networking.istio.io / v1 / Gateway
- object
.spec
Configuration affecting edge load balancer. See more details at: https://istio.io/docs/reference/config/networking/gateway.html
- object
.spec .selector
One or more labels that indicate a specific set of pods/VMs on which this gateway configuration should be applied.
- array
.spec .servers
A list of server specifications.
- string
.spec .servers[] .bind
The ip or the Unix domain socket to which the listener should be bound to.
- string
.spec .servers[] .defaultEndpoint
- array required
.spec .servers[] .hosts
One or more hosts exposed by this gateway.
- string
.spec .servers[] .name
An optional name of the server, when set must be unique across all servers.
- object required
.spec .servers[] .port
The Port on which the proxy should listen for incoming connections.
- string required
.spec .servers[] .port .name
Label assigned to the port.
- integer required
.spec .servers[] .port .number
A valid non-negative integer port number.
- string required
.spec .servers[] .port .protocol
The protocol exposed on the port.
- integer
.spec .servers[] .port .targetPort
- object
.spec .servers[] .tls
Set of TLS related options that govern the server’s behavior.
- string
.spec .servers[] .tls .caCertificates
REQUIRED if mode is
MUTUALorOPTIONAL_MUTUAL. - string
.spec .servers[] .tls .caCrl
OPTIONAL: The path to the file containing the certificate revocation list (CRL) to use in verifying a presented client side certificate.
- array
.spec .servers[] .tls .cipherSuites
Optional: If specified, only support the specified cipher list.
- string
.spec .servers[] .tls .credentialName
For gateways running on Kubernetes, the name of the secret that holds the TLS certs including the CA certificates.
- array
.spec .servers[] .tls .credentialNames
Same as CredentialName but for multiple certificates.
- boolean
.spec .servers[] .tls .httpsRedirect
If set to true, the load balancer will send a 301 redirect for all http connections, asking the clients to use HTTPS.
- string
.spec .servers[] .tls .maxProtocolVersion
Optional: Maximum TLS protocol version.
Valid Options: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3
- string
.spec .servers[] .tls .minProtocolVersion
Optional: Minimum TLS protocol version.
Valid Options: TLS_AUTO, TLSV1_0, TLSV1_1, TLSV1_2, TLSV1_3
- string
.spec .servers[] .tls .mode
Optional: Indicates whether connections to this port should be secured using TLS.
Valid Options: PASSTHROUGH, SIMPLE, MUTUAL, AUTO_PASSTHROUGH, ISTIO_MUTUAL, OPTIONAL_MUTUAL
- string
.spec .servers[] .tls .privateKey
REQUIRED if mode is
SIMPLEorMUTUAL. - string
.spec .servers[] .tls .serverCertificate
REQUIRED if mode is
SIMPLEorMUTUAL. - array
.spec .servers[] .tls .subjectAltNames
A list of alternate names to verify the subject identity in the certificate presented by the client.
- array
.spec .servers[] .tls .tlsCertificates
Only one of
server_certificate,private_keyorcredential_nameorcredential_namesortls_certificatesshould be specified. - string
.spec .servers[] .tls .tlsCertificates[] .caCertificates
- string
.spec .servers[] .tls .tlsCertificates[] .privateKey
REQUIRED if mode is
SIMPLEorMUTUAL. - string
.spec .servers[] .tls .tlsCertificates[] .serverCertificate
REQUIRED if mode is
SIMPLEorMUTUAL. - array
.spec .servers[] .tls .verifyCertificateHash
An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.
- array
.spec .servers[] .tls .verifyCertificateSpki
An optional list of base64-encoded SHA-256 hashes of the SPKIs of authorized client certificates.
- object
.status
- array
.status .conditions
Current service state of the resource.
- string
.status .conditions[] .lastProbeTime
Last time we probed the condition.
- string
.status .conditions[] .lastTransitionTime
Last time the condition transitioned from one status to another.
- string
.status .conditions[] .message
Human-readable message indicating details about last transition.
- integer | string
.status .conditions[] .observedGeneration
Resource Generation to which the Condition refers.
- string
.status .conditions[] .reason
Unique, one-word, CamelCase reason for the condition’s last transition.
- string
.status .conditions[] .status
Status is the status of the condition.
- string
.status .conditions[] .type
Type is the type of the condition.
- integer | string
.status .observedGeneration
- array
.status .validationMessages
Includes any errors or warnings detected by Istio’s analyzers.
- string
.status .validationMessages[] .documentationUrl
A url pointing to the Istio documentation for this specific error type.
- string
.status .validationMessages[] .level
Represents how severe a message is.
Valid Options: UNKNOWN, ERROR, WARNING, INFO
- object
.status .validationMessages[] .type
- string
.status .validationMessages[] .type .code
A 7 character code matching
^IST[0-9]{4}$intended to uniquely identify the message type. - string
.status .validationMessages[] .type .name
A human-readable name for the message type.