Skip to content

Commit

Permalink
Adds a Table-form field description for EgressClusterPolicy
Browse files Browse the repository at this point in the history
  • Loading branch information
@lou-lan
lou-lan committed Apr 30, 2024
1 parent 2c73313 commit 46ce68f
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 2 deletions.
35 changes: 34 additions & 1 deletion docs/reference/EgressClusterPolicy.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,37 @@ spec:
- "fd00::92/128"
```
1. The `namespaceSelector` uses a selector to select the list of matching namespaces. Within the selected namespace scope, use the `podSelector` to select the matching Pods, and then apply the Egress policy to these selected Pods.
## Definition
### Metadata
| Field | Description | Schema | Validation |
|-----------|--------------------------------------------|--------|------------|
| namespace | The namespace of the EgressPolicy resource | string | required |
| name | The name of the EgressPolicy resource | string | required |
### Spec
| Field | Description | Schema | Validation | Values | Default |
|-------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|------------|---------------|---------|
| egressGatewayName | Reference to the EgressGateway to use | string | required | | |
| egressIP | Configuration for the egress IP settings | [egressIP](#egressIP) | optional | | |
| appliedTo | Selector for the Pods to which the EgressPolicy should be applied | [appliedTo](#appliedTo) | required | | |
| destSubnet | When accessing the subnets in this list, use the Egress IP. If `feature.clusterCIDR.autoDetect` was enabled during installation and `destSubnet` is not configured, then access to external networks outside the cluster will automatically use the Egress IP. | []string | optional | CIDR notation | |
| priority | Priority of the policy | integer | optional | | |

#### egressIP

| Field | Description | Schema | Validation | Values | Default |
|-----------|-----------------------------------------------------------------------------------------------------------|----------|------------|-------------|---------|
| ipv4 | Specific IPv4 address to use if defined | string | optional | valid IPv4 | |
| ipv6 | Specific IPv6 address to use if defined | string | optional | valid IPv6 | |
| useNodeIP | Flag to indicate if the Node IP should be used as the Egress IP when no specific IP address is defined | bool | optional | true/false | false |

#### appliedTo

| Field | Description | Schema | Validation | Values | Default |
|-------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------|------------|--------|---------|
| podSelector | Use Egress Policy on Pods Matched by Selector | map[string]string | optional | | |
| podSubnet | Use Egress Policy on Pods Matched by Subnet (Not Implemented) | []string | optional | CIDR | |
| namespaceSelector | The `namespaceSelector` uses a selector to select the list of matching namespaces. Within the selected namespace scope, use the `podSelector` to select the matching Pods, and then apply the Egress policy to these selected Pods. | | | | |
35 changes: 34 additions & 1 deletion docs/reference/EgressClusterPolicy.zh.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,4 +33,37 @@ status:
node: egressgateway-worker
```
1. `namespaceSelector` 使用 selector 选择匹配的命名空间列表。在选定的命名空间范围内,使用 `podSelector` 选择匹配的 Pod,然后对这些选中的 Pod 应用 Egress 策略。
## 定义
### metadata
| 字段 | 描述 | 数据类型 | 验证 |
|-----------|----------------------|------|----|
| namespace | EgressPolicy 资源的命名空间 | 字符串 | 必填 |
| name | EgressPolicy 资源的名称 | 字符串 | 必填 |
### spec
| 字段 | 描述 | 数据类型 | 验证 | 可选值 | 默认值 |
|-------------------|---------------------------------------------------------------------------------------------------------|-------------------------|----|----------|-----|
| egressGatewayName | 使用的 EgressGateway 的引用 | 字符串 | 必填 | | |
| egressIP | 出口 IP 设置的配置 | [egressIP](#egressIP) | 可选 | | |
| appliedTo | 应将 EgressPolicy 应用于哪些 Pods 的选择器 | [appliedTo](#appliedTo) | 必填 | | |
| destSubnet | 访问该列表的子网时使用 Egress IP,如果安装时开启了 `feature.clusterCIDR.autoDetect`,destSubnet 没设置时,则访问集群外网络自动使用 Egress IP。 | 字符串数组 | 可选 | CIDR 表示法 | |
| priority | 策略的优先级 | 整数 | 可选 | | |

#### egressIP

| 字段 | 描述 | 数据类型 | 验证 | 可选值 | 默认值 |
|-----------|---------------------------------------|--------|----|------------|-------|
| ipv4 | 如果定义,则使用特定的 IPv4 地址 | string | 可选 | 有效的 IPv4 | |
| ipv6 | 如果定义,则使用特定的 IPv6 地址 | string | 可选 | 有效的 IPv6 | |
| useNodeIP | 当没有定义特定的 IP 地址时,是否使用节点 IP 作为出口 IP 的标志 | bool | 可选 | true/false | false |

#### appliedTo

| 字段 | 描述 | 数据类型 | 验证 | 可选值 | 默认值 |
|-------------------|-------------------------------------------------------------------------------------------------------------|-------------------|----|------|-----|
| podSelector | 通过 Selector 匹配实施 Egress 策略 Pod | map[string]string | 可选 | | |
| podSubnet | 通过 Subnet 匹配实施 Egress 策略 Pod(未实现) | []string | 可选 | CIDR | |
| namespaceSelector | `namespaceSelector` 使用选择器来选择匹配的命名空间列表。在选定的命名空间范围内,使用 `podSelector` 选择匹配的 Pods,然后将 Egress 策略应用到这些选定的 Pods 上。 | | | | |

1 comment on commit 46ce68f

@weizhoublue
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀 Deployed on https://663055ab198d2756b5650ece--egressgateway.netlify.app

Please sign in to comment.