mirror of
				https://github.com/traefik/traefik.git
				synced 2025-10-26 22:11:40 +01:00 
			
		
		
		
	
		
			
				
	
	
		
			170 lines
		
	
	
		
			7.7 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			170 lines
		
	
	
		
			7.7 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| apiVersion: apiextensions.k8s.io/v1
 | |
| kind: CustomResourceDefinition
 | |
| metadata:
 | |
|   annotations:
 | |
|     controller-gen.kubebuilder.io/version: v0.16.1
 | |
|   name: serverstransports.traefik.io
 | |
| spec:
 | |
|   group: traefik.io
 | |
|   names:
 | |
|     kind: ServersTransport
 | |
|     listKind: ServersTransportList
 | |
|     plural: serverstransports
 | |
|     singular: serverstransport
 | |
|   scope: Namespaced
 | |
|   versions:
 | |
|   - name: v1alpha1
 | |
|     schema:
 | |
|       openAPIV3Schema:
 | |
|         description: |-
 | |
|           ServersTransport is the CRD implementation of a ServersTransport.
 | |
|           If no serversTransport is specified, the default@internal will be used.
 | |
|           The default@internal serversTransport is created from the static configuration.
 | |
|           More info: https://doc.traefik.io/traefik/v3.5/reference/routing-configuration/http/load-balancing/serverstransport/
 | |
|         properties:
 | |
|           apiVersion:
 | |
|             description: |-
 | |
|               APIVersion defines the versioned schema of this representation of an object.
 | |
|               Servers should convert recognized schemas to the latest internal value, and
 | |
|               may reject unrecognized values.
 | |
|               More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
 | |
|             type: string
 | |
|           kind:
 | |
|             description: |-
 | |
|               Kind is a string value representing the REST resource this object represents.
 | |
|               Servers may infer this from the endpoint the client submits requests to.
 | |
|               Cannot be updated.
 | |
|               In CamelCase.
 | |
|               More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
 | |
|             type: string
 | |
|           metadata:
 | |
|             type: object
 | |
|           spec:
 | |
|             description: ServersTransportSpec defines the desired state of a ServersTransport.
 | |
|             properties:
 | |
|               certificatesSecrets:
 | |
|                 description: CertificatesSecrets defines a list of secret storing
 | |
|                   client certificates for mTLS.
 | |
|                 items:
 | |
|                   type: string
 | |
|                 type: array
 | |
|               disableHTTP2:
 | |
|                 description: DisableHTTP2 disables HTTP/2 for connections with backend
 | |
|                   servers.
 | |
|                 type: boolean
 | |
|               forwardingTimeouts:
 | |
|                 description: ForwardingTimeouts defines the timeouts for requests
 | |
|                   forwarded to the backend servers.
 | |
|                 properties:
 | |
|                   dialTimeout:
 | |
|                     anyOf:
 | |
|                     - type: integer
 | |
|                     - type: string
 | |
|                     description: DialTimeout is the amount of time to wait until a
 | |
|                       connection to a backend server can be established.
 | |
|                     pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
 | |
|                     x-kubernetes-int-or-string: true
 | |
|                   idleConnTimeout:
 | |
|                     anyOf:
 | |
|                     - type: integer
 | |
|                     - type: string
 | |
|                     description: IdleConnTimeout is the maximum period for which an
 | |
|                       idle HTTP keep-alive connection will remain open before closing
 | |
|                       itself.
 | |
|                     pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
 | |
|                     x-kubernetes-int-or-string: true
 | |
|                   pingTimeout:
 | |
|                     anyOf:
 | |
|                     - type: integer
 | |
|                     - type: string
 | |
|                     description: PingTimeout is the timeout after which the HTTP/2
 | |
|                       connection will be closed if a response to ping is not received.
 | |
|                     pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
 | |
|                     x-kubernetes-int-or-string: true
 | |
|                   readIdleTimeout:
 | |
|                     anyOf:
 | |
|                     - type: integer
 | |
|                     - type: string
 | |
|                     description: ReadIdleTimeout is the timeout after which a health
 | |
|                       check using ping frame will be carried out if no frame is received
 | |
|                       on the HTTP/2 connection.
 | |
|                     pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
 | |
|                     x-kubernetes-int-or-string: true
 | |
|                   responseHeaderTimeout:
 | |
|                     anyOf:
 | |
|                     - type: integer
 | |
|                     - type: string
 | |
|                     description: ResponseHeaderTimeout is the amount of time to wait
 | |
|                       for a server's response headers after fully writing the request
 | |
|                       (including its body, if any).
 | |
|                     pattern: ^([0-9]+(ns|us|µs|ms|s|m|h)?)+$
 | |
|                     x-kubernetes-int-or-string: true
 | |
|                 type: object
 | |
|               insecureSkipVerify:
 | |
|                 description: InsecureSkipVerify disables SSL certificate verification.
 | |
|                 type: boolean
 | |
|               maxIdleConnsPerHost:
 | |
|                 description: MaxIdleConnsPerHost controls the maximum idle (keep-alive)
 | |
|                   to keep per-host.
 | |
|                 minimum: -1
 | |
|                 type: integer
 | |
|               peerCertURI:
 | |
|                 description: PeerCertURI defines the peer cert URI used to match against
 | |
|                   SAN URI during the peer certificate verification.
 | |
|                 type: string
 | |
|               rootCAs:
 | |
|                 description: RootCAs defines a list of CA certificate Secrets or ConfigMaps
 | |
|                   used to validate server certificates.
 | |
|                 items:
 | |
|                   description: |-
 | |
|                     RootCA defines a reference to a Secret or a ConfigMap that holds a CA certificate.
 | |
|                     If both a Secret and a ConfigMap reference are defined, the Secret reference takes precedence.
 | |
|                   properties:
 | |
|                     configMap:
 | |
|                       description: |-
 | |
|                         ConfigMap defines the name of a ConfigMap that holds a CA certificate.
 | |
|                         The referenced ConfigMap must contain a certificate under either a tls.ca or a ca.crt key.
 | |
|                       type: string
 | |
|                     secret:
 | |
|                       description: |-
 | |
|                         Secret defines the name of a Secret that holds a CA certificate.
 | |
|                         The referenced Secret must contain a certificate under either a tls.ca or a ca.crt key.
 | |
|                       type: string
 | |
|                   type: object
 | |
|                   x-kubernetes-validations:
 | |
|                   - message: RootCA cannot have both Secret and ConfigMap defined.
 | |
|                     rule: '!has(self.secret) || !has(self.configMap)'
 | |
|                 type: array
 | |
|               rootCAsSecrets:
 | |
|                 description: |-
 | |
|                   RootCAsSecrets defines a list of CA secret used to validate self-signed certificate.
 | |
|                   Deprecated: RootCAsSecrets is deprecated, please use the RootCAs option instead.
 | |
|                 items:
 | |
|                   type: string
 | |
|                 type: array
 | |
|               serverName:
 | |
|                 description: ServerName defines the server name used to contact the
 | |
|                   server.
 | |
|                 type: string
 | |
|               spiffe:
 | |
|                 description: Spiffe defines the SPIFFE configuration.
 | |
|                 properties:
 | |
|                   ids:
 | |
|                     description: IDs defines the allowed SPIFFE IDs (takes precedence
 | |
|                       over the SPIFFE TrustDomain).
 | |
|                     items:
 | |
|                       type: string
 | |
|                     type: array
 | |
|                   trustDomain:
 | |
|                     description: TrustDomain defines the allowed SPIFFE trust domain.
 | |
|                     type: string
 | |
|                 type: object
 | |
|             type: object
 | |
|         required:
 | |
|         - metadata
 | |
|         - spec
 | |
|         type: object
 | |
|     served: true
 | |
|     storage: true
 |