cilium.io / v2 / CiliumEndpoint
- string
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- string
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- object required
.metadata
- object
.status
EndpointStatus is the status of a Cilium endpoint.
- array
.status .controllers
Controllers is the list of failing controllers for this endpoint.
- object
.status .controllers[] .configuration
Configuration is the controller configuration
- boolean
.status .controllers[] .configuration .error-retry
Retry on error
- integer
.status .controllers[] .configuration .error-retry-base
Base error retry back-off time Format: duration
- integer
.status .controllers[] .configuration .interval
Regular synchronization interval Format: duration
- string
.status .controllers[] .name
Name is the name of the controller
- object
.status .controllers[] .status
Status is the status of the controller
- integer
.status .controllers[] .status .consecutive-failure-count
- integer
.status .controllers[] .status .failure-count
- string
.status .controllers[] .status .last-failure-msg
- string
.status .controllers[] .status .last-failure-timestamp
- string
.status .controllers[] .status .last-success-timestamp
- integer
.status .controllers[] .status .success-count
- string
.status .controllers[] .uuid
UUID is the UUID of the controller
- object
.status .encryption
Encryption is the encryption configuration of the node
- integer
.status .encryption .key
Key is the index to the key to use for encryption or 0 if encryption is disabled.
- object
.status .external-identifiers
ExternalIdentifiers is a set of identifiers to identify the endpoint apart from the pod name. This includes container runtime IDs.
- string
.status .external-identifiers .cni-attachment-id
ID assigned to this attachment by container runtime
- string
.status .external-identifiers .container-id
ID assigned by container runtime (deprecated, may not be unique)
- string
.status .external-identifiers .container-name
Name assigned to container (deprecated, may not be unique)
- string
.status .external-identifiers .docker-endpoint-id
Docker endpoint ID
- string
.status .external-identifiers .docker-network-id
Docker network ID
- string
.status .external-identifiers .k8s-namespace
K8s namespace for this endpoint (deprecated, may not be unique)
- string
.status .external-identifiers .k8s-pod-name
K8s pod name for this endpoint (deprecated, may not be unique)
- string
.status .external-identifiers .pod-name
K8s pod for this endpoint (deprecated, may not be unique)
- object
.status .health
Health is the overall endpoint & subcomponent health.
- string
.status .health .bpf
bpf
- boolean
.status .health .connected
Is this endpoint reachable
- string
.status .health .overallHealth
overall health
- string
.status .health .policy
policy
- integer
.status .id
ID is the cilium-agent-local ID of the endpoint.
- object
.status .identity
Identity is the security identity associated with the endpoint
- integer
.status .identity .id
ID is the numeric identity of the endpoint
- array
.status .identity .labels
Labels is the list of labels associated with the identity
- array
.status .log
Log is the list of the last few warning and error log entries
- string
.status .log[] .code
Code indicate type of status change Enum: [“ok”,”failed”]
- string
.status .log[] .message
Status message
- string
.status .log[] .state
state
- string
.status .log[] .timestamp
Timestamp when status change occurred
- array
.status .named-ports
NamedPorts List of named Layer 4 port and protocol pairs which will be used in Network Policy specs.
swagger:model NamedPorts
- string
.status .named-ports[] .name
Optional layer 4 port name
- integer
.status .named-ports[] .port
Layer 4 port number
- string
.status .named-ports[] .protocol
Layer 4 protocol Enum: [“TCP”,”UDP”,”SCTP”,”ICMP”,”ICMPV6”,”ANY”]
- object
.status .networking
Networking is the networking properties of the endpoint.
- array required
.status .networking .addressing
IP4/6 addresses assigned to this Endpoint
- string
.status .networking .addressing[] .ipv4
- string
.status .networking .addressing[] .ipv6
- string
.status .networking .node
NodeIP is the IP of the node the endpoint is running on. The IP must be reachable between nodes.
- object
.status .policy
EndpointPolicy represents the endpoint’s policy by listing all allowed ingress and egress identities in combination with L4 port and protocol.
- object
.status .policy .egress
EndpointPolicyDirection is the list of allowed identities per direction.
- array
.status .policy .egress .adding
Deprecated
- integer
.status .policy .egress .adding[] .dest-port
- integer
.status .policy .egress .adding[] .identity
- object
.status .policy .egress .adding[] .identity-labels
- integer
.status .policy .egress .adding[] .protocol
- array
.status .policy .egress .allowed
AllowedIdentityList is a list of IdentityTuples that species peers that are allowed.
- integer
.status .policy .egress .allowed[] .dest-port
- integer
.status .policy .egress .allowed[] .identity
- object
.status .policy .egress .allowed[] .identity-labels
- integer
.status .policy .egress .allowed[] .protocol
- array
.status .policy .egress .denied
DenyIdentityList is a list of IdentityTuples that species peers that are denied.
- integer
.status .policy .egress .denied[] .dest-port
- integer
.status .policy .egress .denied[] .identity
- object
.status .policy .egress .denied[] .identity-labels
- integer
.status .policy .egress .denied[] .protocol
- boolean required
.status .policy .egress .enforcing
- array
.status .policy .egress .removing
Deprecated
- integer
.status .policy .egress .removing[] .dest-port
- integer
.status .policy .egress .removing[] .identity
- object
.status .policy .egress .removing[] .identity-labels
- integer
.status .policy .egress .removing[] .protocol
- string
.status .policy .egress .state
EndpointPolicyState defines the state of the Policy mode: “enforcing”, “non-enforcing”, “disabled”
- object
.status .policy .ingress
EndpointPolicyDirection is the list of allowed identities per direction.
- array
.status .policy .ingress .adding
Deprecated
- integer
.status .policy .ingress .adding[] .dest-port
- integer
.status .policy .ingress .adding[] .identity
- object
.status .policy .ingress .adding[] .identity-labels
- integer
.status .policy .ingress .adding[] .protocol
- array
.status .policy .ingress .allowed
AllowedIdentityList is a list of IdentityTuples that species peers that are allowed.
- integer
.status .policy .ingress .allowed[] .dest-port
- integer
.status .policy .ingress .allowed[] .identity
- object
.status .policy .ingress .allowed[] .identity-labels
- integer
.status .policy .ingress .allowed[] .protocol
- array
.status .policy .ingress .denied
DenyIdentityList is a list of IdentityTuples that species peers that are denied.
- integer
.status .policy .ingress .denied[] .dest-port
- integer
.status .policy .ingress .denied[] .identity
- object
.status .policy .ingress .denied[] .identity-labels
- integer
.status .policy .ingress .denied[] .protocol
- boolean required
.status .policy .ingress .enforcing
- array
.status .policy .ingress .removing
Deprecated
- integer
.status .policy .ingress .removing[] .dest-port
- integer
.status .policy .ingress .removing[] .identity
- object
.status .policy .ingress .removing[] .identity-labels
- integer
.status .policy .ingress .removing[] .protocol
- string
.status .policy .ingress .state
EndpointPolicyState defines the state of the Policy mode: “enforcing”, “non-enforcing”, “disabled”
- string
.status .state
State is the state of the endpoint.