Skip to content

Commit

Permalink
feat: add CRDs for new GatewayAPI filters (#631)
Browse files Browse the repository at this point in the history 
* feature: add CRDs for new GatewayAPI filters

Signed-off-by: Lin Yang <[email protected]>

* feat: add controllers and webhooks

Signed-off-by: Lin Yang <[email protected]>

* fix: rbac

Signed-off-by: Lin Yang <[email protected]>

---------

Signed-off-by: Lin Yang <[email protected]>
  • Loading branch information
@reaver-flomesh
reaver-flomesh authored Jan 13, 2025
1 parent 5ed491c commit 16ba189
Show file tree
Hide file tree
Showing 59 changed files with 3,733 additions and 43 deletions.
51 changes: 48 additions & 3 deletions charts/fsm/templates/fsm-rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -161,13 +161,58 @@ rules:

# GatewayAPI Extension
- apiGroups: [ "extension.gateway.flomesh.io" ]
resources: [ "filters", "filterdefinitions", "listenerfilters", "circuitbreakers", "faultinjections", "ratelimits", "httplogs", "metrics", "zipkins", "filterconfigs", "proxytags" ]
resources:
- "filters"
- "filterdefinitions"
- "listenerfilters"
- "circuitbreakers"
- "faultinjections"
- "ratelimits"
- "httplogs"
- "metrics"
- "zipkins"
- "filterconfigs"
- "proxytags"
- "iprestrictions"
- "externalratelimits"
- "concurrencylimits"
- "requestterminations"
verbs: [ "get", "list", "watch", "create", "update", "patch", "delete" ]
- apiGroups: [ "extension.gateway.flomesh.io" ]
resources: [ "filters/finalizers", "filterdefinitions/finalizers", "listenerfilters/finalizers", "circuitbreakers/finalizers", "faultinjections/finalizers", "ratelimits/finalizers", "httplogs/finalizers", "metrics/finalizers", "zipkins/finalizers", "filterconfigs/finalizers", "proxytags/finalizers" ]
resources:
- "filters/finalizers"
- "filterdefinitions/finalizers"
- "listenerfilters/finalizers"
- "circuitbreakers/finalizers"
- "faultinjections/finalizers"
- "ratelimits/finalizers"
- "httplogs/finalizers"
- "metrics/finalizers"
- "zipkins/finalizers"
- "filterconfigs/finalizers"
- "proxytags/finalizers"
- "iprestrictions/finalizers"
- "externalratelimits/finalizers"
- "concurrencylimits/finalizers"
- "requestterminations/finalizers"
verbs: [ "update" ]
- apiGroups: [ "extension.gateway.flomesh.io" ]
resources: [ "filters/status", "filterdefinitions/status", "listenerfilters/status", "circuitbreakers/status", "faultinjections/status", "ratelimits/status", "httplogs/status", "metrics/status", "zipkins/status", "filterconfigs/status", "proxytags/status" ]
resources:
- "filters/status"
- "filterdefinitions/status"
- "listenerfilters/status"
- "circuitbreakers/status"
- "faultinjections/status"
- "ratelimits/status"
- "httplogs/status"
- "metrics/status"
- "zipkins/status"
- "filterconfigs/status"
- "proxytags/status"
- "iprestrictions/status"
- "externalratelimits/status"
- "concurrencylimits/status"
- "requestterminations/status"
verbs: [ "get", "patch", "update" ]

# PolicyAttachment
Expand Down
128 changes: 128 additions & 0 deletions cmd/fsm-bootstrap/crds/extension.gateway.flomesh.io_concurrencylimits.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
labels:
app.kubernetes.io/name: flomesh.io
gateway.flomesh.io/extension: Filter
name: concurrencylimits.extension.gateway.flomesh.io
spec:
group: extension.gateway.flomesh.io
names:
categories:
- gateway-api
kind: ConcurrencyLimit
listKind: ConcurrencyLimitList
plural: concurrencylimits
singular: concurrencylimit
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ConcurrencyLimit is the Schema for the ConcurrencyLimit API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ConcurrencyLimitSpec defines the desired state of ConcurrencyLimit
properties:
maxConnections:
default: 100
description: MaxConnections is the maximum number of concurrent connections,
default is 100
format: int32
minimum: 1
type: integer
type: object
status:
description: ConcurrencyLimitStatus defines the observed state of ConcurrencyLimit
properties:
conditions:
description: Conditions describe the current conditions of the ConcurrencyLimit.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
maxItems: 8
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
type: object
served: true
storage: true
subresources:
status: {}
144 changes: 144 additions & 0 deletions cmd/fsm-bootstrap/crds/extension.gateway.flomesh.io_externalratelimits.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,144 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.5
labels:
app.kubernetes.io/name: flomesh.io
gateway.flomesh.io/extension: Filter
name: externalratelimits.extension.gateway.flomesh.io
spec:
group: extension.gateway.flomesh.io
names:
categories:
- gateway-api
kind: ExternalRateLimit
listKind: ExternalRateLimitList
plural: externalratelimits
singular: externalratelimit
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ExternalRateLimit is the Schema for the ExternalRateLimit API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ExternalRateLimitSpec defines the desired state of ExternalRateLimit
properties:
passHeaders:
description: PassHeaders is the list of headers to be passed to the
backend service
items:
description: HeaderName is the name of a header or query parameter.
maxLength: 256
minLength: 1
pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
type: string
type: array
x-kubernetes-list-type: set
throttleHost:
description: ThrottleHosts is the list of hosts to be throttled
items:
description: HostPort is a host name with optional port number
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*(:[0-9]{1,5})?$
type: string
maxItems: 32
minItems: 1
type: array
x-kubernetes-list-type: set
type: object
status:
description: ExternalRateLimitStatus defines the observed state of ExternalRateLimit
properties:
conditions:
description: Conditions describe the current conditions of the ExternalRateLimit.
items:
description: Condition contains details for one aspect of the current
state of this API Resource.
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
maxItems: 8
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
type: object
served: true
storage: true
subresources:
status: {}
6 changes: 4 additions & 2 deletions cmd/fsm-bootstrap/crds/extension.gateway.flomesh.io_httplogs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,12 +103,14 @@ spec:
is POST
enum:
- GET
- HEAD
- POST
- PUT
- DELETE
- PATCH
- HEAD
- CONNECT
- OPTIONS
- TRACE
- PATCH
type: string
target:
description: Target is the URL of the HTTPLog service
Expand Down
Loading

0 comments on commit 16ba189

Please sign in to comment.