated entry in GatewayStatus.Addresses.
                  \n If no Addresses are specified, the GatewayClass may schedule
                  the Gateway in an implementation-defined manner, assigning an appropriate
                  set of Addresses. \n The GatewayClass MUST bind all Listeners to
                  every GatewayAddress that it assigns to the Gateway. \n Support:
                  Core"
                items:
                  description: GatewayAddress describes an address that can be bound
                    to a Gateway.
                  properties:
                    type:
                      default: IPAddress
                      description: "Type of the address. \n Support: Extended"
                      enum:
                      - IPAddress
                      - NamedAddress
                      type: string
                    value:
                      description: "Value of the address. The validity of the values
                        will depend on the type and support by the controller. \n
                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
                      maxLength: 253
                      minLength: 1
                      type: string
                  required:
                  - value
                  type: object
                maxItems: 16
                type: array
              gatewayClassName:
                description: GatewayClassName used for this Gateway. This is the name
                  of a GatewayClass resource.
                maxLength: 253
                minLength: 1
                type: string
              listeners:
                description: "Listeners associated with this Gateway. Listeners define
                  logical endpoints that are bound on this Gateway's addresses. At
                  least one Listener MUST be specified. \n An implementation MAY group
                  Listeners by Port and then collapse each group of Listeners into
                  a single Listener if the implementation determines that the Listeners
                  in the group are \"compatible\". An implementation MAY also group
                  together and collapse compatible Listeners belonging to different
                  Gateways. \n For example, an implementation might consider Listeners
                  to be compatible with each other if all of the following conditions
                  are met: \n 1. Either each Listener within the group specifies the
                  \"HTTP\"    Protocol or each Listener within the group specifies
                  either    the \"HTTPS\" or \"TLS\" Protocol. \n 2. Each Listener
                  within the group specifies a Hostname that is unique    within the
                  group. \n 3. As a special case, one Listener within a group may
                  omit Hostname,    in which case this Listener matches when no other
                  Listener    matches. \n If the implementation does collapse compatible
                  Listeners, the hostname provided in the incoming client request
                  MUST be matched to a Listener to find the correct set of Routes.
                  The incoming hostname MUST be matched using the Hostname field for
                  each Listener in order of most to least specific. That is, exact
                  matches must be processed before wildcard matches. \n If this field
                  specifies multiple Listeners that have the same Port value but are
                  not compatible, the implementation must raise a \"Conflicted\" condition
                  in the Listener status. \n Support: Core"
                items:
                  description: Listener embodies the concept of a logical endpoint
                    where a Gateway can accept network connections. Each listener
                    in a Gateway must have a unique combination of Hostname, Port,
                    and Protocol. This will be enforced by a validating webhook.
                  properties:
                    hostname:
                      description: "Hostname specifies the virtual hostname to match
                        for protocol types that define this concept. When unspecified,
                        \"\", or `*`, all hostnames are matched. This field can be
                        omitted for protocols that don't require hostname based matching.
                        \n Hostname is the fully qualified domain name of a network
                        host, as defined by RFC 3986. Note the following deviations
                        from the \"host\" part of the URI as defined in the RFC: \n
                        1. IP literals are not allowed. 2. The `:` delimiter is not
                        respected because ports are not allowed. \n Hostname can be
                        \"precise\" which is a domain name without the terminating
                        dot of a network host (e.g. \"foo.example.com\") or \"wildcard\",
                        which is a domain name prefixed with a single wildcard label
                        (e.g. `*.example.com`). The wildcard character `*` must appear
                        by itself as the first DNS label and matches only a single
                        label. \n Support: Core"
                      maxLength: 253
                      minLength: 1
                      type: string
                    port:
                      description: "Port is the network port. Multiple listeners may
                        use the same port, subject to the Listener compatibility rules.
                        \n Support: Core"
                      format: int32
                      maximum: 65535
                      minimum: 1
                      type: integer
                    protocol:
                      description: "Protocol specifies the network protocol this listener
                        expects to receive. The GatewayClass MUST apply the Hostname
                        match appropriately for each protocol: \n * For the \"TLS\"
                        protocol, the Hostname match MUST be   applied to the [SNI](https://tools.ietf.org/html/rfc6066#section-3)
                        \  server name offered by the client. * For the \"HTTP\" protocol,
                        the Hostname match MUST be   applied to the host portion of
                        the   [effective request URI](https://tools.ietf.org/html/rfc7230#section-5.5)
                        \  or the [:authority pseudo-header](https://tools.ietf.org/html/rfc7540#section-8.1.2.3)
                        * For the \"HTTPS\" protocol, the Hostname match MUST be   applied
                        at both the TLS and HTTP protocol layers. \n Support: Core"
                      type: string
                    routes:
                      description: "Routes specifies a schema for associating routes
                        with the Listener using selectors. A Route is a resource capable
                        of servicing a request and allows a cluster operator to expose
                        a cluster resource (i.e. Service) by externally-reachable
                        URL, load-balance traffic and terminate SSL/TLS.  Typically,
                        a route is a \"HTTPRoute\" or \"TCPRoute\" in group \"networking.x-k8s.io\",
                        however, an implementation may support other types of resources.
                        \n The Routes selector MUST select a set of objects that are
                        compatible with the application protocol specified in the
                        Protocol field. \n Although a client request may technically
                        match multiple route rules, only one rule may ultimately receive
                        the request. Matching precedence MUST be determined in order
                        of the following criteria: \n * The most specific match. For
                        example, the most specific HTTPRoute match   is determined
                        by the longest matching combination of hostname and path.
                        * The oldest Route based on creation timestamp. For example,
                        a Route with   a creation timestamp of \"2020-09-08 01:02:03\"
                        is given precedence over   a Route with a creation timestamp
                        of \"2020-09-08 01:02:04\". * If everything else is equivalent,
                        the Route appearing first in   alphabetical order (namespace/name)
                        should be given precedence. For   example, foo/bar is given
                        precedence over foo/baz. \n All valid portions of a Route
                        selected by this field should be supported. Invalid portions
                        of a Route can be ignored (sometimes that will mean the full
                        Route). If a portion of a Route transitions from valid to
                        invalid, support for that portion of the Route should be dropped
                        to ensure consistency. For example, even if a filter specified
                        by a Route is invalid, the rest of the Route should still
                        be supported. \n Support: Core"
                      properties:
                        group:
                          default: networking.x-k8s.io
                          description: "Group is the group of the route resource to
                            select. Omitting the value or specifying the empty string
                            indicates the networking.x-k8s.io API group. For example,
                            use the following to select an HTTPRoute: \n routes:   kind:
                            HTTPRoute \n Otherwise, if an alternative API group is
                            desired, specify the desired group: \n routes:   group:
                            acme.io   kind: FooRoute \n Support: Core"
                          maxLength: 253
                          minLength: 1
                          type: string
                        kind:
                          description: "Kind is the kind of the route resource to
                            select. \n Kind MUST correspond to kinds of routes that
                            are compatible with the application protocol specified
                            in the Listener's Protocol field. \n If an implementation
                            does not support or recognize this resource type, it SHOULD
                            set the \"ResolvedRefs\" condition to false for this listener
                            with the \"InvalidRoutesRef\" reason. \n Support: Core"
                          type: string
                        namespaces:
                          default:
                            from: Same
                          description: "Namespaces indicates in which namespaces Routes
                            should be selected for this Gateway. This is restricted
                            to the namespace of this Gateway by default. \n Support:
                            Core"
                          properties:
                            from:
                              default: Same
                              description: "From indicates where Routes will be selected
                                for this Gateway. Possible values are: * All: Routes
                                in all namespaces may be used by this Gateway. * Selector:
                                Routes in namespaces selected by the selector may
                                be used by   this Gateway. * Same: Only Routes in
                                the same namespace may be used by this Gateway. \n
                                Support: Core"
                              enum:
                              - All
                              - Selector
                              - Same
                              type: string
                            selector:
                              description: "Selector must be specified when From is
                                set to \"Selector\". In that case, only Routes in
                                Namespaces matching this Selector will be selected
                                by this Gateway. This field is ignored for other values
                                of \"From\". \n Support: Core"
                              properties:
                                matchExpressions:
                                  description: matchExpressions is a list of label
                                    selector requirements. The requirements are ANDed.
                                  items:
                                    description: A label selector requirement is a
                                      selector that contains values, a key, and an
                                      operator that relates the key and values.
                                    properties:
                                      key:
                                        description: key is the label key that the
                                          selector applies to.
                                        type: string
                                      operator:
                                        description: operator represents a key's relationship
                                          to a set of values. Valid operators are
                                          In, NotIn, Exists and DoesNotExist.
                                        type: string
                                      values:
                                        description: values is an array of string
                                          values. If the operator is In or NotIn,
                                          the values array must be non-empty. If the
                                          operator is Exists or DoesNotExist, the
                                          values array must be empty. This array is
                                          replaced during a strategic merge patch.
                                        items:
                                          type: string
                                        type: array
                                    required:
                                    - key
                                    - operator
                                    type: object
                                  type: array
                                matchLabels:
                                  additionalProperties:
                                    type: string
                                  description: matchLabels is a map of {key,value}
                                    pairs. A single {key,value} in the matchLabels
                                    map is equivalent to an element of matchExpressions,
                                    whose key field is "key", the operator is "In",
                                    and the values array contains only "value". The
                                    requirements are ANDed.
                                  type: object
                              type: object
                          type: object
                        selector:
                          description: "Selector specifies a set of route labels used
                            for selecting routes to associate with the Gateway. If
                            this Selector is defined, only routes matching the Selector
                            are associated with the Gateway. An empty Selector matches
                            all routes. \n Support: Core"
                          properties:
                            matchExpressions:
                              description: matchExpressions is a list of label selector
                                requirements. The requirements are ANDed.
                              items:
                                description: A label selector requirement is a selector
                                  that contains values, a key, and an operator that
                                  relates the key and values.
                                properties:
                                  key:
                                    description: key is the label key that the selector
                                      applies to.
                                    type: string
                                  operator:
                                    description: operator represents a key's relationship
                                      to a set of values. Valid operators are In,
                                      NotIn, Exists and DoesNotExist.
                                    type: string
                                  values:
                                    description: values is an array of string values.
                                      If the operator is In or NotIn, the values array
                                      must be non-empty. If the operator is Exists
                                      or DoesNotExist, the values array must be empty.
                                      This array is replaced during a strategic merge
                                      patch.
                                    items:
                                      type: string
                                    type: array
                                required:
                                - key
                                - operator
                                type: object
                              type: array
                            matchLabels:
                              additionalProperties:
                                type: string
                              description: matchLabels is a map of {key,value} pairs.
                                A single {key,value} in the matchLabels map is equivalent
                                to an element of matchExpressions, whose key field
                                is "key", the operator is "In", and the values array
                                contains only "value". The requirements are ANDed.
                              type: object
                          type: object
                      required:
                      - kind
                      type: object
                    tls:
                      description: "TLS is the TLS configuration for the Listener.
                        This field is required if the Protocol field is \"HTTPS\"
                        or \"TLS\" and ignored otherwise. \n The association of SNIs
                        to Certificate defined in GatewayTLSConfig is defined based
                        on the Hostname field for this listener. \n The GatewayClass
                        MUST use the longest matching SNI out of all available certificates
                        for any TLS handshake. \n Support: Core"
                      properties:
                        certificateRef:
                          description: "CertificateRef is a reference to a Kubernetes
                            object that contains a TLS certificate and private key.
                            This certificate is used to establish a TLS handshake
                            for requests that match the hostname of the associated
                            listener. The referenced object MUST reside in the same
                            namespace as Gateway. \n This field is required when mode
                            is set to \"Terminate\" (default) and optional otherwise.
                            \n CertificateRef can reference a standard Kubernetes
                            resource, i.e. Secret, or an implementation-specific custom
                            resource. \n Support: Core (Kubernetes Secrets) \n Support:
                            Implementation-specific (Other resource types)"
                          properties:
                            group:
                              description: Group is the group of the referent.
                              maxLength: 253
                              minLength: 1
                              type: string
                            kind:
                              description: Kind is kind of the referent.
                              maxLength: 253
                              minLength: 1
                              type: string
                            name:
                              description: Name is the name of the referent.
                              maxLength: 253
                              minLength: 1
                              type: string
                          required:
                          - group
                          - kind
                          - name
                          type: object
                        mode:
                          default: Terminate
                          description: "Mode defines the TLS behavior for the TLS
                            session initiated by the client. There are two possible
                            modes: - Terminate: The TLS session between the downstream
                            client   and the Gateway is terminated at the Gateway.
                            This mode requires   certificateRef to be set. - Passthrough:
                            The TLS session is NOT terminated by the Gateway. This
                            \  implies that the Gateway can't decipher the TLS stream
                            except for   the ClientHello message of the TLS protocol.
                            \  CertificateRef field is ignored in this mode. \n Support:
                            Core"
                          enum:
                          - Terminate
                          - Passthrough
                          type: string
                        options:
                          additionalProperties:
                            type: string
                          description: "Options are a list of key/value pairs to give
                            extended options to the provider. \n There variation among
                            providers as to how ciphersuites are expressed. If there
                            is a common subset for expressing ciphers then it will
                            make sense to loft that as a core API construct. \n Support:
                            Implementation-specific"
                          type: object
                        routeOverride:
                          default:
                            certificate: Deny
                          description: "RouteOverride dictates if TLS settings can
                            be configured via Routes or not. \n CertificateRef must
                            be defined even if `routeOverride.certificate` is set
                            to 'Allow' as it will be used as the default certificate
                            for the listener. \n Support: Core"
                          properties:
                            certificate:
                              default: Deny
                              description: "Certificate dictates if TLS certificates
                                can be configured via Routes. If set to 'Allow', a
                                TLS certificate for a hostname defined in a Route
                                takes precedence over the certificate defined in Gateway.
                                \n Support: Core"
                              enum:
                              - Allow
                              - Deny
                              type: string
                          type: object
                      type: object
                  required:
                  - port
                  - protocol
                  - routes
                  type: object
                maxItems: 64
                minItems: 1
                type: array
            required:
            - gatewayClassName
            - listeners
            type: object
          status:
            default:
              conditions:
              - lastTransitionTime: "1970-01-01T00:00:00Z"
                message: Waiting for controller
                reason: NotReconciled
                status: "False"
                type: Scheduled
            description: Status defines the current state of Gateway.
            properties:
              addresses:
                description: "Addresses lists the IP addresses that have actually
                  been bound to the Gateway. These addresses may differ from the addresses
                  in the Spec, e.g. if the Gateway automatically assigns an address
                  from a reserved pool. \n These addresses should all be of type \"IPAddress\"."
                items:
                  description: GatewayAddress describes an address that can be bound
                    to a Gateway.
                  properties:
                    type:
                      default: IPAddress
                      description: "Type of the address. \n Support: Extended"
                      enum:
                      - IPAddress
                      - NamedAddress
                      type: string
                    value:
                      description: "Value of the address. The validity of the values
                        will depend on the type and support by the controller. \n
                        Examples: `1.2.3.4`, `128::1`, `my-ip-address`."
                      maxLength: 253
                      minLength: 1
                      type: string
                  required:
                  - value
                  type: object
                maxItems: 16
                type: array
              conditions:
                default:
                - lastTransitionTime: "1970-01-01T00:00:00Z"
                  message: Waiting for controller
                  reason: NotReconciled
                  status: "False"
                  type: Scheduled
                description: "Conditions describe the current conditions of the Gateway.
                  \n Implementations should prefer to express Gateway conditions using
                  the `GatewayConditionType` and `GatewayConditionReason` constants
                  so that operators and tools can converge on a common vocabulary
                  to describe Gateway state. \n Known condition types are: \n * \"Scheduled\"
                  * \"Ready\""
                items:
                  description: "Condition contains details for one aspect of the current
                    state of this API Resource. --- This struct is intended for direct
                    use as an array at the field path .status.conditions.  For example,
                    type FooStatus struct{     // Represents the observations of a
                    foo's current state.     // Known .status.conditions.type are:
                    \"Available\", \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                    \    // +patchStrategy=merge     // +listType=map     // +listMapKey=type
                    \    Conditions []metav1.Condition `json:\"conditions,omitempty\"
                    patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                    \n     // other fields }"
                  properties:
                    lastTransitionTime:
                      description: lastTransitionTime is the last time the condition
                        transitioned from one status to another. This should be when
                        the underlying condition changed.  If that is not known, then
                        using the time when the API field changed is acceptable.
                      format: date-time
                      type: string
                    message:
                      description: message is a human readable message indicating
                        details about the transition. This may be an empty string.
                      maxLength: 32768
                      type: string
                    observedGeneration:
                      description: observedGeneration represents the .metadata.generation
                        that the condition was set based upon. For instance, if .metadata.generation
                        is currently 12, but the .status.conditions[x].observedGeneration
                        is 9, the condition is out of date with respect to the current
                        state of the instance.
                      format: int64
                      minimum: 0
                      type: integer
                    reason:
                      description: reason contains a programmatic identifier indicating
                        the reason for the condition's last transition. Producers
                        of specific condition types may define expected values and
                        meanings for this field, and whether the values are considered
                        a guaranteed API. The value should be a CamelCase string.
                        This field may not be empty.
                      maxLength: 1024
                      minLength: 1
                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                      type: string
                    status:
                      description: status of the condition, one of True, False, Unknown.
                      enum:
                      - "True"
                      - "False"
                      - Unknown
                      type: string
                    type:
                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
                        --- Many .condition.type values are consistent across resources
                        like Available, but because arbitrary conditions can be useful
                        (see .node.status.conditions), the ability to deconflict is
                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                      maxLength: 316
                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                      type: string
                  required:
                  - lastTransitionTime
                  - message
                  - reason
                  - status
                  - type
                  type: object
                maxItems: 8
                type: array
                x-kubernetes-list-map-keys:
                - type
                x-kubernetes-list-type: map
              listeners:
                description: Listeners provide status for each unique listener port
                  defined in the Spec.
                items:
                  description: ListenerStatus is the status associated with a Listener.
                  properties:
                    conditions:
                      description: Conditions describe the current condition of this
                        listener.
                      items:
                        description: "Condition contains details for one aspect of
                          the current state of this API Resource. --- This struct
                          is intended for direct use as an array at the field path
                          .status.conditions.  For example, type FooStatus struct{
                          \    // Represents the observations of a foo's current state.
                          \    // Known .status.conditions.type are: \"Available\",
                          \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                          \    // +patchStrategy=merge     // +listType=map     //
                          +listMapKey=type     Conditions []metav1.Condition `json:\"conditions,omitempty\"
                          patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                          \n     // other fields }"
                        properties:
                          lastTransitionTime:
                            description: lastTransitionTime is the last time the condition
                              transitioned from one status to another. This should
                              be when the underlying condition changed.  If that is
                              not known, then using the time when the API field changed
                              is acceptable.
                            format: date-time
                            type: string
                          message:
                            description: message is a human readable message indicating
                              details about the transition. This may be an empty string.
                            maxLength: 32768
                            type: string
                          observedGeneration:
                            description: observedGeneration represents the .metadata.generation
                              that the condition was set based upon. For instance,
                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
                              is 9, the condition is out of date with respect to the
                              current state of the instance.
                            format: int64
                            minimum: 0
                            type: integer
                          reason:
                            description: reason contains a programmatic identifier
                              indicating the reason for the condition's last transition.
                              Producers of specific condition types may define expected
                              values and meanings for this field, and whether the
                              values are considered a guaranteed API. The value should
                              be a CamelCase string. This field may not be empty.
                            maxLength: 1024
                            minLength: 1
                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                            type: string
                          status:
                            description: status of the condition, one of True, False,
                              Unknown.
                            enum:
                            - "True"
                            - "False"
                            - Unknown
                            type: string
                          type:
                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
                              --- Many .condition.type values are consistent across
                              resources like Available, but because arbitrary conditions
                              can be useful (see .node.status.conditions), the ability
                              to deconflict is important. The regex it matches is
                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                            maxLength: 316
                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                            type: string
                        required:
                        - lastTransitionTime
                        - message
                        - reason
                        - status
                        - type
                        type: object
                      maxItems: 8
                      type: array
                      x-kubernetes-list-map-keys:
                      - type
                      x-kubernetes-list-type: map
                    hostname:
                      description: Hostname is the Listener hostname value for which
                        this message is reporting the status.
                      maxLength: 253
                      minLength: 1
                      type: string
                    port:
                      description: Port is the unique Listener port value for which
                        this message is reporting the status.
                      format: int32
                      maximum: 65535
                      minimum: 1
                      type: integer
                    protocol:
                      description: Protocol is the Listener protocol value for which
                        this message is reporting the status.
                      type: string
                  required:
                  - conditions
                  - port
                  - protocol
                  type: object
                maxItems: 64
                type: array
                x-kubernetes-list-map-keys:
                - port
                x-kubernetes-list-type: map
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: httproutes.networking.x-k8s.io
spec:
  group: networking.x-k8s.io
  names:
    categories:
    - gateway-api
    kind: HTTPRoute
    listKind: HTTPRouteList
    plural: httproutes
    singular: httproute
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.hostnames
      name: Hostnames
      type: string
    - jsonPath: .metadata.creationTimestamp
      name: Age
      type: date
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: HTTPRoute is the Schema for the HTTPRoute resource.
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: Spec defines the desired state of HTTPRoute.
            properties:
              gateways:
                default:
                  allow: SameNamespace
                description: Gateways defines which Gateways can use this Route.
                properties:
                  allow:
                    default: SameNamespace
                    description: 'Allow indicates which Gateways will be allowed to
                      use this route. Possible values are: * All: Gateways in any
                      namespace can use this route. * FromList: Only Gateways specified
                      in GatewayRefs may use this route. * SameNamespace: Only Gateways
                      in the same namespace may use this route.'
                    enum:
                    - All
                    - FromList
                    - SameNamespace
                    type: string
                  gatewayRefs:
                    description: GatewayRefs must be specified when Allow is set to
                      "FromList". In that case, only Gateways referenced in this list
                      will be allowed to use this route. This field is ignored for
                      other values of "Allow".
                    items:
                      description: GatewayReference identifies a Gateway in a specified
                        namespace.
                      properties:
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                    type: array
                type: object
              hostnames:
                description: "Hostnames defines a set of hostname that should match
                  against the HTTP Host header to select a HTTPRoute to process the
                  request. Hostname is the fully qualified domain name of a network
                  host, as defined by RFC 3986. Note the following deviations from
                  the \"host\" part of the URI as defined in the RFC: \n 1. IPs are
                  not allowed. 2. The `:` delimiter is not respected because ports
                  are not allowed. \n Incoming requests are matched against the hostnames
                  before the HTTPRoute rules. If no hostname is specified, traffic
                  is routed based on the HTTPRouteRules. \n Hostname can be \"precise\"
                  which is a domain name without the terminating dot of a network
                  host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain
                  name prefixed with a single wildcard label (e.g. `*.example.com`).
                  The wildcard character `*` must appear by itself as the first DNS
                  label and matches only a single label. You cannot have a wildcard
                  label by itself (e.g. Host == `*`). Requests will be matched against
                  the Host field in the following order: \n 1. If Host is precise,
                  the request matches this rule if    the HTTP Host header is equal
                  to Host. 2. If Host is a wildcard, then the request matches this
                  rule if    the HTTP Host header is to equal to the suffix    (removing
                  the first label) of the wildcard rule. \n Support: Core"
                items:
                  description: Hostname is used to specify a hostname that should
                    be matched.
                  maxLength: 253
                  minLength: 1
                  type: string
                maxItems: 16
                type: array
              rules:
                default:
                - matches:
                  - path:
                      type: Prefix
                      value: /
                description: Rules are a list of HTTP matchers, filters and actions.
                items:
                  description: HTTPRouteRule defines semantics for matching an HTTP
                    request based on conditions, optionally executing additional processing
                    steps, and forwarding the request to an API object.
                  properties:
                    filters:
                      description: "Filters define the filters that are applied to
                        requests that match this rule. \n The effects of ordering
                        of multiple behaviors are currently unspecified. This can
                        change in the future based on feedback during the alpha stage.
                        \n Conformance-levels at this level are defined based on the
                        type of filter: \n - ALL core filters MUST be supported by
                        all implementations. - Implementers are encouraged to support
                        extended filters. - Implementation-specific custom filters
                        have no API guarantees across   implementations. \n Specifying
                        a core filter multiple times has unspecified or custom conformance.
                        \n Support: Core"
                      items:
                        description: 'HTTPRouteFilter defines additional processing
                          steps that must be completed during the request or response
                          lifecycle. HTTPRouteFilters are meant as an extension point
                          to express additional processing that may be done in Gateway
                          implementations. Some examples include request or response
                          modification, implementing authentication strategies, rate-limiting,
                          and traffic shaping. API guarantee/conformance is defined
                          based on the type of the filter. TODO(hbagdi): re-render
                          CRDs once controller-tools supports union tags: - https://github.com/kubernetes-sigs/controller-tools/pull/298
                          - https://github.com/kubernetes-sigs/controller-tools/issues/461'
                        properties:
                          extensionRef:
                            description: "ExtensionRef is an optional, implementation-specific
                              extension to the \"filter\" behavior.  For example,
                              resource \"myroutefilter\" in group \"networking.acme.io\").
                              ExtensionRef MUST NOT be used for core and extended
                              filters. \n Support: Implementation-specific"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          requestHeaderModifier:
                            description: "RequestHeaderModifier defines a schema for
                              a filter that modifies request headers. \n Support:
                              Core"
                            properties:
                              add:
                                additionalProperties:
                                  type: string
                                description: "Add adds the given header (name, value)
                                  to the request before the action. It appends to
                                  any existing values associated with the header name.
                                  \n Input:   GET /foo HTTP/1.1   my-header: foo \n
                                  Config:   add: {\"my-header\": \"bar\"} \n Output:
                                  \  GET /foo HTTP/1.1   my-header: foo   my-header:
                                  bar \n Support: Extended"
                                type: object
                              remove:
                                description: "Remove the given header(s) from the
                                  HTTP request before the action. The value of RemoveHeader
                                  is a list of HTTP header names. Note that the header
                                  names are case-insensitive [RFC-2616 4.2]. \n Input:
                                  \  GET /foo HTTP/1.1   my-header1: foo   my-header2:
                                  bar   my-header3: baz \n Config:   remove: [\"my-header1\",
                                  \"my-header3\"] \n Output:   GET /foo HTTP/1.1   my-header2:
                                  bar \n Support: Extended"
                                items:
                                  type: string
                                maxItems: 16
                                type: array
                              set:
                                additionalProperties:
                                  type: string
                                description: "Set overwrites the request with the
                                  given header (name, value) before the action. \n
                                  Input:   GET /foo HTTP/1.1   my-header: foo \n Config:
                                  \  set: {\"my-header\": \"bar\"} \n Output:   GET
                                  /foo HTTP/1.1   my-header: bar \n Support: Extended"
                                type: object
                            type: object
                          requestMirror:
                            description: "RequestMirror defines a schema for a filter
                              that mirrors requests. \n Support: Extended"
                            properties:
                              backendRef:
                                description: "BackendRef is a local object reference
                                  to mirror matched requests to. If both BackendRef
                                  and ServiceName are specified, ServiceName will
                                  be given precedence. \n If the referent cannot be
                                  found, the rule is not included in the route. The
                                  controller should raise the \"ResolvedRefs\" condition
                                  on the Gateway with the \"DegradedRoutes\" reason.
                                  The gateway status for this route should be updated
                                  with a condition that describes the error more specifically.
                                  \n Support: Custom"
                                properties:
                                  group:
                                    description: Group is the group of the referent.
                                    maxLength: 253
                                    minLength: 1
                                    type: string
                                  kind:
                                    description: Kind is kind of the referent.
                                    maxLength: 253
                                    minLength: 1
                                    type: string
                                  name:
                                    description: Name is the name of the referent.
                                    maxLength: 253
                                    minLength: 1
                                    type: string
                                required:
                                - group
                                - kind
                                - name
                                type: object
                              port:
                                description: "Port specifies the destination port
                                  number to use for the backend referenced by the
                                  ServiceName or BackendRef field. \n If unspecified,
                                  the destination port in the request is used when
                                  forwarding to a backendRef or serviceName."
                                format: int32
                                maximum: 65535
                                minimum: 1
                                type: integer
                              serviceName:
                                description: "ServiceName refers to the name of the
                                  Service to mirror matched requests to. When specified,
                                  this takes the place of BackendRef. If both BackendRef
                                  and ServiceName are specified, ServiceName will
                                  be given precedence. \n If the referent cannot be
                                  found, the rule is not included in the route. The
                                  controller should raise the \"ResolvedRefs\" condition
                                  on the Gateway with the \"DegradedRoutes\" reason.
                                  The gateway status for this route should be updated
                                  with a condition that describes the error more specifically.
                                  \n Support: Core"
                                maxLength: 253
                                type: string
                            type: object
                          type:
                            description: "Type identifies the type of filter to apply.
                              As with other API fields, types are classified into
                              three conformance levels: \n - Core: Filter types and
                              their corresponding configuration defined by   \"Support:
                              Core\" in this package, e.g. \"RequestHeaderModifier\".
                              All   implementations must support core filters. \n
                              - Extended: Filter types and their corresponding configuration
                              defined by   \"Support: Extended\" in this package,
                              e.g. \"RequestMirror\". Implementers   are encouraged
                              to support extended filters. \n - Custom: Filters that
                              are defined and supported by specific vendors.   In
                              the future, filters showing convergence in behavior
                              across multiple   implementations will be considered
                              for inclusion in extended or core   conformance levels.
                              Filter-specific configuration for such filters   is
                              specified using the ExtensionRef field. `Type` should
                              be set to   \"ExtensionRef\" for custom filters. \n
                              Implementers are encouraged to define custom implementation
                              types to extend the core API with implementation-specific
                              behavior."
                            enum:
                            - RequestHeaderModifier
                            - RequestMirror
                            - ExtensionRef
                            type: string
                        required:
                        - type
                        type: object
                      maxItems: 16
                      type: array
                    forwardTo:
                      description: ForwardTo defines the backend(s) where matching
                        requests should be sent. If unspecified, the rule performs
                        no forwarding. If unspecified and no filters are specified
                        that would result in a response being sent, a 503 error code
                        is returned.
                      items:
                        description: HTTPRouteForwardTo defines how a HTTPRoute should
                          forward a request.
                        properties:
                          backendRef:
                            description: "BackendRef is a reference to a backend to
                              forward matched requests to. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              route must be dropped from the Gateway. The controller
                              should raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          filters:
                            description: "Filters defined at this-level should be
                              executed if and only if the request is being forwarded
                              to the backend defined here. \n Support: Custom (For
                              broader support of filters, use the Filters field in
                              HTTPRouteRule.)"
                            items:
                              description: 'HTTPRouteFilter defines additional processing
                                steps that must be completed during the request or
                                response lifecycle. HTTPRouteFilters are meant as
                                an extension point to express additional processing
                                that may be done in Gateway implementations. Some
                                examples include request or response modification,
                                implementing authentication strategies, rate-limiting,
                                and traffic shaping. API guarantee/conformance is
                                defined based on the type of the filter. TODO(hbagdi):
                                re-render CRDs once controller-tools supports union
                                tags: - https://github.com/kubernetes-sigs/controller-tools/pull/298
                                - https://github.com/kubernetes-sigs/controller-tools/issues/461'
                              properties:
                                extensionRef:
                                  description: "ExtensionRef is an optional, implementation-specific
                                    extension to the \"filter\" behavior.  For example,
                                    resource \"myroutefilter\" in group \"networking.acme.io\").
                                    ExtensionRef MUST NOT be used for core and extended
                                    filters. \n Support: Implementation-specific"
                                  properties:
                                    group:
                                      description: Group is the group of the referent.
                                      maxLength: 253
                                      minLength: 1
                                      type: string
                                    kind:
                                      description: Kind is kind of the referent.
                                      maxLength: 253
                                      minLength: 1
                                      type: string
                                    name:
                                      description: Name is the name of the referent.
                                      maxLength: 253
                                      minLength: 1
                                      type: string
                                  required:
                                  - group
                                  - kind
                                  - name
                                  type: object
                                requestHeaderModifier:
                                  description: "RequestHeaderModifier defines a schema
                                    for a filter that modifies request headers. \n
                                    Support: Core"
                                  properties:
                                    add:
                                      additionalProperties:
                                        type: string
                                      description: "Add adds the given header (name,
                                        value) to the request before the action. It
                                        appends to any existing values associated
                                        with the header name. \n Input:   GET /foo
                                        HTTP/1.1   my-header: foo \n Config:   add:
                                        {\"my-header\": \"bar\"} \n Output:   GET
                                        /foo HTTP/1.1   my-header: foo   my-header:
                                        bar \n Support: Extended"
                                      type: object
                                    remove:
                                      description: "Remove the given header(s) from
                                        the HTTP request before the action. The value
                                        of RemoveHeader is a list of HTTP header names.
                                        Note that the header names are case-insensitive
                                        [RFC-2616 4.2]. \n Input:   GET /foo HTTP/1.1
                                        \  my-header1: foo   my-header2: bar   my-header3:
                                        baz \n Config:   remove: [\"my-header1\",
                                        \"my-header3\"] \n Output:   GET /foo HTTP/1.1
                                        \  my-header2: bar \n Support: Extended"
                                      items:
                                        type: string
                                      maxItems: 16
                                      type: array
                                    set:
                                      additionalProperties:
                                        type: string
                                      description: "Set overwrites the request with
                                        the given header (name, value) before the
                                        action. \n Input:   GET /foo HTTP/1.1   my-header:
                                        foo \n Config:   set: {\"my-header\": \"bar\"}
                                        \n Output:   GET /foo HTTP/1.1   my-header:
                                        bar \n Support: Extended"
                                      type: object
                                  type: object
                                requestMirror:
                                  description: "RequestMirror defines a schema for
                                    a filter that mirrors requests. \n Support: Extended"
                                  properties:
                                    backendRef:
                                      description: "BackendRef is a local object reference
                                        to mirror matched requests to. If both BackendRef
                                        and ServiceName are specified, ServiceName
                                        will be given precedence. \n If the referent
                                        cannot be found, the rule is not included
                                        in the route. The controller should raise
                                        the \"ResolvedRefs\" condition on the Gateway
                                        with the \"DegradedRoutes\" reason. The gateway
                                        status for this route should be updated with
                                        a condition that describes the error more
                                        specifically. \n Support: Custom"
                                      properties:
                                        group:
                                          description: Group is the group of the referent.
                                          maxLength: 253
                                          minLength: 1
                                          type: string
                                        kind:
                                          description: Kind is kind of the referent.
                                          maxLength: 253
                                          minLength: 1
                                          type: string
                                        name:
                                          description: Name is the name of the referent.
                                          maxLength: 253
                                          minLength: 1
                                          type: string
                                      required:
                                      - group
                                      - kind
                                      - name
                                      type: object
                                    port:
                                      description: "Port specifies the destination
                                        port number to use for the backend referenced
                                        by the ServiceName or BackendRef field. \n
                                        If unspecified, the destination port in the
                                        request is used when forwarding to a backendRef
                                        or serviceName."
                                      format: int32
                                      maximum: 65535
                                      minimum: 1
                                      type: integer
                                    serviceName:
                                      description: "ServiceName refers to the name
                                        of the Service to mirror matched requests
                                        to. When specified, this takes the place of
                                        BackendRef. If both BackendRef and ServiceName
                                        are specified, ServiceName will be given precedence.
                                        \n If the referent cannot be found, the rule
                                        is not included in the route. The controller
                                        should raise the \"ResolvedRefs\" condition
                                        on the Gateway with the \"DegradedRoutes\"
                                        reason. The gateway status for this route
                                        should be updated with a condition that describes
                                        the error more specifically. \n Support: Core"
                                      maxLength: 253
                                      type: string
                                  type: object
                                type:
                                  description: "Type identifies the type of filter
                                    to apply. As with other API fields, types are
                                    classified into three conformance levels: \n -
                                    Core: Filter types and their corresponding configuration
                                    defined by   \"Support: Core\" in this package,
                                    e.g. \"RequestHeaderModifier\". All   implementations
                                    must support core filters. \n - Extended: Filter
                                    types and their corresponding configuration defined
                                    by   \"Support: Extended\" in this package, e.g.
                                    \"RequestMirror\". Implementers   are encouraged
                                    to support extended filters. \n - Custom: Filters
                                    that are defined and supported by specific vendors.
                                    \  In the future, filters showing convergence
                                    in behavior across multiple   implementations
                                    will be considered for inclusion in extended or
                                    core   conformance levels. Filter-specific configuration
                                    for such filters   is specified using the ExtensionRef
                                    field. `Type` should be set to   \"ExtensionRef\"
                                    for custom filters. \n Implementers are encouraged
                                    to define custom implementation types to extend
                                    the core API with implementation-specific behavior."
                                  enum:
                                  - RequestHeaderModifier
                                  - RequestMirror
                                  - ExtensionRef
                                  type: string
                              required:
                              - type
                              type: object
                            maxItems: 16
                            type: array
                          port:
                            description: "Port specifies the destination port number
                              to use for the backend referenced by the ServiceName
                              or BackendRef field. If unspecified, the destination
                              port in the request is used when forwarding to a backendRef
                              or serviceName. \n Support: Core"
                            format: int32
                            maximum: 65535
                            minimum: 1
                            type: integer
                          serviceName:
                            description: "ServiceName refers to the name of the Service
                              to forward matched requests to. When specified, this
                              takes the place of BackendRef. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              route must be dropped from the Gateway. The controller
                              should raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n The protocol
                              to use should be specified with the AppProtocol field
                              on Service resources. This field was introduced in Kubernetes
                              1.18. If using an earlier version of Kubernetes, a `networking.x-k8s.io/app-protocol`
                              annotation on the BackendPolicy resource may be used
                              to define the protocol. If the AppProtocol field is
                              available, this annotation should not be used. The AppProtocol
                              field, when populated, takes precedence over the annotation
                              in the BackendPolicy resource. For custom backends,
                              it is encouraged to add a semantically-equivalent field
                              in the Custom Resource Definition. \n Support: Core"
                            maxLength: 253
                            type: string
                          weight:
                            default: 1
                            description: "Weight specifies the proportion of HTTP
                              requests forwarded to the backend referenced by the
                              ServiceName or BackendRef field. This is computed as
                              weight/(sum of all weights in this ForwardTo list).
                              For non-zero values, there may be some epsilon from
                              the exact proportion defined here depending on the precision
                              an implementation supports. Weight is not a percentage
                              and the sum of weights does not need to equal 100. \n
                              If only one backend is specified and it has a weight
                              greater than 0, 100% of the traffic is forwarded to
                              that backend. If weight is set to 0, no traffic should
                              be forwarded for this entry. If unspecified, weight
                              defaults to 1. \n Support: Core"
                            format: int32
                            maximum: 1000000
                            minimum: 0
                            type: integer
                        type: object
                      maxItems: 16
                      type: array
                    matches:
                      default:
                      - path:
                          type: Prefix
                          value: /
                      description: "Matches define conditions used for matching the
                        rule against incoming HTTP requests. Each match is independent,
                        i.e. this rule will be matched if **any** one of the matches
                        is satisfied. \n For example, take the following matches configuration:
                        \n ``` matches: - path:     value: \"/foo\"   headers:     values:
                        \      version: \"2\" - path:     value: \"/v2/foo\" ``` \n
                        For a request to match against this rule, a request should
                        satisfy EITHER of the two conditions: \n - path prefixed with
                        `/foo` AND contains the header `version: \"2\"` - path prefix
                        of `/v2/foo` \n See the documentation for HTTPRouteMatch on
                        how to specify multiple match conditions that should be ANDed
                        together. \n If no matches are specified, the default is a
                        prefix path match on \"/\", which has the effect of matching
                        every HTTP request. \n Each client request MUST map to a maximum
                        of one route rule. If a request matches multiple rules, matching
                        precedence MUST be determined in order of the following criteria,
                        continuing on ties: \n * The longest matching hostname. *
                        The longest matching path. * The largest number of header
                        matches. \n If ties still exist across multiple Routes, matching
                        precedence MUST be determined in order of the following criteria,
                        continuing on ties: \n * The oldest Route based on creation
                        timestamp. For example, a Route with   a creation timestamp
                        of \"2020-09-08 01:02:03\" is given precedence over   a Route
                        with a creation timestamp of \"2020-09-08 01:02:04\". * The
                        Route appearing first in alphabetical order by   \"<namespace>/<name>\".
                        For example, foo/bar is given precedence over   foo/baz. \n
                        If ties still exist within the Route that has been given precedence,
                        matching precedence MUST be granted to the first matching
                        rule meeting the above criteria."
                      items:
                        description: "HTTPRouteMatch defines the predicate used to
                          match requests to a given action. Multiple match types are
                          ANDed together, i.e. the match will evaluate to true only
                          if all conditions are satisfied. \n For example, the match
                          below will match a HTTP request only if its path starts
                          with `/foo` AND it contains the `version: \"1\"` header:
                          \n ``` match:   path:     value: \"/foo\"   headers:     values:
                          \      version: \"1\" ```"
                        properties:
                          extensionRef:
                            description: "ExtensionRef is an optional, implementation-specific
                              extension to the \"match\" behavior. For example, resource
                              \"myroutematcher\" in group \"networking.acme.io\".
                              If the referent cannot be found, the rule is not included
                              in the route. The controller should raise the \"ResolvedRefs\"
                              condition on the Gateway with the \"DegradedRoutes\"
                              reason. The gateway status for this route should be
                              updated with a condition that describes the error more
                              specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          headers:
                            description: Headers specifies a HTTP request header matcher.
                            properties:
                              type:
                                default: Exact
                                description: "Type specifies how to match against
                                  the value of the header. \n Support: Core (Exact)
                                  \n Support: Custom (RegularExpression, ImplementationSpecific)
                                  \n Since RegularExpression PathType has custom conformance,
                                  implementations can support POSIX, PCRE or any other
                                  dialects of regular expressions. Please read the
                                  implementation's documentation to determine the
                                  supported dialect. \n HTTP Header name matching
                                  MUST be case-insensitive (RFC 2616 - section 4.2)."
                                enum:
                                - Exact
                                - RegularExpression
                                - ImplementationSpecific
                                type: string
                              values:
                                additionalProperties:
                                  type: string
                                description: "Values is a map of HTTP Headers to be
                                  matched. It MUST contain at least one entry. \n
                                  The HTTP header field name to match is the map key,
                                  and the value of the HTTP header is the map value.
                                  HTTP header field name matching MUST be case-insensitive.
                                  \n Multiple match values are ANDed together, meaning,
                                  a request must match all the specified headers to
                                  select the route."
                                type: object
                            required:
                            - values
                            type: object
                          path:
                            default:
                              type: Prefix
                              value: /
                            description: Path specifies a HTTP request path matcher.
                              If this field is not specified, a default prefix match
                              on the "/" path is provided.
                            properties:
                              type:
                                default: Prefix
                                description: "Type specifies how to match against
                                  the path Value. \n Support: Core (Exact, Prefix)
                                  \n Support: Custom (RegularExpression, ImplementationSpecific)
                                  \n Since RegularExpression PathType has custom conformance,
                                  implementations can support POSIX, PCRE or any other
                                  dialects of regular expressions. Please read the
                                  implementation's documentation to determine the
                                  supported dialect."
                                enum:
                                - Exact
                                - Prefix
                                - RegularExpression
                                - ImplementationSpecific
                                type: string
                              value:
                                default: /
                                description: Value of the HTTP path to match against.
                                type: string
                            type: object
                          queryParams:
                            description: QueryParams specifies a HTTP query parameter
                              matcher.
                            properties:
                              type:
                                default: Exact
                                description: "Type specifies how to match against
                                  the value of the query parameter. \n Support: Extended
                                  (Exact) \n Support: Custom (RegularExpression, ImplementationSpecific)
                                  \n Since RegularExpression QueryParamMatchType has
                                  custom conformance, implementations can support
                                  POSIX, PCRE or any other dialects of regular expressions.
                                  Please read the implementation's documentation to
                                  determine the supported dialect."
                                enum:
                                - Exact
                                - RegularExpression
                                - ImplementationSpecific
                                type: string
                              values:
                                additionalProperties:
                                  type: string
                                description: "Values is a map of HTTP query parameters
                                  to be matched. It MUST contain at least one entry.
                                  \n The query parameter name to match is the map
                                  key, and the value of the query parameter is the
                                  map value. \n Multiple match values are ANDed together,
                                  meaning, a request must match all the specified
                                  query parameters to select the route. \n HTTP query
                                  parameter matching MUST be case-sensitive for both
                                  keys and values. (See https://tools.ietf.org/html/rfc7230#section-2.7.3).
                                  \n Note that the query parameter key MUST always
                                  be an exact match by string comparison."
                                type: object
                            required:
                            - values
                            type: object
                        type: object
                      maxItems: 8
                      type: array
                  type: object
                maxItems: 16
                type: array
              tls:
                description: "TLS defines the TLS certificate to use for Hostnames
                  defined in this Route. This configuration only takes effect if the
                  AllowRouteOverride field is set to true in the associated Gateway
                  resource. \n Collisions can happen if multiple HTTPRoutes define
                  a TLS certificate for the same hostname. In such a case, conflict
                  resolution guiding principles apply, specifically, if hostnames
                  are same and two different certificates are specified then the certificate
                  in the oldest resource wins. \n Please note that HTTP Route-selection
                  takes place after the TLS Handshake (ClientHello). Due to this,
                  TLS certificate defined here will take precedence even if the request
                  has the potential to match multiple routes (in case multiple HTTPRoutes
                  share the same hostname). \n Support: Core"
                properties:
                  certificateRef:
                    description: "CertificateRef is a reference to a Kubernetes object
                      that contains a TLS certificate and private key. This certificate
                      is used to establish a TLS handshake for requests that match
                      the hostname of the associated HTTPRoute. The referenced object
                      MUST reside in the same namespace as HTTPRoute. \n This field
                      is required when the TLS configuration mode of the associated
                      Gateway listener is set to \"Passthrough\". \n CertificateRef
                      can reference a standard Kubernetes resource, i.e. Secret, or
                      an implementation-specific custom resource. \n Support: Core
                      (Kubernetes Secrets) \n Support: Implementation-specific (Other
                      resource types)"
                    properties:
                      group:
                        description: Group is the group of the referent.
                        maxLength: 253
                        minLength: 1
                        type: string
                      kind:
                        description: Kind is kind of the referent.
                        maxLength: 253
                        minLength: 1
                        type: string
                      name:
                        description: Name is the name of the referent.
                        maxLength: 253
                        minLength: 1
                        type: string
                    required:
                    - group
                    - kind
                    - name
                    type: object
                required:
                - certificateRef
                type: object
            type: object
          status:
            description: Status defines the current state of HTTPRoute.
            properties:
              gateways:
                description: "Gateways is a list of Gateways that are associated with
                  the route, and the status of the route with respect to each Gateway.
                  When a Gateway selects this route, the controller that manages the
                  Gateway must add an entry to this list when the controller first
                  sees the route and should update the entry as appropriate when the
                  route is modified. \n A maximum of 100 Gateways will be represented
                  in this list. If this list is full, there may be additional Gateways
                  using this Route that are not included in the list. An empty list
                  means the route has not been admitted by any Gateway."
                items:
                  description: RouteGatewayStatus describes the status of a route
                    with respect to an associated Gateway.
                  properties:
                    conditions:
                      description: Conditions describes the status of the route with
                        respect to the Gateway. The "Admitted" condition must always
                        be specified by controllers to indicate whether the route
                        has been admitted or rejected by the Gateway, and why. Note
                        that the route's availability is also subject to the Gateway's
                        own status conditions and listener status.
                      items:
                        description: "Condition contains details for one aspect of
                          the current state of this API Resource. --- This struct
                          is intended for direct use as an array at the field path
                          .status.conditions.  For example, type FooStatus struct{
                          \    // Represents the observations of a foo's current state.
                          \    // Known .status.conditions.type are: \"Available\",
                          \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                          \    // +patchStrategy=merge     // +listType=map     //
                          +listMapKey=type     Conditions []metav1.Condition `json:\"conditions,omitempty\"
                          patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                          \n     // other fields }"
                        properties:
                          lastTransitionTime:
                            description: lastTransitionTime is the last time the condition
                              transitioned from one status to another. This should
                              be when the underlying condition changed.  If that is
                              not known, then using the time when the API field changed
                              is acceptable.
                            format: date-time
                            type: string
                          message:
                            description: message is a human readable message indicating
                              details about the transition. This may be an empty string.
                            maxLength: 32768
                            type: string
                          observedGeneration:
                            description: observedGeneration represents the .metadata.generation
                              that the condition was set based upon. For instance,
                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
                              is 9, the condition is out of date with respect to the
                              current state of the instance.
                            format: int64
                            minimum: 0
                            type: integer
                          reason:
                            description: reason contains a programmatic identifier
                              indicating the reason for the condition's last transition.
                              Producers of specific condition types may define expected
                              values and meanings for this field, and whether the
                              values are considered a guaranteed API. The value should
                              be a CamelCase string. This field may not be empty.
                            maxLength: 1024
                            minLength: 1
                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                            type: string
                          status:
                            description: status of the condition, one of True, False,
                              Unknown.
                            enum:
                            - "True"
                            - "False"
                            - Unknown
                            type: string
                          type:
                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
                              --- Many .condition.type values are consistent across
                              resources like Available, but because arbitrary conditions
                              can be useful (see .node.status.conditions), the ability
                              to deconflict is important. The regex it matches is
                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                            maxLength: 316
                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                            type: string
                        required:
                        - lastTransitionTime
                        - message
                        - reason
                        - status
                        - type
                        type: object
                      maxItems: 8
                      type: array
                      x-kubernetes-list-map-keys:
                      - type
                      x-kubernetes-list-type: map
                    gatewayRef:
                      description: GatewayRef is a reference to a Gateway object that
                        is associated with the route.
                      properties:
                        controller:
                          description: "Controller is a domain/path string that indicates
                            the controller implementing the Gateway. This corresponds
                            with the controller field on GatewayClass. \n Example:
                            \"acme.io/gateway-controller\". \n The format of this
                            field is DOMAIN \"/\" PATH, where DOMAIN and PATH are
                            valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
                          maxLength: 253
                          type: string
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                  required:
                  - gatewayRef
                  type: object
                maxItems: 100
                type: array
            required:
            - gateways
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: tcproutes.networking.x-k8s.io
spec:
  group: networking.x-k8s.io
  names:
    categories:
    - gateway-api
    kind: TCPRoute
    listKind: TCPRouteList
    plural: tcproutes
    singular: tcproute
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .metadata.creationTimestamp
      name: Age
      type: date
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: TCPRoute is the Schema for the TCPRoute resource.
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: Spec defines the desired state of TCPRoute.
            properties:
              gateways:
                default:
                  allow: SameNamespace
                description: Gateways defines which Gateways can use this Route.
                properties:
                  allow:
                    default: SameNamespace
                    description: 'Allow indicates which Gateways will be allowed to
                      use this route. Possible values are: * All: Gateways in any
                      namespace can use this route. * FromList: Only Gateways specified
                      in GatewayRefs may use this route. * SameNamespace: Only Gateways
                      in the same namespace may use this route.'
                    enum:
                    - All
                    - FromList
                    - SameNamespace
                    type: string
                  gatewayRefs:
                    description: GatewayRefs must be specified when Allow is set to
                      "FromList". In that case, only Gateways referenced in this list
                      will be allowed to use this route. This field is ignored for
                      other values of "Allow".
                    items:
                      description: GatewayReference identifies a Gateway in a specified
                        namespace.
                      properties:
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                    type: array
                type: object
              rules:
                description: Rules are a list of TCP matchers and actions.
                items:
                  description: TCPRouteRule is the configuration for a given rule.
                  properties:
                    forwardTo:
                      description: ForwardTo defines the backend(s) where matching
                        requests should be sent.
                      items:
                        description: RouteForwardTo defines how a Route should forward
                          a request.
                        properties:
                          backendRef:
                            description: "BackendRef is a reference to a backend to
                              forward matched requests to. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              rule is not included in the route. The controller should
                              raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          port:
                            description: "Port specifies the destination port number
                              to use for the backend referenced by the ServiceName
                              or BackendRef field. If unspecified, the destination
                              port in the request is used when forwarding to a backendRef
                              or serviceName. \n Support: Core"
                            format: int32
                            maximum: 65535
                            minimum: 1
                            type: integer
                          serviceName:
                            description: "ServiceName refers to the name of the Service
                              to forward matched requests to. When specified, this
                              takes the place of BackendRef. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              rule is not included in the route. The controller should
                              raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n The protocol
                              to use is defined using AppProtocol field (introduced
                              in Kubernetes 1.18) in the Service resource. In the
                              absence of the AppProtocol field a `networking.x-k8s.io/app-protocol`
                              annotation on the BackendPolicy resource may be used
                              to define the protocol. If the AppProtocol field is
                              available, this annotation should not be used. The AppProtocol
                              field, when populated, takes precedence over the annotation
                              in the BackendPolicy resource. For custom backends,
                              it is encouraged to add a semantically-equivalent field
                              in the Custom Resource Definition. \n Support: Core"
                            maxLength: 253
                            type: string
                          weight:
                            default: 1
                            description: "Weight specifies the proportion of HTTP
                              requests forwarded to the backend referenced by the
                              ServiceName or BackendRef field. This is computed as
                              weight/(sum of all weights in this ForwardTo list).
                              For non-zero values, there may be some epsilon from
                              the exact proportion defined here depending on the precision
                              an implementation supports. Weight is not a percentage
                              and the sum of weights does not need to equal 100. \n
                              If only one backend is specified and it has a weight
                              greater than 0, 100% of the traffic is forwarded to
                              that backend. If weight is set to 0, no traffic should
                              be forwarded for this entry. If unspecified, weight
                              defaults to 1. \n Support: Extended"
                            format: int32
                            maximum: 1000000
                            minimum: 0
                            type: integer
                        type: object
                      maxItems: 16
                      minItems: 1
                      type: array
                    matches:
                      description: "Matches define conditions used for matching the
                        rule against incoming TCP connections. Each match is independent,
                        i.e. this rule will be matched if **any** one of the matches
                        is satisfied. If unspecified (i.e. empty), this Rule will
                        match all requests for the associated Listener. \n Each client
                        request MUST map to a maximum of one route rule. If a request
                        matches multiple rules, matching precedence MUST be determined
                        in order of the following criteria, continuing on ties: \n
                        * The most specific match specified by ExtensionRef. Each
                        implementation   that supports ExtensionRef may have different
                        ways of determining the   specificity of the referenced extension.
                        \n If ties still exist across multiple Routes, matching precedence
                        MUST be determined in order of the following criteria, continuing
                        on ties: \n * The oldest Route based on creation timestamp.
                        For example, a Route with   a creation timestamp of \"2020-09-08
                        01:02:03\" is given precedence over   a Route with a creation
                        timestamp of \"2020-09-08 01:02:04\". * The Route appearing
                        first in alphabetical order by   \"<namespace>/<name>\". For
                        example, foo/bar is given precedence over   foo/baz. \n If
                        ties still exist within the Route that has been given precedence,
                        matching precedence MUST be granted to the first matching
                        rule meeting the above criteria."
                      items:
                        description: TCPRouteMatch defines the predicate used to match
                          connections to a given action.
                        properties:
                          extensionRef:
                            description: "ExtensionRef is an optional, implementation-specific
                              extension to the \"match\" behavior.  For example, resource
                              \"mytcproutematcher\" in group \"networking.acme.io\".
                              If the referent cannot be found, the rule is not included
                              in the route. The controller should raise the \"ResolvedRefs\"
                              condition on the Gateway with the \"DegradedRoutes\"
                              reason. The gateway status for this route should be
                              updated with a condition that describes the error more
                              specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                        type: object
                      maxItems: 8
                      type: array
                  required:
                  - forwardTo
                  type: object
                maxItems: 16
                minItems: 1
                type: array
            required:
            - rules
            type: object
          status:
            description: Status defines the current state of TCPRoute.
            properties:
              gateways:
                description: "Gateways is a list of Gateways that are associated with
                  the route, and the status of the route with respect to each Gateway.
                  When a Gateway selects this route, the controller that manages the
                  Gateway must add an entry to this list when the controller first
                  sees the route and should update the entry as appropriate when the
                  route is modified. \n A maximum of 100 Gateways will be represented
                  in this list. If this list is full, there may be additional Gateways
                  using this Route that are not included in the list. An empty list
                  means the route has not been admitted by any Gateway."
                items:
                  description: RouteGatewayStatus describes the status of a route
                    with respect to an associated Gateway.
                  properties:
                    conditions:
                      description: Conditions describes the status of the route with
                        respect to the Gateway. The "Admitted" condition must always
                        be specified by controllers to indicate whether the route
                        has been admitted or rejected by the Gateway, and why. Note
                        that the route's availability is also subject to the Gateway's
                        own status conditions and listener status.
                      items:
                        description: "Condition contains details for one aspect of
                          the current state of this API Resource. --- This struct
                          is intended for direct use as an array at the field path
                          .status.conditions.  For example, type FooStatus struct{
                          \    // Represents the observations of a foo's current state.
                          \    // Known .status.conditions.type are: \"Available\",
                          \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                          \    // +patchStrategy=merge     // +listType=map     //
                          +listMapKey=type     Conditions []metav1.Condition `json:\"conditions,omitempty\"
                          patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                          \n     // other fields }"
                        properties:
                          lastTransitionTime:
                            description: lastTransitionTime is the last time the condition
                              transitioned from one status to another. This should
                              be when the underlying condition changed.  If that is
                              not known, then using the time when the API field changed
                              is acceptable.
                            format: date-time
                            type: string
                          message:
                            description: message is a human readable message indicating
                              details about the transition. This may be an empty string.
                            maxLength: 32768
                            type: string
                          observedGeneration:
                            description: observedGeneration represents the .metadata.generation
                              that the condition was set based upon. For instance,
                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
                              is 9, the condition is out of date with respect to the
                              current state of the instance.
                            format: int64
                            minimum: 0
                            type: integer
                          reason:
                            description: reason contains a programmatic identifier
                              indicating the reason for the condition's last transition.
                              Producers of specific condition types may define expected
                              values and meanings for this field, and whether the
                              values are considered a guaranteed API. The value should
                              be a CamelCase string. This field may not be empty.
                            maxLength: 1024
                            minLength: 1
                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                            type: string
                          status:
                            description: status of the condition, one of True, False,
                              Unknown.
                            enum:
                            - "True"
                            - "False"
                            - Unknown
                            type: string
                          type:
                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
                              --- Many .condition.type values are consistent across
                              resources like Available, but because arbitrary conditions
                              can be useful (see .node.status.conditions), the ability
                              to deconflict is important. The regex it matches is
                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                            maxLength: 316
                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                            type: string
                        required:
                        - lastTransitionTime
                        - message
                        - reason
                        - status
                        - type
                        type: object
                      maxItems: 8
                      type: array
                      x-kubernetes-list-map-keys:
                      - type
                      x-kubernetes-list-type: map
                    gatewayRef:
                      description: GatewayRef is a reference to a Gateway object that
                        is associated with the route.
                      properties:
                        controller:
                          description: "Controller is a domain/path string that indicates
                            the controller implementing the Gateway. This corresponds
                            with the controller field on GatewayClass. \n Example:
                            \"acme.io/gateway-controller\". \n The format of this
                            field is DOMAIN \"/\" PATH, where DOMAIN and PATH are
                            valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
                          maxLength: 253
                          type: string
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                  required:
                  - gatewayRef
                  type: object
                maxItems: 100
                type: array
            required:
            - gateways
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: tlsroutes.networking.x-k8s.io
spec:
  group: networking.x-k8s.io
  names:
    categories:
    - gateway-api
    kind: TLSRoute
    listKind: TLSRouteList
    plural: tlsroutes
    singular: tlsroute
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .metadata.creationTimestamp
      name: Age
      type: date
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: "The TLSRoute resource is similar to TCPRoute, but can be configured
          to match against TLS-specific metadata. This allows more flexibility in
          matching streams for a given TLS listener. \n If you need to forward traffic
          to a single target for a TLS listener, you could choose to use a TCPRoute
          with a TLS listener."
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: Spec defines the desired state of TLSRoute.
            properties:
              gateways:
                default:
                  allow: SameNamespace
                description: Gateways defines which Gateways can use this Route.
                properties:
                  allow:
                    default: SameNamespace
                    description: 'Allow indicates which Gateways will be allowed to
                      use this route. Possible values are: * All: Gateways in any
                      namespace can use this route. * FromList: Only Gateways specified
                      in GatewayRefs may use this route. * SameNamespace: Only Gateways
                      in the same namespace may use this route.'
                    enum:
                    - All
                    - FromList
                    - SameNamespace
                    type: string
                  gatewayRefs:
                    description: GatewayRefs must be specified when Allow is set to
                      "FromList". In that case, only Gateways referenced in this list
                      will be allowed to use this route. This field is ignored for
                      other values of "Allow".
                    items:
                      description: GatewayReference identifies a Gateway in a specified
                        namespace.
                      properties:
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                    type: array
                type: object
              rules:
                description: Rules are a list of TLS matchers and actions.
                items:
                  description: TLSRouteRule is the configuration for a given rule.
                  properties:
                    forwardTo:
                      description: ForwardTo defines the backend(s) where matching
                        requests should be sent.
                      items:
                        description: RouteForwardTo defines how a Route should forward
                          a request.
                        properties:
                          backendRef:
                            description: "BackendRef is a reference to a backend to
                              forward matched requests to. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              rule is not included in the route. The controller should
                              raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          port:
                            description: "Port specifies the destination port number
                              to use for the backend referenced by the ServiceName
                              or BackendRef field. If unspecified, the destination
                              port in the request is used when forwarding to a backendRef
                              or serviceName. \n Support: Core"
                            format: int32
                            maximum: 65535
                            minimum: 1
                            type: integer
                          serviceName:
                            description: "ServiceName refers to the name of the Service
                              to forward matched requests to. When specified, this
                              takes the place of BackendRef. If both BackendRef and
                              ServiceName are specified, ServiceName will be given
                              precedence. \n If the referent cannot be found, the
                              rule is not included in the route. The controller should
                              raise the \"ResolvedRefs\" condition on the Gateway
                              with the \"DegradedRoutes\" reason. The gateway status
                              for this route should be updated with a condition that
                              describes the error more specifically. \n The protocol
                              to use is defined using AppProtocol field (introduced
                              in Kubernetes 1.18) in the Service resource. In the
                              absence of the AppProtocol field a `networking.x-k8s.io/app-protocol`
                              annotation on the BackendPolicy resource may be used
                              to define the protocol. If the AppProtocol field is
                              available, this annotation should not be used. The AppProtocol
                              field, when populated, takes precedence over the annotation
                              in the BackendPolicy resource. For custom backends,
                              it is encouraged to add a semantically-equivalent field
                              in the Custom Resource Definition. \n Support: Core"
                            maxLength: 253
                            type: string
                          weight:
                            default: 1
                            description: "Weight specifies the proportion of HTTP
                              requests forwarded to the backend referenced by the
                              ServiceName or BackendRef field. This is computed as
                              weight/(sum of all weights in this ForwardTo list).
                              For non-zero values, there may be some epsilon from
                              the exact proportion defined here depending on the precision
                              an implementation supports. Weight is not a percentage
                              and the sum of weights does not need to equal 100. \n
                              If only one backend is specified and it has a weight
                              greater than 0, 100% of the traffic is forwarded to
                              that backend. If weight is set to 0, no traffic should
                              be forwarded for this entry. If unspecified, weight
                              defaults to 1. \n Support: Extended"
                            format: int32
                            maximum: 1000000
                            minimum: 0
                            type: integer
                        type: object
                      maxItems: 16
                      minItems: 1
                      type: array
                    matches:
                      description: "Matches define conditions used for matching the
                        rule against incoming TLS connections. Each match is independent,
                        i.e. this rule will be matched if **any** one of the matches
                        is satisfied. If unspecified (i.e. empty), this Rule will
                        match all requests for the associated Listener. \n Each client
                        request MUST map to a maximum of one route rule. If a request
                        matches multiple rules, matching precedence MUST be determined
                        in order of the following criteria, continuing on ties: \n
                        * The longest matching SNI. * The longest matching precise
                        SNI (without a wildcard). This means that   \"b.example.com\"
                        should be given precedence over \"*.example.com\". * The most
                        specific match specified by ExtensionRef. Each implementation
                        \  that supports ExtensionRef may have different ways of determining
                        the   specificity of the referenced extension. \n If ties
                        still exist across multiple Routes, matching precedence MUST
                        be determined in order of the following criteria, continuing
                        on ties: \n * The oldest Route based on creation timestamp.
                        For example, a Route with   a creation timestamp of \"2020-09-08
                        01:02:03\" is given precedence over   a Route with a creation
                        timestamp of \"2020-09-08 01:02:04\". * The Route appearing
                        first in alphabetical order by   \"<namespace>/<name>\". For
                        example, foo/bar is given precedence over   foo/baz. \n If
                        ties still exist within the Route that has been given precedence,
                        matching precedence MUST be granted to the first matching
                        rule meeting the above criteria."
                      items:
                        description: TLSRouteMatch defines the predicate used to match
                          connections to a given action.
                        properties:
                          extensionRef:
                            description: "ExtensionRef is an optional, implementation-specific
                              extension to the \"match\" behavior.  For example, resource
                              \"mytlsroutematcher\" in group \"networking.acme.io\".
                              If the referent cannot be found, the rule is not included
                              in the route. The controller should raise the \"ResolvedRefs\"
                              condition on the Gateway with the \"DegradedRoutes\"
                              reason. The gateway status for this route should be
                              updated with a condition that describes the error more
                              specifically. \n Support: Custom"
                            properties:
                              group:
                                description: Group is the group of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              kind:
                                description: Kind is kind of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                              name:
                                description: Name is the name of the referent.
                                maxLength: 253
                                minLength: 1
                                type: string
                            required:
                            - group
                            - kind
                            - name
                            type: object
                          snis:
                            description: "SNIs defines a set of SNI names that should
                              match against the SNI attribute of TLS ClientHello message
                              in TLS handshake. \n SNI can be \"precise\" which is
                              a domain name without the terminating dot of a network
                              host (e.g. \"foo.example.com\") or \"wildcard\", which
                              is a domain name prefixed with a single wildcard label
                              (e.g. `*.example.com`). The wildcard character `*` must
                              appear by itself as the first DNS label and matches
                              only a single label. You cannot have a wildcard label
                              by itself (e.g. Host == `*`). \n Requests will be matched
                              against the Host field in the following order: \n 1.
                              If SNI is precise, the request matches this rule if
                              the SNI in    ClientHello is equal to one of the defined
                              SNIs. 2. If SNI is a wildcard, then the request matches
                              this rule if the    SNI is to equal to the suffix (removing
                              the first label) of the    wildcard rule. 3. If SNIs
                              is unspecified, all requests associated with the gateway
                              TLS    listener will match. This can be used to define
                              a default backend    for a TLS listener. \n Support:
                              Core"
                            items:
                              description: Hostname is used to specify a hostname
                                that should be matched.
                              maxLength: 253
                              minLength: 1
                              type: string
                            maxItems: 16
                            type: array
                        type: object
                      maxItems: 8
                      type: array
                  required:
                  - forwardTo
                  type: object
                maxItems: 16
                minItems: 1
                type: array
            required:
            - rules
            type: object
          status:
            description: Status defines the current state of TLSRoute.
            properties:
              gateways:
                description: "Gateways is a list of Gateways that are associated with
                  the route, and the status of the route with respect to each Gateway.
                  When a Gateway selects this route, the controller that manages the
                  Gateway must add an entry to this list when the controller first
                  sees the route and should update the entry as appropriate when the
                  route is modified. \n A maximum of 100 Gateways will be represented
                  in this list. If this list is full, there may be additional Gateways
                  using this Route that are not included in the list. An empty list
                  means the route has not been admitted by any Gateway."
                items:
                  description: RouteGatewayStatus describes the status of a route
                    with respect to an associated Gateway.
                  properties:
                    conditions:
                      description: Conditions describes the status of the route with
                        respect to the Gateway. The "Admitted" condition must always
                        be specified by controllers to indicate whether the route
                        has been admitted or rejected by the Gateway, and why. Note
                        that the route's availability is also subject to the Gateway's
                        own status conditions and listener status.
                      items:
                        description: "Condition contains details for one aspect of
                          the current state of this API Resource. --- This struct
                          is intended for direct use as an array at the field path
                          .status.conditions.  For example, type FooStatus struct{
                          \    // Represents the observations of a foo's current state.
                          \    // Known .status.conditions.type are: \"Available\",
                          \"Progressing\", and \"Degraded\"     // +patchMergeKey=type
                          \    // +patchStrategy=merge     // +listType=map     //
                          +listMapKey=type     Conditions []metav1.Condition `json:\"conditions,omitempty\"
                          patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
                          \n     // other fields }"
                        properties:
                          lastTransitionTime:
                            description: lastTransitionTime is the last time the condition
                              transitioned from one status to another. This should
                              be when the underlying condition changed.  If that is
                              not known, then using the time when the API field changed
                              is acceptable.
                            format: date-time
                            type: string
                          message:
                            description: message is a human readable message indicating
                              details about the transition. This may be an empty string.
                            maxLength: 32768
                            type: string
                          observedGeneration:
                            description: observedGeneration represents the .metadata.generation
                              that the condition was set based upon. For instance,
                              if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration
                              is 9, the condition is out of date with respect to the
                              current state of the instance.
                            format: int64
                            minimum: 0
                            type: integer
                          reason:
                            description: reason contains a programmatic identifier
                              indicating the reason for the condition's last transition.
                              Producers of specific condition types may define expected
                              values and meanings for this field, and whether the
                              values are considered a guaranteed API. The value should
                              be a CamelCase string. This field may not be empty.
                            maxLength: 1024
                            minLength: 1
                            pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                            type: string
                          status:
                            description: status of the condition, one of True, False,
                              Unknown.
                            enum:
                            - "True"
                            - "False"
                            - Unknown
                            type: string
                          type:
                            description: type of condition in CamelCase or in foo.example.com/CamelCase.
                              --- Many .condition.type values are consistent across
                              resources like Available, but because arbitrary conditions
                              can be useful (see .node.status.conditions), the ability
                              to deconflict is important. The regex it matches is
                              (dns1123SubdomainFmt/)?(qualifiedNameFmt)
                            maxLength: 316
                            pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                            type: string
                        required:
                        - lastTransitionTime
                        - message
                        - reason
                        - status
                        - type
                        type: object
                      maxItems: 8
                      type: array
                      x-kubernetes-list-map-keys:
                      - type
                      x-kubernetes-list-type: map
                    gatewayRef:
                      description: GatewayRef is a reference to a Gateway object that
                        is associated with the route.
                      properties:
                        controller:
                          description: "Controller is a domain/path string that indicates
                            the controller implementing the Gateway. This corresponds
                            with the controller field on GatewayClass. \n Example:
                            \"acme.io/gateway-controller\". \n The format of this
                            field is DOMAIN \"/\" PATH, where DOMAIN and PATH are
                            valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names)."
                          maxLength: 253
                          type: string
                        name:
                          description: Name is the name of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                        namespace:
                          description: Namespace is the namespace of the referent.
                          maxLength: 253
                          minLength: 1
                          type: string
                      required:
                      - name
                      - namespace
                      type: object
                  required:
                  - gatewayRef
                  type: object
                maxItems: 100
                type: array
            required:
            - gateways
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []