Network APIs

Chapter 1. Network APIs

1.1. CloudPrivateIPConfig [cloud.network.openshift.io/v1]

Description: CloudPrivateIPConfig performs an assignment of a private IP address to the primary NIC associated with cloud VMs. This is done by specifying the IP and Kubernetes node which the IP should be assigned to. This CRD is intended to be used by the network plugin which manages the cluster network. The spec side represents the desired state requested by the network plugin, and the status side represents the current state that this CRD’s controller has executed. No users will have permission to modify it, and if a cluster-admin decides to edit it for some reason, their changes will be overwritten the next time the network plugin reconciles the object. Note: the CR’s name must specify the requested private IP address (can be IPv4 or IPv6). Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
Type: object

1.2. EgressFirewall [k8s.ovn.org/v1]

Description: EgressFirewall describes the current egress firewall for a Namespace. Traffic from a pod to an IP address outside the cluster will be checked against each EgressFirewallRule in the pod’s namespace’s EgressFirewall, in order. If no rule matches (or no EgressFirewall is present) then the traffic will be allowed by default.
Type: object

1.3. EgressIP [k8s.ovn.org/v1]

Description: EgressIP is a CRD allowing the user to define a fixed source IP for all egress traffic originating from any pods which match the EgressIP resource according to its spec definition.
Type: object

1.4. EgressQoS [k8s.ovn.org/v1]

Description: EgressQoS is a CRD that allows the user to define a DSCP value for pods egress traffic on its namespace to specified CIDRs. Traffic from these pods will be checked against each EgressQoSRule in the namespace’s EgressQoS, and if there is a match the traffic is marked with the relevant DSCP value.
Type: object

1.5. Endpoints [v1]

Description

Endpoints is a collection of endpoints that implement the actual service. Example:

 Name: "mysvc",
 Subsets: [
   {
     Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
     Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
   },
   {
     Addresses: [{"ip": "10.10.3.3"}],
     Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
   },
]

Type

object

1.6. EndpointSlice [discovery.k8s.io/v1]

Description: EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.
Type: object

1.7. EgressRouter [network.operator.openshift.io/v1]

Description: EgressRouter is a feature allowing the user to define an egress router that acts as a bridge between pods and external systems. The egress router runs a service that redirects egress traffic originating from a pod or a group of pods to a remote external system or multiple destinations as per configuration. It is consumed by the cluster-network-operator. More specifically, given an EgressRouter CR with <name>, the CNO will create and manage: - A service called <name> - An egress pod called <name> - A NAD called <name> Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). EgressRouter is a single egressrouter pod configuration object.
Type: object

1.8. Ingress [networking.k8s.io/v1]

Description: Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
Type: object

1.9. IngressClass [networking.k8s.io/v1]

Description: IngressClass represents the class of the Ingress, referenced by the Ingress Spec. The ingressclass.kubernetes.io/is-default-class annotation can be used to indicate that an IngressClass should be considered default. When a single IngressClass resource has this annotation set to true, new Ingress resources without a class specified will be assigned this default class.
Type: object

1.10. IPPool [whereabouts.cni.cncf.io/v1alpha1]

Description: IPPool is the Schema for Whereabouts for IP address allocation
Type: object

1.11. NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]

Description: NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec
Type: object

1.12. NetworkPolicy [networking.k8s.io/v1]

Description: NetworkPolicy describes what network traffic is allowed for a set of Pods
Type: object

1.13. OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]

Description: OverlappingRangeIPReservation is the Schema for the OverlappingRangeIPReservations API
Type: object

1.14. PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]

Description: PodNetworkConnectivityCheck Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.
Type: object

1.15. Route [route.openshift.io/v1]

Description

A route allows developers to expose services through an HTTP(S) aware load balancing and proxy layer via a public DNS entry. The route may further specify TLS options and a certificate, or specify a public CNAME that the router should also accept for HTTP and HTTPS traffic. An administrator typically configures their router to be visible outside the cluster firewall, and may also add additional security, caching, or traffic controls on the service content. Routers usually talk directly to the service endpoints.

Once a route is created, the host field may not be changed. Generally, routers use the oldest route with a given host when resolving conflicts.

Routers are subject to additional customization and may support additional controls via the annotations field.

Because administrators may configure multiple routers, the route status field is used to return information to clients about the names and states of the route under each router. If a client chooses a duplicate name, for instance, the route status conditions are used to indicate the route cannot be chosen.

To enable HTTP/2 ALPN on a route it requires a custom (non-wildcard) certificate. This prevents connection coalescing by clients, notably web browsers. We do not support HTTP/2 ALPN on routes that use the default certificate because of the risk of connection re-use/coalescing. Routes that do not have their own custom certificate will not be HTTP/2 ALPN-enabled on either the frontend or the backend.

Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).

Type

object

1.16. Service [v1]

Description: Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.
Type: object

Chapter 2. CloudPrivateIPConfig [cloud.network.openshift.io/v1]

Description

CloudPrivateIPConfig performs an assignment of a private IP address to the primary NIC associated with cloud VMs. This is done by specifying the IP and Kubernetes node which the IP should be assigned to. This CRD is intended to be used by the network plugin which manages the cluster network. The spec side represents the desired state requested by the network plugin, and the status side represents the current state that this CRD’s controller has executed. No users will have permission to modify it, and if a cluster-admin decides to edit it for some reason, their changes will be overwritten the next time the network plugin reconciles the object. Note: the CR’s name must specify the requested private IP address (can be IPv4 or IPv6). Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).

Type

object

Required

spec

2.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	spec is the definition of the desired private IP request.
`status`	`object`	status is the observed status of the desired private IP request. Read-only.

2.1.1. .spec

Description: spec is the definition of the desired private IP request.
Type: object

Property	Type	Description
`node`	`string`	node is the node name, as specified by the Kubernetes field: node.metadata.name

2.1.2. .status

Description

status is the observed status of the desired private IP request. Read-only.

Type

object

Required

conditions

Property	Type	Description
`conditions`	`array`	condition is the assignment condition of the private IP and its status
`conditions[]`	`object`	Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo’s current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` // other fields }
`node`	`string`	node is the node name, as specified by the Kubernetes field: node.metadata.name

2.1.3. .status.conditions

Description: condition is the assignment condition of the private IP and its status
Type: array

2.1.4. .status.conditions[]

Description

Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo’s current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions" // other fields }

Type

object

Required

lastTransitionTime
message
reason
status
type

Property	Type	Description
`lastTransitionTime`	`string`	lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
`message`	`string`	message is a human readable message indicating details about the transition. This may be an empty string.
`observedGeneration`	`integer`	observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
`reason`	`string`	reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
`status`	`string`	status of the condition, one of True, False, Unknown.
`type`	`string`	type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)

2.2. API endpoints

The following API endpoints are available:

/apis/cloud.network.openshift.io/v1/cloudprivateipconfigs
- DELETE: delete collection of CloudPrivateIPConfig
- GET: list objects of kind CloudPrivateIPConfig
- POST: create a CloudPrivateIPConfig
/apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}
- DELETE: delete a CloudPrivateIPConfig
- GET: read the specified CloudPrivateIPConfig
- PATCH: partially update the specified CloudPrivateIPConfig
- PUT: replace the specified CloudPrivateIPConfig
/apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}/status
- GET: read status of the specified CloudPrivateIPConfig
- PATCH: partially update status of the specified CloudPrivateIPConfig
- PUT: replace status of the specified CloudPrivateIPConfig

2.2.1. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs

Table 2.1. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of CloudPrivateIPConfig

Table 2.2. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 2.3. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind CloudPrivateIPConfig

Table 2.4. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 2.5. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfigList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a CloudPrivateIPConfig

Table 2.6. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 2.7. Body parameters
Parameter	Type	Description
`body`	`CloudPrivateIPConfig` schema

Table 2.8. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
201 - Created	`CloudPrivateIPConfig` schema
202 - Accepted	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

2.2.2. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}

Table 2.9. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the CloudPrivateIPConfig

Table 2.10. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a CloudPrivateIPConfig

Table 2.11. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 2.12. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 2.13. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified CloudPrivateIPConfig

Table 2.14. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 2.15. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified CloudPrivateIPConfig

Table 2.16. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 2.17. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 2.18. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified CloudPrivateIPConfig

Table 2.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 2.20. Body parameters
Parameter	Type	Description
`body`	`CloudPrivateIPConfig` schema

Table 2.21. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
201 - Created	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

2.2.3. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}/status

Table 2.22. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the CloudPrivateIPConfig

Table 2.23. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified CloudPrivateIPConfig

Table 2.24. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 2.25. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified CloudPrivateIPConfig

Table 2.26. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 2.27. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 2.28. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified CloudPrivateIPConfig

Table 2.29. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 2.30. Body parameters
Parameter	Type	Description
`body`	`CloudPrivateIPConfig` schema

Table 2.31. HTTP responses
HTTP code	Reponse body
200 - OK	`CloudPrivateIPConfig` schema
201 - Created	`CloudPrivateIPConfig` schema
401 - Unauthorized	Empty

Chapter 3. EgressFirewall [k8s.ovn.org/v1]

Description

EgressFirewall describes the current egress firewall for a Namespace. Traffic from a pod to an IP address outside the cluster will be checked against each EgressFirewallRule in the pod’s namespace’s EgressFirewall, in order. If no rule matches (or no EgressFirewall is present) then the traffic will be allowed by default.

Type

object

Required

spec

3.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	Specification of the desired behavior of EgressFirewall.
`status`	`object`	Observed status of EgressFirewall

3.1.1. .spec

Description

Specification of the desired behavior of EgressFirewall.

Type

object

Required

egress

Property	Type	Description
`egress`	`array`	a collection of egress firewall rule objects
`egress[]`	`object`	EgressFirewallRule is a single egressfirewall rule object

3.1.2. .spec.egress

Description: a collection of egress firewall rule objects
Type: array

3.1.3. .spec.egress[]

Description

EgressFirewallRule is a single egressfirewall rule object

Type

object

Required

to
type

Property	Type	Description
`ports`	`array`	ports specify what ports and protocols the rule applies to
`ports[]`	`object`	EgressFirewallPort specifies the port to allow or deny traffic to
`to`	`object`	to is the target that traffic is allowed/denied to
`type`	`string`	type marks this as an "Allow" or "Deny" rule

3.1.4. .spec.egress[].ports

Description: ports specify what ports and protocols the rule applies to
Type: array

3.1.5. .spec.egress[].ports[]

Description

EgressFirewallPort specifies the port to allow or deny traffic to

Type

object

Required

port
protocol

Property	Type	Description
`port`	`integer`	port that the traffic must match
`protocol`	`string`	protocol (tcp, udp, sctp) that the traffic must match.

3.1.6. .spec.egress[].to

Description: to is the target that traffic is allowed/denied to
Type: object

Property	Type	Description
`cidrSelector`	`string`	cidrSelector is the CIDR range to allow/deny traffic to. If this is set, dnsName must be unset.
`dnsName`	`string`	dnsName is the domain name to allow/deny traffic to. If this is set, cidrSelector must be unset.

3.1.7. .status

Description: Observed status of EgressFirewall
Type: object

Property	Type	Description
`status`	`string`

3.2. API endpoints

The following API endpoints are available:

/apis/k8s.ovn.org/v1/egressfirewalls
- GET: list objects of kind EgressFirewall
/apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls
- DELETE: delete collection of EgressFirewall
- GET: list objects of kind EgressFirewall
- POST: create an EgressFirewall
/apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls/{name}
- DELETE: delete an EgressFirewall
- GET: read the specified EgressFirewall
- PATCH: partially update the specified EgressFirewall
- PUT: replace the specified EgressFirewall

3.2.1. /apis/k8s.ovn.org/v1/egressfirewalls

Table 3.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind EgressFirewall

Table 3.2. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewallList` schema
401 - Unauthorized	Empty

3.2.2. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls

Table 3.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 3.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of EgressFirewall

Table 3.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 3.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind EgressFirewall

Table 3.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 3.8. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewallList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an EgressFirewall

Table 3.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 3.10. Body parameters
Parameter	Type	Description
`body`	`EgressFirewall` schema

Table 3.11. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewall` schema
201 - Created	`EgressFirewall` schema
202 - Accepted	`EgressFirewall` schema
401 - Unauthorized	Empty

3.2.3. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls/{name}

Table 3.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressFirewall
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 3.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an EgressFirewall

Table 3.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 3.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 3.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified EgressFirewall

Table 3.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 3.18. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewall` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified EgressFirewall

Table 3.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 3.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 3.21. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewall` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified EgressFirewall

Table 3.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 3.23. Body parameters
Parameter	Type	Description
`body`	`EgressFirewall` schema

Table 3.24. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressFirewall` schema
201 - Created	`EgressFirewall` schema
401 - Unauthorized	Empty

Chapter 4. EgressIP [k8s.ovn.org/v1]

Description

EgressIP is a CRD allowing the user to define a fixed source IP for all egress traffic originating from any pods which match the EgressIP resource according to its spec definition.

Type

object

Required

spec

4.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	Specification of the desired behavior of EgressIP.
`status`	`object`	Observed status of EgressIP. Read-only.

4.1.1. .spec

Description

Specification of the desired behavior of EgressIP.

Type

object

Required

egressIPs
namespaceSelector

Property	Type	Description
`egressIPs`	`array (string)`	EgressIPs is the list of egress IP addresses requested. Can be IPv4 and/or IPv6. This field is mandatory.
`namespaceSelector`	`object`	NamespaceSelector applies the egress IP only to the namespace(s) whose label matches this definition. This field is mandatory.
`podSelector`	`object`	PodSelector applies the egress IP only to the pods whose label matches this definition. This field is optional, and in case it is not set: results in the egress IP being applied to all pods in the namespace(s) matched by the NamespaceSelector. In case it is set: is intersected with the NamespaceSelector, thus applying the egress IP to the pods (in the namespace(s) already matched by the NamespaceSelector) which match this pod selector.

4.1.2. .spec.namespaceSelector

Description: NamespaceSelector applies the egress IP only to the namespace(s) whose label matches this definition. This field is mandatory.
Type: object

Property	Type	Description
`matchExpressions`	`array`	matchExpressions is a list of label selector requirements. The requirements are ANDed.
`matchExpressions[]`	`object`	A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
`matchLabels`	`object (string)`	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

4.1.3. .spec.namespaceSelector.matchExpressions

Description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
Type: array

4.1.4. .spec.namespaceSelector.matchExpressions[]

Description

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Type

object

Required

key
operator

Property	Type	Description
`key`	`string`	key is the label key that the selector applies to.
`operator`	`string`	operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
`values`	`array (string)`	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

4.1.5. .spec.podSelector

Description: PodSelector applies the egress IP only to the pods whose label matches this definition. This field is optional, and in case it is not set: results in the egress IP being applied to all pods in the namespace(s) matched by the NamespaceSelector. In case it is set: is intersected with the NamespaceSelector, thus applying the egress IP to the pods (in the namespace(s) already matched by the NamespaceSelector) which match this pod selector.
Type: object

Property	Type	Description
`matchExpressions`	`array`	matchExpressions is a list of label selector requirements. The requirements are ANDed.
`matchExpressions[]`	`object`	A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
`matchLabels`	`object (string)`	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

4.1.6. .spec.podSelector.matchExpressions

Description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
Type: array

4.1.7. .spec.podSelector.matchExpressions[]

Description

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Type

object

Required

key
operator

Property	Type	Description
`key`	`string`	key is the label key that the selector applies to.
`operator`	`string`	operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
`values`	`array (string)`	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

4.1.8. .status

Description

Observed status of EgressIP. Read-only.

Type

object

Required

items

Property	Type	Description
`items`	`array`	The list of assigned egress IPs and their corresponding node assignment.
`items[]`	`object`	The per node status, for those egress IPs who have been assigned.

4.1.9. .status.items

Description: The list of assigned egress IPs and their corresponding node assignment.
Type: array

4.1.10. .status.items[]

Description

The per node status, for those egress IPs who have been assigned.

Type

object

Required

egressIP
node

Property	Type	Description
`egressIP`	`string`	Assigned egress IP
`node`	`string`	Assigned node name

4.2. API endpoints

The following API endpoints are available:

/apis/k8s.ovn.org/v1/egressips
- DELETE: delete collection of EgressIP
- GET: list objects of kind EgressIP
- POST: create an EgressIP
/apis/k8s.ovn.org/v1/egressips/{name}
- DELETE: delete an EgressIP
- GET: read the specified EgressIP
- PATCH: partially update the specified EgressIP
- PUT: replace the specified EgressIP

4.2.1. /apis/k8s.ovn.org/v1/egressips

Table 4.1. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of EgressIP

Table 4.2. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 4.3. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind EgressIP

Table 4.4. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 4.5. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressIPList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an EgressIP

Table 4.6. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.7. Body parameters
Parameter	Type	Description
`body`	`EgressIP` schema

Table 4.8. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressIP` schema
201 - Created	`EgressIP` schema
202 - Accepted	`EgressIP` schema
401 - Unauthorized	Empty

4.2.2. /apis/k8s.ovn.org/v1/egressips/{name}

Table 4.9. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressIP

Table 4.10. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an EgressIP

Table 4.11. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 4.12. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 4.13. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified EgressIP

Table 4.14. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 4.15. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressIP` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified EgressIP

Table 4.16. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.17. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 4.18. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressIP` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified EgressIP

Table 4.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.20. Body parameters
Parameter	Type	Description
`body`	`EgressIP` schema

Table 4.21. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressIP` schema
201 - Created	`EgressIP` schema
401 - Unauthorized	Empty

Chapter 5. EgressQoS [k8s.ovn.org/v1]

Description: EgressQoS is a CRD that allows the user to define a DSCP value for pods egress traffic on its namespace to specified CIDRs. Traffic from these pods will be checked against each EgressQoSRule in the namespace’s EgressQoS, and if there is a match the traffic is marked with the relevant DSCP value.
Type: object

5.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	EgressQoSSpec defines the desired state of EgressQoS
`status`	`object`	EgressQoSStatus defines the observed state of EgressQoS

5.1.1. .spec

Description

EgressQoSSpec defines the desired state of EgressQoS

Type

object

Required

egress

Property	Type	Description
`egress`	`array`	a collection of Egress QoS rule objects
`egress[]`	`object`

5.1.2. .spec.egress

Description: a collection of Egress QoS rule objects
Type: array

5.1.3. .spec.egress[]

Description

Type

object

Required

dscp

Property	Type	Description
`dscp`	`integer`	DSCP marking value for matching pods' traffic.
`dstCIDR`	`string`	DstCIDR specifies the destination’s CIDR. Only traffic heading to this CIDR will be marked with the DSCP value. This field is optional, and in case it is not set the rule is applied to all egress traffic regardless of the destination.
`podSelector`	`object`	PodSelector applies the QoS rule only to the pods in the namespace whose label matches this definition. This field is optional, and in case it is not set results in the rule being applied to all pods in the namespace.

5.1.4. .spec.egress[].podSelector

Description: PodSelector applies the QoS rule only to the pods in the namespace whose label matches this definition. This field is optional, and in case it is not set results in the rule being applied to all pods in the namespace.
Type: object

Property	Type	Description
`matchExpressions`	`array`	matchExpressions is a list of label selector requirements. The requirements are ANDed.
`matchExpressions[]`	`object`	A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
`matchLabels`	`object (string)`	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

5.1.5. .spec.egress[].podSelector.matchExpressions

Description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
Type: array

5.1.6. .spec.egress[].podSelector.matchExpressions[]

Description

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Type

object

Required

key
operator

Property	Type	Description
`key`	`string`	key is the label key that the selector applies to.
`operator`	`string`	operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
`values`	`array (string)`	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

5.1.7. .status

Description: EgressQoSStatus defines the observed state of EgressQoS
Type: object

5.2. API endpoints

The following API endpoints are available:

/apis/k8s.ovn.org/v1/egressqoses
- GET: list objects of kind EgressQoS
/apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses
- DELETE: delete collection of EgressQoS
- GET: list objects of kind EgressQoS
- POST: create an EgressQoS
/apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}
- DELETE: delete an EgressQoS
- GET: read the specified EgressQoS
- PATCH: partially update the specified EgressQoS
- PUT: replace the specified EgressQoS
/apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}/status
- GET: read status of the specified EgressQoS
- PATCH: partially update status of the specified EgressQoS
- PUT: replace status of the specified EgressQoS

5.2.1. /apis/k8s.ovn.org/v1/egressqoses

Table 5.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind EgressQoS

Table 5.2. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoSList` schema
401 - Unauthorized	Empty

5.2.2. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses

Table 5.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 5.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of EgressQoS

Table 5.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 5.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind EgressQoS

Table 5.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 5.8. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoSList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an EgressQoS

Table 5.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.10. Body parameters
Parameter	Type	Description
`body`	`EgressQoS` schema

Table 5.11. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
201 - Created	`EgressQoS` schema
202 - Accepted	`EgressQoS` schema
401 - Unauthorized	Empty

5.2.3. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}

Table 5.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressQoS
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 5.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an EgressQoS

Table 5.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 5.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 5.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified EgressQoS

Table 5.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 5.18. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified EgressQoS

Table 5.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 5.21. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified EgressQoS

Table 5.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.23. Body parameters
Parameter	Type	Description
`body`	`EgressQoS` schema

Table 5.24. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
201 - Created	`EgressQoS` schema
401 - Unauthorized	Empty

5.2.4. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}/status

Table 5.25. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressQoS
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 5.26. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified EgressQoS

Table 5.27. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 5.28. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified EgressQoS

Table 5.29. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.30. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 5.31. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified EgressQoS

Table 5.32. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.33. Body parameters
Parameter	Type	Description
`body`	`EgressQoS` schema

Table 5.34. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressQoS` schema
201 - Created	`EgressQoS` schema
401 - Unauthorized	Empty

Chapter 6. Endpoints [v1]

Description

Endpoints is a collection of endpoints that implement the actual service. Example:

 Name: "mysvc",
 Subsets: [
   {
     Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
     Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
   },
   {
     Addresses: [{"ip": "10.10.3.3"}],
     Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
   },
]

Type

object

6.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`subsets`	`array`	The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.
`subsets[]`	`object`	EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: { Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] } The resulting set of endpoints can be viewed as: a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ]

6.1.1. .subsets

Description: The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.
Type: array

6.1.2. .subsets[]

Description

EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given:

{
  Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
  Ports:     [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
}

The resulting set of endpoints can be viewed as:

a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
b: [ 10.10.1.1:309, 10.10.2.2:309 ]

Type

object

Property	Type	Description
`addresses`	`array`	IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.
`addresses[]`	`object`	EndpointAddress is a tuple that describes single IP address.
`notReadyAddresses`	`array`	IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.
`notReadyAddresses[]`	`object`	EndpointAddress is a tuple that describes single IP address.
`ports`	`array`	Port numbers available on the related IP addresses.
`ports[]`	`object`	EndpointPort is a tuple that describes a single port.

6.1.3. .subsets[].addresses

Description: IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.
Type: array

6.1.4. .subsets[].addresses[]

Description

EndpointAddress is a tuple that describes single IP address.

Type

object

Required

ip

Property	Type	Description
`hostname`	`string`	The Hostname of this endpoint
`ip`	`string`	The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.
`nodeName`	`string`	Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.
`targetRef`	`object`	ObjectReference contains enough information to let you inspect or modify the referred object.

6.1.5. .subsets[].addresses[].targetRef

Description: ObjectReference contains enough information to let you inspect or modify the referred object.
Type: object

Property	Type	Description
`apiVersion`	`string`	API version of the referent.
`fieldPath`	`string`	If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
`kind`	`string`	Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`name`	`string`	Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`namespace`	`string`	Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`resourceVersion`	`string`	Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
`uid`	`string`	UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

6.1.6. .subsets[].notReadyAddresses

Description: IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.
Type: array

6.1.7. .subsets[].notReadyAddresses[]

Description

EndpointAddress is a tuple that describes single IP address.

Type

object

Required

ip

Property	Type	Description
`hostname`	`string`	The Hostname of this endpoint
`ip`	`string`	The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.
`nodeName`	`string`	Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.
`targetRef`	`object`	ObjectReference contains enough information to let you inspect or modify the referred object.

6.1.8. .subsets[].notReadyAddresses[].targetRef

Description: ObjectReference contains enough information to let you inspect or modify the referred object.
Type: object

Property	Type	Description
`apiVersion`	`string`	API version of the referent.
`fieldPath`	`string`	If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
`kind`	`string`	Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`name`	`string`	Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`namespace`	`string`	Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`resourceVersion`	`string`	Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
`uid`	`string`	UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

6.1.9. .subsets[].ports

Description: Port numbers available on the related IP addresses.
Type: array

6.1.10. .subsets[].ports[]

Description

EndpointPort is a tuple that describes a single port.

Type

object

Required

port

Property	Type	Description
`appProtocol`	`string`	The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.
`name`	`string`	The name of this port. This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined.
`port`	`integer`	The port number of the endpoint.
`protocol`	`string`	The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP. Possible enum values: - `"SCTP"` is the SCTP protocol. - `"TCP"` is the TCP protocol. - `"UDP"` is the UDP protocol.

6.2. API endpoints

The following API endpoints are available:

/api/v1/endpoints
- GET: list or watch objects of kind Endpoints
/api/v1/watch/endpoints
- GET: watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/endpoints
- DELETE: delete collection of Endpoints
- GET: list or watch objects of kind Endpoints
- POST: create Endpoints
/api/v1/watch/namespaces/{namespace}/endpoints
- GET: watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/endpoints/{name}
- DELETE: delete Endpoints
- GET: read the specified Endpoints
- PATCH: partially update the specified Endpoints
- PUT: replace the specified Endpoints
/api/v1/watch/namespaces/{namespace}/endpoints/{name}
- GET: watch changes to an object of kind Endpoints. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

6.2.1. /api/v1/endpoints

Table 6.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind Endpoints

Table 6.2. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointsList` schema
401 - Unauthorized	Empty

6.2.2. /api/v1/watch/endpoints

Table 6.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.

Table 6.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

6.2.3. /api/v1/namespaces/{namespace}/endpoints

Table 6.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 6.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of Endpoints

Table 6.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 6.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 6.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind Endpoints

Table 6.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 6.11. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointsList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create Endpoints

Table 6.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 6.13. Body parameters
Parameter	Type	Description
`body`	`Endpoints` schema

Table 6.14. HTTP responses
HTTP code	Reponse body
200 - OK	`Endpoints` schema
201 - Created	`Endpoints` schema
202 - Accepted	`Endpoints` schema
401 - Unauthorized	Empty

6.2.4. /api/v1/watch/namespaces/{namespace}/endpoints

Table 6.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 6.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Endpoints. deprecated: use the 'watch' parameter with a list operation instead.

Table 6.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

6.2.5. /api/v1/namespaces/{namespace}/endpoints/{name}

Table 6.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Endpoints
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 6.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete Endpoints

Table 6.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 6.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 6.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified Endpoints

Table 6.23. HTTP responses
HTTP code	Reponse body
200 - OK	`Endpoints` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified Endpoints

Table 6.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 6.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 6.26. HTTP responses
HTTP code	Reponse body
200 - OK	`Endpoints` schema
201 - Created	`Endpoints` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified Endpoints

Table 6.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 6.28. Body parameters
Parameter	Type	Description
`body`	`Endpoints` schema

Table 6.29. HTTP responses
HTTP code	Reponse body
200 - OK	`Endpoints` schema
201 - Created	`Endpoints` schema
401 - Unauthorized	Empty

6.2.6. /api/v1/watch/namespaces/{namespace}/endpoints/{name}

Table 6.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Endpoints
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 6.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind Endpoints. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 6.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 7. EndpointSlice [discovery.k8s.io/v1]

Description

EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.

Type

object

Required

addressType
endpoints

7.1. Specification

Property	Type	Description
`addressType`	`string`	addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name. Possible enum values: - `"FQDN"` represents a FQDN. - `"IPv4"` represents an IPv4 Address. - `"IPv6"` represents an IPv6 Address.
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`endpoints`	`array`	endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of 1000 endpoints.
`endpoints[]`	`object`	Endpoint represents a single logical "backend" implementing a service.
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata.
`ports`	`array`	ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. When ports is empty, it indicates that there are no defined ports. When a port is defined with a nil port value, it indicates "all ports". Each slice may include a maximum of 100 ports.
`ports[]`	`object`	EndpointPort represents a Port used by an EndpointSlice

7.1.1. .endpoints

Description: endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of 1000 endpoints.
Type: array

7.1.2. .endpoints[]

Description

Endpoint represents a single logical "backend" implementing a service.

Type

object

Required

addresses

Property	Type	Description
`addresses`	`array (string)`	addresses of this endpoint. The contents of this field are interpreted according to the corresponding EndpointSlice addressType field. Consumers must handle different types of addresses in the context of their own capabilities. This must contain at least one address but no more than 100. These are all assumed to be fungible and clients may choose to only use the first element. Refer to: https://issue.k8s.io/106267
`conditions`	`object`	EndpointConditions represents the current condition of an endpoint.
`deprecatedTopology`	`object (string)`	deprecatedTopology contains topology information part of the v1beta1 API. This field is deprecated, and will be removed when the v1beta1 API is removed (no sooner than kubernetes v1.24). While this field can hold values, it is not writable through the v1 API, and any attempts to write to it will be silently ignored. Topology information can be found in the zone and nodeName fields instead.
`hints`	`object`	EndpointHints provides hints describing how an endpoint should be consumed.
`hostname`	`string`	hostname of this endpoint. This field may be used by consumers of endpoints to distinguish endpoints from each other (e.g. in DNS names). Multiple endpoints which use the same hostname should be considered fungible (e.g. multiple A values in DNS). Must be lowercase and pass DNS Label (RFC 1123) validation.
`nodeName`	`string`	nodeName represents the name of the Node hosting this endpoint. This can be used to determine endpoints local to a Node.
`targetRef`	`ObjectReference`	targetRef is a reference to a Kubernetes object that represents this endpoint.
`zone`	`string`	zone is the name of the Zone this endpoint exists in.

7.1.3. .endpoints[].conditions

Description: EndpointConditions represents the current condition of an endpoint.
Type: object

Property	Type	Description
`ready`	`boolean`	ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility reasons, ready should never be "true" for terminating endpoints.
`serving`	`boolean`	serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition. This field can be enabled with the EndpointSliceTerminatingCondition feature gate.
`terminating`	`boolean`	terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating. This field can be enabled with the EndpointSliceTerminatingCondition feature gate.

7.1.4. .endpoints[].hints

Description: EndpointHints provides hints describing how an endpoint should be consumed.
Type: object

Property	Type	Description
`forZones`	`array`	forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing.
`forZones[]`	`object`	ForZone provides information about which zones should consume this endpoint.

7.1.5. .endpoints[].hints.forZones

Description: forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing.
Type: array

7.1.6. .endpoints[].hints.forZones[]

Description

ForZone provides information about which zones should consume this endpoint.

Type

object

Required

name

Property	Type	Description
`name`	`string`	name represents the name of the zone.

7.1.7. .ports

Description: ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. When ports is empty, it indicates that there are no defined ports. When a port is defined with a nil port value, it indicates "all ports". Each slice may include a maximum of 100 ports.
Type: array

7.1.8. .ports[]

Description: EndpointPort represents a Port used by an EndpointSlice
Type: object

Property	Type	Description
`appProtocol`	`string`	The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.
`name`	`string`	The name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is dervied from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: * must be no more than 63 characters long. * must consist of lower case alphanumeric characters or '-'. * must start and end with an alphanumeric character. Default is empty string.
`port`	`integer`	The port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.
`protocol`	`string`	The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.

7.2. API endpoints

The following API endpoints are available:

/apis/discovery.k8s.io/v1/endpointslices
- GET: list or watch objects of kind EndpointSlice
/apis/discovery.k8s.io/v1/watch/endpointslices
- GET: watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.
/apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices
- DELETE: delete collection of EndpointSlice
- GET: list or watch objects of kind EndpointSlice
- POST: create an EndpointSlice
/apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices
- GET: watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.
/apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}
- DELETE: delete an EndpointSlice
- GET: read the specified EndpointSlice
- PATCH: partially update the specified EndpointSlice
- PUT: replace the specified EndpointSlice
/apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices/{name}
- GET: watch changes to an object of kind EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

7.2.1. /apis/discovery.k8s.io/v1/endpointslices

Table 7.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind EndpointSlice

Table 7.2. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSliceList` schema
401 - Unauthorized	Empty

7.2.2. /apis/discovery.k8s.io/v1/watch/endpointslices

Table 7.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.

Table 7.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

7.2.3. /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices

Table 7.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 7.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of EndpointSlice

Table 7.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 7.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 7.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind EndpointSlice

Table 7.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 7.11. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSliceList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an EndpointSlice

Table 7.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 7.13. Body parameters
Parameter	Type	Description
`body`	`EndpointSlice` schema

Table 7.14. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSlice` schema
201 - Created	`EndpointSlice` schema
202 - Accepted	`EndpointSlice` schema
401 - Unauthorized	Empty

7.2.4. /apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices

Table 7.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 7.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead.

Table 7.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

7.2.5. /apis/discovery.k8s.io/v1/namespaces/{namespace}/endpointslices/{name}

Table 7.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EndpointSlice
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 7.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an EndpointSlice

Table 7.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 7.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 7.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified EndpointSlice

Table 7.23. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSlice` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified EndpointSlice

Table 7.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 7.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 7.26. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSlice` schema
201 - Created	`EndpointSlice` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified EndpointSlice

Table 7.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 7.28. Body parameters
Parameter	Type	Description
`body`	`EndpointSlice` schema

Table 7.29. HTTP responses
HTTP code	Reponse body
200 - OK	`EndpointSlice` schema
201 - Created	`EndpointSlice` schema
401 - Unauthorized	Empty

7.2.6. /apis/discovery.k8s.io/v1/watch/namespaces/{namespace}/endpointslices/{name}

Table 7.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EndpointSlice
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 7.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind EndpointSlice. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 7.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 8. EgressRouter [network.operator.openshift.io/v1]

Description

EgressRouter is a feature allowing the user to define an egress router that acts as a bridge between pods and external systems. The egress router runs a service that redirects egress traffic originating from a pod or a group of pods to a remote external system or multiple destinations as per configuration. It is consumed by the cluster-network-operator. More specifically, given an EgressRouter CR with <name>, the CNO will create and manage: - A service called <name> - An egress pod called <name> - A NAD called <name> Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). EgressRouter is a single egressrouter pod configuration object.

Type

object

Required

spec

8.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	Specification of the desired egress router.
`status`	`object`	Observed status of EgressRouter.

8.1.1. .spec

Description

Specification of the desired egress router.

Type

object

Required

addresses
mode
networkInterface

Property	Type	Description
`addresses`	`array`	List of IP addresses to configure on the pod’s secondary interface.
`addresses[]`	`object`	EgressRouterAddress contains a pair of IP CIDR and gateway to be configured on the router’s interface
`mode`	`string`	Mode depicts the mode that is used for the egress router. The default mode is "Redirect" and is the only supported mode currently.
`networkInterface`	`object`	Specification of interface to create/use. The default is macvlan. Currently only macvlan is supported.
`redirect`	`object`	Redirect represents the configuration parameters specific to redirect mode.

8.1.2. .spec.addresses

Description: List of IP addresses to configure on the pod’s secondary interface.
Type: array

8.1.3. .spec.addresses[]

Description

EgressRouterAddress contains a pair of IP CIDR and gateway to be configured on the router’s interface

Type

object

Required

ip

Property	Type	Description
`gateway`	`string`	IP address of the next-hop gateway, if it cannot be automatically determined. Can be IPv4 or IPv6.
`ip`	`string`	IP is the address to configure on the router’s interface. Can be IPv4 or IPv6.

8.1.4. .spec.networkInterface

Description: Specification of interface to create/use. The default is macvlan. Currently only macvlan is supported.
Type: object

Property	Type	Description
`macvlan`	`object`	Arguments specific to the interfaceType macvlan

8.1.5. .spec.networkInterface.macvlan

Description

Arguments specific to the interfaceType macvlan

Type

object

Required

mode

Property	Type	Description
`master`	`string`	Name of the master interface. Need not be specified if it can be inferred from the IP address.
`mode`	`string`	Mode depicts the mode that is used for the macvlan interface; one of Bridge\|Private\|VEPA\|Passthru. The default mode is "Bridge".

8.1.6. .spec.redirect

Description: Redirect represents the configuration parameters specific to redirect mode.
Type: object

Property	Type	Description
`fallbackIP`	`string`	FallbackIP specifies the remote destination’s IP address. Can be IPv4 or IPv6. If no redirect rules are specified, all traffic from the router are redirected to this IP. If redirect rules are specified, then any connections on any other port (undefined in the rules) on the router will be redirected to this IP. If redirect rules are specified and no fallback IP is provided, connections on other ports will simply be rejected.
`redirectRules`	`array`	List of L4RedirectRules that define the DNAT redirection from the pod to the destination in redirect mode.
`redirectRules[]`	`object`	L4RedirectRule defines a DNAT redirection from a given port to a destination IP and port.

8.1.7. .spec.redirect.redirectRules

Description: List of L4RedirectRules that define the DNAT redirection from the pod to the destination in redirect mode.
Type: array

8.1.8. .spec.redirect.redirectRules[]

Description

L4RedirectRule defines a DNAT redirection from a given port to a destination IP and port.

Type

object

Required

destinationIP
port
protocol

Property	Type	Description
`destinationIP`	`string`	IP specifies the remote destination’s IP address. Can be IPv4 or IPv6.
`port`	`integer`	Port is the port number to which clients should send traffic to be redirected.
`protocol`	`string`	Protocol can be TCP, SCTP or UDP.
`targetPort`	`integer`	TargetPort allows specifying the port number on the remote destination to which the traffic gets redirected to. If unspecified, the value from "Port" is used.

8.1.9. .status

Description

Observed status of EgressRouter.

Type

object

Required

conditions

Property	Type	Description
`conditions`	`array`	Observed status of the egress router
`conditions[]`	`object`	EgressRouterStatusCondition represents the state of the egress router’s managed and monitored components.

8.1.10. .status.conditions

Description: Observed status of the egress router
Type: array

8.1.11. .status.conditions[]

Description

EgressRouterStatusCondition represents the state of the egress router’s managed and monitored components.

Type

object

Required

status
type

Property	Type	Description
`lastTransitionTime`	``	LastTransitionTime is the time of the last update to the current status property.
`message`	`string`	Message provides additional information about the current condition. This is only to be consumed by humans. It may contain Line Feed characters (U+000A), which should be rendered as new lines.
`reason`	`string`	Reason is the CamelCase reason for the condition’s current status.
`status`	`string`	Status of the condition, one of True, False, Unknown.
`type`	`string`	Type specifies the aspect reported by this condition; one of Available, Progressing, Degraded

8.2. API endpoints

The following API endpoints are available:

/apis/network.operator.openshift.io/v1/egressrouters
- GET: list objects of kind EgressRouter
/apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters
- DELETE: delete collection of EgressRouter
- GET: list objects of kind EgressRouter
- POST: create an EgressRouter
/apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters/{name}
- DELETE: delete an EgressRouter
- GET: read the specified EgressRouter
- PATCH: partially update the specified EgressRouter
- PUT: replace the specified EgressRouter
/apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters/{name}/status
- GET: read status of the specified EgressRouter
- PATCH: partially update status of the specified EgressRouter
- PUT: replace status of the specified EgressRouter

8.2.1. /apis/network.operator.openshift.io/v1/egressrouters

Table 8.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind EgressRouter

Table 8.2. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouterList` schema
401 - Unauthorized	Empty

8.2.2. /apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters

Table 8.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 8.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of EgressRouter

Table 8.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 8.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind EgressRouter

Table 8.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 8.8. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouterList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an EgressRouter

Table 8.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.10. Body parameters
Parameter	Type	Description
`body`	`EgressRouter` schema

Table 8.11. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
201 - Created	`EgressRouter` schema
202 - Accepted	`EgressRouter` schema
401 - Unauthorized	Empty

8.2.3. /apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters/{name}

Table 8.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressRouter
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 8.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an EgressRouter

Table 8.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 8.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 8.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified EgressRouter

Table 8.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 8.18. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified EgressRouter

Table 8.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 8.21. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified EgressRouter

Table 8.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.23. Body parameters
Parameter	Type	Description
`body`	`EgressRouter` schema

Table 8.24. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
201 - Created	`EgressRouter` schema
401 - Unauthorized	Empty

8.2.4. /apis/network.operator.openshift.io/v1/namespaces/{namespace}/egressrouters/{name}/status

Table 8.25. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the EgressRouter
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 8.26. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified EgressRouter

Table 8.27. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 8.28. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified EgressRouter

Table 8.29. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.30. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 8.31. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified EgressRouter

Table 8.32. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.33. Body parameters
Parameter	Type	Description
`body`	`EgressRouter` schema

Table 8.34. HTTP responses
HTTP code	Reponse body
200 - OK	`EgressRouter` schema
201 - Created	`EgressRouter` schema
401 - Unauthorized	Empty

Chapter 9. Ingress [networking.k8s.io/v1]

Description: Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hosting etc.
Type: object

9.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	IngressSpec describes the Ingress the user wishes to exist.
`status`	`object`	IngressStatus describe the current state of the Ingress.

9.1.1. .spec

Description: IngressSpec describes the Ingress the user wishes to exist.
Type: object

Property	Type	Description
`defaultBackend`	`object`	IngressBackend describes all endpoints for a given service and port.
`ingressClassName`	`string`	IngressClassName is the name of an IngressClass cluster resource. Ingress controller implementations use this field to know whether they should be serving this Ingress resource, by a transitive connection (controller → IngressClass → Ingress resource). Although the `kubernetes.io/ingress.class` annotation (simple constant name) was never formally defined, it was widely supported by Ingress controllers to create a direct binding between Ingress controller and Ingress resources. Newly created Ingress resources should prefer using the field. However, even though the annotation is officially deprecated, for backwards compatibility reasons, ingress controllers should still honor that annotation if present.
`rules`	`array`	A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.
`rules[]`	`object`	IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.
`tls`	`array`	TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
`tls[]`	`object`	IngressTLS describes the transport layer security associated with an Ingress.

9.1.2. .spec.defaultBackend

Description: IngressBackend describes all endpoints for a given service and port.
Type: object

Property	Type	Description
`resource`	`TypedLocalObjectReference`	Resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service".
`service`	`object`	IngressServiceBackend references a Kubernetes Service as a Backend.

9.1.3. .spec.defaultBackend.service

Description

IngressServiceBackend references a Kubernetes Service as a Backend.

Type

object

Required

name

Property	Type	Description
`name`	`string`	Name is the referenced service. The service must exist in the same namespace as the Ingress object.
`port`	`object`	ServiceBackendPort is the service port being referenced.

9.1.4. .spec.defaultBackend.service.port

Description: ServiceBackendPort is the service port being referenced.
Type: object

Property	Type	Description
`name`	`string`	Name is the name of the port on the Service. This is a mutually exclusive setting with "Number".
`number`	`integer`	Number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name".

9.1.5. .spec.rules

Description: A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.
Type: array

9.1.6. .spec.rules[]

Description: IngressRule represents the rules mapping the paths under a specified host to the related backend services. Incoming requests are first evaluated for a host match, then routed to the backend associated with the matching IngressRuleValue.
Type: object

Property Type Description

host

string

Host is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in RFC 3986: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The : delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue.

Host can be "precise" which is a domain name without the terminating dot of a network host (e.g. "foo.bar.com") or "wildcard", which is a domain name prefixed with a single wildcard label (e.g. ".foo.com"). The wildcard character '' must appear by itself as the first DNS label and matches only a single label. You cannot have a wildcard label by itself (e.g. Host == "*"). Requests will be matched against the Host field in the following way: 1. If Host is precise, the request matches this rule if the http host header is equal to Host. 2. If Host is a wildcard, then the request matches this rule if the http host header is to equal to the suffix (removing the first label) of the wildcard rule.

http

object

HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> → backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.

9.1.7. .spec.rules[].http

Description

HTTPIngressRuleValue is a list of http selectors pointing to backends. In the example: http://<host>/<path>?<searchpart> → backend where where parts of the url correspond to RFC 3986, this resource will be used to match against everything after the last '/' and before the first '?' or '#'.

Type

object

Required

paths

Property	Type	Description
`paths`	`array`	A collection of paths that map requests to backends.
`paths[]`	`object`	HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.

9.1.8. .spec.rules[].http.paths

Description: A collection of paths that map requests to backends.
Type: array

9.1.9. .spec.rules[].http.paths[]

Description

HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.

Type

object

Required

pathType
backend

Property	Type	Description
`backend`	`object`	IngressBackend describes all endpoints for a given service and port.
`path`	`string`	Path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value "Exact" or "Prefix".
`pathType`	`string`	PathType determines the interpretation of the Path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element basis. A path element refers is the list of labels in the path split by the '/' separator. A request is a match for path p if every p is an element-wise prefix of p of the request path. Note that if the last element of the path is a substring of the last element in request path, it is not a match (e.g. /foo/bar matches /foo/bar/baz, but does not match /foo/barbaz). * ImplementationSpecific: Interpretation of the Path matching is up to the IngressClass. Implementations can treat this as a separate PathType or treat it identically to Prefix or Exact path types. Implementations are required to support all path types.

9.1.10. .spec.rules[].http.paths[].backend

Description: IngressBackend describes all endpoints for a given service and port.
Type: object

Property	Type	Description
`resource`	`TypedLocalObjectReference`	Resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service".
`service`	`object`	IngressServiceBackend references a Kubernetes Service as a Backend.

9.1.11. .spec.rules[].http.paths[].backend.service

Description

IngressServiceBackend references a Kubernetes Service as a Backend.

Type

object

Required

name

Property	Type	Description
`name`	`string`	Name is the referenced service. The service must exist in the same namespace as the Ingress object.
`port`	`object`	ServiceBackendPort is the service port being referenced.

9.1.12. .spec.rules[].http.paths[].backend.service.port

Description: ServiceBackendPort is the service port being referenced.
Type: object

Property	Type	Description
`name`	`string`	Name is the name of the port on the Service. This is a mutually exclusive setting with "Number".
`number`	`integer`	Number is the numerical port number (e.g. 80) on the Service. This is a mutually exclusive setting with "Name".

9.1.13. .spec.tls

Description: TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.
Type: array

9.1.14. .spec.tls[]

Description: IngressTLS describes the transport layer security associated with an Ingress.
Type: object

Property	Type	Description
`hosts`	`array (string)`	Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.
`secretName`	`string`	SecretName is the name of the secret used to terminate TLS traffic on port 443. Field is left optional to allow TLS routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing.

9.1.15. .status

Description: IngressStatus describe the current state of the Ingress.
Type: object

Property	Type	Description
`loadBalancer`	`LoadBalancerStatus`	LoadBalancer contains the current status of the load-balancer.

9.2. API endpoints

The following API endpoints are available:

/apis/networking.k8s.io/v1/ingresses
- GET: list or watch objects of kind Ingress
/apis/networking.k8s.io/v1/watch/ingresses
- GET: watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.
/apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses
- DELETE: delete collection of Ingress
- GET: list or watch objects of kind Ingress
- POST: create an Ingress
/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses
- GET: watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.
/apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}
- DELETE: delete an Ingress
- GET: read the specified Ingress
- PATCH: partially update the specified Ingress
- PUT: replace the specified Ingress
/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses/{name}
- GET: watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}/status
- GET: read status of the specified Ingress
- PATCH: partially update status of the specified Ingress
- PUT: replace status of the specified Ingress

9.2.1. /apis/networking.k8s.io/v1/ingresses

Table 9.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind Ingress

Table 9.2. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressList` schema
401 - Unauthorized	Empty

9.2.2. /apis/networking.k8s.io/v1/watch/ingresses

Table 9.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.

Table 9.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.3. /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses

Table 9.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 9.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of Ingress

Table 9.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 9.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 9.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind Ingress

Table 9.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 9.11. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an Ingress

Table 9.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.13. Body parameters
Parameter	Type	Description
`body`	`Ingress` schema

Table 9.14. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
201 - Created	`Ingress` schema
202 - Accepted	`Ingress` schema
401 - Unauthorized	Empty

9.2.4. /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses

Table 9.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 9.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Ingress. deprecated: use the 'watch' parameter with a list operation instead.

Table 9.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.5. /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}

Table 9.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Ingress
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 9.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an Ingress

Table 9.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 9.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 9.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified Ingress

Table 9.23. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified Ingress

Table 9.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 9.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 9.26. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
201 - Created	`Ingress` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified Ingress

Table 9.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.28. Body parameters
Parameter	Type	Description
`body`	`Ingress` schema

Table 9.29. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
201 - Created	`Ingress` schema
401 - Unauthorized	Empty

9.2.6. /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/ingresses/{name}

Table 9.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Ingress
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 9.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind Ingress. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 9.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.7. /apis/networking.k8s.io/v1/namespaces/{namespace}/ingresses/{name}/status

Table 9.33. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Ingress
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 9.34. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified Ingress

Table 9.35. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified Ingress

Table 9.36. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 9.37. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 9.38. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
201 - Created	`Ingress` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified Ingress

Table 9.39. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.40. Body parameters
Parameter	Type	Description
`body`	`Ingress` schema

Table 9.41. HTTP responses
HTTP code	Reponse body
200 - OK	`Ingress` schema
201 - Created	`Ingress` schema
401 - Unauthorized	Empty

Chapter 10. IngressClass [networking.k8s.io/v1]

Description: IngressClass represents the class of the Ingress, referenced by the Ingress Spec. The ingressclass.kubernetes.io/is-default-class annotation can be used to indicate that an IngressClass should be considered default. When a single IngressClass resource has this annotation set to true, new Ingress resources without a class specified will be assigned this default class.
Type: object

10.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	IngressClassSpec provides information about the class of an Ingress.

10.1.1. .spec

Description: IngressClassSpec provides information about the class of an Ingress.
Type: object

Property	Type	Description
`controller`	`string`	Controller refers to the name of the controller that should handle this class. This allows for different "flavors" that are controlled by the same controller. For example, you may have different Parameters for the same implementing controller. This should be specified as a domain-prefixed path no more than 250 characters in length, e.g. "acme.io/ingress-controller". This field is immutable.
`parameters`	`object`	IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.

10.1.2. .spec.parameters

Description

IngressClassParametersReference identifies an API object. This can be used to specify a cluster or namespace-scoped resource.

Type

object

Required

kind
name

Property	Type	Description
`apiGroup`	`string`	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
`kind`	`string`	Kind is the type of resource being referenced.
`name`	`string`	Name is the name of resource being referenced.
`namespace`	`string`	Namespace is the namespace of the resource being referenced. This field is required when scope is set to "Namespace" and must be unset when scope is set to "Cluster".
`scope`	`string`	Scope represents if this refers to a cluster or namespace scoped resource. This may be set to "Cluster" (default) or "Namespace".

10.2. API endpoints

The following API endpoints are available:

/apis/networking.k8s.io/v1/ingressclasses
- DELETE: delete collection of IngressClass
- GET: list or watch objects of kind IngressClass
- POST: create an IngressClass
/apis/networking.k8s.io/v1/watch/ingressclasses
- GET: watch individual changes to a list of IngressClass. deprecated: use the 'watch' parameter with a list operation instead.
/apis/networking.k8s.io/v1/ingressclasses/{name}
- DELETE: delete an IngressClass
- GET: read the specified IngressClass
- PATCH: partially update the specified IngressClass
- PUT: replace the specified IngressClass
/apis/networking.k8s.io/v1/watch/ingressclasses/{name}
- GET: watch changes to an object of kind IngressClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

10.2.1. /apis/networking.k8s.io/v1/ingressclasses

Table 10.1. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of IngressClass

Table 10.2. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 10.3. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 10.4. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind IngressClass

Table 10.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 10.6. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressClassList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an IngressClass

Table 10.7. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.8. Body parameters
Parameter	Type	Description
`body`	`IngressClass` schema

Table 10.9. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressClass` schema
201 - Created	`IngressClass` schema
202 - Accepted	`IngressClass` schema
401 - Unauthorized	Empty

10.2.2. /apis/networking.k8s.io/v1/watch/ingressclasses

Table 10.10. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of IngressClass. deprecated: use the 'watch' parameter with a list operation instead.

Table 10.11. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

10.2.3. /apis/networking.k8s.io/v1/ingressclasses/{name}

Table 10.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the IngressClass

Table 10.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an IngressClass

Table 10.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 10.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 10.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified IngressClass

Table 10.17. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressClass` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified IngressClass

Table 10.18. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 10.19. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 10.20. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressClass` schema
201 - Created	`IngressClass` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified IngressClass

Table 10.21. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.22. Body parameters
Parameter	Type	Description
`body`	`IngressClass` schema

Table 10.23. HTTP responses
HTTP code	Reponse body
200 - OK	`IngressClass` schema
201 - Created	`IngressClass` schema
401 - Unauthorized	Empty

10.2.4. /apis/networking.k8s.io/v1/watch/ingressclasses/{name}

Table 10.24. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the IngressClass

Table 10.25. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind IngressClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 10.26. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 11. IPPool [whereabouts.cni.cncf.io/v1alpha1]

Description: IPPool is the Schema for Whereabouts for IP address allocation
Type: object

11.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	IPPoolSpec defines the desired state of IPPool

11.1.1. .spec

Description

IPPoolSpec defines the desired state of IPPool

Type

object

Required

allocations
range

Property	Type	Description
`allocations`	`object`	Allocations is the set of allocated IPs for the given range. Its indices are a direct mapping to the IP with the same index/offset for the pool’s range.
`allocations{}`	`object`	IPAllocation represents metadata about the pod/container owner of a specific IP
`range`	`string`	Range is a RFC 4632/4291-style string that represents an IP address and prefix length in CIDR notation

11.1.2. .spec.allocations

Description: Allocations is the set of allocated IPs for the given range. Its indices are a direct mapping to the IP with the same index/offset for the pool’s range.
Type: object

11.1.3. .spec.allocations{}

Description

IPAllocation represents metadata about the pod/container owner of a specific IP

Type

object

Required

id

Property	Type	Description
`id`	`string`
`podref`	`string`

11.2. API endpoints

The following API endpoints are available:

/apis/whereabouts.cni.cncf.io/v1alpha1/ippools
- GET: list objects of kind IPPool
/apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/ippools
- DELETE: delete collection of IPPool
- GET: list objects of kind IPPool
- POST: create an IPPool
/apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/ippools/{name}
- DELETE: delete an IPPool
- GET: read the specified IPPool
- PATCH: partially update the specified IPPool
- PUT: replace the specified IPPool

11.2.1. /apis/whereabouts.cni.cncf.io/v1alpha1/ippools

Table 11.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind IPPool

Table 11.2. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPoolList` schema
401 - Unauthorized	Empty

11.2.2. /apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/ippools

Table 11.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 11.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of IPPool

Table 11.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 11.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind IPPool

Table 11.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 11.8. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPoolList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an IPPool

Table 11.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.10. Body parameters
Parameter	Type	Description
`body`	`IPPool` schema

Table 11.11. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPool` schema
201 - Created	`IPPool` schema
202 - Accepted	`IPPool` schema
401 - Unauthorized	Empty

11.2.3. /apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/ippools/{name}

Table 11.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the IPPool
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 11.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an IPPool

Table 11.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 11.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 11.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified IPPool

Table 11.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 11.18. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPool` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified IPPool

Table 11.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 11.21. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPool` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified IPPool

Table 11.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.23. Body parameters
Parameter	Type	Description
`body`	`IPPool` schema

Table 11.24. HTTP responses
HTTP code	Reponse body
200 - OK	`IPPool` schema
201 - Created	`IPPool` schema
401 - Unauthorized	Empty

Chapter 12. NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]

Description: NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec
Type: object

12.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	NetworkAttachmentDefinition spec defines the desired state of a network attachment

12.1.1. .spec

Description: NetworkAttachmentDefinition spec defines the desired state of a network attachment
Type: object

Property	Type	Description
`config`	`string`	NetworkAttachmentDefinition config is a JSON-formatted CNI configuration

12.2. API endpoints

The following API endpoints are available:

/apis/k8s.cni.cncf.io/v1/network-attachment-definitions
- GET: list objects of kind NetworkAttachmentDefinition
/apis/k8s.cni.cncf.io/v1/namespaces/{namespace}/network-attachment-definitions
- DELETE: delete collection of NetworkAttachmentDefinition
- GET: list objects of kind NetworkAttachmentDefinition
- POST: create a NetworkAttachmentDefinition
/apis/k8s.cni.cncf.io/v1/namespaces/{namespace}/network-attachment-definitions/{name}
- DELETE: delete a NetworkAttachmentDefinition
- GET: read the specified NetworkAttachmentDefinition
- PATCH: partially update the specified NetworkAttachmentDefinition
- PUT: replace the specified NetworkAttachmentDefinition

12.2.1. /apis/k8s.cni.cncf.io/v1/network-attachment-definitions

Table 12.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind NetworkAttachmentDefinition

Table 12.2. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinitionList` schema
401 - Unauthorized	Empty

12.2.2. /apis/k8s.cni.cncf.io/v1/namespaces/{namespace}/network-attachment-definitions

Table 12.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 12.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of NetworkAttachmentDefinition

Table 12.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 12.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind NetworkAttachmentDefinition

Table 12.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 12.8. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinitionList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a NetworkAttachmentDefinition

Table 12.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 12.10. Body parameters
Parameter	Type	Description
`body`	`NetworkAttachmentDefinition` schema

Table 12.11. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinition` schema
201 - Created	`NetworkAttachmentDefinition` schema
202 - Accepted	`NetworkAttachmentDefinition` schema
401 - Unauthorized	Empty

12.2.3. /apis/k8s.cni.cncf.io/v1/namespaces/{namespace}/network-attachment-definitions/{name}

Table 12.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the NetworkAttachmentDefinition
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 12.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a NetworkAttachmentDefinition

Table 12.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 12.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 12.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified NetworkAttachmentDefinition

Table 12.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 12.18. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinition` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified NetworkAttachmentDefinition

Table 12.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 12.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 12.21. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinition` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified NetworkAttachmentDefinition

Table 12.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 12.23. Body parameters
Parameter	Type	Description
`body`	`NetworkAttachmentDefinition` schema

Table 12.24. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkAttachmentDefinition` schema
201 - Created	`NetworkAttachmentDefinition` schema
401 - Unauthorized	Empty

Chapter 13. NetworkPolicy [networking.k8s.io/v1]

Description: NetworkPolicy describes what network traffic is allowed for a set of Pods
Type: object

13.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	NetworkPolicySpec provides the specification of a NetworkPolicy
`status`	`object`	NetworkPolicyStatus describe the current state of the NetworkPolicy.

13.1.1. .spec

Description

NetworkPolicySpec provides the specification of a NetworkPolicy

Type

object

Required

podSelector

Property	Type	Description
`egress`	`array`	List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8
`egress[]`	`object`	NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec’s podSelector. The traffic must match both ports and to. This type is beta-level in 1.8
`ingress`	`array`	List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)
`ingress[]`	`object`	NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The traffic must match both ports and from.
`podSelector`	`LabelSelector`	Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.
`policyTypes`	`array (string)`	List of rule types that the NetworkPolicy relates to. Valid options are ["Ingress"], ["Egress"], or ["Ingress", "Egress"]. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include "Egress" (since such a policy would not include an Egress section and would otherwise default to just [ "Ingress" ]). This field is beta-level in 1.8

13.1.2. .spec.egress

Description: List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8
Type: array

13.1.3. .spec.egress[]

Description: NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods matched by a NetworkPolicySpec’s podSelector. The traffic must match both ports and to. This type is beta-level in 1.8
Type: object

Property	Type	Description
`ports`	`array`	List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
`ports[]`	`object`	NetworkPolicyPort describes a port to allow traffic on
`to`	`array`	List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.
`to[]`	`object`	NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed

13.1.4. .spec.egress[].ports

Description: List of destination ports for outgoing traffic. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
Type: array

13.1.5. .spec.egress[].ports[]

Description: NetworkPolicyPort describes a port to allow traffic on
Type: object

Property	Type	Description
`endPort`	`integer`	If set, indicates that the range of ports from port to endPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
`port`	`IntOrString`	The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
`protocol`	`string`	The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

13.1.6. .spec.egress[].to

Description: List of destinations for outgoing traffic of pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all destinations (traffic not restricted by destination). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the to list.
Type: array

13.1.7. .spec.egress[].to[]

Description: NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed
Type: object

Property Type Description

ipBlock

object

IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The except entry describes CIDRs that should not be included within this rule.

namespaceSelector

LabelSelector

Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.

If PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.

podSelector

LabelSelector

This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.

If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy’s own Namespace.

13.1.8. .spec.egress[].to[].ipBlock

Description

IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The except entry describes CIDRs that should not be included within this rule.

Type

object

Required

cidr

Property	Type	Description
`cidr`	`string`	CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64"
`except`	`array (string)`	Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64" Except values will be rejected if they are outside the CIDR range

13.1.9. .spec.ingress

Description: List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default)
Type: array

13.1.10. .spec.ingress[]

Description: NetworkPolicyIngressRule describes a particular set of traffic that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The traffic must match both ports and from.
Type: object

Property	Type	Description
`from`	`array`	List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list.
`from[]`	`object`	NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed
`ports`	`array`	List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
`ports[]`	`object`	NetworkPolicyPort describes a port to allow traffic on

13.1.11. .spec.ingress[].from

Description: List of sources which should be able to access the pods selected for this rule. Items in this list are combined using a logical OR operation. If this field is empty or missing, this rule matches all sources (traffic not restricted by source). If this field is present and contains at least one item, this rule allows traffic only if the traffic matches at least one item in the from list.
Type: array

13.1.12. .spec.ingress[].from[]

Description: NetworkPolicyPeer describes a peer to allow traffic to/from. Only certain combinations of fields are allowed
Type: object

Property Type Description

ipBlock

object

IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The except entry describes CIDRs that should not be included within this rule.

namespaceSelector

LabelSelector

Selects Namespaces using cluster-scoped labels. This field follows standard label selector semantics; if present but empty, it selects all namespaces.

If PodSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.

podSelector

LabelSelector

This is a label selector which selects Pods. This field follows standard label selector semantics; if present but empty, it selects all pods.

If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects the Pods matching PodSelector in the Namespaces selected by NamespaceSelector. Otherwise it selects the Pods matching PodSelector in the policy’s own Namespace.

13.1.13. .spec.ingress[].from[].ipBlock

Description

IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec’s podSelector. The except entry describes CIDRs that should not be included within this rule.

Type

object

Required

cidr

Property	Type	Description
`cidr`	`string`	CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64"
`except`	`array (string)`	Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64" Except values will be rejected if they are outside the CIDR range

13.1.14. .spec.ingress[].ports

Description: List of ports which should be made accessible on the pods selected for this rule. Each item in this list is combined using a logical OR. If this field is empty or missing, this rule matches all ports (traffic not restricted by port). If this field is present and contains at least one item, then this rule allows traffic only if the traffic matches at least one port in the list.
Type: array

13.1.15. .spec.ingress[].ports[]

Description: NetworkPolicyPort describes a port to allow traffic on
Type: object

Property	Type	Description
`endPort`	`integer`	If set, indicates that the range of ports from port to endPort, inclusive, should be allowed by the policy. This field cannot be defined if the port field is not defined or if the port field is defined as a named (string) port. The endPort must be equal or greater than port.
`port`	`IntOrString`	The port on the given protocol. This can either be a numerical or named port on a pod. If this field is not provided, this matches all port names and numbers. If present, only traffic on the specified protocol AND port will be matched.
`protocol`	`string`	The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.

13.1.16. .status

Description: NetworkPolicyStatus describe the current state of the NetworkPolicy.
Type: object

Property	Type	Description
`conditions`	`array (Condition)`	Conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state

13.2. API endpoints

The following API endpoints are available:

/apis/networking.k8s.io/v1/networkpolicies
- GET: list or watch objects of kind NetworkPolicy
/apis/networking.k8s.io/v1/watch/networkpolicies
- GET: watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.
/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies
- DELETE: delete collection of NetworkPolicy
- GET: list or watch objects of kind NetworkPolicy
- POST: create a NetworkPolicy
/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies
- GET: watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.
/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}
- DELETE: delete a NetworkPolicy
- GET: read the specified NetworkPolicy
- PATCH: partially update the specified NetworkPolicy
- PUT: replace the specified NetworkPolicy
/apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies/{name}
- GET: watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status
- GET: read status of the specified NetworkPolicy
- PATCH: partially update status of the specified NetworkPolicy
- PUT: replace status of the specified NetworkPolicy

13.2.1. /apis/networking.k8s.io/v1/networkpolicies

Table 13.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind NetworkPolicy

Table 13.2. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicyList` schema
401 - Unauthorized	Empty

13.2.2. /apis/networking.k8s.io/v1/watch/networkpolicies

Table 13.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.

Table 13.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

13.2.3. /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies

Table 13.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 13.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of NetworkPolicy

Table 13.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 13.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 13.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind NetworkPolicy

Table 13.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 13.11. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicyList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a NetworkPolicy

Table 13.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 13.13. Body parameters
Parameter	Type	Description
`body`	`NetworkPolicy` schema

Table 13.14. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
201 - Created	`NetworkPolicy` schema
202 - Accepted	`NetworkPolicy` schema
401 - Unauthorized	Empty

13.2.4. /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies

Table 13.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 13.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead.

Table 13.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

13.2.5. /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}

Table 13.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the NetworkPolicy
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 13.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a NetworkPolicy

Table 13.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 13.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 13.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified NetworkPolicy

Table 13.23. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified NetworkPolicy

Table 13.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 13.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 13.26. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
201 - Created	`NetworkPolicy` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified NetworkPolicy

Table 13.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 13.28. Body parameters
Parameter	Type	Description
`body`	`NetworkPolicy` schema

Table 13.29. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
201 - Created	`NetworkPolicy` schema
401 - Unauthorized	Empty

13.2.6. /apis/networking.k8s.io/v1/watch/namespaces/{namespace}/networkpolicies/{name}

Table 13.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the NetworkPolicy
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 13.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind NetworkPolicy. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 13.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

13.2.7. /apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status

Table 13.33. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the NetworkPolicy
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 13.34. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified NetworkPolicy

Table 13.35. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified NetworkPolicy

Table 13.36. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 13.37. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 13.38. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
201 - Created	`NetworkPolicy` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified NetworkPolicy

Table 13.39. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 13.40. Body parameters
Parameter	Type	Description
`body`	`NetworkPolicy` schema

Table 13.41. HTTP responses
HTTP code	Reponse body
200 - OK	`NetworkPolicy` schema
201 - Created	`NetworkPolicy` schema
401 - Unauthorized	Empty

Chapter 14. OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]

Description

OverlappingRangeIPReservation is the Schema for the OverlappingRangeIPReservations API

Type

object

Required

spec

14.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	OverlappingRangeIPReservationSpec defines the desired state of OverlappingRangeIPReservation

14.1.1. .spec

Description

OverlappingRangeIPReservationSpec defines the desired state of OverlappingRangeIPReservation

Type

object

Required

containerid

Property	Type	Description
`containerid`	`string`
`podref`	`string`

14.2. API endpoints

The following API endpoints are available:

/apis/whereabouts.cni.cncf.io/v1alpha1/overlappingrangeipreservations
- GET: list objects of kind OverlappingRangeIPReservation
/apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/overlappingrangeipreservations
- DELETE: delete collection of OverlappingRangeIPReservation
- GET: list objects of kind OverlappingRangeIPReservation
- POST: create an OverlappingRangeIPReservation
/apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/overlappingrangeipreservations/{name}
- DELETE: delete an OverlappingRangeIPReservation
- GET: read the specified OverlappingRangeIPReservation
- PATCH: partially update the specified OverlappingRangeIPReservation
- PUT: replace the specified OverlappingRangeIPReservation

14.2.1. /apis/whereabouts.cni.cncf.io/v1alpha1/overlappingrangeipreservations

Table 14.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind OverlappingRangeIPReservation

Table 14.2. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservationList` schema
401 - Unauthorized	Empty

14.2.2. /apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/overlappingrangeipreservations

Table 14.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 14.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of OverlappingRangeIPReservation

Table 14.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 14.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind OverlappingRangeIPReservation

Table 14.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 14.8. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservationList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create an OverlappingRangeIPReservation

Table 14.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 14.10. Body parameters
Parameter	Type	Description
`body`	`OverlappingRangeIPReservation` schema

Table 14.11. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservation` schema
201 - Created	`OverlappingRangeIPReservation` schema
202 - Accepted	`OverlappingRangeIPReservation` schema
401 - Unauthorized	Empty

14.2.3. /apis/whereabouts.cni.cncf.io/v1alpha1/namespaces/{namespace}/overlappingrangeipreservations/{name}

Table 14.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the OverlappingRangeIPReservation
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 14.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete an OverlappingRangeIPReservation

Table 14.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 14.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 14.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified OverlappingRangeIPReservation

Table 14.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 14.18. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservation` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified OverlappingRangeIPReservation

Table 14.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 14.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 14.21. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservation` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified OverlappingRangeIPReservation

Table 14.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 14.23. Body parameters
Parameter	Type	Description
`body`	`OverlappingRangeIPReservation` schema

Table 14.24. HTTP responses
HTTP code	Reponse body
200 - OK	`OverlappingRangeIPReservation` schema
201 - Created	`OverlappingRangeIPReservation` schema
401 - Unauthorized	Empty

Chapter 15. PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]

Description

PodNetworkConnectivityCheck Compatibility level 4: No compatibility is provided, the API can change at any point for any reason. These capabilities should not be used by applications needing long term support.

Type

object

Required

spec

15.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	Spec defines the source and target of the connectivity check
`status`	`object`	Status contains the observed status of the connectivity check

15.1.1. .spec

Description

Spec defines the source and target of the connectivity check

Type

object

Required

sourcePod
targetEndpoint

Property	Type	Description
`sourcePod`	`string`	SourcePod names the pod from which the condition will be checked
`targetEndpoint`	`string`	EndpointAddress to check. A TCP address of the form host:port. Note that if host is a DNS name, then the check would fail if the DNS name cannot be resolved. Specify an IP address for host to bypass DNS name lookup.
`tlsClientCert`	`object`	TLSClientCert, if specified, references a kubernetes.io/tls type secret with 'tls.crt' and 'tls.key' entries containing an optional TLS client certificate and key to be used when checking endpoints that require a client certificate in order to gracefully preform the scan without causing excessive logging in the endpoint process. The secret must exist in the same namespace as this resource.

15.1.2. .spec.tlsClientCert

Description

TLSClientCert, if specified, references a kubernetes.io/tls type secret with 'tls.crt' and 'tls.key' entries containing an optional TLS client certificate and key to be used when checking endpoints that require a client certificate in order to gracefully preform the scan without causing excessive logging in the endpoint process. The secret must exist in the same namespace as this resource.

Type

object

Required

name

Property	Type	Description
`name`	`string`	name is the metadata.name of the referenced secret

15.1.3. .status

Description: Status contains the observed status of the connectivity check
Type: object

Property	Type	Description
`conditions`	`array`	Conditions summarize the status of the check
`conditions[]`	`object`	PodNetworkConnectivityCheckCondition represents the overall status of the pod network connectivity.
`failures`	`array`	Failures contains logs of unsuccessful check actions
`failures[]`	`object`	LogEntry records events
`outages`	`array`	Outages contains logs of time periods of outages
`outages[]`	`object`	OutageEntry records time period of an outage
`successes`	`array`	Successes contains logs successful check actions
`successes[]`	`object`	LogEntry records events

15.1.4. .status.conditions

Description: Conditions summarize the status of the check
Type: array

15.1.5. .status.conditions[]

Description

PodNetworkConnectivityCheckCondition represents the overall status of the pod network connectivity.

Type

object

Required

status
type

Property	Type	Description
`lastTransitionTime`	``	Last time the condition transitioned from one status to another.
`message`	`string`	Message indicating details about last transition in a human readable format.
`reason`	`string`	Reason for the condition’s last status transition in a machine readable format.
`status`	`string`	Status of the condition
`type`	`string`	Type of the condition

15.1.6. .status.failures

Description: Failures contains logs of unsuccessful check actions
Type: array

15.1.7. .status.failures[]

Description

LogEntry records events

Type

object

Required

success

Property	Type	Description
`latency`	``	Latency records how long the action mentioned in the entry took.
`message`	`string`	Message explaining status in a human readable format.
`reason`	`string`	Reason for status in a machine readable format.
`success`	`boolean`	Success indicates if the log entry indicates a success or failure.
`time`	``	Start time of check action.

15.1.8. .status.outages

Description: Outages contains logs of time periods of outages
Type: array

15.1.9. .status.outages[]

Description: OutageEntry records time period of an outage
Type: object

Property	Type	Description
`end`	``	End of outage detected
`endLogs`	`array`	EndLogs contains log entries related to the end of this outage. Should contain the success entry that resolved the outage and possibly a few of the failure log entries that preceded it.
`endLogs[]`	`object`	LogEntry records events
`message`	`string`	Message summarizes outage details in a human readable format.
`start`	``	Start of outage detected
`startLogs`	`array`	StartLogs contains log entries related to the start of this outage. Should contain the original failure, any entries where the failure mode changed.
`startLogs[]`	`object`	LogEntry records events

15.1.10. .status.outages[].endLogs

Description: EndLogs contains log entries related to the end of this outage. Should contain the success entry that resolved the outage and possibly a few of the failure log entries that preceded it.
Type: array

15.1.11. .status.outages[].endLogs[]

Description

LogEntry records events

Type

object

Required

success

Property	Type	Description
`latency`	``	Latency records how long the action mentioned in the entry took.
`message`	`string`	Message explaining status in a human readable format.
`reason`	`string`	Reason for status in a machine readable format.
`success`	`boolean`	Success indicates if the log entry indicates a success or failure.
`time`	``	Start time of check action.

15.1.12. .status.outages[].startLogs

Description: StartLogs contains log entries related to the start of this outage. Should contain the original failure, any entries where the failure mode changed.
Type: array

15.1.13. .status.outages[].startLogs[]

Description

LogEntry records events

Type

object

Required

success

Property	Type	Description
`latency`	``	Latency records how long the action mentioned in the entry took.
`message`	`string`	Message explaining status in a human readable format.
`reason`	`string`	Reason for status in a machine readable format.
`success`	`boolean`	Success indicates if the log entry indicates a success or failure.
`time`	``	Start time of check action.

15.1.14. .status.successes

Description: Successes contains logs successful check actions
Type: array

15.1.15. .status.successes[]

Description

LogEntry records events

Type

object

Required

success

Property	Type	Description
`latency`	``	Latency records how long the action mentioned in the entry took.
`message`	`string`	Message explaining status in a human readable format.
`reason`	`string`	Reason for status in a machine readable format.
`success`	`boolean`	Success indicates if the log entry indicates a success or failure.
`time`	``	Start time of check action.

15.2. API endpoints

The following API endpoints are available:

/apis/controlplane.operator.openshift.io/v1alpha1/podnetworkconnectivitychecks
- GET: list objects of kind PodNetworkConnectivityCheck
/apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks
- DELETE: delete collection of PodNetworkConnectivityCheck
- GET: list objects of kind PodNetworkConnectivityCheck
- POST: create a PodNetworkConnectivityCheck
/apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks/{name}
- DELETE: delete a PodNetworkConnectivityCheck
- GET: read the specified PodNetworkConnectivityCheck
- PATCH: partially update the specified PodNetworkConnectivityCheck
- PUT: replace the specified PodNetworkConnectivityCheck
/apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks/{name}/status
- GET: read status of the specified PodNetworkConnectivityCheck
- PATCH: partially update status of the specified PodNetworkConnectivityCheck
- PUT: replace status of the specified PodNetworkConnectivityCheck

15.2.1. /apis/controlplane.operator.openshift.io/v1alpha1/podnetworkconnectivitychecks

Table 15.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list objects of kind PodNetworkConnectivityCheck

Table 15.2. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheckList` schema
401 - Unauthorized	Empty

15.2.2. /apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks

Table 15.3. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 15.4. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of PodNetworkConnectivityCheck

Table 15.5. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 15.6. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list objects of kind PodNetworkConnectivityCheck

Table 15.7. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 15.8. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheckList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a PodNetworkConnectivityCheck

Table 15.9. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 15.10. Body parameters
Parameter	Type	Description
`body`	`PodNetworkConnectivityCheck` schema

Table 15.11. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
201 - Created	`PodNetworkConnectivityCheck` schema
202 - Accepted	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

15.2.3. /apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks/{name}

Table 15.12. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the PodNetworkConnectivityCheck
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 15.13. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a PodNetworkConnectivityCheck

Table 15.14. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 15.15. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 15.16. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified PodNetworkConnectivityCheck

Table 15.17. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 15.18. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified PodNetworkConnectivityCheck

Table 15.19. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 15.20. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 15.21. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified PodNetworkConnectivityCheck

Table 15.22. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 15.23. Body parameters
Parameter	Type	Description
`body`	`PodNetworkConnectivityCheck` schema

Table 15.24. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
201 - Created	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

15.2.4. /apis/controlplane.operator.openshift.io/v1alpha1/namespaces/{namespace}/podnetworkconnectivitychecks/{name}/status

Table 15.25. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the PodNetworkConnectivityCheck
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 15.26. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified PodNetworkConnectivityCheck

Table 15.27. Query parameters
Parameter	Type	Description
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset

Table 15.28. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified PodNetworkConnectivityCheck

Table 15.29. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 15.30. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 15.31. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified PodNetworkConnectivityCheck

Table 15.32. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 15.33. Body parameters
Parameter	Type	Description
`body`	`PodNetworkConnectivityCheck` schema

Table 15.34. HTTP responses
HTTP code	Reponse body
200 - OK	`PodNetworkConnectivityCheck` schema
201 - Created	`PodNetworkConnectivityCheck` schema
401 - Unauthorized	Empty

Chapter 16. Route [route.openshift.io/v1]

Description

A route allows developers to expose services through an HTTP(S) aware load balancing and proxy layer via a public DNS entry. The route may further specify TLS options and a certificate, or specify a public CNAME that the router should also accept for HTTP and HTTPS traffic. An administrator typically configures their router to be visible outside the cluster firewall, and may also add additional security, caching, or traffic controls on the service content. Routers usually talk directly to the service endpoints.

Once a route is created, the host field may not be changed. Generally, routers use the oldest route with a given host when resolving conflicts.

Routers are subject to additional customization and may support additional controls via the annotations field.

Because administrators may configure multiple routers, the route status field is used to return information to clients about the names and states of the route under each router. If a client chooses a duplicate name, for instance, the route status conditions are used to indicate the route cannot be chosen.

To enable HTTP/2 ALPN on a route it requires a custom (non-wildcard) certificate. This prevents connection coalescing by clients, notably web browsers. We do not support HTTP/2 ALPN on routes that use the default certificate because of the risk of connection re-use/coalescing. Routes that do not have their own custom certificate will not be HTTP/2 ALPN-enabled on either the frontend or the backend.

Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).

Type

object

Required

spec

16.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`
`spec`	`object`	RouteSpec describes the hostname or path the route exposes, any security information, and one to four backends (services) the route points to. Requests are distributed among the backends depending on the weights assigned to each backend. When using roundrobin scheduling the portion of requests that go to each backend is the backend weight divided by the sum of all of the backend weights. When the backend has more than one endpoint the requests that end up on the backend are roundrobin distributed among the endpoints. Weights are between 0 and 256 with default 100. Weight 0 causes no requests to the backend. If all weights are zero the route will be considered to have no backends and return a standard 503 response. The `tls` field is optional and allows specific certificates or behavior for the route. Routers typically configure a default certificate on a wildcard domain to terminate routes without explicit certificates, but custom hostnames usually must choose passthrough (send traffic directly to the backend via the TLS Server-Name- Indication field) or provide a certificate.
`status`	`object`	RouteStatus provides relevant info about the status of a route, including which routers acknowledge it.

16.1.1. .spec

Description

RouteSpec describes the hostname or path the route exposes, any security information, and one to four backends (services) the route points to. Requests are distributed among the backends depending on the weights assigned to each backend. When using roundrobin scheduling the portion of requests that go to each backend is the backend weight divided by the sum of all of the backend weights. When the backend has more than one endpoint the requests that end up on the backend are roundrobin distributed among the endpoints. Weights are between 0 and 256 with default 100. Weight 0 causes no requests to the backend. If all weights are zero the route will be considered to have no backends and return a standard 503 response.

The tls field is optional and allows specific certificates or behavior for the route. Routers typically configure a default certificate on a wildcard domain to terminate routes without explicit certificates, but custom hostnames usually must choose passthrough (send traffic directly to the backend via the TLS Server-Name- Indication field) or provide a certificate.

Type

object

Required

to

Property	Type	Description
`alternateBackends`	`array`	alternateBackends allows up to 3 additional backends to be assigned to the route. Only the Service kind is allowed, and it will be defaulted to Service. Use the weight field in RouteTargetReference object to specify relative preference.
`alternateBackends[]`	`object`	RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.
`host`	`string`	host is an alias/DNS that points to the service. Optional. If not specified a route name will typically be automatically chosen. Must follow DNS952 subdomain conventions.
`path`	`string`	path that the router watches for, to route traffic for to the service. Optional
`port`	`object`	RoutePort defines a port mapping from a router to an endpoint in the service endpoints.
`subdomain`	`string`	subdomain is a DNS subdomain that is requested within the ingress controller’s domain (as a subdomain). If host is set this field is ignored. An ingress controller may choose to ignore this suggested name, in which case the controller will report the assigned name in the status.ingress array or refuse to admit the route. If this value is set and the server does not support this field host will be populated automatically. Otherwise host is left empty. The field may have multiple parts separated by a dot, but not all ingress controllers may honor the request. This field may not be changed after creation except by a user with the update routes/custom-host permission. Example: subdomain `frontend` automatically receives the router subdomain `apps.mycluster.com` to have a full hostname `frontend.apps.mycluster.com`.
`tls`	`object`	TLSConfig defines config used to secure a route and provide termination
`to`	`object`	RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.
`wildcardPolicy`	`string`	Wildcard policy if any for the route. Currently only 'Subdomain' or 'None' is allowed.

16.1.2. .spec.alternateBackends

Description: alternateBackends allows up to 3 additional backends to be assigned to the route. Only the Service kind is allowed, and it will be defaulted to Service. Use the weight field in RouteTargetReference object to specify relative preference.
Type: array

16.1.3. .spec.alternateBackends[]

Description

RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.

Type

object

Required

kind
name

Property	Type	Description
`kind`	`string`	The kind of target that the route is referring to. Currently, only 'Service' is allowed
`name`	`string`	name of the service/target that is being referred to. e.g. name of the service
`weight`	`integer`	weight as an integer between 0 and 256, default 100, that specifies the target’s relative weight against other target reference objects. 0 suppresses requests to this backend.

16.1.4. .spec.port

Description

RoutePort defines a port mapping from a router to an endpoint in the service endpoints.

Type

object

Required

targetPort

Property	Type	Description
`targetPort`	`IntOrString`	The target port on pods selected by the service this route points to. If this is a string, it will be looked up as a named port in the target endpoints port list. Required

16.1.5. .spec.tls

Description

TLSConfig defines config used to secure a route and provide termination

Type

object

Required

termination

Property	Type	Description
`caCertificate`	`string`	caCertificate provides the cert authority certificate contents
`certificate`	`string`	certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
`destinationCACertificate`	`string`	destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
`insecureEdgeTerminationPolicy`	`string`	insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
`key`	`string`	key provides key file contents
`termination`	`string`	termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend

16.1.6. .spec.to

Description

RouteTargetReference specifies the target that resolve into endpoints. Only the 'Service' kind is allowed. Use 'weight' field to emphasize one over others.

Type

object

Required

kind
name

Property	Type	Description
`kind`	`string`	The kind of target that the route is referring to. Currently, only 'Service' is allowed
`name`	`string`	name of the service/target that is being referred to. e.g. name of the service
`weight`	`integer`	weight as an integer between 0 and 256, default 100, that specifies the target’s relative weight against other target reference objects. 0 suppresses requests to this backend.

16.1.7. .status

Description: RouteStatus provides relevant info about the status of a route, including which routers acknowledge it.
Type: object

Property	Type	Description
`ingress`	`array`	ingress describes the places where the route may be exposed. The list of ingress points may contain duplicate Host or RouterName values. Routes are considered live once they are `Ready`
`ingress[]`	`object`	RouteIngress holds information about the places where a route is exposed.

16.1.8. .status.ingress

Description: ingress describes the places where the route may be exposed. The list of ingress points may contain duplicate Host or RouterName values. Routes are considered live once they are Ready
Type: array

16.1.9. .status.ingress[]

Description: RouteIngress holds information about the places where a route is exposed.
Type: object

Property	Type	Description
`conditions`	`array`	Conditions is the state of the route, may be empty.
`conditions[]`	`object`	RouteIngressCondition contains details for the current condition of this route on a particular router.
`host`	`string`	Host is the host string under which the route is exposed; this value is required
`routerCanonicalHostname`	`string`	CanonicalHostname is the external host name for the router that can be used as a CNAME for the host requested for this route. This value is optional and may not be set in all cases.
`routerName`	`string`	Name is a name chosen by the router to identify itself; this value is required
`wildcardPolicy`	`string`	Wildcard policy is the wildcard policy that was allowed where this route is exposed.

16.1.10. .status.ingress[].conditions

Description: Conditions is the state of the route, may be empty.
Type: array

16.1.11. .status.ingress[].conditions[]

Description

RouteIngressCondition contains details for the current condition of this route on a particular router.

Type

object

Required

type
status

Property	Type	Description
`lastTransitionTime`	`Time`	RFC 3339 date and time when this condition last transitioned
`message`	`string`	Human readable message indicating details about last transition.
`reason`	`string`	(brief) reason for the condition’s last transition, and is usually a machine and human readable constant
`status`	`string`	Status is the status of the condition. Can be True, False, Unknown.
`type`	`string`	Type is the type of the condition. Currently only Admitted.

16.2. API endpoints

The following API endpoints are available:

/apis/route.openshift.io/v1/routes
- GET: list or watch objects of kind Route
/apis/route.openshift.io/v1/watch/routes
- GET: watch individual changes to a list of Route. deprecated: use the 'watch' parameter with a list operation instead.
/apis/route.openshift.io/v1/namespaces/{namespace}/routes
- DELETE: delete collection of Route
- GET: list or watch objects of kind Route
- POST: create a Route
/apis/route.openshift.io/v1/watch/namespaces/{namespace}/routes
- GET: watch individual changes to a list of Route. deprecated: use the 'watch' parameter with a list operation instead.
/apis/route.openshift.io/v1/namespaces/{namespace}/routes/{name}
- DELETE: delete a Route
- GET: read the specified Route
- PATCH: partially update the specified Route
- PUT: replace the specified Route
/apis/route.openshift.io/v1/watch/namespaces/{namespace}/routes/{name}
- GET: watch changes to an object of kind Route. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/route.openshift.io/v1/namespaces/{namespace}/routes/{name}/status
- GET: read status of the specified Route
- PATCH: partially update status of the specified Route
- PUT: replace status of the specified Route

16.2.1. /apis/route.openshift.io/v1/routes

Table 16.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind Route

Table 16.2. HTTP responses
HTTP code	Reponse body
200 - OK	`RouteList` schema
401 - Unauthorized	Empty

16.2.2. /apis/route.openshift.io/v1/watch/routes

Table 16.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Route. deprecated: use the 'watch' parameter with a list operation instead.

Table 16.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

16.2.3. /apis/route.openshift.io/v1/namespaces/{namespace}/routes

Table 16.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 16.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of Route

Table 16.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 16.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 16.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind Route

Table 16.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 16.11. HTTP responses
HTTP code	Reponse body
200 - OK	`RouteList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a Route

Table 16.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 16.13. Body parameters
Parameter	Type	Description
`body`	`Route` schema

Table 16.14. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
201 - Created	`Route` schema
202 - Accepted	`Route` schema
401 - Unauthorized	Empty

16.2.4. /apis/route.openshift.io/v1/watch/namespaces/{namespace}/routes

Table 16.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 16.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Route. deprecated: use the 'watch' parameter with a list operation instead.

Table 16.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

16.2.5. /apis/route.openshift.io/v1/namespaces/{namespace}/routes/{name}

Table 16.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Route
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 16.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a Route

Table 16.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 16.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 16.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified Route

Table 16.23. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified Route

Table 16.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 16.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 16.26. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
201 - Created	`Route` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified Route

Table 16.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 16.28. Body parameters
Parameter	Type	Description
`body`	`Route` schema

Table 16.29. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
201 - Created	`Route` schema
401 - Unauthorized	Empty

16.2.6. /apis/route.openshift.io/v1/watch/namespaces/{namespace}/routes/{name}

Table 16.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Route
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 16.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind Route. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 16.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

16.2.7. /apis/route.openshift.io/v1/namespaces/{namespace}/routes/{name}/status

Table 16.33. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Route
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 16.34. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified Route

Table 16.35. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified Route

Table 16.36. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 16.37. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 16.38. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
201 - Created	`Route` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified Route

Table 16.39. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 16.40. Body parameters
Parameter	Type	Description
`body`	`Route` schema

Table 16.41. HTTP responses
HTTP code	Reponse body
200 - OK	`Route` schema
201 - Created	`Route` schema
401 - Unauthorized	Empty

Chapter 17. Service [v1]

Description: Service is a named abstraction of software service (for example, mysql) consisting of local port (for example 3306) that the proxy listens on, and the selector that determines which pods will answer requests sent through the proxy.
Type: object

17.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	ServiceSpec describes the attributes that a user creates on a service.
`status`	`object`	ServiceStatus represents the current status of a service.

17.1.1. .spec

Description: ServiceSpec describes the attributes that a user creates on a service.
Type: object

Property	Type	Description
`allocateLoadBalancerNodePorts`	`boolean`	allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer. Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts. If the caller requests specific NodePorts (by specifying a value), those requests will be respected, regardless of this field. This field may only be set for services with type LoadBalancer and will be cleared if the type is changed to any other type.
`clusterIP`	`string`	clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be blank) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
`clusterIPs`	`array (string)`	ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service will fail. This field may not be changed through updates unless the type field is also being changed to ExternalName (which requires this field to be empty) or the type field is being changed from ExternalName (in which case this field may optionally be specified, as describe above). Valid values are "None", empty string (""), or a valid IP address. Setting this to "None" makes a "headless service" (no virtual IP), which is useful when direct endpoint connections are preferred and proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. If this field is specified when creating a Service of type ExternalName, creation will fail. This field will be wiped when updating a Service to type ExternalName. If this field is not specified, it will be initialized from the clusterIP field. If this field is specified, clients must ensure that clusterIPs[0] and clusterIP have the same value. This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
`externalIPs`	`array (string)`	externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.
`externalName`	`string`	externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved. Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requires `type` to be "ExternalName".
`externalTrafficPolicy`	`string`	externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service’s "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node. Possible enum values: - `"Cluster"` routes traffic to all endpoints. - `"Local"` preserves the source IP of the traffic by routing only to endpoints on the same node as the traffic was received on (dropping the traffic if there are no local endpoints).
`healthCheckNodePort`	`integer`	healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used. If not specified, a value will be automatically allocated. External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.
`internalTrafficPolicy`	`string`	InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).
`ipFamilies`	`array (string)`	IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is available in the cluster, and ipFamilyPolicy allows it, it will be used; otherwise creation of the service will fail. This field is conditionally mutable: it allows for adding or removing a secondary IP family, but it does not allow changing the primary IP family of the Service. Valid values are "IPv4" and "IPv6". This field only applies to Services of types ClusterIP, NodePort, and LoadBalancer, and does apply to "headless" services. This field will be wiped when updating a Service to type ExternalName. This field may hold a maximum of two entries (dual-stack families, in either order). These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.
`ipFamilyPolicy`	`string`	IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on dual-stack configured clusters or a single IP family on single-stack clusters), or "RequireDualStack" (two IP families on dual-stack configured clusters, otherwise fail). The ipFamilies and clusterIPs fields depend on the value of this field. This field will be wiped when updating a service to type ExternalName.
`loadBalancerClass`	`string`	loadBalancerClass is the class of the load balancer implementation this Service belongs to. If specified, the value of this field must be a label-style identifier, with an optional prefix, e.g. "internal-vip" or "example.com/internal-vip". Unprefixed names are reserved for end-users. This field can only be set when the Service type is 'LoadBalancer'. If not set, the default load balancer implementation is used, today this is typically done through the cloud provider integration, but should apply for any default implementation. If set, it is assumed that a load balancer implementation is watching for Services with a matching class. Any default load balancer implementation (e.g. cloud providers) should ignore Services that set this field. This field can only be set when creating or updating a Service to type 'LoadBalancer'. Once set, it can not be changed. This field will be wiped when a service is updated to a non 'LoadBalancer' type.
`loadBalancerIP`	`string`	Only applies to Service Type: LoadBalancer. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature. Deprecated: This field was under-specified and its meaning varies across implementations, and it cannot support dual-stack. As of Kubernetes v1.24, users are encouraged to use implementation-specific annotations when available. This field may be removed in a future API version.
`loadBalancerSourceRanges`	`array (string)`	If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
`ports`	`array`	The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
`ports[]`	`object`	ServicePort contains information on service’s port.
`publishNotReadyAddresses`	`boolean`	publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet’s Headless Service to propagate SRV DNS records for its Pods for the purpose of peer discovery. The Kubernetes controllers that generate Endpoints and EndpointSlice resources for Services interpret this to mean that all endpoints are considered "ready" even if the Pods themselves are not. Agents which consume only Kubernetes generated endpoints through the Endpoints or EndpointSlice resources can safely assume this behavior.
`selector`	`object (string)`	Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName. More info: https://kubernetes.io/docs/concepts/services-networking/service/
`sessionAffinity`	`string`	Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies Possible enum values: - `"ClientIP"` is the Client IP based. - `"None"` - no session affinity.
`sessionAffinityConfig`	`object`	SessionAffinityConfig represents the configurations of session affinity.
`type`	`string`	type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object or EndpointSlice objects. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a virtual IP. "NodePort" builds on ClusterIP and allocates a port on every node which routes to the same endpoints as the clusterIP. "LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the same endpoints as the clusterIP. "ExternalName" aliases this service to the specified externalName. Several other fields do not apply to ExternalName services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types Possible enum values: - `"ClusterIP"` means a service will only be accessible inside the cluster, via the cluster IP. - `"ExternalName"` means a service consists of only a reference to an external name that kubedns or equivalent will return as a CNAME record, with no exposing or proxying of any pods involved. - `"LoadBalancer"` means a service will be exposed via an external load balancer (if the cloud provider supports it), in addition to 'NodePort' type. - `"NodePort"` means a service will be exposed on one port of every node, in addition to 'ClusterIP' type.

17.1.2. .spec.ports

Description: The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
Type: array

17.1.3. .spec.ports[]

Description

ServicePort contains information on service’s port.

Type

object

Required

port

Property	Type	Description
`appProtocol`	`string`	The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and https://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol.
`name`	`string`	The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one ServicePort is defined on this service.
`nodePort`	`integer`	The port on each node on which this service is exposed when type is NodePort or LoadBalancer. Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail. If not specified, a port will be allocated if this Service requires one. If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type from NodePort to ClusterIP). More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
`port`	`integer`	The port that will be exposed by this service.
`protocol`	`string`	The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default is TCP. Possible enum values: - `"SCTP"` is the SCTP protocol. - `"TCP"` is the TCP protocol. - `"UDP"` is the UDP protocol.
`targetPort`	`IntOrString`	Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod’s container ports. If this is not specified, the value of the 'port' field is used (an identity map). This field is ignored for services with clusterIP=None, and should be omitted or set equal to the 'port' field. More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service

17.1.4. .spec.sessionAffinityConfig

Description: SessionAffinityConfig represents the configurations of session affinity.
Type: object

Property	Type	Description
`clientIP`	`object`	ClientIPConfig represents the configurations of Client IP based session affinity.

17.1.5. .spec.sessionAffinityConfig.clientIP

Description: ClientIPConfig represents the configurations of Client IP based session affinity.
Type: object

Property	Type	Description
`timeoutSeconds`	`integer`	timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && ⇐86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours).

17.1.6. .status

Description: ServiceStatus represents the current status of a service.
Type: object

Property	Type	Description
`conditions`	`array (Condition)`	Current service state
`loadBalancer`	`object`	LoadBalancerStatus represents the status of a load-balancer.

17.1.7. .status.loadBalancer

Description: LoadBalancerStatus represents the status of a load-balancer.
Type: object

Property	Type	Description
`ingress`	`array`	Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.
`ingress[]`	`object`	LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.

17.1.8. .status.loadBalancer.ingress

Description: Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.
Type: array

17.1.9. .status.loadBalancer.ingress[]

Description: LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.
Type: object

Property	Type	Description
`hostname`	`string`	Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)
`ip`	`string`	IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)
`ports`	`array`	Ports is a list of records of service ports If used, every port defined in the service should have an entry in it
`ports[]`	`object`

17.1.10. .status.loadBalancer.ingress[].ports

Description: Ports is a list of records of service ports If used, every port defined in the service should have an entry in it
Type: array

17.1.11. .status.loadBalancer.ingress[].ports[]

Description

Type

object

Required

port
protocol

Property Type Description

error

string

Error is to record the problem with the service port The format of the error shall comply with the following rules: - built-in error values shall be specified in this file and those shall use CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase.

port

integer

Port is the port number of the service port of which status is recorded here

protocol

string

Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP"

Possible enum values: - "SCTP" is the SCTP protocol. - "TCP" is the TCP protocol. - "UDP" is the UDP protocol.

17.2. API endpoints

The following API endpoints are available:

/api/v1/services
- GET: list or watch objects of kind Service
/api/v1/watch/services
- GET: watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/services
- DELETE: delete collection of Service
- GET: list or watch objects of kind Service
- POST: create a Service
/api/v1/watch/namespaces/{namespace}/services
- GET: watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/services/{name}
- DELETE: delete a Service
- GET: read the specified Service
- PATCH: partially update the specified Service
- PUT: replace the specified Service
/api/v1/watch/namespaces/{namespace}/services/{name}
- GET: watch changes to an object of kind Service. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/api/v1/namespaces/{namespace}/services/{name}/status
- GET: read status of the specified Service
- PATCH: partially update status of the specified Service
- PUT: replace status of the specified Service

17.2.1. /api/v1/services

Table 17.1. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: list or watch objects of kind Service

Table 17.2. HTTP responses
HTTP code	Reponse body
200 - OK	`ServiceList` schema
401 - Unauthorized	Empty

17.2.2. /api/v1/watch/services

Table 17.3. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.

Table 17.4. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

17.2.3. /api/v1/namespaces/{namespace}/services

Table 17.5. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 17.6. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete collection of Service

Table 17.7. Query parameters
Parameter	Type	Description
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 17.8. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 17.9. HTTP responses
HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind Service

Table 17.10. Query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 17.11. HTTP responses
HTTP code	Reponse body
200 - OK	`ServiceList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a Service

Table 17.12. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 17.13. Body parameters
Parameter	Type	Description
`body`	`Service` schema

Table 17.14. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
201 - Created	`Service` schema
202 - Accepted	`Service` schema
401 - Unauthorized	Empty

17.2.4. /api/v1/watch/namespaces/{namespace}/services

Table 17.15. Global path parameters
Parameter	Type	Description
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 17.16. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch individual changes to a list of Service. deprecated: use the 'watch' parameter with a list operation instead.

Table 17.17. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

17.2.5. /api/v1/namespaces/{namespace}/services/{name}

Table 17.18. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Service
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 17.19. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: DELETE
Description: delete a Service

Table 17.20. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`gracePeriodSeconds`	`integer`	The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.
`orphanDependents`	`boolean`	Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object’s finalizers list. Either this field or PropagationPolicy may be set, but not both.
`propagationPolicy`	`string`	Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 17.21. Body parameters
Parameter	Type	Description
`body`	`DeleteOptions` schema

Table 17.22. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
202 - Accepted	`Service` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified Service

Table 17.23. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified Service

Table 17.24. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 17.25. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 17.26. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
201 - Created	`Service` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified Service

Table 17.27. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 17.28. Body parameters
Parameter	Type	Description
`body`	`Service` schema

Table 17.29. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
201 - Created	`Service` schema
401 - Unauthorized	Empty

17.2.6. /api/v1/watch/namespaces/{namespace}/services/{name}

Table 17.30. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Service
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 17.31. Global query parameters
Parameter	Type	Description
`allowWatchBookmarks`	`boolean`	allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server’s discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.
`continue`	`string`	The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.
`fieldSelector`	`string`	A selector to restrict the list of returned objects by their fields. Defaults to everything.
`labelSelector`	`string`	A selector to restrict the list of returned objects by their labels. Defaults to everything.
`limit`	`integer`	limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.
`pretty`	`string`	If 'true', then the output is pretty printed.
`resourceVersion`	`string`	resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`resourceVersionMatch`	`string`	resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. Defaults to unset
`timeoutSeconds`	`integer`	Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.
`watch`	`boolean`	Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method: GET
Description: watch changes to an object of kind Service. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 17.32. HTTP responses
HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

17.2.7. /api/v1/namespaces/{namespace}/services/{name}/status

Table 17.33. Global path parameters
Parameter	Type	Description
`name`	`string`	name of the Service
`namespace`	`string`	object name and auth scope, such as for teams and projects

Table 17.34. Global query parameters
Parameter	Type	Description
`pretty`	`string`	If 'true', then the output is pretty printed.

HTTP method: GET
Description: read status of the specified Service

Table 17.35. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified Service

Table 17.36. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.
`force`	`boolean`	Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 17.37. Body parameters
Parameter	Type	Description
`body`	`Patch` schema

Table 17.38. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
201 - Created	`Service` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified Service

Table 17.39. Query parameters
Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldManager`	`string`	fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 17.40. Body parameters
Parameter	Type	Description
`body`	`Service` schema

Table 17.41. HTTP responses
HTTP code	Reponse body
200 - OK	`Service` schema
201 - Created	`Service` schema
401 - Unauthorized	Empty

Reference guide for network APIs

Chapter 1. Network APIs

1.1. CloudPrivateIPConfig [cloud.network.openshift.io/v1]

1.2. EgressFirewall [k8s.ovn.org/v1]

1.3. EgressIP [k8s.ovn.org/v1]

1.4. EgressQoS [k8s.ovn.org/v1]

1.5. Endpoints [v1]

1.6. EndpointSlice [discovery.k8s.io/v1]

1.7. EgressRouter [network.operator.openshift.io/v1]

1.8. Ingress [networking.k8s.io/v1]

1.9. IngressClass [networking.k8s.io/v1]

1.10. IPPool [whereabouts.cni.cncf.io/v1alpha1]

1.11. NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]

1.12. NetworkPolicy [networking.k8s.io/v1]

1.13. OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]

1.14. PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]

1.15. Route [route.openshift.io/v1]

1.16. Service [v1]

Chapter 2. CloudPrivateIPConfig [cloud.network.openshift.io/v1]

2.1. Specification

2.1.1. .spec

2.1.2. .status

2.1.3. .status.conditions

2.1.4. .status.conditions[]

2.2. API endpoints

2.2.1. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs

2.2.2. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}

2.2.3. /apis/cloud.network.openshift.io/v1/cloudprivateipconfigs/{name}/status

Chapter 3. EgressFirewall [k8s.ovn.org/v1]

3.1. Specification

3.1.1. .spec

3.1.2. .spec.egress

3.1.3. .spec.egress[]

3.1.4. .spec.egress[].ports

3.1.5. .spec.egress[].ports[]

3.1.6. .spec.egress[].to

3.1.7. .status

3.2. API endpoints

3.2.1. /apis/k8s.ovn.org/v1/egressfirewalls

3.2.2. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls

3.2.3. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressfirewalls/{name}

Chapter 4. EgressIP [k8s.ovn.org/v1]

4.1. Specification

4.1.1. .spec

4.1.2. .spec.namespaceSelector

4.1.3. .spec.namespaceSelector.matchExpressions

4.1.4. .spec.namespaceSelector.matchExpressions[]

4.1.5. .spec.podSelector

4.1.6. .spec.podSelector.matchExpressions

4.1.7. .spec.podSelector.matchExpressions[]

4.1.8. .status

4.1.9. .status.items

4.1.10. .status.items[]

4.2. API endpoints

4.2.1. /apis/k8s.ovn.org/v1/egressips

4.2.2. /apis/k8s.ovn.org/v1/egressips/{name}

Chapter 5. EgressQoS [k8s.ovn.org/v1]

5.1. Specification

5.1.1. .spec

5.1.2. .spec.egress

5.1.3. .spec.egress[]

5.1.4. .spec.egress[].podSelector

5.1.5. .spec.egress[].podSelector.matchExpressions

5.1.6. .spec.egress[].podSelector.matchExpressions[]

5.1.7. .status

5.2. API endpoints

5.2.1. /apis/k8s.ovn.org/v1/egressqoses

5.2.2. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses

5.2.3. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}

5.2.4. /apis/k8s.ovn.org/v1/namespaces/{namespace}/egressqoses/{name}/status

Chapter 6. Endpoints [v1]

6.1. Specification

6.1.1. .subsets

6.1.2. .subsets[]

6.1.3. .subsets[].addresses

6.1.4. .subsets[].addresses[]

6.1.5. .subsets[].addresses[].targetRef

6.1.6. .subsets[].notReadyAddresses

6.1.7. .subsets[].notReadyAddresses[]