API Documentation (v1alpha1)
This document is automatically generated from the API definition in the code.
Table of Contents
TunnelGateway
Provides an endpoint for remote clusters to connect to the management cluster.
Back to TOC
TunnelGatewayIngressSpec
| Field |
Description |
Scheme |
Required |
| loadBalancer |
Ingress point for the load-balancer. Traffic intended for the service should be sent to these ingress points. If not specified, the controller will derive from the Ingress record status field. |
corev1.LoadBalancerIngress |
false |
| host |
Restrict access to requests addressed to a specific host or domain using the IngressRule format. Defaults to allow all hosts. |
string |
false |
| urlPathPrefix |
URL path prefix to prepend to all endpoints. For example, if this field is set to /ops/portal/kt, the ingresses created will have URL paths like /ops/portal/kt/default/cluster1/tunnel-server and /ops/portal/kt/default/cluster1/kubeconfig. Defaults to root path (/). |
string |
false |
| caSecretRef |
A secret reference to the root CA required to verify the ingress endpoints. The secret should have type Opaque and contain the key ca.crt. If not specified, remote hosts will use their system root CA’s to verify the endpoints. |
corev1.ObjectReference |
false |
| extraAnnotations |
Extra annotations to set on the Ingress object. |
map[string]string |
false |
Back to TOC
TunnelGatewayList
Contains a list of TunnelGateway.
Back to TOC
TunnelGatewaySpec
If no ingress is set, the services will only be accessible on localhost.
| Field |
Description |
Scheme |
Required |
| ingress |
Expose services using an Ingress as specified in the TunnelGatewayIngressSpec. |
TunnelGatewayIngressSpec |
false |
Back to TOC
KubeconfigWebhookStatus
Status of the kubeconfig webhook.
| Field |
Description |
Scheme |
Required |
| deploymentRef |
A reference to the deployment for the kubeconfig webhook. |
corev1.LocalObjectReference |
false |
| serviceRef |
A reference to the service for the kubeconfig webhook. |
corev1.LocalObjectReference |
false |
| ingressRef |
A reference to the ingress for the kubeconfig webhook. |
corev1.LocalObjectReference |
false |
Back to TOC
TunnelAgentStatus
Status of the tunnel agent.
| Field |
Description |
Scheme |
Required |
| manifestsRef |
A reference to a secret holding YAML manifests for launching the tunnel agent on the target cluster. The secret is a generic typed secret with filenames as the keys. There might be multiple files in the secret. |
corev1.LocalObjectReference |
false |
Back to TOC
TunnelConnector
Describes the local endpoint for the tunnel. A remote cluster will connect to this endpoint to create a tunnel.
Back to TOC
TunnelConnectorList
Contains a list of TunnelConnector.
Back to TOC
TunnelConnectorSpec
| Field |
Description |
Scheme |
Required |
| gatewayRef |
A reference to the TunnelGateway object which describes how tunnel services will be exposed outside the current cluster. |
corev1.LocalObjectReference |
false |
| proxyPort |
The port for the tunnel proxy. |
int32 |
false |
Back to TOC
TunnelConnectorStatus
| Field |
Description |
Scheme |
Required |
| state |
State of the tunnel connector: Starting - the initial state; Listening - the local tunnel server is waiting for the remote agent to connect; Pending - the remote agent has connected but the local proxy is not ready; Connected - the tunnel is configured and contact to the remote API server succeeded; Disconnected - the tunnel is configured but contact to the remote API server failed; Failed - an unexpected error occurred, such as not being able to parse the kubeconfig. |
TunnelConnectorState |
false |
| tunnelServer |
Status of the tunnel server. |
TunnelServerStatus |
false |
| kubeconfigWebhook |
Status of the kubeconfig webhook. |
KubeconfigWebhookStatus |
false |
| tunnelAgent |
Status of the tunnel agent. |
TunnelAgentStatus |
false |
| serviceAccountRef |
A reference to the service account that will be used for registration (of the tunnel agent) and authentication purpose. |
corev1.LocalObjectReference |
false |
| roleRef |
A reference to the role that will be bound to the service account for authorization purpose. |
corev1.LocalObjectReference |
false |
| roleBindingRef |
A reference to the rolebinding that will be created to bind the service account and the role. |
corev1.LocalObjectReference |
false |
| kubeconfigRef |
A reference to the secret holding the KUBECONFIG that the clients can use to talk to the API server of the target cluster when it becomes available. |
corev1.LocalObjectReference |
false |
| gatewayObservedGeneration |
The generation of the linked TunnelGateway object associated with this object. When the linked TunnelGateway object is updated, a controller will update this status field which will in turn trigger a reconciliation of this object. |
int64 |
false |
Back to TOC
TunnelServerStatus
Status of the tunnel server.
| Field |
Description |
Scheme |
Required |
| deploymentRef |
A reference to the deployment for the tunnel server. |
corev1.LocalObjectReference |
false |
| serviceRef |
A reference to the service for the tunnel server. |
corev1.LocalObjectReference |
false |
| ingressRef |
A reference to the ingress for the tunnel server. |
corev1.LocalObjectReference |
false |
Back to TOC
Kommander Documentation