EgressGatewayPolicy

Scope: Cluster
Version: v1alpha1

Interface for configuring policies to redirect application traffic to specific egress gateways described through the EgressGateway interface.

  • spec
    object

    Required value

    • spec.destinationCIDRs
      array of strings

      Network requests towards these subnets will be routed through the egress gateway.

      This feature is available in enterprise edition only.

    • spec.egressGatewayName
      string

      Required value

      The name of the EgressGateway resource that describes the egress gateway for handling traffic.

      This feature is available in enterprise edition only.

    • spec.excludedCIDRs
      array of strings

      Network ranges that are required to be excluded from the ranges described in destinationCIDRs. Note that you do not need to exclude the special cluster ranges (podSubnetCIDR and serviceSubnetCIDR).

      This feature is available in enterprise edition only.

    • spec.selectors
      array of objects

      Application Pod Selectors. Their traffic will be routed through the appropriate egress gateway. For namespase designation use the io.kubernetes.pod.namespace pseudo-label.

      This feature is available in enterprise edition only.

      • spec.selectors.podSelector
        object

        Required value

        A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.

        This feature is available in enterprise edition only.

        • spec.selectors.podSelector.matchExpressions
          array of objects

          matchExpressions is a list of label selector requirements. The requirements are ANDed.

          A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

          This feature is available in enterprise edition only.

          • spec.selectors.podSelector.matchExpressions.key
            string

            Required value

            key is the label key that the selector applies to.

            This feature is available in enterprise edition only.

          • spec.selectors.podSelector.matchExpressions.operator
            string

            Required value

            operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

            This feature is available in enterprise edition only.

          • spec.selectors.podSelector.matchExpressions.values
            array of strings

            values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

            This feature is available in enterprise edition only.

        • spec.selectors.podSelector.matchLabels
          object

          matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.

          This feature is available in enterprise edition only.