For more information, see the Gloo Operator installation guide.

API Reference

Packages:

operator.gloo.solo.io/v1

Resource Types:

GatewayController

↩ Parent

GatewayController is the Schema for the gatewaycontrollers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringGatewayControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectGatewayControllerSpec defines the desired state of GatewayController
false
statusobjectGatewayControllerStatus defines the observed state of GatewayController
false

GatewayController.spec

↩ Parent

GatewayControllerSpec defines the desired state of GatewayController

NameTypeDescriptionRequired
versionstringVersion of the Gateway to deploy, e.g., 1.18.0.
true
distributionenumDistribution to use: Standard, or FIPS. Defaults to standard.

Enum: Standard, FIPS
Default: Standard
false
installNamespacestringNamespace to install the Gateway into. Defaults to gloo-system.

Default: gloo-system
false
repositoryobjectRepository to fetch the Gateway manifests from.
false

GatewayController.spec.repository

↩ Parent

Repository to fetch the Gateway manifests from.

NameTypeDescriptionRequired
secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, to use for pulling any of the manifests from an artifact registry.
false
urlstringRepository URL.
false
GatewayController.spec.repository.secrets[index]

↩ Parent

SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

NameTypeDescriptionRequired
namestringname is unique within a namespace to reference a secret resource.
false
namespacestringnamespace defines the space within which the secret name must be unique.
false

GatewayController.status

↩ Parent

GatewayControllerStatus defines the observed state of GatewayController

NameTypeDescriptionRequired
conditions[]objectRepresents the observations of a GatewayController's current state.

Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
false
phasestringRepresents the current phase of the GatewayController.

Default: UNKNOWN
false

GatewayController.status.conditions[index]

↩ Parent

Condition contains details for one aspect of the current state of this API Resource.

NameTypeDescriptionRequired
lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

Format: date-time
true
messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
true
reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
true
statusenumstatus of the condition, one of True, False, Unknown.

Enum: True, False, Unknown
true
typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
true
observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

Format: int64
Minimum: 0
false

KagentController

↩ Parent

KagentController is the Schema for the KagentControllers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringKagentControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectKagentControllerSpec defines the desired state of KagentController
false
statusobjectKagentControllerStatus defines the observed state of KagentController
false

KagentController.spec

↩ Parent

KagentControllerSpec defines the desired state of KagentController

NameTypeDescriptionRequired
apiKeyobjectAPIKey is a reference to the secret containing the API key
true
oidcobjectOIDC configuration for the Kagent UI
true
telemetryobjectTelemetry component attributes.
true
versionstringVersion is the version of the KagentController
true
repositoryobjectRepository is a reference to the helm chart repository
false

KagentController.spec.apiKey

↩ Parent

APIKey is a reference to the secret containing the API key

NameTypeDescriptionRequired
secretRefobjectSecretRef is a reference to the secret containing the API key
true
typeenumType is the type of the API key

Enum: OpenAI
true
KagentController.spec.apiKey.secretRef

↩ Parent

SecretRef is a reference to the secret containing the API key

NameTypeDescriptionRequired
namestringname is unique within a namespace to reference a secret resource.
false
namespacestringnamespace defines the space within which the secret name must be unique.
false

KagentController.spec.oidc

↩ Parent

OIDC configuration for the Kagent UI

NameTypeDescriptionRequired
clientIdstringOIDC client ID for the Kagent UI
true
issuerstringOIDC issuer for the Kagent UI
true
secretstringOIDC secret for the Kagent UI
true
secretRefstringOIDC secret reference for the Kagent UI
true

KagentController.spec.telemetry

↩ Parent

Telemetry component attributes.

NameTypeDescriptionRequired
loggingobjectLogging component attributes.
true
tracingobjectTracing component attributes.
true
KagentController.spec.telemetry.logging

↩ Parent

Logging component attributes.

NameTypeDescriptionRequired
endpointstringEndpoint for logging exporter in the format of
true
KagentController.spec.telemetry.tracing

↩ Parent

Tracing component attributes.

NameTypeDescriptionRequired
endpointstringEndpoint for tracing exporter in the format of
true

KagentController.spec.repository

↩ Parent

Repository is a reference to the helm chart repository

NameTypeDescriptionRequired
secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, to use for pulling any of the manifests from an artifact registry.
false
urlstringRepository URL.
false
KagentController.spec.repository.secrets[index]

↩ Parent

SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

NameTypeDescriptionRequired
namestringname is unique within a namespace to reference a secret resource.
false
namespacestringnamespace defines the space within which the secret name must be unique.
false

KagentController.status

↩ Parent

KagentControllerStatus defines the observed state of KagentController

NameTypeDescriptionRequired
conditions[]objectRepresents the observations of a KagentController's current state.

Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
false
phasestringRepresents the current phase of the KagentController.

Default: UNKNOWN
false

KagentController.status.conditions[index]

↩ Parent

Condition contains details for one aspect of the current state of this API Resource.

NameTypeDescriptionRequired
lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

Format: date-time
true
messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
true
reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
true
statusenumstatus of the condition, one of True, False, Unknown.

Enum: True, False, Unknown
true
typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
true
observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

Format: int64
Minimum: 0
false

KagentManagementController

↩ Parent

KagentManagementController is the Schema for the KagentManagementControllers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringKagentManagementControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectKagentManagementControllerSpec defines the desired state of KagentManagementController
false
statusobjectKagentManagementControllerStatus defines the observed state of KagentManagementController
false

KagentManagementController.spec

↩ Parent

KagentManagementControllerSpec defines the desired state of KagentManagementController

NameTypeDescriptionRequired
oidcobjectOIDC configuration for the Kagent Enterprise UI
true
versionstringVersion is the version of the KagentManagementController
true
imageobjectImage attributes
false
repositoryobjectRepository is a reference to the helm chart repository
false

KagentManagementController.spec.oidc

↩ Parent

OIDC configuration for the Kagent Enterprise UI

NameTypeDescriptionRequired
authEndpointstringOIDC auth endpoint for the Kagent Enterprise UI
true
clientIDstringOIDC client ID for the Kagent Enterprise UI
true
clientSecretstringReference to the secret containing the OIDC client secret for the Kagent Enterprise UI
true
issuerstringOIDC issuer for the Kagent Enterprise UI
true
logoutEndpointstringOIDC logout endpoint for the Kagent Enterprise UI
true
tokenEndpointstringOIDC token endpoint for the Kagent Enterprise UI
true

KagentManagementController.spec.image

↩ Parent

Image attributes

NameTypeDescriptionRequired
registrystringImage registry.
false
repositorystringImage repository.
false
secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, in the same namespace to use for pulling any of the images from a container registry.
false
KagentManagementController.spec.image.secrets[index]

↩ Parent

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

NameTypeDescriptionRequired
namestringName of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

Default:
false

KagentManagementController.spec.repository

↩ Parent

Repository is a reference to the helm chart repository

NameTypeDescriptionRequired
secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, to use for pulling any of the manifests from an artifact registry.
false
urlstringRepository URL.
false
KagentManagementController.spec.repository.secrets[index]

↩ Parent

SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

NameTypeDescriptionRequired
namestringname is unique within a namespace to reference a secret resource.
false
namespacestringnamespace defines the space within which the secret name must be unique.
false

KagentManagementController.status

↩ Parent

KagentManagementControllerStatus defines the observed state of KagentManagementController

NameTypeDescriptionRequired
conditions[]objectRepresents the observations of a KagentManagementController's current state.

Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
false
phasestringRepresents the current phase of the KagentManagementController.

Default: UNKNOWN
false

KagentManagementController.status.conditions[index]

↩ Parent

Condition contains details for one aspect of the current state of this API Resource.

NameTypeDescriptionRequired
lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

Format: date-time
true
messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
true
reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
true
statusenumstatus of the condition, one of True, False, Unknown.

Enum: True, False, Unknown
true
typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
true
observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

Format: int64
Minimum: 0
false

KagentRelayController

↩ Parent

KagentRelayController is the Schema for the KagentRelayControllers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringKagentRelayControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectKagentRelayControllerSpec defines the desired state of KagentRelayController
false
statusobjectKagentRelayControllerStatus defines the observed state of KagentRelayController
false

KagentRelayController.spec

↩ Parent

KagentRelayControllerSpec defines the desired state of KagentRelayController

NameTypeDescriptionRequired
clusterstringThe name of the cluster where the KagentRelay is installed.
true
telemetryobjectTelemetry component attributes.
true
trustbundlestringTrustBundle is the trust bundle for control plane certificates used to verify the certificates of the control plane.
true
tunnelobjectTunnel component attributes.
true
versionstringVersion specifies KagentRelay's version
true
repositoryobjectRepository to fetch the KagentRelay manifests from.
false

KagentRelayController.spec.telemetry

↩ Parent

Telemetry component attributes.

NameTypeDescriptionRequired
fqdnstringFully qualified domain name for Otel Gateway in Control Plane
true

KagentRelayController.spec.tunnel

↩ Parent

Tunnel component attributes.

NameTypeDescriptionRequired
fqdnstringFully qualified domain name for Tunnel Server in Control Plane
true

KagentRelayController.spec.repository

↩ Parent

Repository to fetch the KagentRelay manifests from.

NameTypeDescriptionRequired
secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, to use for pulling any of the manifests from an artifact registry.
false
urlstringRepository URL.
false
KagentRelayController.spec.repository.secrets[index]

↩ Parent

SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

NameTypeDescriptionRequired
namestringname is unique within a namespace to reference a secret resource.
false
namespacestringnamespace defines the space within which the secret name must be unique.
false

KagentRelayController.status

↩ Parent

KagentRelayControllerStatus defines the observed state of KagentRelayController

NameTypeDescriptionRequired
conditions[]objectRepresents the observations of a KagentRelayController's current state.

Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
false
phasestringRepresents the current phase of the KagentRelayController.

Default: UNKNOWN
false

KagentRelayController.status.conditions[index]

↩ Parent

Condition contains details for one aspect of the current state of this API Resource.

NameTypeDescriptionRequired
lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

Format: date-time
true
messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
true
reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
true
statusenumstatus of the condition, one of True, False, Unknown.

Enum: True, False, Unknown
true
typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
true
observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

Format: int64
Minimum: 0
false

OTelController

↩ Parent

OTelController is the Schema for the OTelControllers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringOTelControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectOTelControllerSpec defines the desired state of OTelController
false
statusobjectOTelControllerStatus defines the observed state of OTelController
false

OTelController.spec

↩ Parent

OTelControllerSpec defines the desired state of OTelController

NameTypeDescriptionRequired
versionstringOpenTelemetry Collector version to deploy.
true
installNamespacestringNamespace to install the OpenTelemetry components into.
false

OTelController.status

↩ Parent

OTelControllerStatus defines the observed state of OTelController

NameTypeDescriptionRequired
conditions[]objectRepresents the observations of a OTelController's current state.

Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
false
phasestringRepresents the current phase of the OTelController.

Default: UNKNOWN
false

OTelController.status.conditions[index]

↩ Parent

Condition contains details for one aspect of the current state of this API Resource.

NameTypeDescriptionRequired
lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

Format: date-time
true
messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
true
reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
true
statusenumstatus of the condition, one of True, False, Unknown.

Enum: True, False, Unknown
true
typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
true
observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

Format: int64
Minimum: 0
false

ServiceMeshController

↩ Parent

ServiceMeshController is the Schema for the servicemeshcontrollers API

NameTypeDescriptionRequired
apiVersionstringoperator.gloo.solo.io/v1true
kindstringServiceMeshControllertrue
metadataobjectRefer to the Kubernetes API documentation for the fields of the `metadata` field.true
specobjectServiceMeshControllerSpec defines the desired state of ServiceMeshController

Validations:
  • self.trafficCaptureMode == 'InitContainer' ? self.dataplaneMode == 'Sidecar' : true: trafficCaptureMode can be InitContainer only when dataplaneMode is Sidecar
    		• false
    statusobjectServiceMeshControllerStatus defines the observed state of ServiceMeshController
    		false

    ServiceMeshController.spec

    ↩ Parent

    ServiceMeshControllerSpec defines the desired state of ServiceMeshController

    NameTypeDescriptionRequired
    versionstringIstio version to deploy, e.g. 1.23.1.
    		true
    clusterstringCluster name. Should be set in a multi-cluster environment.
    		false
    dataplaneModeenumDataplane mode to use: Ambient or Sidecar. Defaults to Ambient.

    Enum: Ambient, Sidecar
    Default: Ambient
    		false
    distributionenumDistribution to use: Standard, or FIPS. Defaults to standard.

    Enum: Standard, FIPS
    Default: Standard
    		false
    imageobjectImage attributes.
    		false
    installNamespacestringNamespace to install the service mesh components into. Defaults to istio-system.

    Default: istio-system
    		false
    networkstringThe default network workloads belong to. Should be set in a multi-network environment. The network is a logical grouping of workloads that reside in the same L3 domain/network. Workloads in the same network are directly reachable from one another, while workloads in different networks require an east-west gateway to establish connectivity.
    		false
    onConflictenumConflict resolution mode to use: Force or Abort. Force implies that the existing resources will be updated on conflict. Abort implies that the installation will be aborted if a conflict is detected. Defaults to Abort.

    Enum: Force, Abort
    Default: Abort
    		false
    repositoryobjectRepository to fetch the manifests from.
    		false
    scalingProfileenumScaling profile to use: Default or Large. Default implies a scaling profile suitable for most environments. Large implies a scaling profile suitable for large environments. Demo implies a scaling profile for demo environments. Defaults to Default.

    Enum: Default, Large, Demo
    Default: Default
    		false
    trafficCaptureModeenumTraffic capture mode to use: Auto or InitContainer. Auto implies that the most suitable traffic capture mode will be automatically selected based on the environment, such as using a CNI to capture traffic. InitContainer implies that the traffic capture will be done using an init container. Defaults to Auto.

    Enum: Auto, InitContainer
    Default: Auto
    		false
    trustDomainstringTrust domain corresponds to the trust root of a system and is part of a workload's identity.
    		false

    ServiceMeshController.spec.image

    ↩ Parent

    Image attributes.

    NameTypeDescriptionRequired
    registrystringImage registry.
    		false
    repositorystringImage repository.
    		false
    secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, in the same namespace to use for pulling any of the images from a container registry.
    		false
    ServiceMeshController.spec.image.secrets[index]

    ↩ Parent

    LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

    NameTypeDescriptionRequired
    namestringName of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

    Default:
    		false

    ServiceMeshController.spec.repository

    ↩ Parent

    Repository to fetch the manifests from.

    NameTypeDescriptionRequired
    secrets[]objectSecrets references a list of secrets of type kubernetes.io/dockerconfigjson, to use for pulling any of the manifests from an artifact registry.
    		false
    urlstringRepository URL.
    		false
    ServiceMeshController.spec.repository.secrets[index]

    ↩ Parent

    SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace

    NameTypeDescriptionRequired
    namestringname is unique within a namespace to reference a secret resource.
    		false
    namespacestringnamespace defines the space within which the secret name must be unique.
    		false

    ServiceMeshController.status

    ↩ Parent

    ServiceMeshControllerStatus defines the observed state of ServiceMeshController

    NameTypeDescriptionRequired
    conditions[]objectRepresents the observations of a ServiceMeshController's current state.

    Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Waiting for controller reason:NotReconciled status:Unknown type:Ready]]
    		false
    phasestringRepresents the current phase of the ServiceMeshController.

    Default: UNKNOWN
    		false

    ServiceMeshController.status.conditions[index]

    ↩ Parent

    Condition contains details for one aspect of the current state of this API Resource.

    NameTypeDescriptionRequired
    lastTransitionTimestringlastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.

    Format: date-time
    		true
    messagestringmessage is a human readable message indicating details about the transition. This may be an empty string.
    		true
    reasonstringreason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
    		true
    statusenumstatus of the condition, one of True, False, Unknown.

    Enum: True, False, Unknown
    		true
    typestringtype of condition in CamelCase or in foo.example.com/CamelCase.
    		true
    observedGenerationintegerobservedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.

    Format: int64
    Minimum: 0
    		false