--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 name: frrconfigurations.frrk8s.metallb.io spec: group: frrk8s.metallb.io names: kind: FRRConfiguration listKind: FRRConfigurationList plural: frrconfigurations singular: frrconfiguration scope: Namespaced versions: - name: v1beta1 schema: openAPIV3Schema: description: FRRConfiguration is a piece of FRR configuration. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: FRRConfigurationSpec defines the desired state of FRRConfiguration. properties: bgp: description: BGP is the configuration related to the BGP protocol. properties: bfdProfiles: description: BFDProfiles is the list of bfd profiles to be used when configuring the neighbors. items: description: |- BFDProfile is the configuration related to the BFD protocol associated to a BGP session. properties: detectMultiplier: description: |- Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. format: int32 maximum: 255 minimum: 2 type: integer echoInterval: description: |- Configures the minimal echo receive transmission interval that this system is capable of handling in milliseconds. Defaults to 50ms format: int32 maximum: 60000 minimum: 10 type: integer echoMode: description: |- Enables or disables the echo transmission mode. This mode is disabled by default, and not supported on multi hops setups. type: boolean minimumTtl: description: |- For multi hop sessions only: configure the minimum expected TTL for an incoming BFD control packet. format: int32 maximum: 254 minimum: 1 type: integer name: description: |- The name of the BFD Profile to be referenced in other parts of the configuration. type: string passiveMode: description: |- Mark session as passive: a passive session will not attempt to start the connection and will wait for control packets from peer before it begins replying. type: boolean receiveInterval: description: |- The minimum interval that this system is capable of receiving control packets in milliseconds. Defaults to 300ms. format: int32 maximum: 60000 minimum: 10 type: integer transmitInterval: description: |- The minimum transmission interval (less jitter) that this system wants to use to send BFD control packets in milliseconds. Defaults to 300ms format: int32 maximum: 60000 minimum: 10 type: integer required: - name type: object type: array routers: description: Routers is the list of routers we want FRR to configure (one per VRF). items: description: Router represent a neighbor router we want FRR to connect to. properties: asn: description: ASN is the AS number to use for the local end of the session. format: int32 maximum: 4294967295 minimum: 0 type: integer id: description: ID is the BGP router ID type: string imports: description: Imports is the list of imported VRFs we want for this router / vrf. items: description: Import represents the possible imported VRFs to a given router. properties: vrf: description: Vrf is the vrf we want to import from type: string type: object type: array neighbors: description: Neighbors is the list of neighbors we want to establish BGP sessions with. items: description: Neighbor represents a BGP Neighbor we want FRR to connect to. properties: address: description: Address is the IP address to establish the session with. type: string asn: description: ASN is the AS number to use for the local end of the session. format: int32 maximum: 4294967295 minimum: 0 type: integer bfdProfile: description: |- BFDProfile is the name of the BFD Profile to be used for the BFD session associated to the BGP session. If not set, the BFD session won't be set up. type: string connectTime: description: Requested BGP connect time, controls how long BGP waits between connection attempts to a neighbor. type: string x-kubernetes-validations: - message: connect time should be between 1 seconds to 65535 rule: duration(self).getSeconds() >= 1 && duration(self).getSeconds() <= 65535 - message: connect time should contain a whole number of seconds rule: duration(self).getMilliseconds() % 1000 == 0 disableMP: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean ebgpMultiHop: description: EBGPMultiHop indicates if the BGPPeer is multi-hops away. type: boolean enableGracefulRestart: description: |- EnableGracefulRestart allows BGP peer to continue to forward data packets along known routes while the routing protocol information is being restored. If the session is already established, the configuration will have effect after reconnecting to the peer type: boolean holdTime: description: |- HoldTime is the requested BGP hold time, per RFC4271. Defaults to 180s. type: string keepaliveTime: description: |- KeepaliveTime is the requested BGP keepalive time, per RFC4271. Defaults to 60s. type: string password: description: |- Password to be used for establishing the BGP session. Password and PasswordSecret are mutually exclusive. type: string passwordSecret: description: |- PasswordSecret is name of the authentication secret for the neighbor. the secret must be of type "kubernetes.io/basic-auth", and created in the same namespace as the frr-k8s daemon. The password is stored in the secret as the key "password". Password and PasswordSecret are mutually exclusive. properties: name: description: name is unique within a namespace to reference a secret resource. type: string namespace: description: namespace defines the space within which the secret name must be unique. type: string type: object x-kubernetes-map-type: atomic port: description: |- Port is the port to dial when establishing the session. Defaults to 179. maximum: 16384 minimum: 0 type: integer sourceaddress: description: |- SourceAddress is the IPv4 or IPv6 source address to use for the BGP session to this neighbour, may be specified as either an IP address directly or as an interface name type: string toAdvertise: description: |- ToAdvertise represents the list of prefixes to advertise to the given neighbor and the associated properties. properties: allowed: description: |- Allowed is is the list of prefixes allowed to be propagated to this neighbor. They must match the prefixes defined in the router. properties: mode: default: filtered description: |- Mode is the mode to use when handling the prefixes. When set to "filtered", only the prefixes in the given list will be allowed. When set to "all", all the prefixes configured on the router will be allowed. enum: - all - filtered type: string prefixes: items: type: string type: array type: object withCommunity: description: |- PrefixesWithCommunity is a list of prefixes that are associated to a bgp community when being advertised. The prefixes associated to a given local pref must be in the prefixes allowed to be advertised. items: description: CommunityPrefixes is a list of prefixes associated to a community. properties: community: description: Community is the community associated to the prefixes. type: string prefixes: description: Prefixes is the list of prefixes associated to the community. format: cidr items: type: string minItems: 1 type: array type: object type: array withLocalPref: description: |- PrefixesWithLocalPref is a list of prefixes that are associated to a local preference when being advertised. The prefixes associated to a given local pref must be in the prefixes allowed to be advertised. items: description: LocalPrefPrefixes is a list of prefixes associated to a local preference. properties: localPref: description: LocalPref is the local preference associated to the prefixes. format: int32 type: integer prefixes: description: Prefixes is the list of prefixes associated to the local preference. format: cidr items: type: string minItems: 1 type: array type: object type: array type: object toReceive: description: ToReceive represents the list of prefixes to receive from the given neighbor. properties: allowed: description: |- Allowed is the list of prefixes allowed to be received from this neighbor. properties: mode: default: filtered description: |- Mode is the mode to use when handling the prefixes. When set to "filtered", only the prefixes in the given list will be allowed. When set to "all", all the prefixes configured on the router will be allowed. enum: - all - filtered type: string prefixes: items: description: PrefixSelector is a filter of prefixes to receive. properties: ge: description: |- The prefix length modifier. This selector accepts any matching prefix with length greater or equal the given value. format: int32 maximum: 128 minimum: 1 type: integer le: description: |- The prefix length modifier. This selector accepts any matching prefix with length less or equal the given value. format: int32 maximum: 128 minimum: 1 type: integer prefix: format: cidr type: string type: object type: array type: object type: object required: - address - asn type: object type: array prefixes: description: Prefixes is the list of prefixes we want to advertise from this router instance. items: type: string type: array vrf: description: VRF is the host vrf used to establish sessions from this router. type: string required: - asn type: object type: array type: object nodeSelector: description: |- NodeSelector limits the nodes that will attempt to apply this config. When specified, the configuration will be considered only on nodes whose labels match the specified selectors. When it is not specified all nodes will attempt to apply this config. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic raw: description: |- Raw is a snippet of raw frr configuration that gets appended to the one rendered translating the type safe API. properties: priority: description: |- Priority is the order with this configuration is appended to the bottom of the rendered configuration. A higher value means the raw config is appended later in the configuration file. type: integer rawConfig: description: |- Config is a raw FRR configuration to be appended to the configuration rendered via the k8s api. type: string type: object type: object status: description: FRRConfigurationStatus defines the observed state of FRRConfiguration. type: object type: object served: true storage: true subresources: status: {}