kubernetes · k8s-ci-robot · Sep 10, 2023 · Aug 15, 2023 · Aug 23, 2023 · Aug 23, 2023
diff --git a/k8s/crds/kops.k8s.io_clusters.yaml b/k8s/crds/kops.k8s.io_clusters.yaml
@@ -5033,6 +5033,39 @@ spec:
                         description: 'IdentityChangeGracePeriod specifies the duration
                           to wait before using a changed identity. Default: 5s'
                         type: string
+                      ingress:
+                        description: Ingress specifies the configuration for Cilium
+                          Ingress settings.
+                        properties:
+                          defaultLoadBalancerMode:
+                            description: 'DefaultLoadBalancerMode specifies the default
+                              load balancer mode. Possible values: ''shared'' or ''dedicated''
+                              Default: dedicated'
+                            type: string
+                          enableSecretsSync:
+                            description: 'EnableSecretsSync specifies whether synchronization
+                              of secrets is enabled. Default: true'
+                            type: boolean
+                          enabled:
+                            description: Enabled specifies whether Cilium Ingress
+                              is enabled.
+                            type: boolean
+                          enforceHttps:
+                            description: 'EnforceHttps specifies whether HTTPS enforcement
+                              is enabled for Ingress traffic. Default: true'
+                            type: boolean
+                          loadBalancerAnnotationPrefixes:
+                            description: 'LoadBalancerAnnotationPrefixes specifies
+                              annotation prefixes for Load Balancer configuration.
+                              Default: "service.beta.kubernetes.io service.kubernetes.io
+                              cloud.google.com"'
+                            type: string
+                          sharedLoadBalancerServiceName:
+                            description: 'SharedLoadBalancerServiceName specifies
+                              the name of the shared load balancer service. Default:
+                              cilium-ingress'
+                            type: string
+                        type: object
                       ipam:
                         description: 'IPAM specifies the IP address allocation mode
                           to use. Possible values are "crd" and "eni". "eni" will

diff --git a/pkg/apis/kops/networking.go b/pkg/apis/kops/networking.go
@@ -493,6 +493,36 @@ type CiliumNetworkingSpec struct {
 
 	// EnableServiceTopology determine if cilium should use topology aware hints.
 	EnableServiceTopology bool `json:"enableServiceTopology,omitempty"`
+
+	// Ingress specifies the configuration for Cilium Ingress settings.
+	Ingress *CiliumIngressSpec `json:"ingress,omitempty"`
+}
+
+// CiliumIngressSpec configures Cilium Ingress settings.
+type CiliumIngressSpec struct {
+	// Enabled specifies whether Cilium Ingress is enabled.
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// EnforceHttps specifies whether HTTPS enforcement is enabled for Ingress traffic.
+	// Default: true
+	EnforceHttps *bool `json:"enforceHttps,omitempty"`
+
+	// EnableSecretsSync specifies whether synchronization of secrets is enabled.
+	// Default: true
+	EnableSecretsSync *bool `json:"enableSecretsSync,omitempty"`
+
+	// LoadBalancerAnnotationPrefixes specifies annotation prefixes for Load Balancer configuration.
+	// Default: "service.beta.kubernetes.io service.kubernetes.io cloud.google.com"
+	LoadBalancerAnnotationPrefixes string `json:"loadBalancerAnnotationPrefixes,omitempty"`
+
+	// DefaultLoadBalancerMode specifies the default load balancer mode.
+	// Possible values: 'shared' or 'dedicated'
+	// Default: dedicated
+	DefaultLoadBalancerMode string `json:"defaultLoadBalancerMode,omitempty"`
+
+	// SharedLoadBalancerServiceName specifies the name of the shared load balancer service.
+	// Default: cilium-ingress
+	SharedLoadBalancerServiceName string `json:"sharedLoadBalancerServiceName,omitempty"`
 }
 
 // HubbleSpec configures the Hubble service on the Cilium agent.

diff --git a/pkg/apis/kops/v1alpha2/networking.go b/pkg/apis/kops/v1alpha2/networking.go
@@ -614,6 +614,36 @@ type CiliumNetworkingSpec struct {
 
 	// EnableServiceTopology determine if cilium should use topology aware hints.
 	EnableServiceTopology bool `json:"enableServiceTopology,omitempty"`
+
+	// Ingress specifies the configuration for Cilium Ingress settings.
+	Ingress *CiliumIngressSpec `json:"ingress,omitempty"`
+}
+
+// CiliumIngressSpec configures Cilium Ingress settings.
+type CiliumIngressSpec struct {
+	// Enabled specifies whether Cilium Ingress is enabled.
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// EnforceHttps specifies whether HTTPS enforcement is enabled for Ingress traffic.
+	// Default: true
+	EnforceHttps *bool `json:"enforceHttps,omitempty"`
+
+	// EnableSecretsSync specifies whether synchronization of secrets is enabled.
+	// Default: true
+	EnableSecretsSync *bool `json:"enableSecretsSync,omitempty"`
+
+	// LoadBalancerAnnotationPrefixes specifies annotation prefixes for Load Balancer configuration.
+	// Default: "service.beta.kubernetes.io service.kubernetes.io cloud.google.com"
+	LoadBalancerAnnotationPrefixes string `json:"loadBalancerAnnotationPrefixes,omitempty"`
+
+	// DefaultLoadBalancerMode specifies the default load balancer mode.
+	// Possible values: 'shared' or 'dedicated'
+	// Default: dedicated
+	DefaultLoadBalancerMode string `json:"defaultLoadBalancerMode,omitempty"`
+
+	// SharedLoadBalancerServiceName specifies the name of the shared load balancer service.
+	// Default: cilium-ingress
+	SharedLoadBalancerServiceName string `json:"sharedLoadBalancerServiceName,omitempty"`
 }
 
 // HubbleSpec configures the Hubble service on the Cilium agent.

diff --git a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go
diff --git a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go
diff --git a/pkg/apis/kops/v1alpha3/networking.go b/pkg/apis/kops/v1alpha3/networking.go
@@ -456,6 +456,36 @@ type CiliumNetworkingSpec struct {
 
 	// EnableServiceTopology determine if cilium should use topology aware hints.
 	EnableServiceTopology bool `json:"enableServiceTopology,omitempty"`
+
+	// Ingress specifies the configuration for Cilium Ingress settings.
+	Ingress *CiliumIngressSpec `json:"ingress,omitempty"`
+}
+
+// CiliumIngressSpec configures Cilium Ingress settings.
+type CiliumIngressSpec struct {
+	// Enabled specifies whether Cilium Ingress is enabled.
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// EnforceHttps specifies whether HTTPS enforcement is enabled for Ingress traffic.
+	// Default: true
+	EnforceHttps *bool `json:"enforceHttps,omitempty"`
+
+	// EnableSecretsSync specifies whether synchronization of secrets is enabled.
+	// Default: true
+	EnableSecretsSync *bool `json:"enableSecretsSync,omitempty"`
+
+	// LoadBalancerAnnotationPrefixes specifies annotation prefixes for Load Balancer configuration.
+	// Default: "service.beta.kubernetes.io service.kubernetes.io cloud.google.com"
+	LoadBalancerAnnotationPrefixes string `json:"loadBalancerAnnotationPrefixes,omitempty"`
+
+	// DefaultLoadBalancerMode specifies the default load balancer mode.
+	// Possible values: 'shared' or 'dedicated'
+	// Default: dedicated
+	DefaultLoadBalancerMode string `json:"defaultLoadBalancerMode,omitempty"`
+
+	// SharedLoadBalancerServiceName specifies the name of the shared load balancer service.
+	// Default: cilium-ingress
+	SharedLoadBalancerServiceName string `json:"sharedLoadBalancerServiceName,omitempty"`
 }
 
 // HubbleSpec configures the Hubble service on the Cilium agent.

diff --git a/pkg/apis/kops/v1alpha3/zz_generated.conversion.go b/pkg/apis/kops/v1alpha3/zz_generated.conversion.go