Package io.fabric8.openshift.api.model.operator.v1

Class IngressControllerSpec

  • All Implemented Interfaces:
    io.fabric8.kubernetes.api.builder.Editable<IngressControllerSpecBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource, Serializable
    @Generated("io.fabric8.kubernetes.schema.generator.model.ModelGenerator")
public class IngressControllerSpec
extends Object
implements io.fabric8.kubernetes.api.builder.Editable<IngressControllerSpecBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource
    IngressControllerSpec is the specification of the desired behavior of the IngressController.
    See Also:
    Serialized Form

    • Method Detail

      • getClientTLS

        public ClientTLS getClientTLS()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setClientTLS

        public void setClientTLS​(ClientTLS clientTLS)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getDefaultCertificate

        public io.fabric8.kubernetes.api.model.LocalObjectReference getDefaultCertificate()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setDefaultCertificate

        public void setDefaultCertificate​(io.fabric8.kubernetes.api.model.LocalObjectReference defaultCertificate)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getDomain

        public String getDomain()
        domain is a DNS name serviced by the ingress controller and is used to configure multiple features:


        * For the LoadBalancerService endpoint publishing strategy, domain is

        used to configure DNS records. See endpointPublishingStrategy.


        * When using a generated default certificate, the certificate will be valid

        for domain and its subdomains. See defaultCertificate.


        * The value is published to individual Route statuses so that end-users

        know where to target external DNS records.


        domain must be unique among all IngressControllers, and cannot be updated.


        If empty, defaults to ingress.config.openshift.io/cluster .spec.domain.

      • setDomain

        public void setDomain​(String domain)
        domain is a DNS name serviced by the ingress controller and is used to configure multiple features:


        * For the LoadBalancerService endpoint publishing strategy, domain is

        used to configure DNS records. See endpointPublishingStrategy.


        * When using a generated default certificate, the certificate will be valid

        for domain and its subdomains. See defaultCertificate.


        * The value is published to individual Route statuses so that end-users

        know where to target external DNS records.


        domain must be unique among all IngressControllers, and cannot be updated.


        If empty, defaults to ingress.config.openshift.io/cluster .spec.domain.

      • getEndpointPublishingStrategy

        public EndpointPublishingStrategy getEndpointPublishingStrategy()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setEndpointPublishingStrategy

        public void setEndpointPublishingStrategy​(EndpointPublishingStrategy endpointPublishingStrategy)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getHttpCompression

        public HTTPCompressionPolicy getHttpCompression()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setHttpCompression

        public void setHttpCompression​(HTTPCompressionPolicy httpCompression)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getHttpEmptyRequestsPolicy

        public String getHttpEmptyRequestsPolicy()
        httpEmptyRequestsPolicy describes how HTTP connections should be handled if the connection times out before a request is received. Allowed values for this field are "Respond" and "Ignore". If the field is set to "Respond", the ingress controller sends an HTTP 400 or 408 response, logs the connection (if access logging is enabled), and counts the connection in the appropriate metrics. If the field is set to "Ignore", the ingress controller closes the connection without sending a response, logging the connection, or incrementing metrics. The default value is "Respond".


        Typically, these connections come from load balancers' health probes or Web browsers' speculative connections ("preconnect") and can be safely ignored. However, these requests may also be caused by network errors, and so setting this field to "Ignore" may impede detection and diagnosis of problems. In addition, these requests may be caused by port scans, in which case logging empty requests may aid in detecting intrusion attempts.

      • setHttpEmptyRequestsPolicy

        public void setHttpEmptyRequestsPolicy​(String httpEmptyRequestsPolicy)
        httpEmptyRequestsPolicy describes how HTTP connections should be handled if the connection times out before a request is received. Allowed values for this field are "Respond" and "Ignore". If the field is set to "Respond", the ingress controller sends an HTTP 400 or 408 response, logs the connection (if access logging is enabled), and counts the connection in the appropriate metrics. If the field is set to "Ignore", the ingress controller closes the connection without sending a response, logging the connection, or incrementing metrics. The default value is "Respond".


        Typically, these connections come from load balancers' health probes or Web browsers' speculative connections ("preconnect") and can be safely ignored. However, these requests may also be caused by network errors, and so setting this field to "Ignore" may impede detection and diagnosis of problems. In addition, these requests may be caused by port scans, in which case logging empty requests may aid in detecting intrusion attempts.

      • getHttpErrorCodePages

        public io.fabric8.openshift.api.model.config.v1.ConfigMapNameReference getHttpErrorCodePages()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setHttpErrorCodePages

        public void setHttpErrorCodePages​(io.fabric8.openshift.api.model.config.v1.ConfigMapNameReference httpErrorCodePages)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getHttpHeaders

        public IngressControllerHTTPHeaders getHttpHeaders()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setHttpHeaders

        public void setHttpHeaders​(IngressControllerHTTPHeaders httpHeaders)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getIdleConnectionTerminationPolicy

        public String getIdleConnectionTerminationPolicy()
        idleConnectionTerminationPolicy maps directly to HAProxy's idle-close-on-response option and controls whether HAProxy keeps idle frontend connections open during a soft stop (router reload).


        Allowed values for this field are "Immediate" and "Deferred". The default value is "Immediate".


        When set to "Immediate", idle connections are closed immediately during router reloads. This ensures immediate propagation of route changes but may impact clients sensitive to connection resets.


        When set to "Deferred", HAProxy will maintain idle connections during a soft reload instead of closing them immediately. These connections remain open until any of the following occurs:


        - A new request is received on the connection, in which

        case HAProxy handles it in the old process and closes

        the connection after sending the response.


        - HAProxy's `timeout http-keep-alive` duration expires

        (300 seconds in OpenShift's configuration, not

        configurable).


        - The client's keep-alive timeout expires, causing the

        client to close the connection.


        Setting Deferred can help prevent errors in clients or load balancers that do not properly handle connection resets. Additionally, this option allows you to retain the pre-2.4 HAProxy behaviour: in HAProxy version 2.2 (OpenShift versions < 4.14), maintaining idle connections during a soft reload was the default behaviour, but starting with HAProxy 2.4, the default changed to closing idle connections immediately.


        Important Consideration:


        - Using Deferred will result in temporary inconsistencies

        for the first request on each persistent connection

        after a route update and router reload. This request

        will be processed by the old HAProxy process using its

        old configuration. Subsequent requests will use the

        updated configuration.


        Operational Considerations:


        - Keeping idle connections open during reloads may lead

        to an accumulation of old HAProxy processes if

        connections remain idle for extended periods,

        especially in environments where frequent reloads

        occur.


        - Consider monitoring the number of HAProxy processes in

        the router pods when Deferred is set.


        - You may need to enable or adjust the

        `ingress.operator.openshift.io/hard-stop-after`

        duration (configured via an annotation on the

        IngressController resource) in environments with

        frequent reloads to prevent resource exhaustion.

      • setIdleConnectionTerminationPolicy

        public void setIdleConnectionTerminationPolicy​(String idleConnectionTerminationPolicy)
        idleConnectionTerminationPolicy maps directly to HAProxy's idle-close-on-response option and controls whether HAProxy keeps idle frontend connections open during a soft stop (router reload).


        Allowed values for this field are "Immediate" and "Deferred". The default value is "Immediate".


        When set to "Immediate", idle connections are closed immediately during router reloads. This ensures immediate propagation of route changes but may impact clients sensitive to connection resets.


        When set to "Deferred", HAProxy will maintain idle connections during a soft reload instead of closing them immediately. These connections remain open until any of the following occurs:


        - A new request is received on the connection, in which

        case HAProxy handles it in the old process and closes

        the connection after sending the response.


        - HAProxy's `timeout http-keep-alive` duration expires

        (300 seconds in OpenShift's configuration, not

        configurable).


        - The client's keep-alive timeout expires, causing the

        client to close the connection.


        Setting Deferred can help prevent errors in clients or load balancers that do not properly handle connection resets. Additionally, this option allows you to retain the pre-2.4 HAProxy behaviour: in HAProxy version 2.2 (OpenShift versions < 4.14), maintaining idle connections during a soft reload was the default behaviour, but starting with HAProxy 2.4, the default changed to closing idle connections immediately.


        Important Consideration:


        - Using Deferred will result in temporary inconsistencies

        for the first request on each persistent connection

        after a route update and router reload. This request

        will be processed by the old HAProxy process using its

        old configuration. Subsequent requests will use the

        updated configuration.


        Operational Considerations:


        - Keeping idle connections open during reloads may lead

        to an accumulation of old HAProxy processes if

        connections remain idle for extended periods,

        especially in environments where frequent reloads

        occur.


        - Consider monitoring the number of HAProxy processes in

        the router pods when Deferred is set.


        - You may need to enable or adjust the

        `ingress.operator.openshift.io/hard-stop-after`

        duration (configured via an annotation on the

        IngressController resource) in environments with

        frequent reloads to prevent resource exhaustion.

      • getLogging

        public IngressControllerLogging getLogging()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setLogging

        public void setLogging​(IngressControllerLogging logging)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getNamespaceSelector

        public io.fabric8.kubernetes.api.model.LabelSelector getNamespaceSelector()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setNamespaceSelector

        public void setNamespaceSelector​(io.fabric8.kubernetes.api.model.LabelSelector namespaceSelector)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getNodePlacement

        public NodePlacement getNodePlacement()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setNodePlacement

        public void setNodePlacement​(NodePlacement nodePlacement)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getReplicas

        public Integer getReplicas()
        replicas is the desired number of ingress controller replicas. If unset, the default depends on the value of the defaultPlacement field in the cluster config.openshift.io/v1/ingresses status.


        The value of replicas is set based on the value of a chosen field in the Infrastructure CR. If defaultPlacement is set to ControlPlane, the chosen field will be controlPlaneTopology. If it is set to Workers the chosen field will be infrastructureTopology. Replicas will then be set to 1 or 2 based whether the chosen field's value is SingleReplica or HighlyAvailable, respectively.


        These defaults are subject to change.

      • setReplicas

        public void setReplicas​(Integer replicas)
        replicas is the desired number of ingress controller replicas. If unset, the default depends on the value of the defaultPlacement field in the cluster config.openshift.io/v1/ingresses status.


        The value of replicas is set based on the value of a chosen field in the Infrastructure CR. If defaultPlacement is set to ControlPlane, the chosen field will be controlPlaneTopology. If it is set to Workers the chosen field will be infrastructureTopology. Replicas will then be set to 1 or 2 based whether the chosen field's value is SingleReplica or HighlyAvailable, respectively.


        These defaults are subject to change.

      • getRouteAdmission

        public RouteAdmissionPolicy getRouteAdmission()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setRouteAdmission

        public void setRouteAdmission​(RouteAdmissionPolicy routeAdmission)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getRouteSelector

        public io.fabric8.kubernetes.api.model.LabelSelector getRouteSelector()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setRouteSelector

        public void setRouteSelector​(io.fabric8.kubernetes.api.model.LabelSelector routeSelector)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getTlsSecurityProfile

        public io.fabric8.openshift.api.model.config.v1.TLSSecurityProfile getTlsSecurityProfile()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setTlsSecurityProfile

        public void setTlsSecurityProfile​(io.fabric8.openshift.api.model.config.v1.TLSSecurityProfile tlsSecurityProfile)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getTuningOptions

        public IngressControllerTuningOptions getTuningOptions()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setTuningOptions

        public void setTuningOptions​(IngressControllerTuningOptions tuningOptions)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getUnsupportedConfigOverrides

        public Object getUnsupportedConfigOverrides()
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • setUnsupportedConfigOverrides

        public void setUnsupportedConfigOverrides​(Object unsupportedConfigOverrides)
        IngressControllerSpec is the specification of the desired behavior of the IngressController.

      • getAdditionalProperties

        public Map<String,​Object> getAdditionalProperties()

      • setAdditionalProperty

        public void setAdditionalProperty​(String name,
                                  Object value)

      • setAdditionalProperties

        public void setAdditionalProperties​(Map<String,​Object> additionalProperties)