IPRuleSet
Scope: Cluster
Version: v1alpha1
This resource describes a set of rules (ip rule
) that will be created on nodes with the appropriate labels.
- object
Required value
A set of actions that must be performed with a packet that has the attributes described in the `selectors’ section.
- object
Required value
Define the routing table in which the gateway address will be searched.
- integer
Required value
The priority of the rule (the order of application depends on it).
When choosing a number, it is worth considering several nuances:
- All rules are sorted by node’s Linux network subsystem in order of priority (from lesser to greater) until a match is found.
- If the packet falls under some rule, and the corresponding action has been successfully performed, then the search for rules termitated.
- The default rule for searching the
main
routing table is32766
. In this case, if you specify a higher value, the rule will never be processed.
Allowed values:
0 <= X <= 4294967295
- object
Required value
A set of package attributes.
If the package has the attributes described in the
selectors
section, then actions from theactions
section will be applied to it.- object
The range of destination ports.
If there is only one port, then you can either fill in only the
start
field, or specify the same value in thestart
andend
fields. - integer
The number of the L4 protocol that is encapsulated in the IP in packet. The numbers of the most popular protocols are:
ICMP
— 1TCP
— 6UDP
— 17 All available values can be found at the link, or in the /etc/protocols file on the node.
- object
The range of source ports.
If there is only one port, then you can either fill in only the
start
field, or specify the same value in thestart
andend
fields. - object
The range of UIDs (UserID) of applications that transmitting traffic.
If there is only one UID, then you can either fill in only the
start
field, or specify the same value in thestart
andend
fields.
RoutingTable
Scope: Cluster
Version: v1alpha1
A resource describing the desired routing table and the routes it contains.
- integer
ID of the desired routing table.
If the value is not explicitly specified, it will be automatically generated and added to the
status
field.Once a resource is created, you can only change the routing table ID by recreating the resource.
Allowed values:
1 <= X <= 4294967295