mirror of https://github.com/status-im/consul.git
remove configuration section
This commit is contained in:
parent
cc36b3712d
commit
830cb60b13
|
@ -173,152 +173,3 @@ tls:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
## Complete configuration
|
|
||||||
The following example shows a fully configured `Gateway`.
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
kind: Gateway
|
|
||||||
Description: This gateway enables traffic from A to B.
|
|
||||||
version: gateway.networking.k8s.io/v1alpha2
|
|
||||||
scope: Namespaced
|
|
||||||
fields:
|
|
||||||
- name: addresses
|
|
||||||
supported: false
|
|
||||||
- name: gatewayClassName
|
|
||||||
type: string
|
|
||||||
description: Name of a GatewayClass resource used for this Gateway.
|
|
||||||
- name: listeners
|
|
||||||
type: array<object>
|
|
||||||
description: |
|
|
||||||
Description of the listeners associated with this Gateway.
|
|
||||||
items:
|
|
||||||
fields:
|
|
||||||
- name: allowedRoutes
|
|
||||||
type: object
|
|
||||||
description: |
|
|
||||||
AllowedRoutes defines the types of routes that
|
|
||||||
MAY be attached to a Listener and the trusted namespaces where
|
|
||||||
those Route resources MAY be present.
|
|
||||||
fields:
|
|
||||||
- name: kinds
|
|
||||||
supported: false
|
|
||||||
- name: namespaces
|
|
||||||
type: object
|
|
||||||
description: |
|
|
||||||
Description of namespaces from which routes may be attached to this Listener. This is restricted
|
|
||||||
to the namespace of this Gateway by default.
|
|
||||||
fields:
|
|
||||||
- name: from
|
|
||||||
type: string
|
|
||||||
default: Same
|
|
||||||
description: |
|
|
||||||
From indicates where Routes will be selected
|
|
||||||
for this Gateway."
|
|
||||||
enum: ["All", "Selector", "Same"]
|
|
||||||
- name: selector
|
|
||||||
type: object
|
|
||||||
description: "Selector must be specified when From is
|
|
||||||
set to \"Selector\". In that case, only Routes in
|
|
||||||
Namespaces matching this Selector will be selected
|
|
||||||
by this Gateway."
|
|
||||||
fields:
|
|
||||||
- name: matchExpressions
|
|
||||||
type: array<object>
|
|
||||||
description: |
|
|
||||||
matchExpressions is a list of label
|
|
||||||
selector requirements. The requirements are ANDed.
|
|
||||||
items:
|
|
||||||
fields:
|
|
||||||
- name: key
|
|
||||||
type: string
|
|
||||||
description: |
|
|
||||||
key is the label key that the
|
|
||||||
selector applies to.
|
|
||||||
- name: operator
|
|
||||||
type: string
|
|
||||||
description: |
|
|
||||||
operator represents a key's relationship
|
|
||||||
to a set of values. Valid operators are
|
|
||||||
In, NotIn, Exists and DoesNotExist.
|
|
||||||
- name: values
|
|
||||||
type: array<string>
|
|
||||||
description: |
|
|
||||||
values is an array of string
|
|
||||||
values. If the operator is In or NotIn,
|
|
||||||
the values array must be non-empty. If the
|
|
||||||
operator is Exists or DoesNotExist, the
|
|
||||||
values array must be empty. This array is
|
|
||||||
replaced during a strategic merge patch.
|
|
||||||
- name: matchLabels
|
|
||||||
type: map<string, string>
|
|
||||||
description: |
|
|
||||||
matchLabels is a map of {key,value}
|
|
||||||
pairs. A single {key,value} in the matchLabels
|
|
||||||
map is equivalent to an element of matchExpressions,
|
|
||||||
whose key field is "key", the operator is "In",
|
|
||||||
and the values array contains only "value". The
|
|
||||||
requirements are ANDed.
|
|
||||||
- name: hostname
|
|
||||||
type: string
|
|
||||||
description: |
|
|
||||||
Hostname specifies the virtual hostname to match for HTTP or HTTPS-based listeners. When unspecified,
|
|
||||||
all hostnames are matched. This is implemented by checking the HTTP Host header sent on a client request.
|
|
||||||
- name: name
|
|
||||||
type: string
|
|
||||||
description: "Name is the name of the Listener. This name MUST be unique within a Gateway."
|
|
||||||
- name: port
|
|
||||||
type: integer
|
|
||||||
description: "Port is the network port of a listener."
|
|
||||||
- name: protocol
|
|
||||||
type: string
|
|
||||||
description: "Protocol specifies the network protocol this listener expects to receive."
|
|
||||||
enum: ["HTTP", "HTTPS", "TCP"]
|
|
||||||
- name: tls
|
|
||||||
type: object
|
|
||||||
description: |
|
|
||||||
TLS is the TLS configuration for the Listener.
|
|
||||||
This field is required if the Protocol field is "HTTPS".
|
|
||||||
It is invalid to set this field if the Protocol
|
|
||||||
field is "HTTP" or "TCP".
|
|
||||||
fields:
|
|
||||||
- name: certificateRefs
|
|
||||||
type: array<object>
|
|
||||||
description: |
|
|
||||||
CertificateRefs contains a series of references
|
|
||||||
to Kubernetes objects that contains TLS certificates and
|
|
||||||
private keys. These certificates are used to establish
|
|
||||||
a TLS handshake for requests that match the hostname of
|
|
||||||
the associated listener. Each reference must be a Kubernetes
|
|
||||||
Secret, and, if using a Secret in a namespace other than the
|
|
||||||
Gateway's, must have a corresponding ReferencePolicy created.
|
|
||||||
items:
|
|
||||||
fields:
|
|
||||||
- name: group
|
|
||||||
supported: false
|
|
||||||
- name: kind
|
|
||||||
supported: false
|
|
||||||
- name: name
|
|
||||||
type: string
|
|
||||||
description: Name is the name of the Kubernetes Secret.
|
|
||||||
- name: namespace
|
|
||||||
type: string
|
|
||||||
description: |
|
|
||||||
Namespace is the namespace of the Secret. When unspecified, the local namespace is inferred.
|
|
||||||
|
|
||||||
Note that when a namespace is specified, a ReferencePolicy
|
|
||||||
object is required in the specified namespace to
|
|
||||||
allow that namespace's owner to accept the reference.
|
|
||||||
- name: mode
|
|
||||||
type: string
|
|
||||||
default: Terminate
|
|
||||||
description: "Mode defines the TLS behavior for the TLS session initiated by the client. The only supported mode at this time is `Terminate`"
|
|
||||||
enum: ["Terminate"]
|
|
||||||
- name: options
|
|
||||||
type: map<string, string>
|
|
||||||
description: |
|
|
||||||
Options are a list of key/value pairs to enable
|
|
||||||
extended TLS configuration for each implementation.
|
|
||||||
enum: ["api-gateway.consul.hashicorp.com/tls_min_version","api-gateway.consul.hashicorp.com/tls_max_version","api-gateway.consul.hashicorp.com/tls_cipher_suites",]
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue