CiliumPodIPPool
cilium.io / v2
apiVersion: cilium.io/v2
kind: CiliumPodIPPool
metadata:
name: example
apiVersion
string
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind
string
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata
object
spec object required
allowFirstIP
boolean
AllowFirstIP allows the first IP of each allocated CIDR to be used. If
unset or false, this IP is reserved. This field is ignored for /{31,32}
and /{127,128} CIDRs since reserving the first and last IPs would make
the CIDRs unusable. This field is immutable.
allowLastIP
boolean
AllowLastIP allows the last IP of each allocated CIDR to be used. If
unset or false, this IP is reserved. This field is ignored for /{31,32}
and /{127,128} CIDRs since reserving the first and last IPs would make
the CIDRs unusable. This field is immutable.
ipv4 object
IPv4 specifies the IPv4 CIDRs and mask sizes of the pool
cidrs
[]string required
CIDRs is a list of IPv4 CIDRs that are part of the pool.
minItems:
1maxItems:
32
maskSize
integer required
MaskSize is the mask size of the pool.
minimum:
1maximum:
32pool []object
Pool contains per-CIDR configuration for a subset of CIDRs listed in CIDRs.
Each entry must reference a CIDR in CIDRs.
maxItems:
32
cidr
string required
CIDR references one of the CIDRs listed in the parent pool spec.
format:
cidrreservedRanges []object
ReservedRanges is a list of IP ranges within CIDR that must not be allocated.
end
string required
The last IP in the reserved range.
start
string required
The first IP in the reserved range.
ipv6 object
IPv6 specifies the IPv6 CIDRs and mask sizes of the pool
cidrs
[]string required
CIDRs is a list of IPv6 CIDRs that are part of the pool.
minItems:
1maxItems:
32
maskSize
integer required
MaskSize is the mask size of the pool.
minimum:
1maximum:
128pool []object
Pool contains per-CIDR configuration for a subset of CIDRs listed in CIDRs.
Each entry must reference a CIDR in CIDRs.
maxItems:
32
cidr
string required
CIDR references one of the CIDRs listed in the parent pool spec.
format:
cidrreservedRanges []object
ReservedRanges is a list of IP ranges within CIDR that must not be allocated.
end
string required
The last IP in the reserved range.
start
string required
The first IP in the reserved range.
namespaceSelector object
NamespaceSelector selects the set of Namespaces that are eligible to use
this pool. If both PodSelector and NamespaceSelector are specified, a Pod
must match both selectors to be eligible for IP allocation from this pool.
If NamespaceSelector is empty, the pool can be used by Pods in any namespace
(subject to PodSelector constraints).
matchExpressions []object
matchExpressions is a list of label selector requirements. The requirements are ANDed.
key
string required
key is the label key that the selector applies to.
operator
string required
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
enum:
In, NotIn, Exists, DoesNotExist
values
[]string
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
matchLabels
object
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
podSelector object
PodSelector selects the set of Pods that are eligible to receive IPs from
this pool when neither the Pod nor its Namespace specify an explicit
`ipam.cilium.io/*` annotation.
The selector can match on regular Pod labels and on the following synthetic
labels that Cilium adds for convenience:
io.kubernetes.pod.namespace – the Pod's namespace
io.kubernetes.pod.name – the Pod's name
A single Pod must not match more than one pool for the same IP family.
If multiple pools match, IP allocation fails for that Pod and a warning event
is emitted in the namespace of the Pod.
matchExpressions []object
matchExpressions is a list of label selector requirements. The requirements are ANDed.
key
string required
key is the label key that the selector applies to.
operator
string required
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
enum:
In, NotIn, Exists, DoesNotExist
values
[]string
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
matchLabels
object
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
No matches. Try .spec.allowFirstIP for an exact path