cilium.io / v2 / CiliumNode
- string
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- string
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- object required
.metadata
- object required
.spec
Spec defines the desired specification/configuration of the node.
- array
.spec .addresses
Addresses is the list of all node addresses.
- string
.spec .addresses[] .ip
IP is an IP of a node
- string
.spec .addresses[] .type
Type is the type of the node address
- object
.spec .alibaba-cloud
AlibabaCloud is the AlibabaCloud IPAM specific configuration.
- string
.spec .alibaba-cloud .availability-zone
AvailabilityZone is the availability zone to use when allocating ENIs.
- string
.spec .alibaba-cloud .cidr-block
CIDRBlock is vpc ipv4 CIDR
- string
.spec .alibaba-cloud .instance-type
InstanceType is the ECS instance type, e.g. “ecs.g6.2xlarge”
- array
.spec .alibaba-cloud .security-groups
SecurityGroups is the list of security groups to attach to any ENI that is created and attached to the instance.
- string
.spec .alibaba-cloud .vpc-id
VPCID is the VPC ID to use when allocating ENIs.
- array
.spec .alibaba-cloud .vswitches
VSwitches is the ID of vSwitch available for ENI
- object
.spec .azure
Azure is the Azure IPAM specific configuration.
- string
.spec .azure .interface-name
InterfaceName is the name of the interface the cilium-operator will use to allocate all the IPs on
- string
.spec .bootid
BootID is a unique node identifier generated on boot
- object
.spec .encryption
Encryption is the encryption configuration of the node.
- integer
.spec .encryption .key
Key is the index to the key to use for encryption or 0 if encryption is disabled.
- object
.spec .eni
ENI is the AWS ENI specific configuration.
- string
.spec .eni .availability-zone
AvailabilityZone is the availability zone to use when allocating ENIs.
- boolean
.spec .eni .delete-on-termination
DeleteOnTermination defines that the ENI should be deleted when the associated instance is terminated. If the parameter is not set the default behavior is to delete the ENI on instance termination.
- boolean
.spec .eni .disable-prefix-delegation
DisablePrefixDelegation determines whether ENI prefix delegation should be disabled on this node.
- integer
.spec .eni .first-interface-index
FirstInterfaceIndex is the index of the first ENI to use for IP allocation, e.g. if the node has eth0, eth1, eth2 and FirstInterfaceIndex is set to 1, then only eth1 and eth2 will be used for IP allocation, eth0 will be ignored for PodIP allocation.
- string
.spec .eni .instance-id
InstanceID is the AWS InstanceId of the node. The InstanceID is used to retrieve AWS metadata for the node.
OBSOLETE: This field is obsolete, please use Spec.InstanceID
- string
.spec .eni .instance-type
InstanceType is the AWS EC2 instance type, e.g. “m5.large”
- integer
.spec .eni .max-above-watermark
MaxAboveWatermark is the maximum number of addresses to allocate beyond the addresses needed to reach the PreAllocate watermark. Going above the watermark can help reduce the number of API calls to allocate IPs, e.g. when a new ENI is allocated, as many secondary IPs as possible are allocated. Limiting the amount can help reduce waste of IPs.
OBSOLETE: This field is obsolete, please use Spec.IPAM.MaxAboveWatermark
- integer
.spec .eni .min-allocate
MinAllocate is the minimum number of IPs that must be allocated when the node is first bootstrapped. It defines the minimum base socket of addresses that must be available. After reaching this watermark, the PreAllocate and MaxAboveWatermark logic takes over to continue allocating IPs.
OBSOLETE: This field is obsolete, please use Spec.IPAM.MinAllocate
- string
.spec .eni .node-subnet-id
NodeSubnetID is the subnet of the primary ENI the instance was brought up with. It is used as a sensible default subnet to create ENIs in.
- integer
.spec .eni .pre-allocate
PreAllocate defines the number of IP addresses that must be available for allocation in the IPAMspec. It defines the buffer of addresses available immediately without requiring cilium-operator to get involved.
OBSOLETE: This field is obsolete, please use Spec.IPAM.PreAllocate
- array
.spec .eni .security-groups
SecurityGroups is the list of security groups to attach to any ENI that is created and attached to the instance.
- array
.spec .eni .subnet-ids
SubnetIDs is the list of subnet ids to use when evaluating what AWS subnets to use for ENI and IP allocation.
- boolean
.spec .eni .use-primary-address
UsePrimaryAddress determines whether an ENI’s primary address should be available for allocations on the node
- string
.spec .eni .vpc-id
VpcID is the VPC ID to use when allocating ENIs.
- object
.spec .health
HealthAddressing is the addressing information for health connectivity checking.
- string
.spec .health .ipv4
IPv4 is the IPv4 address of the IPv4 health endpoint.
- string
.spec .health .ipv6
IPv6 is the IPv6 address of the IPv4 health endpoint.
- object
.spec .ingress
IngressAddressing is the addressing information for Ingress listener.
- string
.spec .ingress .ipv4
- string
.spec .ingress .ipv6
- string
.spec .instance-id
InstanceID is the identifier of the node. This is different from the node name which is typically the FQDN of the node. The InstanceID typically refers to the identifier used by the cloud provider or some other means of identification.
- object
.spec .ipam
IPAM is the address management specification. This section can be populated by a user or it can be automatically populated by an IPAM operator.
- object
.spec .ipam .ipv6-pool
IPv6Pool is the list of IPv6 addresses available to the node for allocation. When an IPv6 address is used, it will remain on this list but will be added to Status.IPAM.IPv6Used
- integer
.spec .ipam .max-above-watermark
MaxAboveWatermark is the maximum number of addresses to allocate beyond the addresses needed to reach the PreAllocate watermark. Going above the watermark can help reduce the number of API calls to allocate IPs, e.g. when a new ENI is allocated, as many secondary IPs as possible are allocated. Limiting the amount can help reduce waste of IPs.
- integer
.spec .ipam .max-allocate
MaxAllocate is the maximum number of IPs that can be allocated to the node. When the current amount of allocated IPs will approach this value, the considered value for PreAllocate will decrease down to 0 in order to not attempt to allocate more addresses than defined.
- integer
.spec .ipam .min-allocate
MinAllocate is the minimum number of IPs that must be allocated when the node is first bootstrapped. It defines the minimum base socket of addresses that must be available. After reaching this watermark, the PreAllocate and MaxAboveWatermark logic takes over to continue allocating IPs.
- array
.spec .ipam .podCIDRs
PodCIDRs is the list of CIDRs available to the node for allocation. When an IP is used, the IP will be added to Status.IPAM.Used
- object
.spec .ipam .pool
Pool is the list of IPv4 addresses available to the node for allocation. When an IPv4 address is used, it will remain on this list but will be added to Status.IPAM.Used
- object
.spec .ipam .pools
Pools contains the list of assigned IPAM pools for this node.
- array
.spec .ipam .pools .allocated
Allocated contains the list of pooled CIDR assigned to this node. The operator will add new pod CIDRs to this field, whereas the agent will remove CIDRs it has released.
- array
.spec .ipam .pools .allocated[] .cidrs
CIDRs contains a list of pod CIDRs currently allocated from this pool
- string required
.spec .ipam .pools .allocated[] .pool
Pool is the name of the IPAM pool backing this allocation
- array
.spec .ipam .pools .requested
Requested contains a list of IPAM pool requests, i.e. indicates how many addresses this node requests out of each pool listed here. This field is owned and written to by cilium-agent and read by the operator.
- object
.spec .ipam .pools .requested[] .needed
Needed indicates how many IPs out of the above Pool this node requests from the operator. The operator runs a reconciliation loop to ensure each node always has enough PodCIDRs allocated in each pool to fulfill the requested number of IPs here.
- integer
.spec .ipam .pools .requested[] .needed .ipv4-addrs
IPv4Addrs contains the number of requested IPv4 addresses out of a given pool
- integer
.spec .ipam .pools .requested[] .needed .ipv6-addrs
IPv6Addrs contains the number of requested IPv6 addresses out of a given pool
- string required
.spec .ipam .pools .requested[] .pool
Pool is the name of the IPAM pool backing this request
- integer
.spec .ipam .pre-allocate
PreAllocate defines the number of IP addresses that must be available for allocation in the IPAMspec. It defines the buffer of addresses available immediately without requiring cilium-operator to get involved.
- integer
.spec .nodeidentity
NodeIdentity is the Cilium numeric identity allocated for the node, if any.
- object
.status
Status defines the realized specification/configuration and status of the node.
- object
.status .alibaba-cloud
AlibabaCloud is the AlibabaCloud specific status of the node.
- object
.status .alibaba-cloud .enis
ENIs is the list of ENIs on the node
- object
.status .azure
Azure is the Azure specific status of the node.
- array
.status .azure .interfaces
Interfaces is the list of interfaces on the node
- string
.status .azure .interfaces[] .GatewayIP
GatewayIP is the interface’s subnet’s default route
OBSOLETE: This field is obsolete, please use Gateway field instead.
- array
.status .azure .interfaces[] .addresses
Addresses is the list of all IPs associated with the interface, including all secondary addresses
- string
.status .azure .interfaces[] .addresses[] .ip
IP is the ip address of the address
- string
.status .azure .interfaces[] .addresses[] .state
State is the provisioning state of the address
- string
.status .azure .interfaces[] .addresses[] .subnet
Subnet is the subnet the address belongs to
- string
.status .azure .interfaces[] .cidr
CIDR is the range that the interface belongs to.
- string
.status .azure .interfaces[] .gateway
Gateway is the interface’s subnet’s default route
- string
.status .azure .interfaces[] .id
ID is the identifier
- string
.status .azure .interfaces[] .mac
MAC is the mac address
- string
.status .azure .interfaces[] .name
Name is the name of the interface
- string
.status .azure .interfaces[] .security-group
SecurityGroup is the security group associated with the interface
- string
.status .azure .interfaces[] .state
State is the provisioning state
- object
.status .eni
ENI is the AWS ENI specific status of the node.
- object
.status .eni .enis
ENIs is the list of ENIs on the node
- object
.status .ipam
IPAM is the IPAM status of the node.
- string
.status .ipam .assigned-static-ip
AssignedStaticIP is the static IP assigned to the node (ex: public Elastic IP address in AWS)
- object
.status .ipam .ipv6-used
IPv6Used lists all IPv6 addresses out of Spec.IPAM.IPv6Pool which have been allocated and are in use.
- object
.status .ipam .operator-status
Operator is the Operator status of the node
- string
.status .ipam .operator-status .error
Error is the error message set by cilium-operator.
- object
.status .ipam .pod-cidrs
PodCIDRs lists the status of each pod CIDR allocated to this node.
- object
.status .ipam .release-ips
ReleaseIPs tracks the state for every IPv4 address considered for release. The value can be one of the following strings:
- marked-for-release : Set by operator as possible candidate for IP
- ready-for-release : Acknowledged as safe to release by agent
- do-not-release : IP already in use / not owned by the node. Set by agent
- released : IP successfully released. Set by operator
- object
.status .ipam .release-ipv6s
ReleaseIPv6s tracks the state for every IPv6 address considered for release. The value can be one of the following strings:
- marked-for-release : Set by operator as possible candidate for IP
- ready-for-release : Acknowledged as safe to release by agent
- do-not-release : IP already in use / not owned by the node. Set by agent
- released : IP successfully released. Set by operator
- object
.status .ipam .used
Used lists all IPv4 addresses out of Spec.IPAM.Pool which have been allocated and are in use.