selectors.proto

Package : common.mesh.gloo.solo.io

Top

selectors.proto

Table of Contents

DestinationSelector

Select Destinations using one or more platform-specific selectors.

Field Type Label Description
kubeServiceMatcher common.mesh.gloo.solo.io.DestinationSelector.KubeServiceMatcher Match Kubernetes Services by their labels, namespaces, and/or clusters.
kubeServiceRefs common.mesh.gloo.solo.io.DestinationSelector.KubeServiceRefs Match Kubernetes Services by direct reference.

DestinationSelector.KubeServiceMatcher

Match Kubernetes Services by their labels, namespaces, and/or clusters.

Field Type Label Description
labels []common.mesh.gloo.solo.io.DestinationSelector.KubeServiceMatcher.LabelsEntry repeated If specified, a match requires all labels to exist on a Kubernetes Service. When used in a networking policy, omission matches any labels. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any label key and/or value.
namespaces []string repeated If specified, match Kubernetes Services if they exist in one of the specified namespaces. When used in a networking policy, omission matches any namespace. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any namespace.
clusters []string repeated If specified, match Kubernetes Services if they exist in one of the specified clusters. When used in a networking policy, omission matches any cluster. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any cluster.

DestinationSelector.KubeServiceMatcher.LabelsEntry

Field Type Label Description
key string
value string

DestinationSelector.KubeServiceRefs

Match Kubernetes Services by direct reference.

Field Type Label Description
services []core.skv2.solo.io.ClusterObjectRef repeated Match Kubernetes Services by direct reference. When used in a networking policy, omission of any field (name, namespace, or clusterName) allows matching any value for that field. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any value for the given field.

IdentitySelector

Select Destination identities using one or more platform-specific selectors.

Field Type Label Description
kubeIdentityMatcher common.mesh.gloo.solo.io.IdentitySelector.KubeIdentityMatcher Match request identities based on the Kubernetes namespace and cluster.
kubeServiceAccountRefs common.mesh.gloo.solo.io.IdentitySelector.KubeServiceAccountRefs Match request identities based on the Kubernetes service account of the request.

IdentitySelector.KubeIdentityMatcher

Field Type Label Description
namespaces []string repeated If specified, match a Kubernetes identity if it exists in one of the specified namespaces. When used in a networking policy, omission matches any namespace. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any namespace.
clusters []string repeated If specified, match a Kubernetes identity if it exists in one of the specified clusters. When used in a networking policy, omission matches any cluster. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any cluster.

IdentitySelector.KubeServiceAccountRefs

Field Type Label Description
serviceAccounts []core.skv2.solo.io.ClusterObjectRef repeated Match Kubernetes service accounts by direct reference. When used in a networking policy, omission of any field (name, namespace, or clusterName) allows matching any value for that field. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any value for the given field.

WorkloadSelector

Select Workloads using one or more platform-specific selectors.

Field Type Label Description
kubeWorkloadMatcher common.mesh.gloo.solo.io.WorkloadSelector.KubeWorkloadMatcher Match Kubernetes workloads by their labels, namespaces, and/or clusters.

WorkloadSelector.KubeWorkloadMatcher

Match Kubernetes workloads by their labels, namespaces, and/or clusters.

Field Type Label Description
labels []common.mesh.gloo.solo.io.WorkloadSelector.KubeWorkloadMatcher.LabelsEntry repeated If specified, all labels must exist on Kubernetes workload. When used in a networking policy, omission matches any labels. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any label key and/or value.
namespaces []string repeated If specified, match Kubernetes workloads if they exist in one of the specified namespaces. When used in a networking policy, omission matches any namespace. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any namespace.
clusters []string repeated If specified, match Kubernetes workloads if they exist in one of the specified clusters. When used in a networking policy, omission matches any cluster. When used in a Gloo Mesh Role, a wildcard ("*") must be specified to match any cluster.

WorkloadSelector.KubeWorkloadMatcher.LabelsEntry

Field Type Label Description
key string
value string