diff --git a/stable/clickhouse/12.6.4/app-changelog.md b/stable/clickhouse/12.6.4/app-changelog.md
deleted file mode 100644
index 9d289e9c967..00000000000
--- a/stable/clickhouse/12.6.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [clickhouse-12.6.4](https://github.com/truecharts/charts/compare/clickhouse-12.6.3...clickhouse-12.6.4) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/stable/mariadb/13.5.4/app-changelog.md b/stable/mariadb/13.5.4/app-changelog.md
deleted file mode 100644
index a16f9e5e546..00000000000
--- a/stable/mariadb/13.5.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mariadb-13.5.4](https://github.com/truecharts/charts/compare/mariadb-13.5.3...mariadb-13.5.4) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/stable/memcached/12.6.4/app-changelog.md b/stable/memcached/12.6.4/app-changelog.md
deleted file mode 100644
index d96aab1c95d..00000000000
--- a/stable/memcached/12.6.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [memcached-12.6.4](https://github.com/truecharts/charts/compare/memcached-12.6.3...memcached-12.6.4) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/stable/mongodb/12.5.4/app-changelog.md b/stable/mongodb/12.5.4/app-changelog.md
deleted file mode 100644
index 515fb6f2c05..00000000000
--- a/stable/mongodb/12.5.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [mongodb-12.5.4](https://github.com/truecharts/charts/compare/mongodb-12.5.3...mongodb-12.5.4) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/stable/redis/13.0.5/app-changelog.md b/stable/redis/13.0.5/app-changelog.md
deleted file mode 100644
index d18137e7a46..00000000000
--- a/stable/redis/13.0.5/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [redis-13.0.5](https://github.com/truecharts/charts/compare/redis-13.0.4...redis-13.0.5) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/stable/solr/10.5.4/app-changelog.md b/stable/solr/10.5.4/app-changelog.md
deleted file mode 100644
index 16c34e24dbe..00000000000
--- a/stable/solr/10.5.4/app-changelog.md
+++ /dev/null
@@ -1,9 +0,0 @@
-
-
-## [solr-10.5.4](https://github.com/truecharts/charts/compare/solr-10.5.3...solr-10.5.4) (2024-03-16)
-
-### Chore
-
-
-
-- merge dependency train into stable train
\ No newline at end of file
diff --git a/system/cert-manager/4.5.4/.helmignore b/system/cert-manager/4.5.4/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/cert-manager/4.5.4/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/cert-manager/4.5.4/CHANGELOG.md b/system/cert-manager/4.5.4/CHANGELOG.md
new file mode 100644
index 00000000000..8fe5fe1a94a
--- /dev/null
+++ b/system/cert-manager/4.5.4/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [cert-manager-4.5.4](https://github.com/truecharts/charts/compare/cert-manager-4.5.3...cert-manager-4.5.4) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/cert-manager/4.5.4/Chart.yaml b/system/cert-manager/4.5.4/Chart.yaml
new file mode 100644
index 00000000000..36668f548b5
--- /dev/null
+++ b/system/cert-manager/4.5.4/Chart.yaml
@@ -0,0 +1,46 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: cert-manager
+ version: v1.14.4
+ repository: https://charts.jetstack.io
+ condition: ""
+ alias: certmanager
+ tags: []
+ import-values: []
+deprecated: false
+description: Cert-Manager is a kubernetes-aware certificate manager
+home: https://truecharts.org/charts/system/cert-manager
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
+keywords:
+ - cert-manager
+ - certificates
+ - security
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: cert-manager
+sources:
+ - https://github.com/cert-manager
+ - https://cert-manager.io/
+ - https://github.com/truecharts/charts/tree/master/charts/system/cert-manager
+ - https://github.com/truecharts/containers/tree/master/apps/scratch
+type: application
+version: 4.5.4
diff --git a/system/cert-manager/4.5.4/README.md b/system/cert-manager/4.5.4/README.md
new file mode 100644
index 00000000000..059758d21dd
--- /dev/null
+++ b/system/cert-manager/4.5.4/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/cert-manager)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/cert-manager/4.5.4/app-changelog.md b/system/cert-manager/4.5.4/app-changelog.md
new file mode 100644
index 00000000000..70fe7f0d353
--- /dev/null
+++ b/system/cert-manager/4.5.4/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [cert-manager-4.5.4](https://github.com/truecharts/charts/compare/cert-manager-4.5.3...cert-manager-4.5.4) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/cert-manager/4.5.4/app-readme.md b/system/cert-manager/4.5.4/app-readme.md
new file mode 100644
index 00000000000..e9ec0cfb2db
--- /dev/null
+++ b/system/cert-manager/4.5.4/app-readme.md
@@ -0,0 +1,8 @@
+Cert-Manager is a kubernetes-aware certificate manager
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/cert-manager](https://truecharts.org/charts/system/cert-manager)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/cert-manager/4.5.4/charts/cert-manager-v1.14.4.tgz b/system/cert-manager/4.5.4/charts/cert-manager-v1.14.4.tgz
new file mode 100644
index 00000000000..3c58052d7a4
Binary files /dev/null and b/system/cert-manager/4.5.4/charts/cert-manager-v1.14.4.tgz differ
diff --git a/system/cert-manager/4.5.4/charts/common-20.0.9.tgz b/system/cert-manager/4.5.4/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/cert-manager/4.5.4/charts/common-20.0.9.tgz differ
diff --git a/system/cert-manager/4.5.4/dashboard.json b/system/cert-manager/4.5.4/dashboard.json
new file mode 100644
index 00000000000..ea3c01f2077
--- /dev/null
+++ b/system/cert-manager/4.5.4/dashboard.json
@@ -0,0 +1,1254 @@
+{
+ "_config": {
+ "certManagerCertExpiryDays": "21",
+ "certManagerJobLabel": "cert-manager",
+ "certManagerRunbookURLPattern": "https://github.com/imusmanmalik/cert-manager-mixin/blob/main/RUNBOOK.md#%s",
+ "dashboards": {
+ "certmanagerCertificateExpirationTimestampSecondsSelector": "",
+ "certmanagerCertificateReadyStatusSelector": "",
+ "certmanagerControllerSyncCallCountSelector": "",
+ "certmanagerHttpAcmeClientRequestCountSelector": "",
+ "certmanagerHttpAcmeClientRequestDurationSecondsCountSelector": "",
+ "certmanagerHttpAcmeClientRequestDurationSecondsSumSelector": "",
+ "clusterVariableSelector": "",
+ "containerCPUUsageSecondsTotalSelector": "container=\"cert-manager\"",
+ "containerCpuCfsPeriodsTotalSelector": "container=\"cert-manager\"",
+ "containerCpuCfsThrottledPeriodsTotalSelector": "container=\"cert-manager\"",
+ "containerMemoryUsageBytesSelector": "container=\"cert-manager\"",
+ "containerNetworkReceiveBytesTotalSelector": "namespace=\"cert-manager\"",
+ "containerNetworkTransmitBytesTotalSelector": "namespace=\"cert-manager\"",
+ "containerSelector": "container=\"cert-manager\"",
+ "defaultSelector": "",
+ "enableMultiCluster": false,
+ "kubePodContainerResourceLimitsCpuCoresSelector": "container=\"cert-manager\"",
+ "kubePodContainerResourceLimitsMemoryBytesSelector": "container=\"cert-manager\"",
+ "kubePodContainerResourceRequestsCpuCoresSelector": "container=\"cert-manager\"",
+ "kubePodContainerResourceRequestsMemoryBytesSelector": "container=\"cert-manager\"",
+ "namespaceSelector": "namespace=\"cert-manager\""
+ },
+ "grafanaExternalUrl": "https://grafana.example.com"
+ },
+ "annotations": {
+ "list": [
+ {
+ "builtIn": 1,
+ "datasource": "-- Grafana --",
+ "enable": true,
+ "hide": true,
+ "iconColor": "rgba(0, 211, 255, 1)",
+ "name": "Annotations & Alerts",
+ "type": "dashboard"
+ }
+ ]
+ },
+ "description": "",
+ "editable": true,
+ "gnetId": null,
+ "graphTooltip": 1,
+ "id": 59,
+ "iteration": 1616445892702,
+ "links": [],
+ "panels": [
+ {
+ "datasource": "$datasource",
+ "description": "The number of certificates in the ready state.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 1
+ }
+ ]
+ }
+ },
+ "overrides": [
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "True"
+ },
+ "properties": [
+ {
+ "id": "thresholds",
+ "value": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ }
+ ]
+ }
+ }
+ ]
+ }
+ ]
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 0
+ },
+ "id": 2,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": ["lastNotNull"],
+ "fields": "",
+ "values": false
+ },
+ "text": {},
+ "textMode": "auto"
+ },
+ "pluginVersion": "7.4.5",
+ "targets": [
+ {
+ "expr": "sum by (condition) (certmanager_certificate_ready_status{ })",
+ "interval": "",
+ "legendFormat": "{{condition }}",
+ "refId": "A"
+ }
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Certificates Ready",
+ "type": "stat"
+ },
+ {
+ "datasource": "$datasource",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "decimals": 1,
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "red",
+ "value": null
+ },
+ {
+ "color": "#EAB839",
+ "value": 604800
+ },
+ {
+ "color": "green",
+ "value": 1209600
+ }
+ ]
+ },
+ "unit": "dtdurations"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 0
+ },
+ "id": 4,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": ["lastNotNull"],
+ "fields": "",
+ "values": false
+ },
+ "text": {},
+ "textMode": "auto"
+ },
+ "pluginVersion": "7.4.5",
+ "targets": [
+ {
+ "expr": "min(certmanager_certificate_expiration_timestamp_seconds{ } > 0) - time()",
+ "hide": false,
+ "instant": true,
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ },
+ {
+ "expr": "vector(1250000)",
+ "hide": true,
+ "instant": true,
+ "interval": "",
+ "legendFormat": "",
+ "refId": "B"
+ }
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Soonest Cert Expiry",
+ "type": "stat"
+ },
+ {
+ "datasource": "$datasource",
+ "description": "Status of the certificates. Values are True, False or Unknown.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {
+ "align": null,
+ "filterable": false
+ },
+ "mappings": [
+ {
+ "from": "",
+ "id": 0,
+ "operator": "",
+ "text": "Yes",
+ "to": "",
+ "type": 1,
+ "value": ""
+ }
+ ],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "none"
+ },
+ "overrides": [
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "Ready Status"
+ },
+ "properties": [
+ {
+ "id": "custom.width",
+ "value": 100
+ }
+ ]
+ },
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "Valid Until"
+ },
+ "properties": [
+ {
+ "id": "unit",
+ "value": "dateTimeAsIso"
+ }
+ ]
+ },
+ {
+ "matcher": {
+ "id": "byName",
+ "options": "Valid Until"
+ },
+ "properties": [
+ {
+ "id": "unit",
+ "value": "dateTimeAsIso"
+ }
+ ]
+ }
+ ]
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 8
+ },
+ "id": 9,
+ "options": {
+ "showHeader": true,
+ "sortBy": [
+ {
+ "desc": false,
+ "displayName": "Valid Until"
+ }
+ ]
+ },
+ "pluginVersion": "7.4.5",
+ "targets": [
+ {
+ "expr": "label_join(avg by (name, namespace, condition, exported_namespace) (certmanager_certificate_ready_status{ } == 1), \"namespaced_name\", \"-\", \"namespace\", \"exported_namespace\", \"name\")",
+ "format": "table",
+ "instant": true,
+ "interval": "",
+ "legendFormat": "",
+ "refId": "A"
+ },
+ {
+ "expr": "label_join(avg by (name, namespace, exported_namespace) (certmanager_certificate_expiration_timestamp_seconds{ }) * 1000, \"namespaced_name\", \"-\", \"namespace\", \"exported_namespace\", \"name\")",
+ "format": "table",
+ "instant": true,
+ "interval": "",
+ "legendFormat": "",
+ "refId": "B"
+ }
+ ],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Certificates",
+ "transformations": [
+ {
+ "id": "seriesToColumns",
+ "options": {
+ "byField": "namespaced_name"
+ }
+ },
+ {
+ "id": "organize",
+ "options": {
+ "excludeByName": {
+ "Time": true,
+ "Time 1": true,
+ "Time 2": true,
+ "Value #A": true,
+ "exported_namespace": false,
+ "exported_namespace 1": false,
+ "exported_namespace 2": true,
+ "name 1": true,
+ "namespace 2": true,
+ "namespaced_name": true
+ },
+ "indexByName": {
+ "Time 1": 8,
+ "Time 2": 10,
+ "Value #A": 6,
+ "Value #B": 5,
+ "condition": 4,
+ "exported_namespace 1": 1,
+ "exported_namespace 2": 11,
+ "name 1": 9,
+ "name 2": 3,
+ "namespace": 0,
+ "namespace 1": 2,
+ "namespaced_name": 7
+ },
+ "renameByName": {
+ "Time 1": "",
+ "Value #B": "Valid Until",
+ "condition": "Ready Status",
+ "exported_namespace": "Certificate Namespace",
+ "exported_namespace 1": "Certificate Namespace",
+ "exported_namespace 2": "",
+ "name": "Certificate",
+ "name 2": "Certificate",
+ "namespace": "Namespace",
+ "namespace 1": "Namespace",
+ "namespaced_name": ""
+ }
+ }
+ }
+ ],
+ "type": "table"
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "The rate of controller sync requests.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 8
+ },
+ "hiddenSeries": false,
+ "id": 7,
+ "interval": "20s",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "maxDataPoints": 250,
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum by (controller) (\n rate(certmanager_controller_sync_call_count{ }[$__rate_interval ])\n)",
+ "interval": "",
+ "legendFormat": "{{controller }}",
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Controller Sync Requests/sec",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "reqps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "Rate of requests to ACME provider.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 16
+ },
+ "hiddenSeries": false,
+ "id": 6,
+ "interval": "20s",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "hideEmpty": true,
+ "hideZero": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "maxDataPoints": 250,
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum by (method, path, status) (\n rate(certmanager_http_acme_client_request_count{ }[$__rate_interval ])\n)",
+ "interval": "",
+ "legendFormat": "{{method }} {{path }} {{status }}",
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "ACME HTTP Requests/sec",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "reqps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "Average duration of requests to ACME provider. ",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 16
+ },
+ "hiddenSeries": false,
+ "id": 10,
+ "interval": "30s",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "hideEmpty": true,
+ "hideZero": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "maxDataPoints": 250,
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum by (method, path, status) (rate(certmanager_http_acme_client_request_duration_seconds_sum{ }[$__rate_interval ]))\n/\nsum by (method, path, status) (rate(certmanager_http_acme_client_request_duration_seconds_count{ }[$__rate_interval ]))",
+ "interval": "",
+ "legendFormat": "{{method }} {{path }} {{status }}",
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "ACME HTTP Request avg duration",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "s",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {
+ "max": "dark-yellow"
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "CPU Usage and limits, as percent of a vCPU core. ",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 0,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 6,
+ "x": 0,
+ "y": 24
+ },
+ "hiddenSeries": false,
+ "id": 12,
+ "interval": "1m",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "maxDataPoints": 250,
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+ {
+ "alias": "CPU",
+ "fill": 1,
+ "fillGradient": 5
+ },
+ {
+ "alias": "/Request.*/",
+ "color": "#FF9830",
+ "dashes": true
+ },
+ {
+ "alias": "/Limit.*/",
+ "color": "#F2495C",
+ "dashes": true
+ }
+ ],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "avg by (pod) (rate(container_cpu_usage_seconds_total{container=\"cert-manager\" }[$__rate_interval ]))",
+ "format": "time_series",
+ "hide": false,
+ "interval": "",
+ "intervalFactor": 2,
+ "legendFormat": "CPU {{pod }}",
+ "refId": "A"
+ },
+ {
+ "expr": "avg by (pod) (kube_pod_container_resource_limits_cpu_cores{container=\"cert-manager\" })",
+ "format": "time_series",
+ "hide": true,
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "Limit {{pod }}",
+ "refId": "B"
+ },
+ {
+ "expr": "avg by (pod) (kube_pod_container_resource_requests_cpu_cores{container=\"cert-manager\" })",
+ "format": "time_series",
+ "hide": true,
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "Request {{pod }}",
+ "refId": "C"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "CPU",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {
+ "max": "dark-yellow"
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "Percent of the time that the CPU is being throttled. Higher is badderer. ",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 0,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 6,
+ "x": 6,
+ "y": 24
+ },
+ "hiddenSeries": false,
+ "id": 14,
+ "interval": "1m",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "maxDataPoints": 250,
+ "nullPointMode": "connected",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+ {
+ "alias": "/external-dns.*/",
+ "fill": 1,
+ "fillGradient": 5
+ }
+ ],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "avg by (pod) (\n rate(container_cpu_cfs_throttled_periods_total{container=\"cert-manager\" }[$__rate_interval ])\n /\n rate(container_cpu_cfs_periods_total{container=\"cert-manager\" }[$__rate_interval ])\n)",
+ "format": "time_series",
+ "hide": false,
+ "interval": "",
+ "intervalFactor": 2,
+ "legendFormat": "{{pod }}",
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "CPU Throttling",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "percentunit",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {
+ "max": "dark-yellow"
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "Memory utilisation and limits.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 0,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 8,
+ "w": 6,
+ "x": 12,
+ "y": 24
+ },
+ "hiddenSeries": false,
+ "id": 16,
+ "interval": "1m",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "maxDataPoints": 250,
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+ {
+ "alias": "Memory",
+ "fill": 1,
+ "fillGradient": 5
+ },
+ {
+ "alias": "Request",
+ "color": "#FF9830",
+ "dashes": true
+ },
+ {
+ "alias": "Limit",
+ "color": "#F2495C",
+ "dashes": true
+ }
+ ],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "avg by (pod) (container_memory_usage_bytes{container=\"cert-manager\" })",
+ "format": "time_series",
+ "hide": false,
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "Memory {{pod }}",
+ "refId": "A"
+ },
+ {
+ "expr": "avg by (pod) (kube_pod_container_resource_limits_memory_bytes{container=\"cert-manager\" })",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "Limit {{pod }}",
+ "refId": "B"
+ },
+ {
+ "expr": "avg by (pod) (kube_pod_container_resource_requests_memory_bytes{container=\"cert-manager\" })",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "Request {{pod }}",
+ "refId": "C"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Memory",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {
+ "max": "dark-yellow"
+ },
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "$datasource",
+ "description": "Network ingress/egress.",
+ "fieldConfig": {
+ "defaults": {
+ "custom": {},
+ "links": []
+ },
+ "overrides": []
+ },
+ "fill": 1,
+ "fillGradient": 5,
+ "gridPos": {
+ "h": 8,
+ "w": 6,
+ "x": 18,
+ "y": 24
+ },
+ "hiddenSeries": false,
+ "id": 18,
+ "interval": "1m",
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "alertThreshold": true
+ },
+ "percentage": false,
+ "pluginVersion": "7.4.5",
+ "pointradius": 2,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [
+ {
+ "alias": "transmit",
+ "transform": "negative-Y"
+ }
+ ],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "avg(\n sum without (interface) (\n rate(container_network_receive_bytes_total{namespace=\"cert-manager\" }[$__rate_interval ])\n )\n)",
+ "format": "time_series",
+ "hide": false,
+ "interval": "",
+ "intervalFactor": 2,
+ "legendFormat": "receive",
+ "refId": "A"
+ },
+ {
+ "expr": "avg(\n sum without (interface) (\n rate(container_network_transmit_bytes_total{namespace=\"cert-manager\" }[$__rate_interval ])\n )\n)",
+ "format": "time_series",
+ "hide": false,
+ "interval": "",
+ "intervalFactor": 2,
+ "legendFormat": "transmit",
+ "refId": "B"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Network",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "Bps",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ }
+ ],
+ "refresh": "1m",
+ "schemaVersion": 27,
+ "style": "dark",
+ "tags": ["cert-manager", "infra"],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "selected": false,
+ "text": "prometheus",
+ "value": "prometheus"
+ },
+ "description": null,
+ "error": null,
+ "hide": 0,
+ "includeAll": false,
+ "label": "Data Source",
+ "multi": false,
+ "name": "datasource",
+ "options": [],
+ "query": "prometheus",
+ "queryValue": "",
+ "refresh": 1,
+ "regex": "",
+ "skipUrlSync": false,
+ "type": "datasource"
+ },
+ {
+ "current": {
+ "selected": false,
+ "text": "",
+ "value": ""
+ },
+ "datasource": {
+ "type": "prometheus",
+ "uid": "$datasource"
+ },
+ "definition": "",
+ "hide": 2,
+ "includeAll": false,
+ "multi": false,
+ "name": "cluster",
+ "options": [],
+ "query": {
+ "query": "label_values(certmanager_certificate_ready_status{ }, cluster)",
+ "refId": "Prometheus-cluster-Variable-Query"
+ },
+ "refresh": 2,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
+ ]
+ },
+ "time": {
+ "from": "now-24h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ]
+ },
+ "timezone": "",
+ "title": "Cert Manager",
+ "uid": "TvuRo2iMk",
+ "version": 1
+}
diff --git a/system/cert-manager/4.5.4/ix_values.yaml b/system/cert-manager/4.5.4/ix_values.yaml
new file mode 100644
index 00000000000..a9f86bea48b
--- /dev/null
+++ b/system/cert-manager/4.5.4/ix_values.yaml
@@ -0,0 +1,41 @@
+image:
+ repository: tccr.io/tccr/scratch
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:782bbb4ff892784202be7b5e4e94f8434f2598779ba0c61a727929cbe5ce405a
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+operator:
+ register: true
+
+configmap:
+ dashboard:
+ enabled: true
+ labels:
+ grafana_dashboard: "1"
+ data:
+ cert-manager.json: >-
+ {{ .Files.Get "dashboard.json" | indent 8 }}
+
+certmanager:
+ dns01RecursiveNameservers: "1.1.1.1:53,1.0.0.1:53"
+ dns01RecursiveNameserversOnly: false
+ installCRDs: true
+ enableCertificateOwnerRef: true
+ prometheus:
+ enabled: true
+ servicemonitor:
+ enabled: true
diff --git a/system/cert-manager/4.5.4/questions.yaml b/system/cert-manager/4.5.4/questions.yaml
new file mode 100755
index 00000000000..1573a8e93f4
--- /dev/null
+++ b/system/cert-manager/4.5.4/questions.yaml
@@ -0,0 +1,79 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: certmanager
+ group: App Configuration
+ label: Cert Manager Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: dns01RecursiveNameservers
+ label: DNS01 Recursive Nameservers (Modifications are unsupported)
+ description: |
+ Comma separated list of DNS servers to use for recursive
+ name resolution when performing DNS01 challenges.
+ Default is: 1.1.1.1:53,1.0.0.1:53
+ If this is modified, you are NOT covered by support.
+ schema:
+ type: string
+ required: true
+ default: "1.1.1.1:53,1.0.0.1:53"
+ - variable: dns01RecursiveNameserversOnly
+ label: DNS01 Recursive Nameservers Only (Modifications are unsupported)
+ description: |
+ Forces cert-manager to only use the recursive nameservers for verification.
+ Enabling this option could cause the DNS01 self check to take longer
+ due to caching performed by the recursive nameservers.
+ Default is: false
+ If this is modified, you are NOT covered by support.
+ schema:
+ type: boolean
+ required: true
+ default: false
diff --git a/system/cert-manager/4.5.4/templates/NOTES.txt b/system/cert-manager/4.5.4/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/cert-manager/4.5.4/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/cert-manager/4.5.4/templates/common.yaml b/system/cert-manager/4.5.4/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/cert-manager/4.5.4/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/cert-manager/4.5.4/values.yaml b/system/cert-manager/4.5.4/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/cert-manager/item.yaml b/system/cert-manager/item.yaml
new file mode 100644
index 00000000000..f2ac15cc0a6
--- /dev/null
+++ b/system/cert-manager/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/cloudnative-pg/6.6.3/.helmignore b/system/cloudnative-pg/6.6.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/cloudnative-pg/6.6.3/CHANGELOG.md b/system/cloudnative-pg/6.6.3/CHANGELOG.md
new file mode 100644
index 00000000000..fe18195ffbe
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [cloudnative-pg-6.6.3](https://github.com/truecharts/charts/compare/cloudnative-pg-6.6.2...cloudnative-pg-6.6.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/cloudnative-pg/6.6.3/Chart.yaml b/system/cloudnative-pg/6.6.3/Chart.yaml
new file mode 100644
index 00000000000..73f494404eb
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/Chart.yaml
@@ -0,0 +1,46 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: cloudnative-pg
+ version: 0.20.1
+ repository: https://cloudnative-pg.github.io/charts
+ condition: ""
+ alias: cloudnative-pg
+ tags: []
+ import-values: []
+deprecated: false
+description: CloudNativePG is a clustered postgresql database operator
+home: https://truecharts.org/charts/system/cloudnative-pg
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/cloudnative-pg.png
+keywords:
+ - database
+ - cloudnative-pg
+ - cnpg
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: cloudnative-pg
+sources:
+ - https://cloudnative-pg.io/
+ - https://github.com/cloudnative-pg
+ - https://github.com/truecharts/charts/tree/master/charts/system/cloudnative-pg
+ - https://github.com/truecharts/containers/tree/master/apps/alpine
+type: application
+version: 6.6.3
diff --git a/system/cloudnative-pg/6.6.3/README.md b/system/cloudnative-pg/6.6.3/README.md
new file mode 100644
index 00000000000..f57e4465706
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/cloudnative-pg)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/cloudnative-pg/6.6.3/app-changelog.md b/system/cloudnative-pg/6.6.3/app-changelog.md
new file mode 100644
index 00000000000..a5d25868d60
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [cloudnative-pg-6.6.3](https://github.com/truecharts/charts/compare/cloudnative-pg-6.6.2...cloudnative-pg-6.6.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/cloudnative-pg/6.6.3/app-readme.md b/system/cloudnative-pg/6.6.3/app-readme.md
new file mode 100644
index 00000000000..e627f0160eb
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/app-readme.md
@@ -0,0 +1,8 @@
+CloudNativePG is a clustered postgresql database operator
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/cloudnative-pg](https://truecharts.org/charts/system/cloudnative-pg)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/cloudnative-pg/6.6.3/charts/cloudnative-pg-0.20.1.tgz b/system/cloudnative-pg/6.6.3/charts/cloudnative-pg-0.20.1.tgz
new file mode 100644
index 00000000000..fc7d3a83c7e
Binary files /dev/null and b/system/cloudnative-pg/6.6.3/charts/cloudnative-pg-0.20.1.tgz differ
diff --git a/system/cloudnative-pg/6.6.3/charts/common-20.0.9.tgz b/system/cloudnative-pg/6.6.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/cloudnative-pg/6.6.3/charts/common-20.0.9.tgz differ
diff --git a/system/cloudnative-pg/6.6.3/ix_values.yaml b/system/cloudnative-pg/6.6.3/ix_values.yaml
new file mode 100644
index 00000000000..bbd2f868ceb
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/ix_values.yaml
@@ -0,0 +1,37 @@
+image:
+ repository: tccr.io/tccr/alpine
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:ade0065e19edaa4f6903d464ee70605111a48394536deb94f31b661264704558
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+operator:
+ register: true
+
+cloudnative-pg:
+ monitoring:
+ # -- Specifies whether the monitoring should be enabled. Requires Prometheus Operator CRDs.
+ podMonitorEnabled: true
+ grafanaDashboard:
+ create: true
+ # -- Allows overriding the namespace where the ConfigMap will be created, defaulting to the same one as the Release.
+ namespace: ""
+ # -- The name of the ConfigMap containing the dashboard.
+ configMapName: "cnpg-grafana-dashboard"
+ # -- Label that ConfigMaps should have to be loaded as dashboards.
+ sidecarLabel: "grafana_dashboard"
+ # -- Label value that ConfigMaps should have to be loaded as dashboards.
+ sidecarLabelValue: "1"
diff --git a/system/cloudnative-pg/6.6.3/questions.yaml b/system/cloudnative-pg/6.6.3/questions.yaml
new file mode 100755
index 00000000000..34ba9e0400c
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/questions.yaml
@@ -0,0 +1,49 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
diff --git a/system/cloudnative-pg/6.6.3/templates/NOTES.txt b/system/cloudnative-pg/6.6.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/cloudnative-pg/6.6.3/templates/common.yaml b/system/cloudnative-pg/6.6.3/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/cloudnative-pg/6.6.3/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/cloudnative-pg/6.6.3/values.yaml b/system/cloudnative-pg/6.6.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/cloudnative-pg/item.yaml b/system/cloudnative-pg/item.yaml
new file mode 100644
index 00000000000..1ea042cf9e1
--- /dev/null
+++ b/system/cloudnative-pg/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/cloudnative-pg.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/grafana-agent-operator/1.5.3/.helmignore b/system/grafana-agent-operator/1.5.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/grafana-agent-operator/1.5.3/CHANGELOG.md b/system/grafana-agent-operator/1.5.3/CHANGELOG.md
new file mode 100644
index 00000000000..1a08f5eb528
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [grafana-agent-operator-1.5.3](https://github.com/truecharts/charts/compare/grafana-agent-operator-1.5.2...grafana-agent-operator-1.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/grafana-agent-operator/1.5.3/Chart.yaml b/system/grafana-agent-operator/1.5.3/Chart.yaml
new file mode 100644
index 00000000000..0c6bb599b19
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/Chart.yaml
@@ -0,0 +1,37 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: system
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: 0.39.2
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: Grafana Scraping Agent Operator
+home: https://truecharts.org/charts/system/grafana-agent-operator
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/grafana-agent-operator.png
+keywords:
+ - grafana-agent
+ - shell
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: grafana-agent-operator
+sources:
+ - https://grafana.com
+ - https://github.com/truecharts/charts/tree/master/charts/system/grafana-agent-operator
+ - https://hub.docker.com/r/grafana/agent-operator
+type: application
+version: 1.5.3
diff --git a/system/grafana-agent-operator/1.5.3/README.md b/system/grafana-agent-operator/1.5.3/README.md
new file mode 100644
index 00000000000..2bcd6c4bdec
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/grafana-agent-operator)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/grafana-agent-operator/1.5.3/app-changelog.md b/system/grafana-agent-operator/1.5.3/app-changelog.md
new file mode 100644
index 00000000000..e57bd5b4dc2
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [grafana-agent-operator-1.5.3](https://github.com/truecharts/charts/compare/grafana-agent-operator-1.5.2...grafana-agent-operator-1.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/grafana-agent-operator/1.5.3/app-readme.md b/system/grafana-agent-operator/1.5.3/app-readme.md
new file mode 100644
index 00000000000..19e72a9373c
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/app-readme.md
@@ -0,0 +1,8 @@
+Grafana Scraping Agent Operator
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/grafana-agent-operator](https://truecharts.org/charts/system/grafana-agent-operator)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/grafana-agent-operator/1.5.3/charts/common-20.0.9.tgz b/system/grafana-agent-operator/1.5.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/grafana-agent-operator/1.5.3/charts/common-20.0.9.tgz differ
diff --git a/system/grafana-agent-operator/1.5.3/ix_values.yaml b/system/grafana-agent-operator/1.5.3/ix_values.yaml
new file mode 100644
index 00000000000..64b42681c35
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/ix_values.yaml
@@ -0,0 +1,97 @@
+image:
+ repository: grafana/agent-operator
+ pullPolicy: IfNotPresent
+ tag: v0.39.2@sha256:841e8e1365758116d4058aa561d8d0f9deb3f6339d17548eadeeecc46889307f
+
+podOptions:
+ automountServiceAccountToken: true
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ podSpec:
+ containers:
+ main:
+ args:
+ - "--kubelet-service={{ .Values.kubeletService.namespace }}/{{ .Values.kubeletService.serviceName }}"
+ probes:
+ liveness:
+ enabled: false
+ readiness:
+ enabled: false
+ startup:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+rbac:
+ main:
+ enabled: true
+ primary: true
+ clusterWide: true
+ rules:
+ - apiGroups: [monitoring.grafana.com]
+ resources:
+ - grafanaagents
+ - metricsinstances
+ - logsinstances
+ - podlogs
+ - integrations
+ verbs: [get, list, watch]
+ - apiGroups: [monitoring.grafana.com]
+ resources:
+ - grafanaagents/finalizers
+ - metricsinstances/finalizers
+ - logsinstances/finalizers
+ - podlogs/finalizers
+ - integrations/finalizers
+ verbs: [get, list, watch, update]
+ - apiGroups: [monitoring.coreos.com]
+ resources:
+ - podmonitors
+ - probes
+ - servicemonitors
+ verbs: [get, list, watch]
+ - apiGroups: [monitoring.coreos.com]
+ resources:
+ - podmonitors/finalizers
+ - probes/finalizers
+ - servicemonitors/finalizers
+ verbs: [get, list, watch, update]
+ - apiGroups: [""]
+ resources:
+ - namespaces
+ - nodes
+ verbs: [get, list, watch]
+ - apiGroups: [""]
+ resources:
+ - secrets
+ - services
+ - configmaps
+ - endpoints
+ verbs: [get, list, watch, create, update, patch, delete]
+ - apiGroups: ["apps"]
+ resources:
+ - statefulsets
+ - daemonsets
+ - deployments
+ verbs: [get, list, watch, create, update, patch, delete]
+# -- The service account the pods will use to interact with the Kubernetes API
+serviceAccount:
+ main:
+ enabled: true
+ primary: true
+
+# -- If both are set, Agent Operator will create and maintain a service for scraping kubelets
+# https://grafana.com/docs/agent/latest/operator/getting-started/#monitor-kubelets
+kubeletService:
+ namespace: default
+ serviceName: kubelet
diff --git a/system/grafana-agent-operator/1.5.3/questions.yaml b/system/grafana-agent-operator/1.5.3/questions.yaml
new file mode 100755
index 00000000000..975fcc15f15
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/questions.yaml
@@ -0,0 +1,75 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+
+questions:
+
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+
diff --git a/system/grafana-agent-operator/1.5.3/templates/NOTES.txt b/system/grafana-agent-operator/1.5.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/grafana-agent-operator/1.5.3/templates/common.yaml b/system/grafana-agent-operator/1.5.3/templates/common.yaml
new file mode 100644
index 00000000000..b51394e00a4
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/common.yaml
@@ -0,0 +1 @@
+{{ include "tc.v1.common.loader.all" . }}
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_podmonitors.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_podmonitors.yaml
new file mode 100644
index 00000000000..153677bb175
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_podmonitors.yaml
@@ -0,0 +1,424 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: podmonitors.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ categories:
+ - prometheus-operator
+ kind: PodMonitor
+ listKind: PodMonitorList
+ plural: podmonitors
+ shortNames:
+ - pmon
+ singular: podmonitor
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ attachMetadata:
+ properties:
+ node:
+ type: boolean
+ type: object
+ jobLabel:
+ type: string
+ labelLimit:
+ format: int64
+ type: integer
+ labelNameLengthLimit:
+ format: int64
+ type: integer
+ labelValueLengthLimit:
+ format: int64
+ type: integer
+ namespaceSelector:
+ properties:
+ any:
+ type: boolean
+ matchNames:
+ items:
+ type: string
+ type: array
+ type: object
+ podMetricsEndpoints:
+ items:
+ properties:
+ authorization:
+ properties:
+ credentials:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerTokenSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ enableHttp2:
+ type: boolean
+ filterRunning:
+ type: boolean
+ followRedirects:
+ type: boolean
+ honorLabels:
+ type: boolean
+ honorTimestamps:
+ type: boolean
+ interval:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ metricRelabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ params:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ type: object
+ path:
+ type: string
+ port:
+ type: string
+ proxyUrl:
+ type: string
+ relabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ scheme:
+ enum:
+ - http
+ - https
+ type: string
+ scrapeTimeout:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ targetPort:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ insecureSkipVerify:
+ type: boolean
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ type: object
+ type: array
+ podTargetLabels:
+ items:
+ type: string
+ type: array
+ sampleLimit:
+ format: int64
+ type: integer
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ targetLimit:
+ format: int64
+ type: integer
+ required:
+ - podMetricsEndpoints
+ - selector
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_probes.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_probes.yaml
new file mode 100644
index 00000000000..13fc36f9aa3
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_probes.yaml
@@ -0,0 +1,458 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: probes.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ categories:
+ - prometheus-operator
+ kind: Probe
+ listKind: ProbeList
+ plural: probes
+ shortNames:
+ - prb
+ singular: probe
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ authorization:
+ properties:
+ credentials:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerTokenSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ interval:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ jobName:
+ type: string
+ labelLimit:
+ format: int64
+ type: integer
+ labelNameLengthLimit:
+ format: int64
+ type: integer
+ labelValueLengthLimit:
+ format: int64
+ type: integer
+ metricRelabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ module:
+ type: string
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ prober:
+ properties:
+ path:
+ default: /probe
+ type: string
+ proxyUrl:
+ type: string
+ scheme:
+ enum:
+ - http
+ - https
+ type: string
+ url:
+ type: string
+ required:
+ - url
+ type: object
+ sampleLimit:
+ format: int64
+ type: integer
+ scrapeTimeout:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ targetLimit:
+ format: int64
+ type: integer
+ targets:
+ properties:
+ ingress:
+ properties:
+ namespaceSelector:
+ properties:
+ any:
+ type: boolean
+ matchNames:
+ items:
+ type: string
+ type: array
+ type: object
+ relabelingConfigs:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ staticConfig:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ relabelingConfigs:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ static:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ insecureSkipVerify:
+ type: boolean
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_servicemonitors.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_servicemonitors.yaml
new file mode 100644
index 00000000000..ff62f8f267b
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.coreos.com_servicemonitors.yaml
@@ -0,0 +1,436 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: servicemonitors.monitoring.coreos.com
+spec:
+ group: monitoring.coreos.com
+ names:
+ categories:
+ - prometheus-operator
+ kind: ServiceMonitor
+ listKind: ServiceMonitorList
+ plural: servicemonitors
+ shortNames:
+ - smon
+ singular: servicemonitor
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ attachMetadata:
+ properties:
+ node:
+ type: boolean
+ type: object
+ endpoints:
+ items:
+ properties:
+ authorization:
+ properties:
+ credentials:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerTokenFile:
+ type: string
+ bearerTokenSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ enableHttp2:
+ type: boolean
+ filterRunning:
+ type: boolean
+ followRedirects:
+ type: boolean
+ honorLabels:
+ type: boolean
+ honorTimestamps:
+ type: boolean
+ interval:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ metricRelabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ params:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ type: object
+ path:
+ type: string
+ port:
+ type: string
+ proxyUrl:
+ type: string
+ relabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ scheme:
+ enum:
+ - http
+ - https
+ type: string
+ scrapeTimeout:
+ pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+ type: string
+ targetPort:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ type: object
+ type: array
+ jobLabel:
+ type: string
+ labelLimit:
+ format: int64
+ type: integer
+ labelNameLengthLimit:
+ format: int64
+ type: integer
+ labelValueLengthLimit:
+ format: int64
+ type: integer
+ namespaceSelector:
+ properties:
+ any:
+ type: boolean
+ matchNames:
+ items:
+ type: string
+ type: array
+ type: object
+ podTargetLabels:
+ items:
+ type: string
+ type: array
+ sampleLimit:
+ format: int64
+ type: integer
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ targetLabels:
+ items:
+ type: string
+ type: array
+ targetLimit:
+ format: int64
+ type: integer
+ required:
+ - endpoints
+ - selector
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_grafanaagents.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_grafanaagents.yaml
new file mode 100644
index 00000000000..4ec31d67a4e
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_grafanaagents.yaml
@@ -0,0 +1,3711 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: grafanaagents.monitoring.grafana.com
+spec:
+ group: monitoring.grafana.com
+ names:
+ categories:
+ - agent-operator
+ kind: GrafanaAgent
+ listKind: GrafanaAgentList
+ plural: grafanaagents
+ singular: grafanaagent
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ apiServer:
+ properties:
+ authorization:
+ properties:
+ credentials:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ credentialsFile:
+ type: string
+ type:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerToken:
+ type: string
+ bearerTokenFile:
+ type: string
+ host:
+ type: string
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ required:
+ - host
+ type: object
+ configMaps:
+ items:
+ type: string
+ type: array
+ configReloaderImage:
+ type: string
+ configReloaderVersion:
+ type: string
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ disableReporting:
+ default: false
+ type: boolean
+ disableSupportBundle:
+ default: false
+ type: boolean
+ enableConfigReadAPI:
+ default: false
+ type: boolean
+ image:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ initContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resizePolicy:
+ items:
+ properties:
+ resourceName:
+ type: string
+ restartPolicy:
+ type: string
+ required:
+ - resourceName
+ - restartPolicy
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ restartPolicy:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ integrations:
+ properties:
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ logFormat:
+ type: string
+ logLevel:
+ type: string
+ logs:
+ properties:
+ clients:
+ items:
+ properties:
+ backoffConfig:
+ properties:
+ maxPeriod:
+ type: string
+ maxRetries:
+ type: integer
+ minPeriod:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ batchSize:
+ type: integer
+ batchWait:
+ type: string
+ bearerToken:
+ type: string
+ bearerTokenFile:
+ type: string
+ externalLabels:
+ additionalProperties:
+ type: string
+ type: object
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ proxyUrl:
+ type: string
+ tenantId:
+ type: string
+ timeout:
+ type: string
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ url:
+ type: string
+ required:
+ - url
+ type: object
+ type: array
+ enforcedNamespaceLabel:
+ type: string
+ ignoreNamespaceSelectors:
+ type: boolean
+ instanceNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ instanceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ logsExternalLabelName:
+ type: string
+ type: object
+ metrics:
+ properties:
+ arbitraryFSAccessThroughSMs:
+ properties:
+ deny:
+ type: boolean
+ type: object
+ enforcedNamespaceLabel:
+ type: string
+ enforcedSampleLimit:
+ format: int64
+ type: integer
+ enforcedTargetLimit:
+ format: int64
+ type: integer
+ externalLabels:
+ additionalProperties:
+ type: string
+ type: object
+ ignoreNamespaceSelectors:
+ type: boolean
+ instanceNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ instanceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ metricsExternalLabelName:
+ type: string
+ overrideHonorLabels:
+ type: boolean
+ overrideHonorTimestamps:
+ type: boolean
+ remoteWrite:
+ items:
+ properties:
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerToken:
+ type: string
+ bearerTokenFile:
+ type: string
+ headers:
+ additionalProperties:
+ type: string
+ type: object
+ metadataConfig:
+ properties:
+ send:
+ type: boolean
+ sendInterval:
+ type: string
+ type: object
+ name:
+ type: string
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ proxyUrl:
+ type: string
+ queueConfig:
+ properties:
+ batchSendDeadline:
+ type: string
+ capacity:
+ type: integer
+ maxBackoff:
+ type: string
+ maxRetries:
+ type: integer
+ maxSamplesPerSend:
+ type: integer
+ maxShards:
+ type: integer
+ minBackoff:
+ type: string
+ minShards:
+ type: integer
+ retryOnRateLimit:
+ type: boolean
+ type: object
+ remoteTimeout:
+ type: string
+ sigv4:
+ properties:
+ accessKey:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ profile:
+ type: string
+ region:
+ type: string
+ roleARN:
+ type: string
+ secretKey:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ url:
+ type: string
+ writeRelabelConfigs:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ required:
+ - url
+ type: object
+ type: array
+ replicaExternalLabelName:
+ type: string
+ replicas:
+ format: int32
+ type: integer
+ scrapeInterval:
+ type: string
+ scrapeTimeout:
+ type: string
+ shards:
+ format: int32
+ type: integer
+ type: object
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ paused:
+ type: boolean
+ podMetadata:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ type: string
+ type: object
+ portName:
+ type: string
+ priorityClassName:
+ type: string
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeClassName:
+ type: string
+ secrets:
+ items:
+ type: string
+ type: array
+ securityContext:
+ properties:
+ fsGroup:
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ type: string
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ serviceAccountName:
+ type: string
+ storage:
+ properties:
+ disableMountSubPath:
+ type: boolean
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ volumeClaimTemplate:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ type: string
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ status:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ allocatedResourceStatuses:
+ additionalProperties:
+ type: string
+ type: object
+ x-kubernetes-map-type: granular
+ allocatedResources:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ capacity:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ conditions:
+ items:
+ properties:
+ lastProbeTime:
+ format: date-time
+ type: string
+ lastTransitionTime:
+ format: date-time
+ type: string
+ message:
+ type: string
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ phase:
+ type: string
+ type: object
+ type: object
+ type: object
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ topologySpreadConstraints:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ matchLabelKeys:
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ maxSkew:
+ format: int32
+ type: integer
+ minDomains:
+ format: int32
+ type: integer
+ nodeAffinityPolicy:
+ type: string
+ nodeTaintsPolicy:
+ type: string
+ topologyKey:
+ type: string
+ whenUnsatisfiable:
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ version:
+ type: string
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_integrations.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_integrations.yaml
new file mode 100644
index 00000000000..960b2f73ac1
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_integrations.yaml
@@ -0,0 +1,810 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: integrations.monitoring.grafana.com
+spec:
+ group: monitoring.grafana.com
+ names:
+ categories:
+ - agent-operator
+ kind: Integration
+ listKind: IntegrationList
+ plural: integrations
+ singular: integration
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ configMaps:
+ items:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ name:
+ type: string
+ secrets:
+ items:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ type:
+ properties:
+ allNodes:
+ type: boolean
+ unique:
+ type: boolean
+ type: object
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ x-kubernetes-map-type: atomic
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ namespace:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ claims:
+ items:
+ properties:
+ name:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - config
+ - name
+ - type
+ type: object
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_logsinstances.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_logsinstances.yaml
new file mode 100644
index 00000000000..517bb30c2ef
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_logsinstances.yaml
@@ -0,0 +1,299 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: logsinstances.monitoring.grafana.com
+spec:
+ group: monitoring.grafana.com
+ names:
+ categories:
+ - agent-operator
+ kind: LogsInstance
+ listKind: LogsInstanceList
+ plural: logsinstances
+ singular: logsinstance
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ additionalScrapeConfigs:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ clients:
+ items:
+ properties:
+ backoffConfig:
+ properties:
+ maxPeriod:
+ type: string
+ maxRetries:
+ type: integer
+ minPeriod:
+ type: string
+ type: object
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ batchSize:
+ type: integer
+ batchWait:
+ type: string
+ bearerToken:
+ type: string
+ bearerTokenFile:
+ type: string
+ externalLabels:
+ additionalProperties:
+ type: string
+ type: object
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ proxyUrl:
+ type: string
+ tenantId:
+ type: string
+ timeout:
+ type: string
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ url:
+ type: string
+ required:
+ - url
+ type: object
+ type: array
+ podLogsNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ podLogsSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ targetConfig:
+ properties:
+ syncPeriod:
+ type: string
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_metricsinstances.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_metricsinstances.yaml
new file mode 100644
index 00000000000..610193f440f
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_metricsinstances.yaml
@@ -0,0 +1,495 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: metricsinstances.monitoring.grafana.com
+spec:
+ group: monitoring.grafana.com
+ names:
+ categories:
+ - agent-operator
+ kind: MetricsInstance
+ listKind: MetricsInstanceList
+ plural: metricsinstances
+ singular: metricsinstance
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ additionalScrapeConfigs:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ maxWALTime:
+ type: string
+ minWALTime:
+ type: string
+ podMonitorNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ podMonitorSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ probeNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ probeSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ remoteFlushDeadline:
+ type: string
+ remoteWrite:
+ items:
+ properties:
+ basicAuth:
+ properties:
+ password:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ username:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ bearerToken:
+ type: string
+ bearerTokenFile:
+ type: string
+ headers:
+ additionalProperties:
+ type: string
+ type: object
+ metadataConfig:
+ properties:
+ send:
+ type: boolean
+ sendInterval:
+ type: string
+ type: object
+ name:
+ type: string
+ oauth2:
+ properties:
+ clientId:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ clientSecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ endpointParams:
+ additionalProperties:
+ type: string
+ type: object
+ scopes:
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ proxyUrl:
+ type: string
+ queueConfig:
+ properties:
+ batchSendDeadline:
+ type: string
+ capacity:
+ type: integer
+ maxBackoff:
+ type: string
+ maxRetries:
+ type: integer
+ maxSamplesPerSend:
+ type: integer
+ maxShards:
+ type: integer
+ minBackoff:
+ type: string
+ minShards:
+ type: integer
+ retryOnRateLimit:
+ type: boolean
+ type: object
+ remoteTimeout:
+ type: string
+ sigv4:
+ properties:
+ accessKey:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ profile:
+ type: string
+ region:
+ type: string
+ roleARN:
+ type: string
+ secretKey:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ tlsConfig:
+ properties:
+ ca:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ caFile:
+ type: string
+ cert:
+ properties:
+ configMap:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ secret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ certFile:
+ type: string
+ insecureSkipVerify:
+ type: boolean
+ keyFile:
+ type: string
+ keySecret:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ serverName:
+ type: string
+ type: object
+ url:
+ type: string
+ writeRelabelConfigs:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ required:
+ - url
+ type: object
+ type: array
+ serviceMonitorNamespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceMonitorSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ walTruncateFrequency:
+ type: string
+ writeStaleOnShutdown:
+ type: boolean
+ type: object
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_podlogs.yaml b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_podlogs.yaml
new file mode 100644
index 00000000000..f22d051b513
--- /dev/null
+++ b/system/grafana-agent-operator/1.5.3/templates/monitoring.grafana.com_podlogs.yaml
@@ -0,0 +1,308 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: podlogs.monitoring.grafana.com
+spec:
+ group: monitoring.grafana.com
+ names:
+ categories:
+ - agent-operator
+ kind: PodLogs
+ listKind: PodLogsList
+ plural: podlogs
+ singular: podlogs
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ jobLabel:
+ type: string
+ namespaceSelector:
+ properties:
+ any:
+ type: boolean
+ matchNames:
+ items:
+ type: string
+ type: array
+ type: object
+ pipelineStages:
+ items:
+ properties:
+ cri:
+ type: object
+ docker:
+ type: object
+ drop:
+ properties:
+ dropCounterReason:
+ type: string
+ expression:
+ type: string
+ longerThan:
+ type: string
+ olderThan:
+ type: string
+ source:
+ type: string
+ value:
+ type: string
+ type: object
+ json:
+ properties:
+ expressions:
+ additionalProperties:
+ type: string
+ type: object
+ source:
+ type: string
+ type: object
+ labelAllow:
+ items:
+ type: string
+ type: array
+ labelDrop:
+ items:
+ type: string
+ type: array
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ limit:
+ properties:
+ burst:
+ type: integer
+ drop:
+ type: boolean
+ rate:
+ type: integer
+ type: object
+ match:
+ properties:
+ action:
+ type: string
+ dropCounterReason:
+ type: string
+ pipelineName:
+ type: string
+ selector:
+ type: string
+ stages:
+ type: string
+ required:
+ - selector
+ type: object
+ metrics:
+ additionalProperties:
+ properties:
+ action:
+ type: string
+ buckets:
+ items:
+ type: string
+ type: array
+ countEntryBytes:
+ type: boolean
+ description:
+ type: string
+ matchAll:
+ type: boolean
+ maxIdleDuration:
+ type: string
+ prefix:
+ type: string
+ source:
+ type: string
+ type:
+ type: string
+ value:
+ type: string
+ required:
+ - action
+ - type
+ type: object
+ type: object
+ multiline:
+ properties:
+ firstLine:
+ type: string
+ maxLines:
+ type: integer
+ maxWaitTime:
+ type: string
+ required:
+ - firstLine
+ type: object
+ output:
+ properties:
+ source:
+ type: string
+ required:
+ - source
+ type: object
+ pack:
+ properties:
+ ingestTimestamp:
+ type: boolean
+ labels:
+ items:
+ type: string
+ type: array
+ required:
+ - labels
+ type: object
+ regex:
+ properties:
+ expression:
+ type: string
+ source:
+ type: string
+ required:
+ - expression
+ type: object
+ replace:
+ properties:
+ expression:
+ type: string
+ replace:
+ type: string
+ source:
+ type: string
+ required:
+ - expression
+ type: object
+ template:
+ properties:
+ source:
+ type: string
+ template:
+ type: string
+ required:
+ - source
+ - template
+ type: object
+ tenant:
+ properties:
+ label:
+ type: string
+ source:
+ type: string
+ value:
+ type: string
+ type: object
+ timestamp:
+ properties:
+ actionOnFailure:
+ type: string
+ fallbackFormats:
+ items:
+ type: string
+ type: array
+ format:
+ type: string
+ location:
+ type: string
+ source:
+ type: string
+ required:
+ - format
+ - source
+ type: object
+ type: object
+ type: array
+ podTargetLabels:
+ items:
+ type: string
+ type: array
+ relabelings:
+ items:
+ properties:
+ action:
+ default: replace
+ enum:
+ - replace
+ - Replace
+ - keep
+ - Keep
+ - drop
+ - Drop
+ - hashmod
+ - HashMod
+ - labelmap
+ - LabelMap
+ - labeldrop
+ - LabelDrop
+ - labelkeep
+ - LabelKeep
+ - lowercase
+ - Lowercase
+ - uppercase
+ - Uppercase
+ - keepequal
+ - KeepEqual
+ - dropequal
+ - DropEqual
+ type: string
+ modulus:
+ format: int64
+ type: integer
+ regex:
+ type: string
+ replacement:
+ type: string
+ separator:
+ type: string
+ sourceLabels:
+ items:
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ type: string
+ type: object
+ type: array
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - selector
+ type: object
+ type: object
+ served: true
+ storage: true
diff --git a/system/grafana-agent-operator/1.5.3/values.yaml b/system/grafana-agent-operator/1.5.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/grafana-agent-operator/item.yaml b/system/grafana-agent-operator/item.yaml
new file mode 100644
index 00000000000..c61aba54b60
--- /dev/null
+++ b/system/grafana-agent-operator/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/grafana-agent-operator.png
+categories:
+ - system
+screenshots: []
diff --git a/system/kubeapps/2.7.3/.helmignore b/system/kubeapps/2.7.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/kubeapps/2.7.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/kubeapps/2.7.3/CHANGELOG.md b/system/kubeapps/2.7.3/CHANGELOG.md
new file mode 100644
index 00000000000..e30e7be0653
--- /dev/null
+++ b/system/kubeapps/2.7.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [kubeapps-2.7.3](https://github.com/truecharts/charts/compare/kubeapps-2.7.2...kubeapps-2.7.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/kubeapps/2.7.3/Chart.yaml b/system/kubeapps/2.7.3/Chart.yaml
new file mode 100644
index 00000000000..f5a4870fa33
--- /dev/null
+++ b/system/kubeapps/2.7.3/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: 0.0.3
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: kubeapps
+ version: 14.7.1
+ repository: oci://registry-1.docker.io/bitnamicharts
+ condition: ""
+ alias: ogkubeapps
+ tags: []
+ import-values: []
+deprecated: false
+description: KubeApps is a Kubernetes-as-Apps solution
+home: https://truecharts.org/charts/system/kubeapps
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/kubeapps.png
+keywords:
+ - kubeapps
+ - catalog
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: kubeapps
+sources:
+ - https://cert-manager.io/
+ - https://github.com/cert-manager
+ - https://github.com/truecharts/charts/tree/master/charts/system/kubeapps
+ - https://ghcr.io/xstar97/my-proxy-service
+type: application
+version: 2.7.3
diff --git a/system/kubeapps/2.7.3/README.md b/system/kubeapps/2.7.3/README.md
new file mode 100644
index 00000000000..e0ed454cbce
--- /dev/null
+++ b/system/kubeapps/2.7.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/kubeapps)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/kubeapps/2.7.3/app-changelog.md b/system/kubeapps/2.7.3/app-changelog.md
new file mode 100644
index 00000000000..9e264582ac2
--- /dev/null
+++ b/system/kubeapps/2.7.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [kubeapps-2.7.3](https://github.com/truecharts/charts/compare/kubeapps-2.7.2...kubeapps-2.7.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/kubeapps/2.7.3/app-readme.md b/system/kubeapps/2.7.3/app-readme.md
new file mode 100644
index 00000000000..27de3b60fa0
--- /dev/null
+++ b/system/kubeapps/2.7.3/app-readme.md
@@ -0,0 +1,8 @@
+KubeApps is a Kubernetes-as-Apps solution
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/kubeapps](https://truecharts.org/charts/system/kubeapps)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/kubeapps/2.7.3/charts/common-20.0.9.tgz b/system/kubeapps/2.7.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/kubeapps/2.7.3/charts/common-20.0.9.tgz differ
diff --git a/system/kubeapps/2.7.3/charts/kubeapps-14.7.1.tgz b/system/kubeapps/2.7.3/charts/kubeapps-14.7.1.tgz
new file mode 100644
index 00000000000..5b9f5b7001b
Binary files /dev/null and b/system/kubeapps/2.7.3/charts/kubeapps-14.7.1.tgz differ
diff --git a/system/kubeapps/2.7.3/ix_values.yaml b/system/kubeapps/2.7.3/ix_values.yaml
new file mode 100644
index 00000000000..4e9d710bb90
--- /dev/null
+++ b/system/kubeapps/2.7.3/ix_values.yaml
@@ -0,0 +1,98 @@
+image:
+ pullPolicy: IfNotPresent
+ repository: ghcr.io/xstar97/my-proxy-service
+ tag: v0.0.3@sha256:272f4af7f79fac47de413b9a756d2ca23df27df4fb5af2e41a2c9f8cfe6ce642
+
+operator:
+ register: false
+
+portal:
+ open:
+ enabled: true
+
+podOptions:
+ automountServiceAccountToken: true
+
+workload:
+ ## TODO: Enable
+ main:
+ enabled: false
+ primary: true
+ type: Deployment
+ podSpec:
+ containers:
+ ## TODO: Enable
+ main:
+ enabled: false
+ primary: true
+ env:
+ PORT: 3000
+ API_FILE: /var/run/secrets/kubernetes.io/serviceaccount/token
+ PROXY_TARGET: http://tckubeapps:8080
+ probes:
+ liveness:
+ enabled: true
+ type: tcp
+ port: 3000
+ readiness:
+ enabled: true
+ type: tcp
+ port: 3000
+ startup:
+ enabled: true
+ type: tcp
+ port: 3000
+
+service:
+ ## TODO: Enable
+ main:
+ enabled: false
+ primary: false
+ expandObjectName: false
+ ports:
+ main:
+ ## TODO: Enable
+ enabled: false
+ primary: false
+ port: 3000
+ targetPort: 3000
+ tckubeapps:
+ enabled: true
+ primary: true
+ labels:
+ truecharts.org/flagged: "true"
+ selectorLabels:
+ app.kubernetes.io/component: frontend
+ truecharts.org/kahack: frontend
+ ports:
+ tckubeapps:
+ enabled: true
+ primary: true
+ port: 8080
+ targetPort: 8080
+
+serviceAccount:
+ kubeapps-operator:
+ enabled: true
+ primary: true
+ targetSelectAll: true
+
+rbac:
+ kubeapps-operator:
+ enabled: true
+ primary: true
+ clusterWide: true
+ allServiceAccounts: true
+ rules:
+ - apiGroups: ["*"]
+ resources: ["*"]
+ verbs: ["*"]
+
+ogkubeapps:
+ frontend:
+ podLabels:
+ truecharts.org/kahack: frontend
+ apprepository:
+ initialRepos:
+ - name: truecharts
+ url: https://charts.truecharts.org
diff --git a/system/kubeapps/2.7.3/questions.yaml b/system/kubeapps/2.7.3/questions.yaml
new file mode 100755
index 00000000000..0d9ab7de65a
--- /dev/null
+++ b/system/kubeapps/2.7.3/questions.yaml
@@ -0,0 +1,903 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: service
+ group: Networking and Services
+ label: Configure Service(s)
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: tckubeapps
+ label: "KubeApps Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: tckubeapps
+ label: "KubeApps Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 8080
+ required: true
+ - variable: serviceexpert
+ group: Networking and Services
+ label: Show Expert Config
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+
+ - variable: scaleExternalInterface
+ description: Add External Interfaces
+ label: Add external Interfaces
+ group: Networking
+ schema:
+ type: list
+ items:
+ - variable: interfaceConfiguration
+ description: Interface Configuration
+ label: Interface Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ $ref:
+ - "normalize/interfaceConfiguration"
+ attrs:
+ - variable: hostInterface
+ description: Please Specify Host Interface
+ label: Host Interface
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/interface"
+ - variable: ipam
+ description: Define how IP Address will be managed
+ label: IP Address Management
+ schema:
+ additional_attrs: true
+ type: dict
+ required: true
+ attrs:
+ - variable: type
+ description: Specify type for IPAM
+ label: IPAM Type
+ schema:
+ type: string
+ required: true
+ enum:
+ - value: dhcp
+ description: Use DHCP
+ - value: static
+ description: Use Static IP
+ - variable: staticIPConfigurations
+ label: Static IP Addresses
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticIP
+ label: Static IP
+ schema:
+ type: ipaddr
+ cidr: true
+ - variable: staticRoutes
+ label: Static Routes
+ schema:
+ type: list
+ show_if: [["type", "=", "static"]]
+ items:
+ - variable: staticRouteConfiguration
+ label: Static Route Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: destination
+ label: Destination
+ schema:
+ type: ipaddr
+ cidr: true
+ required: true
+ - variable: gateway
+ label: Gateway
+ schema:
+ type: ipaddr
+ cidr: false
+ required: true
+
+ - variable: serviceList
+ label: Add Manual Custom Services
+ group: Networking and Services
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: Custom Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: advancedsvcset
+ label: Show Advanced Service Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: External IP
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: IP Family Policy
+ description: Specify the IP Policy
+ schema:
+ type: string
+ default: SingleStack
+ enum:
+ - value: SingleStack
+ description: SingleStack
+ - value: PreferDualStack
+ description: PreferDualStack
+ - value: RequireDualStack
+ description: RequireDualStack
+ - variable: ipFamilies
+ label: IP Families
+ description: (Advanced) The IP Families that should be used
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: IP Family
+ schema:
+ type: string
+ - variable: portsList
+ label: Additional Service Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: Custom ports
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Port
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Port Name
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: Port Type
+ schema:
+ type: string
+ default: tcp
+ enum:
+ - value: http
+ description: HTTP
+ - value: https
+ description: HTTPS
+ - value: tcp
+ description: TCP
+ - value: udp
+ description: UDP
+ - variable: targetPort
+ label: Target Port
+ description: This port exposes the container port on the service
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: Container Port
+ schema:
+ type: int
+ required: true
+
+ - variable: ingress
+ label: ""
+ group: Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name (Optional)
+ description: Defaults to chart name
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description (Optional)
+ description: Defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: icon
+ label: Icon (Optional)
+ description: Defaults to chart icon
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+ - variable: widget
+ label: Widget Settings
+ schema:
+ type: dict
+ additional_attrs: true
+ show_if: [["enabled", "=", true]]
+ attrs:
+ - variable: enabled
+ label: Enable Widget
+ description: When disabled all widget annotations are skipped.
+ schema:
+ type: boolean
+ default: true
+ - variable: custom
+ label: Options
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: key
+ label: API-key (key)
+ schema:
+ type: string
+ default: ""
+ - variable: customkv
+ label: Custom Options
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: option
+ label: Option
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+
+ - variable: ingressList
+ label: Add Manual Custom Ingresses
+ group: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: Custom Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: overrideService
+ label: Linked Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Service Name
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: Service Port
+ schema:
+ type: int
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ default: []
+ show_if: [["certificateIssuer", "=", ""]]
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: "Allow Cross Origin Requests"
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: namespace
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: homepage
+ label: Homepage
+ description: Connect ingress with Homepage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: name
+ label: Name
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: description
+ label: Description
+ description: defaults to chart description
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: group
+ label: Group
+ schema:
+ type: string
+ required: true
+ default: "default"
+ show_if: [["enabled", "=", true]]
+
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+
diff --git a/system/kubeapps/2.7.3/templates/NOTES.txt b/system/kubeapps/2.7.3/templates/NOTES.txt
new file mode 100644
index 00000000000..6fdf5852919
--- /dev/null
+++ b/system/kubeapps/2.7.3/templates/NOTES.txt
@@ -0,0 +1,5 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
+
+To generate a Login Token, run this in terminal:
+{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}}
+(k3s) kubectl create token {{ $fullname }} -n {{ .Release.Namespace }}
diff --git a/system/kubeapps/2.7.3/templates/common.yaml b/system/kubeapps/2.7.3/templates/common.yaml
new file mode 100644
index 00000000000..4b5e888100c
--- /dev/null
+++ b/system/kubeapps/2.7.3/templates/common.yaml
@@ -0,0 +1,19 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{- $overrideService := dict "name" "tckubeapps" "port" 8080 -}}
+{{- $hosts := list -}}
+{{- range $.Values.ingress.main.hosts -}}
+ {{- $paths := list -}}
+ {{- range .paths -}}
+ {{- $path := dict "path" .path "pathType" .pathType "overrideService" $overrideService -}}
+ {{- $paths = append $paths $path -}}
+ {{- end -}}
+ {{- $host := dict "host" .host "paths" $paths -}}
+ {{- $hosts = append $hosts $host -}}
+{{- end -}}
+
+{{- $_ := set $.Values.ingress.main "hosts" $hosts -}}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/kubeapps/2.7.3/values.yaml b/system/kubeapps/2.7.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/kubeapps/item.yaml b/system/kubeapps/item.yaml
new file mode 100644
index 00000000000..9b163d047e9
--- /dev/null
+++ b/system/kubeapps/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/kubeapps.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/kubernetes-reflector/4.5.3/.helmignore b/system/kubernetes-reflector/4.5.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/kubernetes-reflector/4.5.3/CHANGELOG.md b/system/kubernetes-reflector/4.5.3/CHANGELOG.md
new file mode 100644
index 00000000000..98f5e67ca50
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [kubernetes-reflector-4.5.3](https://github.com/truecharts/charts/compare/kubernetes-reflector-4.5.2...kubernetes-reflector-4.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/kubernetes-reflector/4.5.3/Chart.yaml b/system/kubernetes-reflector/4.5.3/Chart.yaml
new file mode 100644
index 00000000000..9a0414bc2ec
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/Chart.yaml
@@ -0,0 +1,40 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: 7.1.217
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: Kubernetes-Reflector is a Kubernetes addon designed to monitor and reflect changes to secrets and configmaps across namespaces
+home: https://truecharts.org/charts/system/kubernetes-reflector
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/kubernetes-reflector.png
+keywords:
+ - reflector
+ - secrets
+ - configmaps
+ - cert-manager
+ - certificates
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: kubernetes-reflector
+sources:
+ - https://github.com/emberstack/kubernetes-reflector
+ - https://github.com/truecharts/charts/tree/master/charts/system/kubernetes-reflector
+ - https://hub.docker.com/r/emberstack/kubernetes-reflector
+type: application
+version: 4.5.3
diff --git a/system/kubernetes-reflector/4.5.3/README.md b/system/kubernetes-reflector/4.5.3/README.md
new file mode 100644
index 00000000000..2f45ca24d71
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/kubernetes-reflector)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/kubernetes-reflector/4.5.3/app-changelog.md b/system/kubernetes-reflector/4.5.3/app-changelog.md
new file mode 100644
index 00000000000..08c33ccca2e
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [kubernetes-reflector-4.5.3](https://github.com/truecharts/charts/compare/kubernetes-reflector-4.5.2...kubernetes-reflector-4.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/kubernetes-reflector/4.5.3/app-readme.md b/system/kubernetes-reflector/4.5.3/app-readme.md
new file mode 100644
index 00000000000..51986dd6823
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/app-readme.md
@@ -0,0 +1,8 @@
+Kubernetes-Reflector is a Kubernetes addon designed to monitor and reflect changes to secrets and configmaps across namespaces
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/kubernetes-reflector](https://truecharts.org/charts/system/kubernetes-reflector)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/kubernetes-reflector/4.5.3/charts/common-20.0.9.tgz b/system/kubernetes-reflector/4.5.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/kubernetes-reflector/4.5.3/charts/common-20.0.9.tgz differ
diff --git a/system/kubernetes-reflector/4.5.3/ix_values.yaml b/system/kubernetes-reflector/4.5.3/ix_values.yaml
new file mode 100644
index 00000000000..65dd9f7a775
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/ix_values.yaml
@@ -0,0 +1,70 @@
+image:
+ repository: docker.io/emberstack/kubernetes-reflector
+ pullPolicy: IfNotPresent
+ tag: build-7.1.217@sha256:982b8fc714349abe480a6864f3c3fce8e8801fd5068fac6add5b22ed32efc033
+operator:
+ register: true
+portal:
+ open:
+ enabled: false
+rbac:
+ main:
+ enabled: true
+ primary: true
+ clusterWide: true
+ rules:
+ - apiGroups:
+ - ""
+ resources:
+ - "configmaps"
+ - "secrets"
+ verbs:
+ - "get"
+ - "list"
+ - "watch"
+ - "create"
+ - "update"
+ - "patch"
+ - "delete"
+ - apiGroups:
+ - ""
+ resources:
+ - "namespaces"
+ verbs:
+ - "watch"
+ - "list"
+serviceAccount:
+ main:
+ enabled: true
+ primary: true
+kubernetesReflector:
+ logLevel: Information
+workload:
+ main:
+ podSpec:
+ automountServiceAccountToken: true
+ containers:
+ main:
+ securityContext:
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ env:
+ ES_Serilog__MinimumLevel__Default: "{{ .Values.kubernetesReflector.logLevel }}"
+ ES_Reflector__Watcher__Timeout: ""
+ ES_Reflector__Kubernetes__SkipTlsVerify: "false"
+ probes:
+ liveness:
+ type: http
+ path: /healthz
+ port: 25080
+ readiness:
+ type: http
+ path: /healthz
+ port: 25080
+ startup:
+ type: http
+ path: /healthz
+ port: 25080
+service:
+ main:
+ enabled: false
diff --git a/system/kubernetes-reflector/4.5.3/questions.yaml b/system/kubernetes-reflector/4.5.3/questions.yaml
new file mode 100755
index 00000000000..134e6281841
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/questions.yaml
@@ -0,0 +1,1244 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: workload
+ group: "Workload Settings"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: type
+ label: Type (Advanced)
+ schema:
+ type: string
+ default: Deployment
+ enum:
+ - value: Deployment
+ description: Deployment
+ - value: DaemonSet
+ description: DaemonSet
+
+ - variable: replicas
+ label: Replicas (Advanced)
+ description: Set the number of Replicas
+ schema:
+ type: int
+ show_if: [["type", "!=", "DaemonSet"]]
+ default: 1
+
+ - variable: podSpec
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: containers
+ label: Containers
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: main
+ label: Main Container
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: envList
+ label: Extra Environment Variables
+ description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ - variable: extraArgs
+ label: Extra Args
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: Arg
+ schema:
+ type: string
+
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: command
+ label: Command
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: param
+ label: Param
+ schema:
+ type: string
+
+ - variable: kubernetesReflector
+ group: "App Configuration"
+ label: "Kubernetes-Reflector Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: logLevel
+ label: "Log Level"
+ schema:
+ type: string
+ default: "Information"
+ enum:
+ - value: "Verbose"
+ description: "Trace"
+ - value: "Debug"
+ description: "Debug"
+ - value: "Information"
+ description: "Info"
+ - value: "Warning"
+ description: "Warnings"
+ - value: "Error"
+ description: "Errors"
+ - value: "Fatal"
+ description: "Fatal Errors"
+ - variable: resources
+ group: Resources and Devices
+ label: "Resource Limits"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: Advanced Limit Resource Consumption
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 4000m
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: RAM
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 8Gi
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: 'gpu.intel.com/i915'
+ label: Add Intel i915 GPUs
+ schema:
+ type: int
+ default: 0
+ - variable: 'nvidia.com/gpu'
+ label: Add NVIDIA GPUs (Experimental)
+ schema:
+ type: int
+ default: 0
+ - variable: 'amd.com/gpu'
+ label: Add AMD GPUs
+ schema:
+ type: int
+ default: 0
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 10m
+ hidden: true
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
+ schema:
+ type: string
+ default: 50Mi
+ hidden: true
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: deviceList
+ label: Mount USB Devices
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: Device
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Storage
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: (Advanced) Type of Storage
+ description: Sets the persistence type
+ schema:
+ type: string
+ default: device
+ hidden: true
+ - variable: readOnly
+ label: readOnly
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Device Path
+ description: Path to the device on the host system
+ schema:
+ type: path
+ - variable: mountPath
+ label: Container Device Path
+ description: Path inside the container the device is mounted
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+
+# - variable: horizontalPodAutoscaler
+# group: Advanced
+# label: (Advanced) Horizontal Pod Autoscaler
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: hpaEntry
+# label: HPA Entry
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: name
+# label: Name
+# schema:
+# type: string
+# required: true
+# default: ""
+# - variable: enabled
+# label: Enabled
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: Target
+# description: Deployment name, Defaults to Main Deployment
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: Minimum Replicas
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: Maximum Replicas
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: Target CPU Utilization Percentage
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: Target Memory Utilization Percentage
+# schema:
+# type: int
+# default: 80
+ - variable: networkPolicy
+ group: Advanced
+ label: (Advanced) Network Policy
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: netPolicyEntry
+ label: Network Policy Entry
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: policyType
+ label: Policy Type
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: ingress
+ description: Ingress
+ - value: egress
+ description: Egress
+ - value: ingress-egress
+ description: Ingress and Egress
+ - variable: egress
+ label: Egress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: egressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: to
+ label: To
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: toEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: ingress
+ label: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: from
+ label: From
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: fromEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+
+ - variable: addons
+ group: Addons
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+
+ - variable: codeserver
+ label: Codeserver
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: NodePort
+ description: Deprecated CHANGE THIS
+ - value: ClusterIP
+ description: ClusterIP
+ - value: LoadBalancer
+ description: LoadBalancer
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ default: 36107
+ - variable: ingress
+ label: "Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: [{path: "/", pathType: "Prefix"}]
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: integrations
+ label: Integrations
+ description: Connect ingress with other charts
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: traefik
+ label: Traefik
+ description: Connect ingress with Traefik
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: true
+ - variable: allowCors
+ label: 'Allow Cross Origin Requests (advanced)'
+ schema:
+ type: boolean
+ default: false
+ show_if: [["enabled", "=", true]]
+ - variable: entrypoints
+ label: Entrypoints
+ schema:
+ type: list
+ default: ["websecure"]
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: entrypoint
+ label: Entrypoint
+ schema:
+ type: string
+ - variable: middlewares
+ label: Middlewares
+ schema:
+ type: list
+ default: []
+ show_if: [["enabled", "=", true]]
+ items:
+ - variable: middleware
+ label: Middleware
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: namespace
+ label: 'namespace (optional)'
+ schema:
+ type: string
+ default: ""
+ - variable: certManager
+ label: certManager
+ description: Connect ingress with certManager
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: enabled
+ schema:
+ type: boolean
+ default: false
+ - variable: certificateIssuer
+ label: certificateIssuer
+ description: defaults to chartname
+ schema:
+ type: string
+ default: ""
+ show_if: [["enabled", "=", true]]
+ - variable: advanced
+ label: Show Advanced Settings
+ description: Advanced settings are not covered by TrueCharts Support
+ schema:
+ type: boolean
+ default: false
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ show_if: [["advanced", "=", true]]
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["advanced", "=", true]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: certificateIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: clusterCertificate
+ label: 'Cluster Certificate (Advanced)'
+ description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
+ schema:
+ type: string
+ show_if: [["certificateIssuer", "=", ""]]
+ default: ""
+ - variable: secretName
+ label: 'Use Custom Certificate Secret (Advanced)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: 'Use TrueNAS SCALE Certificate (Deprecated)'
+ schema:
+ show_if: [["certificateIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: envList
+ label: Codeserver Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+
+ - variable: netshoot
+ label: Netshoot
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: Netshoot Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+
+ - variable: vpn
+ label: VPN
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: disabled
+ enum:
+ - value: disabled
+ description: disabled
+ - value: gluetun
+ description: Gluetun
+ - value: tailscale
+ description: Tailscale
+ - value: openvpn
+ description: OpenVPN (Deprecated)
+ - value: wireguard
+ description: Wireguard (Deprecated)
+ - variable: openvpn
+ label: OpenVPN Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: Authentication Username (Optional)
+ description: Authentication Username, Optional
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: Authentication Password
+ description: Authentication Credentials
+ schema:
+ type: string
+ show_if: [["username", "!=", ""]]
+ default: ""
+ required: true
+ - variable: tailscale
+ label: Tailscale Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ show_if: [["type", "=", "tailscale"]]
+ attrs:
+ - variable: authkey
+ label: Authentication Key
+ description: Provide an auth key to automatically authenticate the node as your user account.
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: auth_once
+ label: Auth Once
+ description: Only attempt to log in if not already logged in.
+ schema:
+ type: boolean
+ default: true
+ - variable: accept_dns
+ label: Accept DNS
+ description: Accept DNS configuration from the admin console.
+ schema:
+ type: boolean
+ default: false
+ - variable: userspace
+ label: Userspace
+ description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
+ schema:
+ type: boolean
+ default: false
+ - variable: routes
+ label: Routes
+ description: Expose physical subnet routes to your entire Tailscale network.
+ schema:
+ type: string
+ default: ""
+ - variable: dest_ip
+ label: Destination IP
+ description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
+ schema:
+ type: string
+ default: ""
+ - variable: sock5_server
+ label: Sock5 Server
+ description: The address on which to listen for SOCKS5 proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: outbound_http_proxy_listen
+ label: Outbound HTTP Proxy Listen
+ description: The address on which to listen for HTTP proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: extra_args
+ label: Extra Args
+ description: Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: daemon_extra_args
+ label: Tailscale Daemon Extra Args
+ description: Tailscale Daemon Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: killSwitch
+ label: Enable Killswitch
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: Killswitch Excluded IPv4 networks
+ description: List of Killswitch Excluded IPv4 Addresses
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: IPv4 Network
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: Killswitch Excluded IPv6 networks
+ description: "List of Killswitch Excluded IPv6 Addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: IPv6 Network
+ schema:
+ type: string
+ required: true
+ - variable: configFile
+ label: VPN Config File Location
+ schema:
+ type: string
+ show_if: [["type", "!=", "disabled"]]
+ default: ""
+
+ - variable: envList
+ label: VPN Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ max_length: 10240
+
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+
diff --git a/system/kubernetes-reflector/4.5.3/templates/common.yaml b/system/kubernetes-reflector/4.5.3/templates/common.yaml
new file mode 100644
index 00000000000..a204deeeb4f
--- /dev/null
+++ b/system/kubernetes-reflector/4.5.3/templates/common.yaml
@@ -0,0 +1 @@
+{{- include "tc.v1.common.loader.all" . }}
diff --git a/system/kubernetes-reflector/4.5.3/values.yaml b/system/kubernetes-reflector/4.5.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/kubernetes-reflector/item.yaml b/system/kubernetes-reflector/item.yaml
new file mode 100644
index 00000000000..c66c34bd2de
--- /dev/null
+++ b/system/kubernetes-reflector/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/kubernetes-reflector.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/metallb/14.5.3/.helmignore b/system/metallb/14.5.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/metallb/14.5.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/metallb/14.5.3/CHANGELOG.md b/system/metallb/14.5.3/CHANGELOG.md
new file mode 100644
index 00000000000..85233b90dd3
--- /dev/null
+++ b/system/metallb/14.5.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [metallb-14.5.3](https://github.com/truecharts/charts/compare/metallb-14.5.2...metallb-14.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/metallb/14.5.3/Chart.yaml b/system/metallb/14.5.3/Chart.yaml
new file mode 100644
index 00000000000..2bd51bec0f3
--- /dev/null
+++ b/system/metallb/14.5.3/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: metallb
+ version: 0.14.3
+ repository: https://metallb.github.io/metallb
+ condition: ""
+ alias: metallb
+ tags: []
+ import-values: []
+deprecated: false
+description: A network load-balancer implementation for Kubernetes using standard routing protocols
+home: https://truecharts.org/charts/system/metallb
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
+keywords:
+ - metallb
+ - loadbalancer
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: metallb
+sources:
+ - https://github.com/metallb/metallb
+ - https://metallb.universe.tf
+ - https://github.com/truecharts/charts/tree/master/charts/system/metallb
+ - https://github.com/truecharts/containers/tree/master/apps/alpine
+type: application
+version: 14.5.3
diff --git a/system/metallb/14.5.3/README.md b/system/metallb/14.5.3/README.md
new file mode 100644
index 00000000000..987cc4e7118
--- /dev/null
+++ b/system/metallb/14.5.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/metallb)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/metallb/14.5.3/app-changelog.md b/system/metallb/14.5.3/app-changelog.md
new file mode 100644
index 00000000000..b61cf899b2c
--- /dev/null
+++ b/system/metallb/14.5.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [metallb-14.5.3](https://github.com/truecharts/charts/compare/metallb-14.5.2...metallb-14.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/metallb/14.5.3/app-readme.md b/system/metallb/14.5.3/app-readme.md
new file mode 100644
index 00000000000..10b8a56f515
--- /dev/null
+++ b/system/metallb/14.5.3/app-readme.md
@@ -0,0 +1,8 @@
+A network load-balancer implementation for Kubernetes using standard routing protocols
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/metallb](https://truecharts.org/charts/system/metallb)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/metallb/14.5.3/charts/common-20.0.9.tgz b/system/metallb/14.5.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/metallb/14.5.3/charts/common-20.0.9.tgz differ
diff --git a/system/metallb/14.5.3/charts/metallb-0.14.3.tgz b/system/metallb/14.5.3/charts/metallb-0.14.3.tgz
new file mode 100644
index 00000000000..3598766e82a
Binary files /dev/null and b/system/metallb/14.5.3/charts/metallb-0.14.3.tgz differ
diff --git a/system/metallb/14.5.3/ix_values.yaml b/system/metallb/14.5.3/ix_values.yaml
new file mode 100644
index 00000000000..8ffafd21a48
--- /dev/null
+++ b/system/metallb/14.5.3/ix_values.yaml
@@ -0,0 +1,25 @@
+image:
+ repository: tccr.io/tccr/alpine
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:ade0065e19edaa4f6903d464ee70605111a48394536deb94f31b661264704558
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+operator:
+ register: true
+
+manifestManager:
+ enabled: false
diff --git a/system/metallb/14.5.3/questions.yaml b/system/metallb/14.5.3/questions.yaml
new file mode 100755
index 00000000000..34ba9e0400c
--- /dev/null
+++ b/system/metallb/14.5.3/questions.yaml
@@ -0,0 +1,49 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
diff --git a/system/metallb/14.5.3/templates/NOTES.txt b/system/metallb/14.5.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/metallb/14.5.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/metallb/14.5.3/templates/common.yaml b/system/metallb/14.5.3/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/metallb/14.5.3/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/metallb/14.5.3/values.yaml b/system/metallb/14.5.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/metallb/item.yaml b/system/metallb/item.yaml
new file mode 100644
index 00000000000..e906fec9d3c
--- /dev/null
+++ b/system/metallb/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/openebs/3.5.4/.helmignore b/system/openebs/3.5.4/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/openebs/3.5.4/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/openebs/3.5.4/CHANGELOG.md b/system/openebs/3.5.4/CHANGELOG.md
new file mode 100644
index 00000000000..216bd36bfdf
--- /dev/null
+++ b/system/openebs/3.5.4/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [openebs-3.5.4](https://github.com/truecharts/charts/compare/openebs-3.5.3...openebs-3.5.4) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/openebs/3.5.4/Chart.yaml b/system/openebs/3.5.4/Chart.yaml
new file mode 100644
index 00000000000..8aa730614e4
--- /dev/null
+++ b/system/openebs/3.5.4/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: CSI
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: openebs
+ version: 3.10.0
+ repository: https://openebs.github.io/charts
+ condition: ""
+ alias: openebs
+ tags: []
+ import-values: []
+deprecated: false
+description: OpenEBS is a umbrella container storage provisioner
+home: https://truecharts.org/charts/system/openebs
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/openebs.png
+keywords:
+ - openebs
+ - backup
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: openebs
+sources:
+ - https://github.com/cert-manager
+ - https://cert-manager.io/
+ - https://github.com/truecharts/charts/tree/master/charts/system/openebs
+ - https://github.com/truecharts/containers/tree/master/apps/scratch
+type: application
+version: 3.5.4
diff --git a/system/openebs/3.5.4/README.md b/system/openebs/3.5.4/README.md
new file mode 100644
index 00000000000..2352cf1f539
--- /dev/null
+++ b/system/openebs/3.5.4/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/openebs)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/openebs/3.5.4/app-changelog.md b/system/openebs/3.5.4/app-changelog.md
new file mode 100644
index 00000000000..aa84bbb5e21
--- /dev/null
+++ b/system/openebs/3.5.4/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [openebs-3.5.4](https://github.com/truecharts/charts/compare/openebs-3.5.3...openebs-3.5.4) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/openebs/3.5.4/app-readme.md b/system/openebs/3.5.4/app-readme.md
new file mode 100644
index 00000000000..0cc8022be98
--- /dev/null
+++ b/system/openebs/3.5.4/app-readme.md
@@ -0,0 +1,8 @@
+OpenEBS is a umbrella container storage provisioner
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/openebs](https://truecharts.org/charts/system/openebs)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/openebs/3.5.4/charts/common-20.0.9.tgz b/system/openebs/3.5.4/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/openebs/3.5.4/charts/common-20.0.9.tgz differ
diff --git a/system/openebs/3.5.4/charts/openebs-3.10.0.tgz b/system/openebs/3.5.4/charts/openebs-3.10.0.tgz
new file mode 100644
index 00000000000..dc80edb1507
Binary files /dev/null and b/system/openebs/3.5.4/charts/openebs-3.10.0.tgz differ
diff --git a/system/openebs/3.5.4/ix_values.yaml b/system/openebs/3.5.4/ix_values.yaml
new file mode 100644
index 00000000000..9b21caa5a23
--- /dev/null
+++ b/system/openebs/3.5.4/ix_values.yaml
@@ -0,0 +1,17 @@
+image:
+ pullPolicy: IfNotPresent
+ repository: tccr.io/tccr/scratch
+ tag: latest
+
+portal:
+ open:
+ enabled: false
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+workload:
+ main:
+ enabled: false
diff --git a/system/openebs/3.5.4/questions.yaml b/system/openebs/3.5.4/questions.yaml
new file mode 100755
index 00000000000..16bcaf42b30
--- /dev/null
+++ b/system/openebs/3.5.4/questions.yaml
@@ -0,0 +1,99 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
+
+ - variable: openebs
+ group: "Storage and Persistence"
+ label: "OpenEBS Settings"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: localprovisioner
+ label: "Localprovisioner Settings"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enableDeviceClass
+ label: "enableDeviceClass"
+ schema:
+ type: boolean
+ default: false
+ hidden: true
+ - variable: hostpathClass
+ label: "hostpathClass"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: reclaimPolicy
+ label: "reclaimPolicy"
+ schema:
+ type: string
+ required: true
+ default: "Retain"
+ enum:
+ - value: Retain
+ description: Retain (Keep Data on App Deletion)
+ - value: Delete
+ description: Delete (Delete data on App Deletion)
+ - variable: isDefaultClass
+ label: "Default Class"
+ schema:
+ type: boolean
+ required: true
+ default: true
+ - variable: basePath
+ label: "basePath"
+ description: "Path to store your application data into"
+ schema:
+ type: string
+ required: true
+ default: ""
diff --git a/system/openebs/3.5.4/templates/NOTES.txt b/system/openebs/3.5.4/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/openebs/3.5.4/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/openebs/3.5.4/templates/common.yaml b/system/openebs/3.5.4/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/openebs/3.5.4/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/openebs/3.5.4/values.yaml b/system/openebs/3.5.4/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/openebs/item.yaml b/system/openebs/item.yaml
new file mode 100644
index 00000000000..24f8022bec7
--- /dev/null
+++ b/system/openebs/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/openebs.png
+categories:
+ - CSI
+screenshots: []
diff --git a/system/prometheus-operator/6.7.3/.helmignore b/system/prometheus-operator/6.7.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/prometheus-operator/6.7.3/CHANGELOG.md b/system/prometheus-operator/6.7.3/CHANGELOG.md
new file mode 100644
index 00000000000..f3610d3f66c
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [prometheus-operator-6.7.3](https://github.com/truecharts/charts/compare/prometheus-operator-6.7.2...prometheus-operator-6.7.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/prometheus-operator/6.7.3/Chart.yaml b/system/prometheus-operator/6.7.3/Chart.yaml
new file mode 100644
index 00000000000..9306f77e3c7
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: kube-prometheus-stack
+ version: 56.21.0
+ repository: oci://ghcr.io/prometheus-community/charts
+ condition: ""
+ alias: kps
+ tags: []
+ import-values: []
+deprecated: false
+description: Prometheus Operator is an operator for prometheus
+home: https://truecharts.org/charts/system/prometheus-operator
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus-operator.png
+keywords:
+ - operator
+ - prometheus
+ - metics
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: prometheus-operator
+sources:
+ - https://github.com/prometheus-operator
+ - https://github.com/truecharts/charts/tree/master/charts/system/prometheus-operator
+ - https://github.com/truecharts/containers/tree/master/apps/alpine
+type: application
+version: 6.7.3
diff --git a/system/prometheus-operator/6.7.3/README.md b/system/prometheus-operator/6.7.3/README.md
new file mode 100644
index 00000000000..e2d61deee2a
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/prometheus-operator)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/prometheus-operator/6.7.3/app-changelog.md b/system/prometheus-operator/6.7.3/app-changelog.md
new file mode 100644
index 00000000000..860bfb7c14d
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [prometheus-operator-6.7.3](https://github.com/truecharts/charts/compare/prometheus-operator-6.7.2...prometheus-operator-6.7.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/prometheus-operator/6.7.3/app-readme.md b/system/prometheus-operator/6.7.3/app-readme.md
new file mode 100644
index 00000000000..d5dc128ba5b
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/app-readme.md
@@ -0,0 +1,8 @@
+Prometheus Operator is an operator for prometheus
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/prometheus-operator](https://truecharts.org/charts/system/prometheus-operator)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/prometheus-operator/6.7.3/charts/common-20.0.9.tgz b/system/prometheus-operator/6.7.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/prometheus-operator/6.7.3/charts/common-20.0.9.tgz differ
diff --git a/system/prometheus-operator/6.7.3/charts/kube-prometheus-stack-56.21.0.tgz b/system/prometheus-operator/6.7.3/charts/kube-prometheus-stack-56.21.0.tgz
new file mode 100644
index 00000000000..ece8d5e6823
Binary files /dev/null and b/system/prometheus-operator/6.7.3/charts/kube-prometheus-stack-56.21.0.tgz differ
diff --git a/system/prometheus-operator/6.7.3/ix_values.yaml b/system/prometheus-operator/6.7.3/ix_values.yaml
new file mode 100644
index 00000000000..b6bc91989ae
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/ix_values.yaml
@@ -0,0 +1,146 @@
+image:
+ repository: tccr.io/tccr/alpine
+ pullPolicy: IfNotPresent
+ tag: latest@sha256:ade0065e19edaa4f6903d464ee70605111a48394536deb94f31b661264704558
+
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+
+workload:
+ main:
+ enabled: false
+
+portal:
+ open:
+ enabled: false
+
+operator:
+ register: true
+
+kps:
+ ## Install Prometheus Operator CRDs
+ ##
+ crds:
+ enabled: true
+
+ ## Manages Prometheus and Alertmanager components
+ ##
+ prometheusOperator:
+ enabled: true
+
+ ####
+ ##
+ ## Everything down here, explicitly disables everything BUT the operator itself
+ ##
+ ####
+
+ ##
+ global:
+ rbac:
+ create: true
+
+ ## Create default rules for monitoring the cluster
+ ##
+ defaultRules:
+ create: false
+
+ windowsMonitoring:
+ ## Deploys the windows-exporter and Windows-specific dashboards and rules (job name must be 'windows-exporter')
+ enabled: false
+
+ ## Configuration for prometheus-windows-exporter
+ ## ref: https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-windows-exporter
+ ##
+ prometheus-windows-exporter:
+ ## Enable ServiceMonitor and set Kubernetes label to use as a job label
+ ##
+ prometheus:
+ monitor:
+ enabled: false
+
+ ## Configuration for alertmanager
+ ## ref: https://prometheus.io/docs/alerting/alertmanager/
+ ##
+ alertmanager:
+ ## Deploy alertmanager
+ ##
+ enabled: false
+
+ ## Using default values from https://github.com/grafana/helm-charts/blob/main/charts/grafana/values.yaml
+ ##
+ grafana:
+ enabled: false
+ forceDeployDashboards: false
+ defaultDashboardsEnabled: false
+
+ ## Flag to disable all the kubernetes component scrapers
+ ##
+ kubernetesServiceMonitors:
+ enabled: false
+
+ ## Component scraping the kube api server
+ ##
+ kubeApiServer:
+ enabled: false
+
+ ## Component scraping the kubelet and kubelet-hosted cAdvisor
+ ##
+ kubelet:
+ enabled: false
+
+ ## Component scraping the kube controller manager
+ ##
+ kubeControllerManager:
+ enabled: false
+
+ ## Component scraping coreDns. Use either this or kubeDns
+ ##
+ coreDns:
+ enabled: false
+
+ ## Component scraping kubeDns. Use either this or coreDns
+ ##
+ kubeDns:
+ enabled: false
+
+ ## Component scraping etcd
+ ##
+ kubeEtcd:
+ enabled: false
+
+ ## Component scraping kube scheduler
+ ##
+ kubeScheduler:
+ enabled: false
+
+ ## Component scraping kube proxy
+ ##
+ kubeProxy:
+ enabled: false
+
+ ## Component scraping kube state metrics
+ ##
+ kubeStateMetrics:
+ enabled: false
+
+ ## dontDeploy node exporter as a daemonset to all nodes
+ ##
+ nodeExporter:
+ enabled: false
+
+ ## dont Deploy a Prometheus instance
+ ##
+ prometheus:
+ enabled: false
+
+ ## Configuration for thanosRuler
+ ## ref: https://thanos.io/tip/components/rule.md/
+ ##
+ thanosRuler:
+ ## Dont Deploy thanosRuler
+ ##
+ enabled: false
diff --git a/system/prometheus-operator/6.7.3/questions.yaml b/system/prometheus-operator/6.7.3/questions.yaml
new file mode 100755
index 00000000000..34ba9e0400c
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/questions.yaml
@@ -0,0 +1,49 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
diff --git a/system/prometheus-operator/6.7.3/templates/NOTES.txt b/system/prometheus-operator/6.7.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/prometheus-operator/6.7.3/templates/common.yaml b/system/prometheus-operator/6.7.3/templates/common.yaml
new file mode 100644
index 00000000000..362fca94564
--- /dev/null
+++ b/system/prometheus-operator/6.7.3/templates/common.yaml
@@ -0,0 +1,4 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/prometheus-operator/6.7.3/values.yaml b/system/prometheus-operator/6.7.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/prometheus-operator/item.yaml b/system/prometheus-operator/item.yaml
new file mode 100644
index 00000000000..b749e08f074
--- /dev/null
+++ b/system/prometheus-operator/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus-operator.png
+categories:
+ - operators
+screenshots: []
diff --git a/system/traefik-crds/0.1.3/.helmignore b/system/traefik-crds/0.1.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/traefik-crds/0.1.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/traefik-crds/0.1.3/CHANGELOG.md b/system/traefik-crds/0.1.3/CHANGELOG.md
new file mode 100644
index 00000000000..daa99837bf2
--- /dev/null
+++ b/system/traefik-crds/0.1.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [traefik-crds-0.1.3](https://github.com/truecharts/charts/compare/traefik-crds-0.1.2...traefik-crds-0.1.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/traefik-crds/0.1.3/Chart.yaml b/system/traefik-crds/0.1.3/Chart.yaml
new file mode 100644
index 00000000000..dedd7ce9542
--- /dev/null
+++ b/system/traefik-crds/0.1.3/Chart.yaml
@@ -0,0 +1,39 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: network
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+deprecated: false
+description: Traefik-CRDs contains the CRD's for Traefik
+home: https://truecharts.org/charts/system/traefik-crds
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik-crds.png
+keywords:
+ - traefik
+ - ingress
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: traefik-crds
+sources:
+ - https://github.com/traefik/traefik
+ - https://github.com/traefik/traefik-helm-chart
+ - https://traefik.io/
+ - https://github.com/truecharts/charts/tree/master/charts/system/traefik-crds
+ - https://github.com/truecharts/containers/tree/master/apps/scratch
+type: application
+version: 0.1.3
diff --git a/system/traefik-crds/0.1.3/README.md b/system/traefik-crds/0.1.3/README.md
new file mode 100644
index 00000000000..6938f3e826a
--- /dev/null
+++ b/system/traefik-crds/0.1.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/traefik-crds)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/traefik-crds/0.1.3/app-changelog.md b/system/traefik-crds/0.1.3/app-changelog.md
new file mode 100644
index 00000000000..a7549743f32
--- /dev/null
+++ b/system/traefik-crds/0.1.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [traefik-crds-0.1.3](https://github.com/truecharts/charts/compare/traefik-crds-0.1.2...traefik-crds-0.1.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/traefik-crds/0.1.3/app-readme.md b/system/traefik-crds/0.1.3/app-readme.md
new file mode 100644
index 00000000000..fa812a66175
--- /dev/null
+++ b/system/traefik-crds/0.1.3/app-readme.md
@@ -0,0 +1,8 @@
+Traefik-CRDs contains the CRD's for Traefik
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/traefik-crds](https://truecharts.org/charts/system/traefik-crds)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/traefik-crds/0.1.3/charts/common-20.0.9.tgz b/system/traefik-crds/0.1.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/traefik-crds/0.1.3/charts/common-20.0.9.tgz differ
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutes.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutes.yaml
new file mode 100644
index 00000000000..bd137f410d9
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutes.yaml
@@ -0,0 +1,275 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutes.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the route. Rule is the
+ only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule'
+ type: string
+ middlewares:
+ description: 'Middlewares defines the list of references to
+ Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware'
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority'
+ type: integer
+ services:
+ description: Services defines the list of Service. It can contain
+ any combination of TraefikService and/or reference to a Kubernetes
+ Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client
+ Host header is forwarded to the upstream Kubernetes
+ Service. By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval,
+ in milliseconds, in between flushes to the client
+ while copying the response body. A negative value
+ means to flush immediately after each write to the
+ client. This configuration is ignored when ReverseProxy
+ recognizes a response as a streaming response; for
+ such responses, writes are flushed to the client
+ immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the
+ request to the upstream Kubernetes Service. It defaults
+ to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only
+ be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round
+ Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutetcps.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutetcps.yaml
new file mode 100644
index 00000000000..589fe31c18c
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressroutetcps.yaml
@@ -0,0 +1,218 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutetcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1'
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1'
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: 'ProxyProtocol defines the PROXY protocol
+ configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol'
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: TerminationDelay defines the deadline that
+ the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection,
+ to close the reading capability as well, hence fully
+ terminating the connection. It is a duration in milliseconds,
+ defaulting to 100. A negative value means an infinite
+ deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration on a layer 4 / TCP
+ Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressrouteudps.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressrouteudps.yaml
new file mode 100644
index 00000000000..c35ee4dc20d
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_ingressrouteudps.yaml
@@ -0,0 +1,105 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressrouteudps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewares.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewares.yaml
new file mode 100644
index 00000000000..5e14f93fa55
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewares.yaml
@@ -0,0 +1,924 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewares.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: 'AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding
+ it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/'
+ properties:
+ prefix:
+ description: Prefix is the string to add before the current path
+ in the requested URL. It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: 'RemoveHeader sets the removeHeader option to true
+ to remove the authorization header before forwarding the request
+ to your service. Default: false.'
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: 'Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can
+ be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes'
+ properties:
+ maxRequestBodyBytes:
+ description: 'MaxRequestBodyBytes defines the maximum allowed
+ body size for the request (in bytes). If the request exceeds
+ the allowed size, it is not forwarded to the service, and the
+ client gets a 413 (Request Entity Too Large) response. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: 'MaxResponseBodyBytes defines the maximum allowed
+ response size from the service (in bytes). If the response exceeds
+ the allowed size, it is not forwarded to the client. The client
+ gets a 500 (Internal Server Error) response instead. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: 'MemRequestBodyBytes defines the threshold (in bytes)
+ from which the request will be buffered on disk instead of in
+ memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: 'MemResponseBodyBytes defines the threshold (in bytes)
+ from which the response will be buffered on disk instead of
+ in memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ retryExpression:
+ description: 'RetryExpression defines the retry conditions. It
+ is a logical combination of functions with operators AND (&&)
+ and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression'
+ type: string
+ type: object
+ chain:
+ description: 'Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other
+ pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/'
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: 'Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the
+ client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/'
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: 'MinResponseBodyBytes defines the minimum amount
+ of bytes a response body must have to be compressed. Default:
+ 1024.'
+ type: integer
+ type: object
+ contentType:
+ description: ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least
+ the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: AutoDetect specifies whether to let the `Content-Type`
+ header, if it has not been set by the backend, be automatically
+ set to a value derived from the contents of the response. As
+ a proxy, the default behavior should be to leave the header
+ alone, regardless of what the backend did with it. However,
+ the historic default was to always auto-detect and set the header
+ if it was nil, and it is going to be kept that way in order
+ to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: 'DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: 'ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according
+ to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/'
+ properties:
+ query:
+ description: Query defines the URL for the error page (hosted
+ by service). The {status} variable can be used in order to insert
+ the status code in the URL.
+ type: string
+ service:
+ description: 'Service defines the reference to a Kubernetes Service
+ that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service'
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the
+ two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if
+ the only child is the Kubernetes Service clusterIP. The
+ Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming
+ response; for such responses, writes are flushed to
+ the client immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes
+ Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported value
+ at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object (and
+ to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: Status defines which status or range of statuses
+ should result in an error page. It can be either a status code
+ as a number (500), as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599), or
+ a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: 'ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/'
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: AuthRequestHeaders defines the list of the headers
+ to copy from the request to the authentication server. If not
+ set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: 'AuthResponseHeadersRegex defines the regex to match
+ headers to copy from the authentication server response and
+ set on forwarded request, after stripping all headers that match
+ the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex'
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: CASecret is the name of the referenced Kubernetes
+ Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: CertSecret is the name of the referenced Kubernetes
+ Secret containing the client certificate. The client certificate
+ is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: 'Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders'
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: CustomBrowserXSSValue defines the X-XSS-Protection
+ header value. This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: CustomFrameOptionsValue defines the X-Frame-Options
+ header value. This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: IsDevelopment defines whether to mitigate the unwanted
+ effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost,
+ not your production domain. If you would like your development
+ environment to mimic production with complete Host blocking,
+ SSL redirects, and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: PermissionsPolicy defines the Permissions-Policy
+ header value. This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: ReferrerPolicy defines the Referrer-Policy header
+ value. This allows sites to control whether browsers forward
+ the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: 'SSLProxyHeaders defines the header keys with associated
+ values that would indicate a valid HTTPS request. It can be
+ useful when using other proxies (example: "X-Forwarded-Proto":
+ "https").'
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: STSSeconds defines the max-age of the Strict-Transport-Security
+ header. If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: 'InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and
+ served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/'
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ in-flight request. The middleware responds with HTTP 429 Too
+ Many Requests if there are already amount requests in progress
+ (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: 'SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipWhiteList:
+ description: 'IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration used
+ by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: 'PassTLSClientCert holds the pass TLS client cert middleware
+ configuration. This middleware adds the selected data from the passed
+ client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/'
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: 'Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/'
+ type: object
+ rateLimit:
+ description: 'RateLimit holds the rate limit configuration. This middleware
+ ensures that services will receive a fair amount of requests, and
+ allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/'
+ properties:
+ average:
+ description: Average is the maximum rate, by default in requests/s,
+ allowed for the given source. It defaults to 0, which means
+ no rate limiting. The rate is actually defined by dividing Average
+ by Period. So for a rate below 1req/s, one needs to define a
+ Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: Burst is the maximum number of requests allowed to
+ arrive in the same arbitrarily small period of time. It defaults
+ to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Period, in combination with Average, defines the
+ actual maximum rate, such as: r = Average / Period. It defaults
+ to a second.'
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote
+ address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: 'RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: 'RedirectScheme holds the redirect scheme middleware
+ configuration. This middleware redirects requests from a scheme/port
+ to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: 'ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the
+ original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/'
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: 'ReplacePathRegex holds the replace path regex middleware
+ configuration. This middleware replaces the path of a URL using
+ regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: 'Retry holds the retry middleware configuration. This
+ middleware reissues requests a given number of times to a backend
+ server if that server does not reply. As soon as the server answers,
+ the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/'
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: InitialInterval defines the first wait time in the
+ exponential backoff series. The maximum interval is calculated
+ as twice the initialInterval. If unspecified, requests will
+ be retried immediately. The value of initialInterval should
+ be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: 'StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/'
+ properties:
+ forceSlash:
+ description: 'ForceSlash ensures that the resulting stripped path
+ is not the empty string, by replacing it with / when necessary.
+ Default: true.'
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: 'StripPrefixRegex holds the strip prefix regex middleware
+ configuration. This middleware removes the matching prefixes from
+ the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewaretcps.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewaretcps.yaml
new file mode 100644
index 00000000000..85302fa823d
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_middlewaretcps.yaml
@@ -0,0 +1,72 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewaretcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ connections. The middleware closes the connection if there are
+ already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipWhiteList:
+ description: IPWhiteList defines the IPWhiteList middleware configuration.
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_serverstransports.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_serverstransports.yaml
new file mode 100644
index 00000000000..d6fc3a92dba
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_serverstransports.yaml
@@ -0,0 +1,128 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransports.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsoptions.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsoptions.yaml
new file mode 100644
index 00000000000..73667667a3a
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsoptions.yaml
@@ -0,0 +1,113 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsoptions.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSOption is the CRD implementation of a Traefik TLS Option,
+ allowing to configure some parameters of the TLS connection. More info:
+ https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: 'ALPNProtocols defines the list of supported application
+ level protocols for the TLS handshake, in order of preference. More
+ info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols'
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: 'CipherSuites defines the list of supported cipher suites
+ for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites'
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: 'CurvePreferences defines the preferred elliptic curves
+ in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences'
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: 'MaxVersion defines the maximum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: None.'
+ type: string
+ minVersion:
+ description: 'MinVersion defines the minimum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: VersionTLS10.'
+ type: string
+ preferServerCipherSuites:
+ description: 'PreferServerCipherSuites defines whether the server
+ chooses a cipher suite among his own instead of among the client''s.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430'
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsstores.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsstores.yaml
new file mode 100644
index 00000000000..12f0ad37d86
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_tlsstores.yaml
@@ -0,0 +1,99 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsstores.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For
+ the time being, only the TLSStore named default is supported. This means
+ that you cannot have two stores that are named default in different Kubernetes
+ namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.containo.us_traefikservices.yaml b/system/traefik-crds/0.1.3/crds/traefik.containo.us_traefikservices.yaml
new file mode 100644
index 00000000000..0dcf470034f
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.containo.us_traefikservices.yaml
@@ -0,0 +1,402 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: traefikservices.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to: - Apply weight to Services on load-balancing
+ - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: MaxBodySize defines the maximum size allowed for
+ the body of the request. If the body is larger, the request
+ is not mirrored. Default value is -1, which means unlimited
+ size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: 'Percent defines the part of the traffic to
+ mirror. Supported values: 0 to 100.'
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the two
+ is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the
+ only child is the Kubernetes Service clusterIP. The Kubernetes
+ Service itself does load-balance to the pods. By default, NativeLB
+ is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host header
+ is forwarded to the upstream Kubernetes Service. By default,
+ passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service. This
+ can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https when
+ Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy between
+ the servers. RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be specified
+ when Name references a TraefikService object (and to be precise,
+ one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: 'Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutes.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutes.yaml
new file mode 100644
index 00000000000..89aaee75952
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutes.yaml
@@ -0,0 +1,275 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutes.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the route. Rule is the
+ only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule'
+ type: string
+ middlewares:
+ description: 'Middlewares defines the list of references to
+ Middleware resources. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-middleware'
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority'
+ type: integer
+ services:
+ description: Services defines the list of Service. It can contain
+ any combination of TraefikService and/or reference to a Kubernetes
+ Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client
+ Host header is forwarded to the upstream Kubernetes
+ Service. By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval,
+ in milliseconds, in between flushes to the client
+ while copying the response body. A negative value
+ means to flush immediately after each write to the
+ client. This configuration is ignored when ReverseProxy
+ recognizes a response as a streaming response; for
+ such responses, writes are flushed to the client
+ immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the
+ request to the upstream Kubernetes Service. It defaults
+ to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only
+ be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round
+ Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSOption. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsoption'
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: 'Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ namespace:
+ description: 'Namespace defines the namespace of the referenced
+ TLSStore. More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-tlsstore'
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutetcps.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutetcps.yaml
new file mode 100644
index 00000000000..82f61ac24f1
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_ingressroutetcps.yaml
@@ -0,0 +1,218 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressroutetcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: 'Match defines the router''s rule. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#rule_1'
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: 'Priority defines the router''s priority. More
+ info: https://doc.traefik.io/traefik/v2.10/routing/routers/#priority_1'
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: 'ProxyProtocol defines the PROXY protocol
+ configuration. More info: https://doc.traefik.io/traefik/v2.10/routing/services/#proxy-protocol'
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: TerminationDelay defines the deadline that
+ the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection,
+ to close the reading capability as well, hence fully
+ terminating the connection. It is a duration in milliseconds,
+ defaulting to 100. A negative value means an infinite
+ deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: 'TLS defines the TLS configuration on a layer 4 / TCP
+ Route. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#tls_1'
+ properties:
+ certResolver:
+ description: 'CertResolver defines the name of the certificate
+ resolver to use. Cert resolvers have to be configured in the
+ static configuration. More info: https://doc.traefik.io/traefik/v2.10/https/acme/#certificate-resolvers'
+ type: string
+ domains:
+ description: 'Domains defines the list of domains that will be
+ used to issue certificates. More info: https://doc.traefik.io/traefik/v2.10/routing/routers/#domains'
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: 'Options defines the reference to a TLSOption, that
+ specifies the parameters of the TLS connection. If not defined,
+ the `default` TLSOption is used. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: Store defines the reference to the TLSStore, that
+ will be used to store certificates. Please note that only `default`
+ TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_ingressrouteudps.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_ingressrouteudps.yaml
new file mode 100644
index 00000000000..27c50185d08
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_ingressrouteudps.yaml
@@ -0,0 +1,105 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: ingressrouteudps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: 'EntryPoints defines the list of entry point names to
+ bind to. Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/entrypoints/
+ Default: all.'
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs
+ or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_middlewares.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_middlewares.yaml
new file mode 100644
index 00000000000..5a4dc3640fa
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_middlewares.yaml
@@ -0,0 +1,924 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewares.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: 'AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding
+ it. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/addprefix/'
+ properties:
+ prefix:
+ description: Prefix is the string to add before the current path
+ in the requested URL. It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: 'RemoveHeader sets the removeHeader option to true
+ to remove the authorization header before forwarding the request
+ to your service. Default: false.'
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: 'Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can
+ be forwarded to backends. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#maxrequestbodybytes'
+ properties:
+ maxRequestBodyBytes:
+ description: 'MaxRequestBodyBytes defines the maximum allowed
+ body size for the request (in bytes). If the request exceeds
+ the allowed size, it is not forwarded to the service, and the
+ client gets a 413 (Request Entity Too Large) response. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: 'MaxResponseBodyBytes defines the maximum allowed
+ response size from the service (in bytes). If the response exceeds
+ the allowed size, it is not forwarded to the client. The client
+ gets a 500 (Internal Server Error) response instead. Default:
+ 0 (no maximum).'
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: 'MemRequestBodyBytes defines the threshold (in bytes)
+ from which the request will be buffered on disk instead of in
+ memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: 'MemResponseBodyBytes defines the threshold (in bytes)
+ from which the response will be buffered on disk instead of
+ in memory. Default: 1048576 (1Mi).'
+ format: int64
+ type: integer
+ retryExpression:
+ description: 'RetryExpression defines the retry conditions. It
+ is a logical combination of functions with operators AND (&&)
+ and OR (||). More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/buffering/#retryexpression'
+ type: string
+ type: object
+ chain:
+ description: 'Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other
+ pieces of middleware. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/chain/'
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: 'Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the
+ client, using gzip compression. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/compress/'
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: 'MinResponseBodyBytes defines the minimum amount
+ of bytes a response body must have to be compressed. Default:
+ 1024.'
+ type: integer
+ type: object
+ contentType:
+ description: ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least
+ the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: AutoDetect specifies whether to let the `Content-Type`
+ header, if it has not been set by the backend, be automatically
+ set to a value derived from the contents of the response. As
+ a proxy, the default behavior should be to leave the header
+ alone, regardless of what the backend did with it. However,
+ the historic default was to always auto-detect and set the header
+ if it was nil, and it is going to be kept that way in order
+ to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: 'DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/digestauth/'
+ properties:
+ headerField:
+ description: 'HeaderField defines a header field to store the
+ authenticated user. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/basicauth/#headerfield'
+ type: string
+ realm:
+ description: 'Realm allows the protected resources on a server
+ to be partitioned into a set of protection spaces, each with
+ its own authentication scheme. Default: traefik.'
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: 'ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according
+ to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/'
+ properties:
+ query:
+ description: Query defines the URL for the error page (hosted
+ by service). The {status} variable can be used in order to insert
+ the status code in the URL.
+ type: string
+ service:
+ description: 'Service defines the reference to a Kubernetes Service
+ that will serve the error page. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/errorpages/#service'
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the
+ two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if
+ the only child is the Kubernetes Service clusterIP. The
+ Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming
+ response; for such responses, writes are flushed to
+ the client immediately. Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes
+ Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported value
+ at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object (and
+ to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: Status defines which status or range of statuses
+ should result in an error page. It can be either a status code
+ as a number (500), as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599), or
+ a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: 'ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/'
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: AuthRequestHeaders defines the list of the headers
+ to copy from the request to the authentication server. If not
+ set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: 'AuthResponseHeadersRegex defines the regex to match
+ headers to copy from the authentication server response and
+ set on forwarded request, after stripping all headers that match
+ the regex. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/forwardauth/#authresponseheadersregex'
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: CASecret is the name of the referenced Kubernetes
+ Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: CertSecret is the name of the referenced Kubernetes
+ Secret containing the client certificate. The client certificate
+ is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: 'Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/headers/#customrequestheaders'
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: CustomBrowserXSSValue defines the X-XSS-Protection
+ header value. This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: CustomFrameOptionsValue defines the X-Frame-Options
+ header value. This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: IsDevelopment defines whether to mitigate the unwanted
+ effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost,
+ not your production domain. If you would like your development
+ environment to mimic production with complete Host blocking,
+ SSL redirects, and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: PermissionsPolicy defines the Permissions-Policy
+ header value. This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: ReferrerPolicy defines the Referrer-Policy header
+ value. This allows sites to control whether browsers forward
+ the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: 'SSLProxyHeaders defines the header keys with associated
+ values that would indicate a valid HTTPS request. It can be
+ useful when using other proxies (example: "X-Forwarded-Proto":
+ "https").'
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: STSSeconds defines the max-age of the Strict-Transport-Security
+ header. If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: 'InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and
+ served concurrently. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/'
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ in-flight request. The middleware responds with HTTP 429 Too
+ Many Requests if there are already amount requests in progress
+ (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: 'SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost. More
+ info: https://doc.traefik.io/traefik/v2.10/middlewares/http/inflightreq/#sourcecriterion'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipWhiteList:
+ description: 'IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/'
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration used
+ by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: 'PassTLSClientCert holds the pass TLS client cert middleware
+ configuration. This middleware adds the selected data from the passed
+ client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/passtlsclientcert/'
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: 'Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/'
+ type: object
+ rateLimit:
+ description: 'RateLimit holds the rate limit configuration. This middleware
+ ensures that services will receive a fair amount of requests, and
+ allows one to define what fair is. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ratelimit/'
+ properties:
+ average:
+ description: Average is the maximum rate, by default in requests/s,
+ allowed for the given source. It defaults to 0, which means
+ no rate limiting. The rate is actually defined by dividing Average
+ by Period. So for a rate below 1req/s, one needs to define a
+ Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: Burst is the maximum number of requests allowed to
+ arrive in the same arbitrarily small period of time. It defaults
+ to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: 'Period, in combination with Average, defines the
+ actual maximum rate, such as: r = Average / Period. It defaults
+ to a second.'
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: SourceCriterion defines what criterion is used to
+ group requests as originating from a common source. If several
+ strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote
+ address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: 'IPStrategy holds the IP strategy configuration
+ used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/ipwhitelist/#ipstrategy'
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: 'RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectregex/#regex'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: 'RedirectScheme holds the redirect scheme middleware
+ configuration. This middleware redirects requests from a scheme/port
+ to another. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/redirectscheme/'
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: 'ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the
+ original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepath/'
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: 'ReplacePathRegex holds the replace path regex middleware
+ configuration. This middleware replaces the path of a URL using
+ regex matching and replacement. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/replacepathregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: 'Retry holds the retry middleware configuration. This
+ middleware reissues requests a given number of times to a backend
+ server if that server does not reply. As soon as the server answers,
+ the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/retry/'
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: InitialInterval defines the first wait time in the
+ exponential backoff series. The maximum interval is calculated
+ as twice the initialInterval. If unspecified, requests will
+ be retried immediately. The value of initialInterval should
+ be provided in seconds or as a valid duration format, see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: 'StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefix/'
+ properties:
+ forceSlash:
+ description: 'ForceSlash ensures that the resulting stripped path
+ is not the empty string, by replacing it with / when necessary.
+ Default: true.'
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: 'StripPrefixRegex holds the strip prefix regex middleware
+ configuration. This middleware removes the matching prefixes from
+ the URL path. More info: https://doc.traefik.io/traefik/v2.10/middlewares/http/stripprefixregex/'
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_middlewaretcps.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_middlewaretcps.yaml
new file mode 100644
index 00000000000..8623568f5b3
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_middlewaretcps.yaml
@@ -0,0 +1,72 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: middlewaretcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.10/middlewares/overview/'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: Amount defines the maximum amount of allowed simultaneous
+ connections. The middleware closes the connection if there are
+ already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipWhiteList:
+ description: IPWhiteList defines the IPWhiteList middleware configuration.
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_serverstransports.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_serverstransports.yaml
new file mode 100644
index 00000000000..803b56395a4
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_serverstransports.yaml
@@ -0,0 +1,128 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransports.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#serverstransport_1'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_serverstransporttcps.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_serverstransporttcps.yaml
new file mode 100644
index 00000000000..10e0a3f0e79
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_serverstransporttcps.yaml
@@ -0,0 +1,122 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: serverstransporttcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransportTCP
+ listKind: ServersTransportTCPList
+ plural: serverstransporttcps
+ singular: serverstransporttcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'ServersTransportTCP is the CRD implementation of a TCPServersTransport.
+ If no tcpServersTransport is specified, a default one named default@internal
+ will be used. The default@internal tcpServersTransport can be configured
+ in the static configuration. More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
+ properties:
+ dialKeepAlive:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialKeepAlive is the interval between keep-alive probes
+ for an active network connection. If zero, keep-alive probes are
+ sent with a default value (currently 15 seconds), if supported by
+ the protocol and operating system. Network protocols or operating
+ systems that do not support keep-alives ignore this field. If negative,
+ keep-alive probes are disabled.
+ x-kubernetes-int-or-string: true
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a connection
+ to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ terminationDelay:
+ anyOf:
+ - type: integer
+ - type: string
+ description: TerminationDelay defines the delay to wait before fully
+ terminating the connection, after one connected peer has closed
+ its writing capability.
+ x-kubernetes-int-or-string: true
+ tls:
+ description: TLS defines the TLS configuration
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables TLS certificate verification.
+ type: boolean
+ peerCertURI:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host. PeerCertURI defines the peer cert URI used
+ to match against SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to
+ validate self-signed certificates.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact
+ the server.
+ type: string
+ spiffe:
+ description: Spiffe defines the SPIFFE configuration.
+ properties:
+ ids:
+ description: IDs defines the allowed SPIFFE IDs (takes precedence
+ over the SPIFFE TrustDomain).
+ items:
+ type: string
+ type: array
+ trustDomain:
+ description: TrustDomain defines the allowed SPIFFE trust
+ domain.
+ type: string
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_tlsoptions.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_tlsoptions.yaml
new file mode 100644
index 00000000000..b86fefe0e95
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_tlsoptions.yaml
@@ -0,0 +1,113 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsoptions.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSOption is the CRD implementation of a Traefik TLS Option,
+ allowing to configure some parameters of the TLS connection. More info:
+ https://doc.traefik.io/traefik/v2.10/https/tls/#tls-options'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: 'ALPNProtocols defines the list of supported application
+ level protocols for the TLS handshake, in order of preference. More
+ info: https://doc.traefik.io/traefik/v2.10/https/tls/#alpn-protocols'
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: 'CipherSuites defines the list of supported cipher suites
+ for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#cipher-suites'
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: 'CurvePreferences defines the preferred elliptic curves
+ in a specific order. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#curve-preferences'
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: 'MaxVersion defines the maximum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: None.'
+ type: string
+ minVersion:
+ description: 'MinVersion defines the minimum TLS version that Traefik
+ will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12,
+ VersionTLS13. Default: VersionTLS10.'
+ type: string
+ preferServerCipherSuites:
+ description: 'PreferServerCipherSuites defines whether the server
+ chooses a cipher suite among his own instead of among the client''s.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430'
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_tlsstores.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_tlsstores.yaml
new file mode 100644
index 00000000000..47b46854c8b
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_tlsstores.yaml
@@ -0,0 +1,99 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: tlsstores.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TLSStore is the CRD implementation of a Traefik TLS Store. For
+ the time being, only the TLSStore named default is supported. This means
+ that you cannot have two stores that are named default in different Kubernetes
+ namespaces. More info: https://doc.traefik.io/traefik/v2.10/https/tls/#certificates-stores'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/crds/traefik.io_traefikservices.yaml b/system/traefik-crds/0.1.3/crds/traefik.io_traefikservices.yaml
new file mode 100644
index 00000000000..0f3475bda46
--- /dev/null
+++ b/system/traefik-crds/0.1.3/crds/traefik.io_traefikservices.yaml
@@ -0,0 +1,402 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ creationTimestamp: null
+ name: traefikservices.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: 'TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to: - Apply weight to Services on load-balancing
+ - Mirror traffic on services More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#kind-traefikservice'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: MaxBodySize defines the maximum size allowed for
+ the body of the request. If the body is larger, the request
+ is not mirrored. Default value is -1, which means unlimited
+ size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: 'Percent defines the part of the traffic to
+ mirror. Supported values: 0 to 100.'
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between the two
+ is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the
+ only child is the Kubernetes Service clusterIP. The Kubernetes
+ Service itself does load-balance to the pods. By default, NativeLB
+ is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host header
+ is forwarded to the upstream Kubernetes Service. By default,
+ passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service. This
+ can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in milliseconds,
+ in between flushes to the client while copying the response
+ body. A negative value means to flush immediately after
+ each write to the client. This configuration is ignored
+ when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https when
+ Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport between
+ Traefik and your servers. Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy between
+ the servers. RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be specified
+ when Name references a TraefikService object (and to be precise,
+ one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service or TraefikService. The differentiation between
+ the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or
+ if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the
+ pods. By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: PassHostHeader defines whether the client Host
+ header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: 'FlushInterval defines the interval, in
+ milliseconds, in between flushes to the client while
+ copying the response body. A negative value means
+ to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes
+ a response as a streaming response; for such responses,
+ writes are flushed to the client immediately. Default:
+ 100ms'
+ type: string
+ type: object
+ scheme:
+ description: Scheme defines the scheme to use for the request
+ to the upstream Kubernetes Service. It defaults to https
+ when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: ServersTransport defines the name of ServersTransport
+ resource to use. It allows to configure the transport
+ between Traefik and your servers. Can only be used on
+ a Kubernetes Service.
+ type: string
+ sticky:
+ description: 'Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/services/#sticky-sessions'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: Strategy defines the load balancing strategy
+ between the servers. RoundRobin is the only supported
+ value at the moment.
+ type: string
+ weight:
+ description: Weight defines the weight and should only be
+ specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: 'Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.10/routing/providers/kubernetes-crd/#stickiness-and-load-balancing'
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: 'SameSite defines the same site policy. More
+ info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite'
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
diff --git a/system/traefik-crds/0.1.3/dashboard.json b/system/traefik-crds/0.1.3/dashboard.json
new file mode 100644
index 00000000000..dccba9bde75
--- /dev/null
+++ b/system/traefik-crds/0.1.3/dashboard.json
@@ -0,0 +1,1568 @@
+{
+ "__inputs": [
+ {
+ "name": "DS_PROMETHEUS",
+ "label": "Prometheus",
+ "description": "",
+ "type": "datasource",
+ "pluginId": "prometheus",
+ "pluginName": "Prometheus"
+ }
+ ],
+ "__elements": {},
+ "__requires": [
+ {
+ "type": "grafana",
+ "id": "grafana",
+ "name": "Grafana",
+ "version": "9.3.1"
+ },
+ {
+ "type": "panel",
+ "id": "piechart",
+ "name": "Pie chart",
+ "version": ""
+ },
+ {
+ "type": "datasource",
+ "id": "prometheus",
+ "name": "Prometheus",
+ "version": "1.0.0"
+ },
+ {
+ "type": "panel",
+ "id": "stat",
+ "name": "Stat",
+ "version": ""
+ },
+ {
+ "type": "panel",
+ "id": "timeseries",
+ "name": "Time series",
+ "version": ""
+ }
+ ],
+ "annotations": {
+ "list": [
+ {
+ "builtIn": 1,
+ "datasource": {
+ "type": "grafana",
+ "uid": "-- Grafana --"
+ },
+ "enable": true,
+ "hide": true,
+ "iconColor": "rgba(0, 211, 255, 1)",
+ "name": "Annotations & Alerts",
+ "target": {
+ "limit": 100,
+ "matchAny": false,
+ "tags": [],
+ "type": "dashboard"
+ },
+ "type": "dashboard"
+ }
+ ]
+ },
+ "description": "Official dashboard for Traefik on Kubernetes",
+ "editable": false,
+ "fiscalYearStartMonth": 0,
+ "gnetId": 17347,
+ "graphTooltip": 0,
+ "id": null,
+ "links": [],
+ "liveNow": false,
+ "panels": [
+ {
+ "collapsed": false,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 0
+ },
+ "id": 9,
+ "panels": [],
+ "title": "General",
+ "type": "row"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "thresholds"
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 2,
+ "w": 5,
+ "x": 0,
+ "y": 1
+ },
+ "id": 13,
+ "options": {
+ "colorMode": "value",
+ "graphMode": "area",
+ "justifyMode": "auto",
+ "orientation": "auto",
+ "reduceOptions": {
+ "calcs": ["lastNotNull"],
+ "fields": "",
+ "values": false
+ },
+ "textMode": "auto"
+ },
+ "pluginVersion": "9.3.1",
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "count(traefik_config_reloads_total)",
+ "legendFormat": "__auto",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Traefik Instances",
+ "type": "stat"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 7,
+ "x": 5,
+ "y": 1
+ },
+ "id": 7,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "bottom",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "sum(rate(traefik_entrypoint_requests_total{entrypoint=~\"$entrypoint\"}[1m])) by (entrypoint)",
+ "legendFormat": "{{entrypoint}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Requests per Entrypoint",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "https://medium.com/@tristan_96324/prometheus-apdex-alerting-d17a065e39d0",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ }
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 1
+ },
+ "id": 6,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "bottom",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "(sum(rate(traefik_entrypoint_request_duration_seconds_bucket{le=\"0.3\",code=\"200\",entrypoint=~\"$entrypoint\"}[5m])) by (method) + \n sum(rate(traefik_entrypoint_request_duration_seconds_bucket{le=\"1.2\",code=\"200\",entrypoint=~\"$entrypoint\"}[5m])) by (method)) / 2 / \n sum(rate(traefik_entrypoint_request_duration_seconds_count{code=\"200\",entrypoint=~\"$entrypoint\"}[5m])) by (method)\n",
+ "legendFormat": "{{method}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Apdex score",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "Mean Distribution",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ }
+ },
+ "mappings": [],
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 6,
+ "w": 5,
+ "x": 0,
+ "y": 3
+ },
+ "id": 14,
+ "options": {
+ "legend": {
+ "displayMode": "list",
+ "placement": "right",
+ "showLegend": true,
+ "values": ["percent"]
+ },
+ "pieType": "pie",
+ "reduceOptions": {
+ "calcs": ["mean"],
+ "fields": "",
+ "values": false
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "asc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "sum(rate(traefik_service_requests_total{service=~\"$service.*\",protocol=\"http\"}[1m])) by (method, code)",
+ "legendFormat": "{{method}}[{{code}}]",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Http Code ",
+ "type": "piechart"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "s"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 9
+ },
+ "id": 23,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n traefik_service_request_duration_seconds_sum{service=~\"$service.*\",protocol=\"http\"} / \n traefik_service_request_duration_seconds_count{service=~\"$service.*\",protocol=\"http\"},\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)\n\n",
+ "legendFormat": "{{method}}[{{code}}] on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Top slow services",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 9
+ },
+ "id": 5,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,code) \n (rate(traefik_service_requests_total{service=~\"$service.*\",protocol=\"http\"}[5m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "[{{code}}] on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Most requested services",
+ "type": "timeseries"
+ },
+ {
+ "collapsed": true,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 17
+ },
+ "id": 11,
+ "panels": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ }
+ ]
+ },
+ "unit": "percentunit"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 18
+ },
+ "id": 3,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "label_replace(\n 1 - (sum by (service)\n (rate(traefik_service_request_duration_seconds_bucket{le=\"1.2\",service=~\"$service.*\"}[5m])) / sum by (service) \n (rate(traefik_service_request_duration_seconds_count{service=~\"$service.*\"}[5m]))\n ) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\"\n)",
+ "legendFormat": "{{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Services failing SLO of 1200ms",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ }
+ ]
+ },
+ "unit": "percentunit"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 18
+ },
+ "id": 4,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "label_replace(\n 1 - (sum by (service)\n (rate(traefik_service_request_duration_seconds_bucket{le=\"0.3\",service=~\"$service.*\"}[5m])) / sum by (service) \n (rate(traefik_service_request_duration_seconds_count{service=~\"$service.*\"}[5m]))\n ) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\"\n)",
+ "legendFormat": "{{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Services failing SLO of 300ms",
+ "type": "timeseries"
+ }
+ ],
+ "title": "SLO",
+ "type": "row"
+ },
+ {
+ "collapsed": false,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 18
+ },
+ "id": 16,
+ "panels": [],
+ "title": "HTTP Details",
+ "type": "row"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 12,
+ "w": 8,
+ "x": 0,
+ "y": 19
+ },
+ "id": 17,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "bottom",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,method,code) \n (rate(traefik_service_requests_total{service=~\"$service.*\",code=~\"2..\",protocol=\"http\"}[5m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "{{method}}[{{code}}] on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "2xx over 5 min",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisGridShow": true,
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 12,
+ "w": 8,
+ "x": 8,
+ "y": 19
+ },
+ "id": 18,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "bottom",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,method,code) \n (rate(traefik_service_requests_total{service=~\"$service.*\",code=~\"5..\",protocol=\"http\"}[5m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "{{method}}[{{code}}] on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "5xx over 5 min",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisGridShow": true,
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "reqps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 12,
+ "w": 8,
+ "x": 16,
+ "y": 19
+ },
+ "id": 19,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "bottom",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,method,code) \n (rate(traefik_service_requests_total{service=~\"$service.*\",code!~\"2..|5..\",protocol=\"http\"}[5m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "{{method}}[{{code}}] on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Other codes over 5 min",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisGridShow": true,
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "binBps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 31
+ },
+ "id": 20,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,method) \n (rate(traefik_service_requests_bytes_total{service=~\"$service.*\",protocol=\"http\"}[1m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "{{method}} on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Requests Size",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisGridShow": true,
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "binBps"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 31
+ },
+ "id": 24,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Mean",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "topk(15,\n label_replace(\n sum by (service,method) \n (rate(traefik_service_responses_bytes_total{service=~\"$service.*\",protocol=\"http\"}[1m])) > 0,\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")\n)",
+ "legendFormat": "{{method}} on {{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Responses Size",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "short"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 0,
+ "y": 39
+ },
+ "id": 2,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "label_replace(\n sum(traefik_service_open_connections{service=~\"$service.*\"}) by (service),\n \"service\", \"$1\", \"service\", \"([^-]+-[^-]+).*\")",
+ "legendFormat": "{{service}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Connections per Service",
+ "type": "timeseries"
+ },
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "description": "",
+ "fieldConfig": {
+ "defaults": {
+ "color": {
+ "mode": "palette-classic"
+ },
+ "custom": {
+ "axisCenteredZero": false,
+ "axisColorMode": "text",
+ "axisLabel": "",
+ "axisPlacement": "auto",
+ "barAlignment": 0,
+ "drawStyle": "line",
+ "fillOpacity": 0,
+ "gradientMode": "none",
+ "hideFrom": {
+ "legend": false,
+ "tooltip": false,
+ "viz": false
+ },
+ "lineInterpolation": "linear",
+ "lineWidth": 1,
+ "pointSize": 5,
+ "scaleDistribution": {
+ "type": "linear"
+ },
+ "showPoints": "auto",
+ "spanNulls": false,
+ "stacking": {
+ "group": "A",
+ "mode": "none"
+ },
+ "thresholdsStyle": {
+ "mode": "off"
+ }
+ },
+ "mappings": [],
+ "thresholds": {
+ "mode": "absolute",
+ "steps": [
+ {
+ "color": "green",
+ "value": null
+ },
+ {
+ "color": "red",
+ "value": 80
+ }
+ ]
+ },
+ "unit": "short"
+ },
+ "overrides": []
+ },
+ "gridPos": {
+ "h": 8,
+ "w": 12,
+ "x": 12,
+ "y": 39
+ },
+ "id": 21,
+ "options": {
+ "legend": {
+ "calcs": ["mean", "max"],
+ "displayMode": "table",
+ "placement": "right",
+ "showLegend": true,
+ "sortBy": "Max",
+ "sortDesc": true
+ },
+ "tooltip": {
+ "mode": "multi",
+ "sort": "desc"
+ }
+ },
+ "targets": [
+ {
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "editorMode": "code",
+ "expr": "sum(traefik_entrypoint_open_connections{entrypoint=~\"$entrypoint\"}) by (entrypoint)\n",
+ "legendFormat": "{{entrypoint}}",
+ "range": true,
+ "refId": "A"
+ }
+ ],
+ "title": "Connections per Entrypoint",
+ "type": "timeseries"
+ }
+ ],
+ "refresh": false,
+ "schemaVersion": 37,
+ "style": "dark",
+ "tags": [],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "selected": false,
+ "text": "Prometheus",
+ "value": "Prometheus"
+ },
+ "hide": 0,
+ "includeAll": false,
+ "multi": false,
+ "name": "DS_PROMETHEUS",
+ "label": "datasource",
+ "options": [],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "",
+ "skipUrlSync": false,
+ "type": "datasource"
+ },
+ {
+ "current": {},
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "definition": "label_values(traefik_entrypoint_open_connections, entrypoint)",
+ "hide": 0,
+ "includeAll": true,
+ "multi": false,
+ "name": "entrypoint",
+ "options": [],
+ "query": {
+ "query": "label_values(traefik_entrypoint_open_connections, entrypoint)",
+ "refId": "StandardVariableQuery"
+ },
+ "refresh": 1,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "type": "query"
+ },
+ {
+ "current": {},
+ "datasource": {
+ "type": "prometheus",
+ "uid": "${DS_PROMETHEUS}"
+ },
+ "definition": "label_values(traefik_service_open_connections, service)",
+ "hide": 0,
+ "includeAll": true,
+ "multi": false,
+ "name": "service",
+ "options": [],
+ "query": {
+ "query": "label_values(traefik_service_open_connections, service)",
+ "refId": "StandardVariableQuery"
+ },
+ "refresh": 2,
+ "regex": "/([^-]+-[^-]+).*/",
+ "skipUrlSync": false,
+ "sort": 1,
+ "type": "query"
+ }
+ ]
+ },
+ "time": {
+ "from": "now-6h",
+ "to": "now"
+ },
+ "timepicker": {},
+ "timezone": "",
+ "title": "Traefik Official Kubernetes Dashboard",
+ "uid": "n5bu_kv4k",
+ "version": 6,
+ "weekStart": ""
+}
diff --git a/system/traefik-crds/0.1.3/ix_values.yaml b/system/traefik-crds/0.1.3/ix_values.yaml
new file mode 100644
index 00000000000..9b21caa5a23
--- /dev/null
+++ b/system/traefik-crds/0.1.3/ix_values.yaml
@@ -0,0 +1,17 @@
+image:
+ pullPolicy: IfNotPresent
+ repository: tccr.io/tccr/scratch
+ tag: latest
+
+portal:
+ open:
+ enabled: false
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+workload:
+ main:
+ enabled: false
diff --git a/system/traefik-crds/0.1.3/questions.yaml b/system/traefik-crds/0.1.3/questions.yaml
new file mode 100755
index 00000000000..2e6bafcb9ee
--- /dev/null
+++ b/system/traefik-crds/0.1.3/questions.yaml
@@ -0,0 +1,75 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_tcportal-open_protocol"
+ host:
+ - "$kubernetes-resource_configmap_tcportal-open_host"
+ ports:
+ - "$kubernetes-resource_configmap_tcportal-open_port"
+
+ path: "$kubernetes-resource_configmap_tcportal-open_path"
+questions:
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+
diff --git a/system/traefik-crds/0.1.3/templates/NOTES.txt b/system/traefik-crds/0.1.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/traefik-crds/0.1.3/templates/common.yaml b/system/traefik-crds/0.1.3/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutes.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutes.yaml
new file mode 100644
index 00000000000..31f9791db08
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutes.yaml
@@ -0,0 +1,287 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressroutes.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: |-
+ Kind defines the kind of the route.
+ Rule is the only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: |-
+ Match defines the router's rule.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule
+ type: string
+ middlewares:
+ description: |-
+ Middlewares defines the list of references to Middleware resources.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: |-
+ Priority defines the router's priority.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority
+ type: integer
+ services:
+ description: |-
+ Services defines the list of Service.
+ It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: |-
+ TLS defines the TLS configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls
+ properties:
+ certResolver:
+ description: |-
+ CertResolver defines the name of the certificate resolver to use.
+ Cert resolvers have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers
+ type: string
+ domains:
+ description: |-
+ Domains defines the list of domains that will be used to issue certificates.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: |-
+ Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
+ If not defined, the `default` TLSOption is used.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ name:
+ description: |-
+ Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the namespace of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: |-
+ Store defines the reference to the TLSStore, that will be used to store certificates.
+ Please note that only `default` TLSStore can be used.
+ properties:
+ name:
+ description: |-
+ Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the namespace of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutetcps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutetcps.yaml
new file mode 100644
index 00000000000..e8356112f6a
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressroutetcps.yaml
@@ -0,0 +1,224 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressroutetcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: |-
+ Match defines the router's rule.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: |-
+ Priority defines the router's priority.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: |-
+ ProxyProtocol defines the PROXY protocol configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: |-
+ TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection, to close the reading capability as well,
+ hence fully terminating the connection.
+ It is a duration in milliseconds, defaulting to 100.
+ A negative value means an infinite deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: |-
+ TLS defines the TLS configuration on a layer 4 / TCP Route.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1
+ properties:
+ certResolver:
+ description: |-
+ CertResolver defines the name of the certificate resolver to use.
+ Cert resolvers have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers
+ type: string
+ domains:
+ description: |-
+ Domains defines the list of domains that will be used to issue certificates.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: |-
+ Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
+ If not defined, the `default` TLSOption is used.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: |-
+ Store defines the reference to the TLSStore, that will be used to store certificates.
+ Please note that only `default` TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressrouteudps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressrouteudps.yaml
new file mode 100644
index 00000000000..ac3f3b17ee6
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_ingressrouteudps.yaml
@@ -0,0 +1,104 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressrouteudps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewares.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewares.yaml
new file mode 100644
index 00000000000..be0af55c550
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewares.yaml
@@ -0,0 +1,980 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: middlewares.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: |-
+ AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding it.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/
+ properties:
+ prefix:
+ description: |-
+ Prefix is the string to add before the current path in the requested URL.
+ It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: |-
+ BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/
+ properties:
+ headerField:
+ description: |-
+ HeaderField defines a header field to store the authenticated user.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield
+ type: string
+ realm:
+ description: |-
+ Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
+ Default: traefik.
+ type: string
+ removeHeader:
+ description: |-
+ RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service.
+ Default: false.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: |-
+ Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can be forwarded to backends.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes
+ properties:
+ maxRequestBodyBytes:
+ description: |-
+ MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
+ If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
+ Default: 0 (no maximum).
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: |-
+ MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes).
+ If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead.
+ Default: 0 (no maximum).
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: |-
+ MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory.
+ Default: 1048576 (1Mi).
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: |-
+ MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory.
+ Default: 1048576 (1Mi).
+ format: int64
+ type: integer
+ retryExpression:
+ description: |-
+ RetryExpression defines the retry conditions.
+ It is a logical combination of functions with operators AND (&&) and OR (||).
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression
+ type: string
+ type: object
+ chain:
+ description: |-
+ Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other pieces of middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: |-
+ Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the client, using gzip compression.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: |-
+ MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed.
+ Default: 1024.
+ type: integer
+ type: object
+ contentType:
+ description: |-
+ ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: |-
+ AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
+ be automatically set to a value derived from the contents of the response.
+ As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it.
+ However, the historic default was to always auto-detect and set the header if it was nil,
+ and it is going to be kept that way in order to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: |-
+ DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/
+ properties:
+ headerField:
+ description: |-
+ HeaderField defines a header field to store the authenticated user.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield
+ type: string
+ realm:
+ description: |-
+ Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
+ Default: traefik.
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: |-
+ ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/
+ properties:
+ query:
+ description: |-
+ Query defines the URL for the error page (hosted by service).
+ The {status} variable can be used in order to insert the status code in the URL.
+ type: string
+ service:
+ description: |-
+ Service defines the reference to a Kubernetes Service that will serve the error page.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: |-
+ Status defines which status or range of statuses should result in an error page.
+ It can be either a status code as a number (500),
+ as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599),
+ or a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: |-
+ ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: |-
+ AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
+ If not set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: |-
+ AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: |-
+ CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: |-
+ CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
+ The client certificate is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: |-
+ Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: |-
+ CustomBrowserXSSValue defines the X-XSS-Protection header value.
+ This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: |-
+ CustomFrameOptionsValue defines the X-Frame-Options header value.
+ This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: |-
+ IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain.
+ If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
+ and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: |-
+ PermissionsPolicy defines the Permissions-Policy header value.
+ This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: |-
+ ReferrerPolicy defines the Referrer-Policy header value.
+ This allows sites to control whether browsers forward the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: |-
+ SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request.
+ It can be useful when using other proxies (example: "X-Forwarded-Proto": "https").
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: |-
+ STSSeconds defines the max-age of the Strict-Transport-Security header.
+ If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: |-
+ InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and served concurrently.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/
+ properties:
+ amount:
+ description: |-
+ Amount defines the maximum amount of allowed simultaneous in-flight request.
+ The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: |-
+ SourceCriterion defines what criterion is used to group requests as originating from a common source.
+ If several strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipAllowList:
+ description: |-
+ IPAllowList holds the IP allowlist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ ipWhiteList:
+ description: |-
+ IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/
+ Deprecated: please use IPAllowList instead.
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: |-
+ PassTLSClientCert holds the pass TLS client cert middleware configuration.
+ This middleware adds the selected data from the passed client TLS certificate to a header.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: |-
+ Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/
+ type: object
+ rateLimit:
+ description: |-
+ RateLimit holds the rate limit configuration.
+ This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/
+ properties:
+ average:
+ description: |-
+ Average is the maximum rate, by default in requests/s, allowed for the given source.
+ It defaults to 0, which means no rate limiting.
+ The rate is actually defined by dividing Average by Period. So for a rate below 1req/s,
+ one needs to define a Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: |-
+ Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time.
+ It defaults to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Period, in combination with Average, defines the actual maximum rate, such as:
+ r = Average / Period. It defaults to a second.
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: |-
+ SourceCriterion defines what criterion is used to group requests as originating from a common source.
+ If several strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: |-
+ RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: |-
+ RedirectScheme holds the redirect scheme middleware configuration.
+ This middleware redirects requests from a scheme/port to another.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: |-
+ ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: |-
+ ReplacePathRegex holds the replace path regex middleware configuration.
+ This middleware replaces the path of a URL using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: |-
+ Retry holds the retry middleware configuration.
+ This middleware reissues requests a given number of times to a backend server if that server does not reply.
+ As soon as the server answers, the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ InitialInterval defines the first wait time in the exponential backoff series.
+ The maximum interval is calculated as twice the initialInterval.
+ If unspecified, requests will be retried immediately.
+ The value of initialInterval should be provided in seconds or as a valid duration format,
+ see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: |-
+ StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/
+ properties:
+ forceSlash:
+ description: |-
+ ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
+ Default: true.
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: |-
+ StripPrefixRegex holds the strip prefix regex middleware configuration.
+ This middleware removes the matching prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewaretcps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewaretcps.yaml
new file mode 100644
index 00000000000..6535b365f1e
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_middlewaretcps.yaml
@@ -0,0 +1,87 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: middlewaretcps.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: |-
+ Amount defines the maximum amount of allowed simultaneous connections.
+ The middleware closes the connection if there are already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipAllowList:
+ description: |-
+ IPAllowList defines the IPAllowList middleware configuration.
+ This middleware accepts/refuses connections based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ ipWhiteList:
+ description: |-
+ IPWhiteList defines the IPWhiteList middleware configuration.
+ This middleware accepts/refuses connections based on the client IP.
+ Deprecated: please use IPAllowList instead.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_serverstransports.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_serverstransports.yaml
new file mode 100644
index 00000000000..454e35a2a8d
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_serverstransports.yaml
@@ -0,0 +1,126 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: serverstransports.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsoptions.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsoptions.yaml
new file mode 100644
index 00000000000..bef834eab21
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsoptions.yaml
@@ -0,0 +1,114 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: tlsoptions.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: |-
+ ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: |-
+ CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: |-
+ CurvePreferences defines the preferred elliptic curves in a specific order.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: |-
+ MaxVersion defines the maximum TLS version that Traefik will accept.
+ Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
+ Default: None.
+ type: string
+ minVersion:
+ description: |-
+ MinVersion defines the minimum TLS version that Traefik will accept.
+ Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
+ Default: VersionTLS10.
+ type: string
+ preferServerCipherSuites:
+ description: |-
+ PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsstores.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsstores.yaml
new file mode 100644
index 00000000000..57c8e1bf765
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_tlsstores.yaml
@@ -0,0 +1,97 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: tlsstores.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TLSStore is the CRD implementation of a Traefik TLS Store.
+ For the time being, only the TLSStore named default is supported.
+ This means that you cannot have two stores that are named default in different Kubernetes namespaces.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_traefikservices.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_traefikservices.yaml
new file mode 100644
index 00000000000..5ceb028aa87
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.containo.us_traefikservices.yaml
@@ -0,0 +1,411 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: traefikservices.traefik.containo.us
+spec:
+ group: traefik.containo.us
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to:
+ - Apply weight to Services on load-balancing
+ - Mirror traffic on services
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: |-
+ MaxBodySize defines the maximum size allowed for the body of the request.
+ If the body is larger, the request is not mirrored.
+ Default value is -1, which means unlimited size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: |-
+ Percent defines the part of the traffic to mirror.
+ Supported values: 0 to 100.
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: |-
+ Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutes.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutes.yaml
new file mode 100644
index 00000000000..587207d7c81
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutes.yaml
@@ -0,0 +1,287 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressroutes.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRoute
+ listKind: IngressRouteList
+ plural: ingressroutes
+ singular: ingressroute
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRoute is the CRD implementation of a Traefik HTTP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteSpec defines the desired state of IngressRoute.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: Route holds the HTTP route configuration.
+ properties:
+ kind:
+ description: |-
+ Kind defines the kind of the route.
+ Rule is the only supported kind.
+ enum:
+ - Rule
+ type: string
+ match:
+ description: |-
+ Match defines the router's rule.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule
+ type: string
+ middlewares:
+ description: |-
+ Middlewares defines the list of references to Middleware resources.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-middleware
+ items:
+ description: MiddlewareRef is a reference to a Middleware
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: |-
+ Priority defines the router's priority.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority
+ type: integer
+ services:
+ description: |-
+ Services defines the list of Service.
+ It can contain any combination of TraefikService and/or reference to a Kubernetes Service.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to
+ the client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as
+ JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie
+ can only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - kind
+ - match
+ type: object
+ type: array
+ tls:
+ description: |-
+ TLS defines the TLS configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls
+ properties:
+ certResolver:
+ description: |-
+ CertResolver defines the name of the certificate resolver to use.
+ Cert resolvers have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers
+ type: string
+ domains:
+ description: |-
+ Domains defines the list of domains that will be used to issue certificates.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: |-
+ Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
+ If not defined, the `default` TLSOption is used.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ name:
+ description: |-
+ Name defines the name of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the namespace of the referenced TLSOption.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsoption
+ type: string
+ required:
+ - name
+ type: object
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: |-
+ Store defines the reference to the TLSStore, that will be used to store certificates.
+ Please note that only `default` TLSStore can be used.
+ properties:
+ name:
+ description: |-
+ Name defines the name of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore
+ type: string
+ namespace:
+ description: |-
+ Namespace defines the namespace of the referenced TLSStore.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-tlsstore
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutetcps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutetcps.yaml
new file mode 100644
index 00000000000..ef6f9b8c189
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressroutetcps.yaml
@@ -0,0 +1,224 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressroutetcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteTCP
+ listKind: IngressRouteTCPList
+ plural: ingressroutetcps
+ singular: ingressroutetcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteTCP is the CRD implementation of a Traefik TCP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteTCPSpec defines the desired state of IngressRouteTCP.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteTCP holds the TCP route configuration.
+ properties:
+ match:
+ description: |-
+ Match defines the router's rule.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#rule_1
+ type: string
+ middlewares:
+ description: Middlewares defines the list of references to MiddlewareTCP
+ resources.
+ items:
+ description: ObjectReference is a generic reference to a Traefik
+ resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ priority:
+ description: |-
+ Priority defines the router's priority.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#priority_1
+ type: integer
+ services:
+ description: Services defines the list of TCP services.
+ items:
+ description: ServiceTCP defines an upstream TCP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ proxyProtocol:
+ description: |-
+ ProxyProtocol defines the PROXY protocol configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#proxy-protocol
+ properties:
+ version:
+ description: Version defines the PROXY Protocol version
+ to use.
+ type: integer
+ type: object
+ terminationDelay:
+ description: |-
+ TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates
+ it has closed the writing capability of its connection, to close the reading capability as well,
+ hence fully terminating the connection.
+ It is a duration in milliseconds, defaulting to 100.
+ A negative value means an infinite deadline (i.e. the reading capability is never closed).
+ type: integer
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ required:
+ - match
+ type: object
+ type: array
+ tls:
+ description: |-
+ TLS defines the TLS configuration on a layer 4 / TCP Route.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#tls_1
+ properties:
+ certResolver:
+ description: |-
+ CertResolver defines the name of the certificate resolver to use.
+ Cert resolvers have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/https/acme/#certificate-resolvers
+ type: string
+ domains:
+ description: |-
+ Domains defines the list of domains that will be used to issue certificates.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/routers/#domains
+ items:
+ description: Domain holds a domain name with SANs.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain
+ names.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ options:
+ description: |-
+ Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection.
+ If not defined, the `default` TLSOption is used.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ passthrough:
+ description: Passthrough defines whether a TLS router will terminate
+ the TLS connection.
+ type: boolean
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ store:
+ description: |-
+ Store defines the reference to the TLSStore, that will be used to store certificates.
+ Please note that only `default` TLSStore can be used.
+ properties:
+ name:
+ description: Name defines the name of the referenced Traefik
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Traefik resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressrouteudps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressrouteudps.yaml
new file mode 100644
index 00000000000..60cc29d5483
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_ingressrouteudps.yaml
@@ -0,0 +1,104 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: ingressrouteudps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: IngressRouteUDP
+ listKind: IngressRouteUDPList
+ plural: ingressrouteudps
+ singular: ingressrouteudp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressRouteUDP is a CRD implementation of a Traefik UDP Router.
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.
+ properties:
+ entryPoints:
+ description: |-
+ EntryPoints defines the list of entry point names to bind to.
+ Entry points have to be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/entrypoints/
+ Default: all.
+ items:
+ type: string
+ type: array
+ routes:
+ description: Routes defines the list of routes.
+ items:
+ description: RouteUDP holds the UDP route configuration.
+ properties:
+ services:
+ description: Services defines the list of UDP services.
+ items:
+ description: ServiceUDP defines an upstream UDP service to
+ proxy traffic to.
+ properties:
+ name:
+ description: Name defines the name of the referenced Kubernetes
+ Service.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ weight:
+ description: Weight defines the weight used when balancing
+ requests between multiple Kubernetes Service.
+ type: integer
+ required:
+ - name
+ - port
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - routes
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewares.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewares.yaml
new file mode 100644
index 00000000000..66913e6530d
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewares.yaml
@@ -0,0 +1,980 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: middlewares.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: Middleware
+ listKind: MiddlewareList
+ plural: middlewares
+ singular: middleware
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ Middleware is the CRD implementation of a Traefik Middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/overview/
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareSpec defines the desired state of a Middleware.
+ properties:
+ addPrefix:
+ description: |-
+ AddPrefix holds the add prefix middleware configuration.
+ This middleware updates the path of a request before forwarding it.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/addprefix/
+ properties:
+ prefix:
+ description: |-
+ Prefix is the string to add before the current path in the requested URL.
+ It should include a leading slash (/).
+ type: string
+ type: object
+ basicAuth:
+ description: |-
+ BasicAuth holds the basic auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/
+ properties:
+ headerField:
+ description: |-
+ HeaderField defines a header field to store the authenticated user.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield
+ type: string
+ realm:
+ description: |-
+ Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
+ Default: traefik.
+ type: string
+ removeHeader:
+ description: |-
+ RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service.
+ Default: false.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ buffering:
+ description: |-
+ Buffering holds the buffering middleware configuration.
+ This middleware retries or limits the size of requests that can be forwarded to backends.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#maxrequestbodybytes
+ properties:
+ maxRequestBodyBytes:
+ description: |-
+ MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes).
+ If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response.
+ Default: 0 (no maximum).
+ format: int64
+ type: integer
+ maxResponseBodyBytes:
+ description: |-
+ MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes).
+ If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead.
+ Default: 0 (no maximum).
+ format: int64
+ type: integer
+ memRequestBodyBytes:
+ description: |-
+ MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory.
+ Default: 1048576 (1Mi).
+ format: int64
+ type: integer
+ memResponseBodyBytes:
+ description: |-
+ MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory.
+ Default: 1048576 (1Mi).
+ format: int64
+ type: integer
+ retryExpression:
+ description: |-
+ RetryExpression defines the retry conditions.
+ It is a logical combination of functions with operators AND (&&) and OR (||).
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/buffering/#retryexpression
+ type: string
+ type: object
+ chain:
+ description: |-
+ Chain holds the configuration of the chain middleware.
+ This middleware enables to define reusable combinations of other pieces of middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/chain/
+ properties:
+ middlewares:
+ description: Middlewares is the list of MiddlewareRef which composes
+ the chain.
+ items:
+ description: MiddlewareRef is a reference to a Middleware resource.
+ properties:
+ name:
+ description: Name defines the name of the referenced Middleware
+ resource.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Middleware resource.
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ circuitBreaker:
+ description: CircuitBreaker holds the circuit breaker configuration.
+ properties:
+ checkPeriod:
+ anyOf:
+ - type: integer
+ - type: string
+ description: CheckPeriod is the interval between successive checks
+ of the circuit breaker condition (when in standby state).
+ x-kubernetes-int-or-string: true
+ expression:
+ description: Expression is the condition that triggers the tripped
+ state.
+ type: string
+ fallbackDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: FallbackDuration is the duration for which the circuit
+ breaker will wait before trying to recover (from a tripped state).
+ x-kubernetes-int-or-string: true
+ recoveryDuration:
+ anyOf:
+ - type: integer
+ - type: string
+ description: RecoveryDuration is the duration for which the circuit
+ breaker will try to recover (as soon as it is in recovering
+ state).
+ x-kubernetes-int-or-string: true
+ type: object
+ compress:
+ description: |-
+ Compress holds the compress middleware configuration.
+ This middleware compresses responses before sending them to the client, using gzip compression.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/compress/
+ properties:
+ excludedContentTypes:
+ description: ExcludedContentTypes defines the list of content
+ types to compare the Content-Type header of the incoming requests
+ and responses before compressing.
+ items:
+ type: string
+ type: array
+ minResponseBodyBytes:
+ description: |-
+ MinResponseBodyBytes defines the minimum amount of bytes a response body must have to be compressed.
+ Default: 1024.
+ type: integer
+ type: object
+ contentType:
+ description: |-
+ ContentType holds the content-type middleware configuration.
+ This middleware exists to enable the correct behavior until at least the default one can be changed in a future version.
+ properties:
+ autoDetect:
+ description: |-
+ AutoDetect specifies whether to let the `Content-Type` header, if it has not been set by the backend,
+ be automatically set to a value derived from the contents of the response.
+ As a proxy, the default behavior should be to leave the header alone, regardless of what the backend did with it.
+ However, the historic default was to always auto-detect and set the header if it was nil,
+ and it is going to be kept that way in order to support users currently relying on it.
+ type: boolean
+ type: object
+ digestAuth:
+ description: |-
+ DigestAuth holds the digest auth middleware configuration.
+ This middleware restricts access to your services to known users.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/digestauth/
+ properties:
+ headerField:
+ description: |-
+ HeaderField defines a header field to store the authenticated user.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/basicauth/#headerfield
+ type: string
+ realm:
+ description: |-
+ Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme.
+ Default: traefik.
+ type: string
+ removeHeader:
+ description: RemoveHeader defines whether to remove the authorization
+ header before forwarding the request to the backend.
+ type: boolean
+ secret:
+ description: Secret is the name of the referenced Kubernetes Secret
+ containing user credentials.
+ type: string
+ type: object
+ errors:
+ description: |-
+ ErrorPage holds the custom error middleware configuration.
+ This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/
+ properties:
+ query:
+ description: |-
+ Query defines the URL for the error page (hosted by service).
+ The {status} variable can be used in order to insert the status code in the URL.
+ type: string
+ service:
+ description: |-
+ Service defines the reference to a Kubernetes Service that will serve the error page.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/errorpages/#service
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can
+ be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ status:
+ description: |-
+ Status defines which status or range of statuses should result in an error page.
+ It can be either a status code as a number (500),
+ as multiple comma-separated numbers (500,502),
+ as ranges by separating two codes with a dash (500-599),
+ or a combination of the two (404,418,500-599).
+ items:
+ type: string
+ type: array
+ type: object
+ forwardAuth:
+ description: |-
+ ForwardAuth holds the forward auth middleware configuration.
+ This middleware delegates the request authentication to a Service.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/
+ properties:
+ address:
+ description: Address defines the authentication server address.
+ type: string
+ authRequestHeaders:
+ description: |-
+ AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
+ If not set or empty then all request headers are passed.
+ items:
+ type: string
+ type: array
+ authResponseHeaders:
+ description: AuthResponseHeaders defines the list of headers to
+ copy from the authentication server response and set on forwarded
+ request, replacing any existing conflicting headers.
+ items:
+ type: string
+ type: array
+ authResponseHeadersRegex:
+ description: |-
+ AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/forwardauth/#authresponseheadersregex
+ type: string
+ tls:
+ description: TLS defines the configuration used to secure the
+ connection to the authentication server.
+ properties:
+ caOptional:
+ type: boolean
+ caSecret:
+ description: |-
+ CASecret is the name of the referenced Kubernetes Secret containing the CA to validate the server certificate.
+ The CA certificate is extracted from key `tls.ca` or `ca.crt`.
+ type: string
+ certSecret:
+ description: |-
+ CertSecret is the name of the referenced Kubernetes Secret containing the client certificate.
+ The client certificate is extracted from the keys `tls.crt` and `tls.key`.
+ type: string
+ insecureSkipVerify:
+ description: InsecureSkipVerify defines whether the server
+ certificates should be validated.
+ type: boolean
+ type: object
+ trustForwardHeader:
+ description: 'TrustForwardHeader defines whether to trust (ie:
+ forward) all X-Forwarded-* headers.'
+ type: boolean
+ type: object
+ headers:
+ description: |-
+ Headers holds the headers middleware configuration.
+ This middleware manages the requests and responses headers.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/headers/#customrequestheaders
+ properties:
+ accessControlAllowCredentials:
+ description: AccessControlAllowCredentials defines whether the
+ request can include user credentials.
+ type: boolean
+ accessControlAllowHeaders:
+ description: AccessControlAllowHeaders defines the Access-Control-Request-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowMethods:
+ description: AccessControlAllowMethods defines the Access-Control-Request-Method
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginList:
+ description: AccessControlAllowOriginList is a list of allowable
+ origins. Can also be a wildcard origin "*".
+ items:
+ type: string
+ type: array
+ accessControlAllowOriginListRegex:
+ description: AccessControlAllowOriginListRegex is a list of allowable
+ origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/).
+ items:
+ type: string
+ type: array
+ accessControlExposeHeaders:
+ description: AccessControlExposeHeaders defines the Access-Control-Expose-Headers
+ values sent in preflight response.
+ items:
+ type: string
+ type: array
+ accessControlMaxAge:
+ description: AccessControlMaxAge defines the time that a preflight
+ request may be cached.
+ format: int64
+ type: integer
+ addVaryHeader:
+ description: AddVaryHeader defines whether the Vary header is
+ automatically added/updated when the AccessControlAllowOriginList
+ is set.
+ type: boolean
+ allowedHosts:
+ description: AllowedHosts defines the fully qualified list of
+ allowed domain names.
+ items:
+ type: string
+ type: array
+ browserXssFilter:
+ description: BrowserXSSFilter defines whether to add the X-XSS-Protection
+ header with the value 1; mode=block.
+ type: boolean
+ contentSecurityPolicy:
+ description: ContentSecurityPolicy defines the Content-Security-Policy
+ header value.
+ type: string
+ contentTypeNosniff:
+ description: ContentTypeNosniff defines whether to add the X-Content-Type-Options
+ header with the nosniff value.
+ type: boolean
+ customBrowserXSSValue:
+ description: |-
+ CustomBrowserXSSValue defines the X-XSS-Protection header value.
+ This overrides the BrowserXssFilter option.
+ type: string
+ customFrameOptionsValue:
+ description: |-
+ CustomFrameOptionsValue defines the X-Frame-Options header value.
+ This overrides the FrameDeny option.
+ type: string
+ customRequestHeaders:
+ additionalProperties:
+ type: string
+ description: CustomRequestHeaders defines the header names and
+ values to apply to the request.
+ type: object
+ customResponseHeaders:
+ additionalProperties:
+ type: string
+ description: CustomResponseHeaders defines the header names and
+ values to apply to the response.
+ type: object
+ featurePolicy:
+ description: 'Deprecated: use PermissionsPolicy instead.'
+ type: string
+ forceSTSHeader:
+ description: ForceSTSHeader defines whether to add the STS header
+ even when the connection is HTTP.
+ type: boolean
+ frameDeny:
+ description: FrameDeny defines whether to add the X-Frame-Options
+ header with the DENY value.
+ type: boolean
+ hostsProxyHeaders:
+ description: HostsProxyHeaders defines the header keys that may
+ hold a proxied hostname value for the request.
+ items:
+ type: string
+ type: array
+ isDevelopment:
+ description: |-
+ IsDevelopment defines whether to mitigate the unwanted effects of the AllowedHosts, SSL, and STS options when developing.
+ Usually testing takes place using HTTP, not HTTPS, and on localhost, not your production domain.
+ If you would like your development environment to mimic production with complete Host blocking, SSL redirects,
+ and STS headers, leave this as false.
+ type: boolean
+ permissionsPolicy:
+ description: |-
+ PermissionsPolicy defines the Permissions-Policy header value.
+ This allows sites to control browser features.
+ type: string
+ publicKey:
+ description: PublicKey is the public key that implements HPKP
+ to prevent MITM attacks with forged certificates.
+ type: string
+ referrerPolicy:
+ description: |-
+ ReferrerPolicy defines the Referrer-Policy header value.
+ This allows sites to control whether browsers forward the Referer header to other sites.
+ type: string
+ sslForceHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: boolean
+ sslHost:
+ description: 'Deprecated: use RedirectRegex instead.'
+ type: string
+ sslProxyHeaders:
+ additionalProperties:
+ type: string
+ description: |-
+ SSLProxyHeaders defines the header keys with associated values that would indicate a valid HTTPS request.
+ It can be useful when using other proxies (example: "X-Forwarded-Proto": "https").
+ type: object
+ sslRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ sslTemporaryRedirect:
+ description: 'Deprecated: use EntryPoint redirection or RedirectScheme
+ instead.'
+ type: boolean
+ stsIncludeSubdomains:
+ description: STSIncludeSubdomains defines whether the includeSubDomains
+ directive is appended to the Strict-Transport-Security header.
+ type: boolean
+ stsPreload:
+ description: STSPreload defines whether the preload flag is appended
+ to the Strict-Transport-Security header.
+ type: boolean
+ stsSeconds:
+ description: |-
+ STSSeconds defines the max-age of the Strict-Transport-Security header.
+ If set to 0, the header is not set.
+ format: int64
+ type: integer
+ type: object
+ inFlightReq:
+ description: |-
+ InFlightReq holds the in-flight request middleware configuration.
+ This middleware limits the number of requests being processed and served concurrently.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/
+ properties:
+ amount:
+ description: |-
+ Amount defines the maximum amount of allowed simultaneous in-flight request.
+ The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
+ format: int64
+ type: integer
+ sourceCriterion:
+ description: |-
+ SourceCriterion defines what criterion is used to group requests as originating from a common source.
+ If several strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the requestHost.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/inflightreq/#sourcecriterion
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ ipAllowList:
+ description: |-
+ IPAllowList holds the IP allowlist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ ipWhiteList:
+ description: |-
+ IPWhiteList holds the IP whitelist middleware configuration.
+ This middleware accepts / refuses requests based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipwhitelist/
+ Deprecated: please use IPAllowList instead.
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position (starting
+ from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the X-Forwarded-For
+ header and select the first IP not in the list.
+ items:
+ type: string
+ type: array
+ type: object
+ sourceRange:
+ description: SourceRange defines the set of allowed IPs (or ranges
+ of allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ passTLSClientCert:
+ description: |-
+ PassTLSClientCert holds the pass TLS client cert middleware configuration.
+ This middleware adds the selected data from the passed client TLS certificate to a header.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/passtlsclientcert/
+ properties:
+ info:
+ description: Info selects the specific client certificate details
+ you want to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ issuer:
+ description: Issuer defines the client certificate issuer
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the issuer.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the issuer.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the issuer.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the issuer.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the issuer.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the issuer.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the issuer.
+ type: boolean
+ type: object
+ notAfter:
+ description: NotAfter defines whether to add the Not After
+ information from the Validity part.
+ type: boolean
+ notBefore:
+ description: NotBefore defines whether to add the Not Before
+ information from the Validity part.
+ type: boolean
+ sans:
+ description: Sans defines whether to add the Subject Alternative
+ Name information from the Subject Alternative Name part.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the client
+ serialNumber information.
+ type: boolean
+ subject:
+ description: Subject defines the client certificate subject
+ details to add to the X-Forwarded-Tls-Client-Cert-Info header.
+ properties:
+ commonName:
+ description: CommonName defines whether to add the organizationalUnit
+ information into the subject.
+ type: boolean
+ country:
+ description: Country defines whether to add the country
+ information into the subject.
+ type: boolean
+ domainComponent:
+ description: DomainComponent defines whether to add the
+ domainComponent information into the subject.
+ type: boolean
+ locality:
+ description: Locality defines whether to add the locality
+ information into the subject.
+ type: boolean
+ organization:
+ description: Organization defines whether to add the organization
+ information into the subject.
+ type: boolean
+ organizationalUnit:
+ description: OrganizationalUnit defines whether to add
+ the organizationalUnit information into the subject.
+ type: boolean
+ province:
+ description: Province defines whether to add the province
+ information into the subject.
+ type: boolean
+ serialNumber:
+ description: SerialNumber defines whether to add the serialNumber
+ information into the subject.
+ type: boolean
+ type: object
+ type: object
+ pem:
+ description: PEM sets the X-Forwarded-Tls-Client-Cert header with
+ the certificate.
+ type: boolean
+ type: object
+ plugin:
+ additionalProperties:
+ x-kubernetes-preserve-unknown-fields: true
+ description: |-
+ Plugin defines the middleware plugin configuration.
+ More info: https://doc.traefik.io/traefik/plugins/
+ type: object
+ rateLimit:
+ description: |-
+ RateLimit holds the rate limit configuration.
+ This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ratelimit/
+ properties:
+ average:
+ description: |-
+ Average is the maximum rate, by default in requests/s, allowed for the given source.
+ It defaults to 0, which means no rate limiting.
+ The rate is actually defined by dividing Average by Period. So for a rate below 1req/s,
+ one needs to define a Period larger than a second.
+ format: int64
+ type: integer
+ burst:
+ description: |-
+ Burst is the maximum number of requests allowed to arrive in the same arbitrarily small period of time.
+ It defaults to 1.
+ format: int64
+ type: integer
+ period:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Period, in combination with Average, defines the actual maximum rate, such as:
+ r = Average / Period. It defaults to a second.
+ x-kubernetes-int-or-string: true
+ sourceCriterion:
+ description: |-
+ SourceCriterion defines what criterion is used to group requests as originating from a common source.
+ If several strategies are defined at the same time, an error will be raised.
+ If none are set, the default is to use the request's remote address field (as an ipStrategy).
+ properties:
+ ipStrategy:
+ description: |-
+ IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/ipallowlist/#ipstrategy
+ properties:
+ depth:
+ description: Depth tells Traefik to use the X-Forwarded-For
+ header and take the IP located at the depth position
+ (starting from the right).
+ type: integer
+ excludedIPs:
+ description: ExcludedIPs configures Traefik to scan the
+ X-Forwarded-For header and select the first IP not in
+ the list.
+ items:
+ type: string
+ type: array
+ type: object
+ requestHeaderName:
+ description: RequestHeaderName defines the name of the header
+ used to group incoming requests.
+ type: string
+ requestHost:
+ description: RequestHost defines whether to consider the request
+ Host as the source.
+ type: boolean
+ type: object
+ type: object
+ redirectRegex:
+ description: |-
+ RedirectRegex holds the redirect regex middleware configuration.
+ This middleware redirects a request using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectregex/#regex
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ regex:
+ description: Regex defines the regex used to match and capture
+ elements from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines how to modify the URL to have
+ the new target URL.
+ type: string
+ type: object
+ redirectScheme:
+ description: |-
+ RedirectScheme holds the redirect scheme middleware configuration.
+ This middleware redirects requests from a scheme/port to another.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/redirectscheme/
+ properties:
+ permanent:
+ description: Permanent defines whether the redirection is permanent
+ (301).
+ type: boolean
+ port:
+ description: Port defines the port of the new URL.
+ type: string
+ scheme:
+ description: Scheme defines the scheme of the new URL.
+ type: string
+ type: object
+ replacePath:
+ description: |-
+ ReplacePath holds the replace path middleware configuration.
+ This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepath/
+ properties:
+ path:
+ description: Path defines the path to use as replacement in the
+ request URL.
+ type: string
+ type: object
+ replacePathRegex:
+ description: |-
+ ReplacePathRegex holds the replace path regex middleware configuration.
+ This middleware replaces the path of a URL using regex matching and replacement.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/replacepathregex/
+ properties:
+ regex:
+ description: Regex defines the regular expression used to match
+ and capture the path from the request URL.
+ type: string
+ replacement:
+ description: Replacement defines the replacement path format,
+ which can include captured variables.
+ type: string
+ type: object
+ retry:
+ description: |-
+ Retry holds the retry middleware configuration.
+ This middleware reissues requests a given number of times to a backend server if that server does not reply.
+ As soon as the server answers, the middleware stops retrying, regardless of the response status.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/retry/
+ properties:
+ attempts:
+ description: Attempts defines how many times the request should
+ be retried.
+ type: integer
+ initialInterval:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ InitialInterval defines the first wait time in the exponential backoff series.
+ The maximum interval is calculated as twice the initialInterval.
+ If unspecified, requests will be retried immediately.
+ The value of initialInterval should be provided in seconds or as a valid duration format,
+ see https://pkg.go.dev/time#ParseDuration.
+ x-kubernetes-int-or-string: true
+ type: object
+ stripPrefix:
+ description: |-
+ StripPrefix holds the strip prefix middleware configuration.
+ This middleware removes the specified prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefix/
+ properties:
+ forceSlash:
+ description: |-
+ ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary.
+ Default: true.
+ type: boolean
+ prefixes:
+ description: Prefixes defines the prefixes to strip from the request
+ URL.
+ items:
+ type: string
+ type: array
+ type: object
+ stripPrefixRegex:
+ description: |-
+ StripPrefixRegex holds the strip prefix regex middleware configuration.
+ This middleware removes the matching prefixes from the URL path.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/http/stripprefixregex/
+ properties:
+ regex:
+ description: Regex defines the regular expression to match the
+ path prefix from the request URL.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewaretcps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewaretcps.yaml
new file mode 100644
index 00000000000..982caa692e6
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_middlewaretcps.yaml
@@ -0,0 +1,87 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: middlewaretcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: MiddlewareTCP
+ listKind: MiddlewareTCPList
+ plural: middlewaretcps
+ singular: middlewaretcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ MiddlewareTCP is the CRD implementation of a Traefik TCP middleware.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/overview/
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: MiddlewareTCPSpec defines the desired state of a MiddlewareTCP.
+ properties:
+ inFlightConn:
+ description: InFlightConn defines the InFlightConn middleware configuration.
+ properties:
+ amount:
+ description: |-
+ Amount defines the maximum amount of allowed simultaneous connections.
+ The middleware closes the connection if there are already amount connections opened.
+ format: int64
+ type: integer
+ type: object
+ ipAllowList:
+ description: |-
+ IPAllowList defines the IPAllowList middleware configuration.
+ This middleware accepts/refuses connections based on the client IP.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipallowlist/
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ ipWhiteList:
+ description: |-
+ IPWhiteList defines the IPWhiteList middleware configuration.
+ This middleware accepts/refuses connections based on the client IP.
+ Deprecated: please use IPAllowList instead.
+ More info: https://doc.traefik.io/traefik/v2.11/middlewares/tcp/ipwhitelist/
+ properties:
+ sourceRange:
+ description: SourceRange defines the allowed IPs (or ranges of
+ allowed IPs by using CIDR notation).
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransports.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransports.yaml
new file mode 100644
index 00000000000..aad13e089a5
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransports.yaml
@@ -0,0 +1,126 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: serverstransports.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransport
+ listKind: ServersTransportList
+ plural: serverstransports
+ singular: serverstransport
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ ServersTransport is the CRD implementation of a ServersTransport.
+ If no serversTransport is specified, the default@internal will be used.
+ The default@internal serversTransport is created from the static configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#serverstransport_1
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportSpec defines the desired state of a ServersTransport.
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ disableHTTP2:
+ description: DisableHTTP2 disables HTTP/2 for connections with backend
+ servers.
+ type: boolean
+ forwardingTimeouts:
+ description: ForwardingTimeouts defines the timeouts for requests
+ forwarded to the backend servers.
+ properties:
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a
+ connection to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ idleConnTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: IdleConnTimeout is the maximum period for which an
+ idle HTTP keep-alive connection will remain open before closing
+ itself.
+ x-kubernetes-int-or-string: true
+ pingTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: PingTimeout is the timeout after which the HTTP/2
+ connection will be closed if a response to ping is not received.
+ x-kubernetes-int-or-string: true
+ readIdleTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ReadIdleTimeout is the timeout after which a health
+ check using ping frame will be carried out if no frame is received
+ on the HTTP/2 connection.
+ x-kubernetes-int-or-string: true
+ responseHeaderTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ResponseHeaderTimeout is the amount of time to wait
+ for a server's response headers after fully writing the request
+ (including its body, if any).
+ x-kubernetes-int-or-string: true
+ type: object
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables SSL certificate verification.
+ type: boolean
+ maxIdleConnsPerHost:
+ description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
+ to keep per-host.
+ type: integer
+ peerCertURI:
+ description: PeerCertURI defines the peer cert URI used to match against
+ SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to validate
+ self-signed certificate.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact the
+ server.
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransporttcps.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransporttcps.yaml
new file mode 100644
index 00000000000..b255d3296ca
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_serverstransporttcps.yaml
@@ -0,0 +1,120 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: serverstransporttcps.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: ServersTransportTCP
+ listKind: ServersTransportTCPList
+ plural: serverstransporttcps
+ singular: serverstransporttcp
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ ServersTransportTCP is the CRD implementation of a TCPServersTransport.
+ If no tcpServersTransport is specified, a default one named default@internal will be used.
+ The default@internal tcpServersTransport can be configured in the static configuration.
+ More info: https://doc.traefik.io/traefik/v3.0/routing/services/#serverstransport_3
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ServersTransportTCPSpec defines the desired state of a ServersTransportTCP.
+ properties:
+ dialKeepAlive:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialKeepAlive is the interval between keep-alive probes
+ for an active network connection. If zero, keep-alive probes are
+ sent with a default value (currently 15 seconds), if supported by
+ the protocol and operating system. Network protocols or operating
+ systems that do not support keep-alives ignore this field. If negative,
+ keep-alive probes are disabled.
+ x-kubernetes-int-or-string: true
+ dialTimeout:
+ anyOf:
+ - type: integer
+ - type: string
+ description: DialTimeout is the amount of time to wait until a connection
+ to a backend server can be established.
+ x-kubernetes-int-or-string: true
+ terminationDelay:
+ anyOf:
+ - type: integer
+ - type: string
+ description: TerminationDelay defines the delay to wait before fully
+ terminating the connection, after one connected peer has closed
+ its writing capability.
+ x-kubernetes-int-or-string: true
+ tls:
+ description: TLS defines the TLS configuration
+ properties:
+ certificatesSecrets:
+ description: CertificatesSecrets defines a list of secret storing
+ client certificates for mTLS.
+ items:
+ type: string
+ type: array
+ insecureSkipVerify:
+ description: InsecureSkipVerify disables TLS certificate verification.
+ type: boolean
+ peerCertURI:
+ description: |-
+ MaxIdleConnsPerHost controls the maximum idle (keep-alive) to keep per-host.
+ PeerCertURI defines the peer cert URI used to match against SAN URI during the peer certificate verification.
+ type: string
+ rootCAsSecrets:
+ description: RootCAsSecrets defines a list of CA secret used to
+ validate self-signed certificates.
+ items:
+ type: string
+ type: array
+ serverName:
+ description: ServerName defines the server name used to contact
+ the server.
+ type: string
+ spiffe:
+ description: Spiffe defines the SPIFFE configuration.
+ properties:
+ ids:
+ description: IDs defines the allowed SPIFFE IDs (takes precedence
+ over the SPIFFE TrustDomain).
+ items:
+ type: string
+ type: array
+ trustDomain:
+ description: TrustDomain defines the allowed SPIFFE trust
+ domain.
+ type: string
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsoptions.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsoptions.yaml
new file mode 100644
index 00000000000..19ae64ec2f9
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsoptions.yaml
@@ -0,0 +1,114 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: tlsoptions.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSOption
+ listKind: TLSOptionList
+ plural: tlsoptions
+ singular: tlsoption
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#tls-options
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSOptionSpec defines the desired state of a TLSOption.
+ properties:
+ alpnProtocols:
+ description: |-
+ ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#alpn-protocols
+ items:
+ type: string
+ type: array
+ cipherSuites:
+ description: |-
+ CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites
+ items:
+ type: string
+ type: array
+ clientAuth:
+ description: ClientAuth defines the server's policy for TLS Client
+ Authentication.
+ properties:
+ clientAuthType:
+ description: ClientAuthType defines the client authentication
+ type to apply.
+ enum:
+ - NoClientCert
+ - RequestClientCert
+ - RequireAnyClientCert
+ - VerifyClientCertIfGiven
+ - RequireAndVerifyClientCert
+ type: string
+ secretNames:
+ description: SecretNames defines the names of the referenced Kubernetes
+ Secret storing certificate details.
+ items:
+ type: string
+ type: array
+ type: object
+ curvePreferences:
+ description: |-
+ CurvePreferences defines the preferred elliptic curves in a specific order.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences
+ items:
+ type: string
+ type: array
+ maxVersion:
+ description: |-
+ MaxVersion defines the maximum TLS version that Traefik will accept.
+ Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
+ Default: None.
+ type: string
+ minVersion:
+ description: |-
+ MinVersion defines the minimum TLS version that Traefik will accept.
+ Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13.
+ Default: VersionTLS10.
+ type: string
+ preferServerCipherSuites:
+ description: |-
+ PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
+ It is enabled automatically when minVersion or maxVersion is set.
+ Deprecated: https://github.com/golang/go/issues/45430
+ type: boolean
+ sniStrict:
+ description: SniStrict defines whether Traefik allows connections
+ from clients connections that do not specify a server_name extension.
+ type: boolean
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsstores.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsstores.yaml
new file mode 100644
index 00000000000..18d4218231c
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_tlsstores.yaml
@@ -0,0 +1,97 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: tlsstores.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TLSStore
+ listKind: TLSStoreList
+ plural: tlsstores
+ singular: tlsstore
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TLSStore is the CRD implementation of a Traefik TLS Store.
+ For the time being, only the TLSStore named default is supported.
+ This means that you cannot have two stores that are named default in different Kubernetes namespaces.
+ More info: https://doc.traefik.io/traefik/v2.11/https/tls/#certificates-stores
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TLSStoreSpec defines the desired state of a TLSStore.
+ properties:
+ certificates:
+ description: Certificates is a list of secret names, each secret holding
+ a key/certificate pair to add to the store.
+ items:
+ description: Certificate holds a secret name for the TLSStore resource.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ type: array
+ defaultCertificate:
+ description: DefaultCertificate defines the default certificate configuration.
+ properties:
+ secretName:
+ description: SecretName is the name of the referenced Kubernetes
+ Secret to specify the certificate details.
+ type: string
+ required:
+ - secretName
+ type: object
+ defaultGeneratedCert:
+ description: DefaultGeneratedCert defines the default generated certificate
+ configuration.
+ properties:
+ domain:
+ description: Domain is the domain definition for the DefaultCertificate.
+ properties:
+ main:
+ description: Main defines the main domain name.
+ type: string
+ sans:
+ description: SANs defines the subject alternative domain names.
+ items:
+ type: string
+ type: array
+ type: object
+ resolver:
+ description: Resolver is the name of the resolver that will be
+ used to issue the DefaultCertificate.
+ type: string
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/templates/crds/traefik.io_traefikservices.yaml b/system/traefik-crds/0.1.3/templates/crds/traefik.io_traefikservices.yaml
new file mode 100644
index 00000000000..f6a460a44b6
--- /dev/null
+++ b/system/traefik-crds/0.1.3/templates/crds/traefik.io_traefikservices.yaml
@@ -0,0 +1,411 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.14.0
+ name: traefikservices.traefik.io
+spec:
+ group: traefik.io
+ names:
+ kind: TraefikService
+ listKind: TraefikServiceList
+ plural: traefikservices
+ singular: traefikservice
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ TraefikService is the CRD implementation of a Traefik Service.
+ TraefikService object allows to:
+ - Apply weight to Services on load-balancing
+ - Mirror traffic on services
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#kind-traefikservice
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: TraefikServiceSpec defines the desired state of a TraefikService.
+ properties:
+ mirroring:
+ description: Mirroring defines the Mirroring service configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ maxBodySize:
+ description: |-
+ MaxBodySize defines the maximum size allowed for the body of the request.
+ If the body is larger, the request is not mirrored.
+ Default value is -1, which means unlimited size.
+ format: int64
+ type: integer
+ mirrors:
+ description: Mirrors defines the list of mirrors where Traefik
+ will duplicate the traffic.
+ items:
+ description: MirrorService holds the mirror configuration.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ percent:
+ description: |-
+ Percent defines the part of the traffic to mirror.
+ Supported values: 0 to 100.
+ type: integer
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards the
+ response from the upstream Kubernetes Service to the client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ weighted:
+ description: Weighted defines the Weighted Round Robin configuration.
+ properties:
+ services:
+ description: Services defines the list of Kubernetes Service and/or
+ TraefikService to load-balance, with weight.
+ items:
+ description: Service defines an upstream HTTP service to proxy
+ traffic to.
+ properties:
+ kind:
+ description: Kind defines the kind of the Service.
+ enum:
+ - Service
+ - TraefikService
+ type: string
+ name:
+ description: |-
+ Name defines the name of the referenced Kubernetes Service or TraefikService.
+ The differentiation between the two is specified in the Kind field.
+ type: string
+ namespace:
+ description: Namespace defines the namespace of the referenced
+ Kubernetes Service or TraefikService.
+ type: string
+ nativeLB:
+ description: |-
+ NativeLB controls, when creating the load-balancer,
+ whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP.
+ The Kubernetes Service itself does load-balance to the pods.
+ By default, NativeLB is false.
+ type: boolean
+ passHostHeader:
+ description: |-
+ PassHostHeader defines whether the client Host header is forwarded to the upstream Kubernetes Service.
+ By default, passHostHeader is true.
+ type: boolean
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: |-
+ Port defines the port of a Kubernetes Service.
+ This can be a reference to a named port.
+ x-kubernetes-int-or-string: true
+ responseForwarding:
+ description: ResponseForwarding defines how Traefik forwards
+ the response from the upstream Kubernetes Service to the
+ client.
+ properties:
+ flushInterval:
+ description: |-
+ FlushInterval defines the interval, in milliseconds, in between flushes to the client while copying the response body.
+ A negative value means to flush immediately after each write to the client.
+ This configuration is ignored when ReverseProxy recognizes a response as a streaming response;
+ for such responses, writes are flushed to the client immediately.
+ Default: 100ms
+ type: string
+ type: object
+ scheme:
+ description: |-
+ Scheme defines the scheme to use for the request to the upstream Kubernetes Service.
+ It defaults to https when Kubernetes Service port is 443, http otherwise.
+ type: string
+ serversTransport:
+ description: |-
+ ServersTransport defines the name of ServersTransport resource to use.
+ It allows to configure the transport between Traefik and your servers.
+ Can only be used on a Kubernetes Service.
+ type: string
+ sticky:
+ description: |-
+ Sticky defines the sticky sessions configuration.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/services/#sticky-sessions
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie
+ can be accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can
+ only be transmitted over an encrypted connection
+ (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ strategy:
+ description: |-
+ Strategy defines the load balancing strategy between the servers.
+ RoundRobin is the only supported value at the moment.
+ type: string
+ weight:
+ description: |-
+ Weight defines the weight and should only be specified when Name references a TraefikService object
+ (and to be precise, one that embeds a Weighted Round Robin).
+ type: integer
+ required:
+ - name
+ type: object
+ type: array
+ sticky:
+ description: |-
+ Sticky defines whether sticky sessions are enabled.
+ More info: https://doc.traefik.io/traefik/v2.11/routing/providers/kubernetes-crd/#stickiness-and-load-balancing
+ properties:
+ cookie:
+ description: Cookie defines the sticky cookie configuration.
+ properties:
+ httpOnly:
+ description: HTTPOnly defines whether the cookie can be
+ accessed by client-side APIs, such as JavaScript.
+ type: boolean
+ name:
+ description: Name defines the Cookie name.
+ type: string
+ sameSite:
+ description: |-
+ SameSite defines the same site policy.
+ More info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+ type: string
+ secure:
+ description: Secure defines whether the cookie can only
+ be transmitted over an encrypted connection (i.e. HTTPS).
+ type: boolean
+ type: object
+ type: object
+ type: object
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
diff --git a/system/traefik-crds/0.1.3/values.yaml b/system/traefik-crds/0.1.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/traefik-crds/item.yaml b/system/traefik-crds/item.yaml
new file mode 100644
index 00000000000..c423d66ed96
--- /dev/null
+++ b/system/traefik-crds/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/traefik-crds.png
+categories:
+ - network
+screenshots: []
diff --git a/system/velero/4.5.3/.helmignore b/system/velero/4.5.3/.helmignore
new file mode 100644
index 00000000000..77ca5567b26
--- /dev/null
+++ b/system/velero/4.5.3/.helmignore
@@ -0,0 +1,30 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl
+# docs folder
+/docs
+# icon
+icon.png
diff --git a/system/velero/4.5.3/CHANGELOG.md b/system/velero/4.5.3/CHANGELOG.md
new file mode 100644
index 00000000000..a363c3e9763
--- /dev/null
+++ b/system/velero/4.5.3/CHANGELOG.md
@@ -0,0 +1,17 @@
+---
+title: Changelog
+---
+
+
+*for the complete changelog, please refer to the website*
+
+**Important:**
+
+
+## [velero-4.5.3](https://github.com/truecharts/charts/compare/velero-4.5.2...velero-4.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/velero/4.5.3/Chart.yaml b/system/velero/4.5.3/Chart.yaml
new file mode 100644
index 00000000000..ce396b61aeb
--- /dev/null
+++ b/system/velero/4.5.3/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ max_scale_version: 24.04.0
+ min_scale_version: 23.10.0
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/category: operators
+ truecharts.org/max_helm_version: "3.14"
+ truecharts.org/min_helm_version: "3.12"
+ truecharts.org/train: system
+apiVersion: v2
+appVersion: latest
+dependencies:
+ - name: common
+ version: 20.0.9
+ repository: oci://tccr.io/truecharts
+ condition: ""
+ alias: ""
+ tags: []
+ import-values: []
+ - name: velero
+ version: 5.4.1
+ repository: oci://ghcr.io/vmware-tanzu/charts
+ condition: ""
+ alias: velero
+ tags: []
+ import-values: []
+deprecated: false
+description: Velero is a kubernetes-native backup solution
+home: https://truecharts.org/charts/system/velero
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/velero.png
+keywords:
+ - velero
+ - backup
+kubeVersion: '>=1.24.0-0'
+maintainers:
+ - name: TrueCharts
+ email: info@truecharts.org
+ url: https://truecharts.org
+name: velero
+sources:
+ - https://cert-manager.io/
+ - https://github.com/cert-manager
+ - https://github.com/truecharts/charts/tree/master/charts/system/velero
+ - https://github.com/truecharts/containers/tree/master/apps/alpine
+type: application
+version: 4.5.3
diff --git a/system/velero/4.5.3/README.md b/system/velero/4.5.3/README.md
new file mode 100644
index 00000000000..34e924883ff
--- /dev/null
+++ b/system/velero/4.5.3/README.md
@@ -0,0 +1,28 @@
+---
+title: README
+---
+
+## General Info
+
+TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/system/velero)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+_All Rights Reserved - The TrueCharts Project_
diff --git a/system/velero/4.5.3/app-changelog.md b/system/velero/4.5.3/app-changelog.md
new file mode 100644
index 00000000000..bee3d1029ff
--- /dev/null
+++ b/system/velero/4.5.3/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [velero-4.5.3](https://github.com/truecharts/charts/compare/velero-4.5.2...velero-4.5.3) (2024-03-16)
+
+### Chore
+
+
+
+- rename `operator`-train to `system`-train
\ No newline at end of file
diff --git a/system/velero/4.5.3/app-readme.md b/system/velero/4.5.3/app-readme.md
new file mode 100644
index 00000000000..3b9e5a4018a
--- /dev/null
+++ b/system/velero/4.5.3/app-readme.md
@@ -0,0 +1,8 @@
+Velero is a kubernetes-native backup solution
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/system/velero](https://truecharts.org/charts/system/velero)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/system/velero/4.5.3/charts/common-20.0.9.tgz b/system/velero/4.5.3/charts/common-20.0.9.tgz
new file mode 100644
index 00000000000..41a62ef2dc2
Binary files /dev/null and b/system/velero/4.5.3/charts/common-20.0.9.tgz differ
diff --git a/system/velero/4.5.3/charts/velero-5.4.1.tgz b/system/velero/4.5.3/charts/velero-5.4.1.tgz
new file mode 100644
index 00000000000..1166248fc96
Binary files /dev/null and b/system/velero/4.5.3/charts/velero-5.4.1.tgz differ
diff --git a/system/velero/4.5.3/ix_values.yaml b/system/velero/4.5.3/ix_values.yaml
new file mode 100644
index 00000000000..d2d6255a8f4
--- /dev/null
+++ b/system/velero/4.5.3/ix_values.yaml
@@ -0,0 +1,62 @@
+image:
+ pullPolicy: IfNotPresent
+ repository: tccr.io/tccr/alpine
+ tag: latest@sha256:ade0065e19edaa4f6903d464ee70605111a48394536deb94f31b661264704558
+manifestManager:
+ enabled: false
+operator:
+ register: true
+portal:
+ open:
+ enabled: false
+service:
+ main:
+ enabled: false
+ ports:
+ main:
+ enabled: false
+workload:
+ main:
+ enabled: false
+
+velero:
+ configuration:
+ backupStorageLocation: []
+ volumeSnapshotLocation: []
+ deployNodeAgent: true
+ initContainers:
+ - image: openebs/velero-plugin:3.6.0@sha256:9ea3331d891e436a7239e37e68ca4c8888500cb122be7cdc9d8400f345555c76
+ imagePullPolicy: IfNotPresent
+ name: openebs-velero-plugin
+ volumeMounts:
+ - mountPath: /target
+ name: plugins
+ - image: velero/velero-plugin-for-csi:v0.7.0@sha256:3ba643989cd2128963cfd5914de28acaa061e8216999e44330fd64a647c503ff
+ imagePullPolicy: IfNotPresent
+ name: velero-plugin-for-csi
+ volumeMounts:
+ - mountPath: /target
+ name: plugins
+ - image: velero/velero-plugin-for-aws:v1.9.0@sha256:198955f28c21fbf8d5e3a343a7660684f12bdd62d6f27c74ed3ca6cf31c87cec
+ imagePullPolicy: IfNotPresent
+ name: velero-plugin-for-aws
+ volumeMounts:
+ - mountPath: /target
+ name: plugins
+ nodeAgent:
+ podVolumePath: /var/lib/kubelet/pods
+ privileged: true
+ resources:
+ limits:
+ cpu: 2000m
+ memory: 2048Mi
+ resources:
+ limits:
+ cpu: 4000m
+ memory: 4Gi
+ schedules: {}
+schedules:
+ default:
+ templates:
+ includedNamespaces:
+ - ix-*
diff --git a/system/velero/4.5.3/questions.yaml b/system/velero/4.5.3/questions.yaml
new file mode 100755
index 00000000000..9347cbaf4fa
--- /dev/null
+++ b/system/velero/4.5.3/questions.yaml
@@ -0,0 +1,327 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: Workload Settings
+ description: Workload Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: Addons
+ description: Addon Configuration
+ - name: Backup Configuration
+ description: Configure Velero Backup Schedule
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Postgresql
+ description: Postgresql
+ - name: Documentation
+ description: Documentation
+
+questions:
+ - variable: global
+ group: General Settings
+ label: "Global Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: stopAll
+ label: Stop All
+ description: "Stops All Running pods and hibernates cnpg"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: backupStorageLocationList
+ group: "App Configuration"
+ label: "Backup Storage Locations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: bslEntry
+ label: "Backup Storage Location"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: "Enabled"
+ schema:
+ type: boolean
+ hidden: true
+ default: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ default: "default"
+ - variable: accessMode
+ label: "accessMode"
+ schema:
+ type: string
+ required: true
+ default: "ReadWrite"
+ - variable: objectStorage
+ label: objectStorage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: prefix
+ label: "prefix"
+ schema:
+ type: string
+ default: ""
+ - variable: provider
+ label: "Provider"
+ schema:
+ type: string
+ required: true
+ default: "s3"
+ enum:
+ - value: s3
+ description: S3
+ - value: aws
+ description: aws
+ - variable: credential
+ label: 'Storage Location Credential'
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: aws
+ label: aws
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: id
+ label: "id"
+ schema:
+ type: string
+ default: ""
+ - variable: key
+ label: "key"
+ schema:
+ type: string
+ default: ""
+ - variable: s3
+ label: s3
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: id
+ label: "id"
+ schema:
+ type: string
+ default: ""
+ - variable: key
+ label: "key"
+ schema:
+ type: string
+ default: ""
+ - variable: config
+ label: 'Storage Location Config'
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: region
+ label: "region"
+ schema:
+ type: string
+ default: ""
+ - variable: s3ForcePathStyle
+ label: "s3ForcePathStyle"
+ schema:
+ type: string
+ default: ""
+ - variable: s3Url
+ label: "s3Url"
+ schema:
+ type: string
+ default: ""
+ - variable: kmsKeyId
+ label: "kmsKeyId"
+ schema:
+ type: string
+ default: ""
+ - variable: resourceGroup
+ label: "resourceGroup"
+ schema:
+ type: string
+ default: ""
+ - variable: storageAccount
+ label: "storageAccount"
+ schema:
+ type: string
+ default: ""
+ - variable: publicUrl
+ label: "publicUrl"
+ schema:
+ type: string
+ default: ""
+ - variable: insecureSkipTLSVerify
+ label: "insecureSkipTLSVerify"
+ schema:
+ type: string
+ default: ""
+ - variable: volumeSnapshotLocationList
+ group: "App Configuration"
+ label: "volume Snapshot Locations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: vslEntry
+ label: "volume Snapshot Location"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: enabled
+ label: "Enabled"
+ schema:
+ type: boolean
+ hidden: true
+ default: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ default: "default"
+ - variable: provider
+ label: "Provider"
+ schema:
+ type: string
+ required: true
+ default: "openebs.io/zfspv-blockstore"
+ enum:
+ - value: openebs.io/zfspv-blockstore
+ description: openebs.io/zfspv-blockstore
+ - variable: credential
+ label: 'Storage Location Credential'
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: aws
+ label: aws
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: id
+ label: "id"
+ schema:
+ type: string
+ default: ""
+ - variable: key
+ label: "key"
+ schema:
+ type: string
+ default: ""
+ - variable: s3
+ label: s3
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: id
+ label: "id"
+ schema:
+ type: string
+ default: ""
+ - variable: key
+ label: "key"
+ schema:
+ type: string
+ default: ""
+ - variable: config
+ label: 'Storage Location Config'
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: provider
+ label: "Provider"
+ schema:
+ type: string
+ required: true
+ default: "s3"
+ enum:
+ - value: s3
+ description: S3
+ - value: aws
+ description: aws
+ - variable: bucket
+ label: "bucket"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: region
+ label: "region"
+ schema:
+ type: string
+ default: ""
+ - variable: s3ForcePathStyle
+ label: "s3ForcePathStyle"
+ schema:
+ type: string
+ default: ""
+ - variable: s3Url
+ label: "s3Url"
+ schema:
+ type: string
+ default: ""
+ - variable: kmsKeyId
+ label: "kmsKeyId"
+ schema:
+ type: string
+ default: ""
+ - variable: resourceGroup
+ label: "resourceGroup"
+ schema:
+ type: string
+ default: ""
+ - variable: storageAccount
+ label: "storageAccount"
+ schema:
+ type: string
+ default: ""
+ - variable: publicUrl
+ label: "publicUrl"
+ schema:
+ type: string
+ default: ""
+ - variable: insecureSkipTLSVerify
+ label: "insecureSkipTLSVerify"
+ schema:
+ type: string
+ default: ""
diff --git a/system/velero/4.5.3/templates/NOTES.txt b/system/velero/4.5.3/templates/NOTES.txt
new file mode 100644
index 00000000000..efcb74cb772
--- /dev/null
+++ b/system/velero/4.5.3/templates/NOTES.txt
@@ -0,0 +1 @@
+{{- include "tc.v1.common.lib.chart.notes" $ -}}
diff --git a/system/velero/4.5.3/templates/common.yaml b/system/velero/4.5.3/templates/common.yaml
new file mode 100644
index 00000000000..995efb03eb0
--- /dev/null
+++ b/system/velero/4.5.3/templates/common.yaml
@@ -0,0 +1,5 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.v1.common.loader.init" . }}
+
+{{/* Render the templates */}}
+{{ include "tc.v1.common.loader.apply" . }}
diff --git a/system/velero/4.5.3/values.yaml b/system/velero/4.5.3/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/system/velero/item.yaml b/system/velero/item.yaml
new file mode 100644
index 00000000000..6eba9db1ccc
--- /dev/null
+++ b/system/velero/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/velero.png
+categories:
+ - operators
+screenshots: []