Chapter 38. NetworkPolicyService


38.1. GetAllowedPeersFromCurrentPolicyForDeployment

GET /v1/networkpolicies/allowedpeers/{id}

38.1.1. Description

38.1.2. Parameters

38.1.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

id

 

X

null

 

38.1.3. Return Type

V1GetAllowedPeersFromCurrentPolicyForDeploymentResponse

38.1.4. Content Type

  • application/json

38.1.5. Responses

Table 38.1. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetAllowedPeersFromCurrentPolicyForDeploymentResponse

0

An unexpected error response.

RuntimeError

38.1.6. Samples

38.1.7. Common object reference

38.1.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.1.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.1.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.1.7.3. StorageL4Protocol

Enum Values

L4_PROTOCOL_UNKNOWN

L4_PROTOCOL_TCP

L4_PROTOCOL_UDP

L4_PROTOCOL_ICMP

L4_PROTOCOL_RAW

L4_PROTOCOL_SCTP

L4_PROTOCOL_ANY

38.1.7.4. StorageNetworkEntityInfoType

  • INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
Enum Values

UNKNOWN_TYPE

DEPLOYMENT

INTERNET

LISTEN_ENDPOINT

EXTERNAL_SOURCE

INTERNAL_ENTITIES

38.1.7.5. V1GetAllowedPeersFromCurrentPolicyForDeploymentResponse

Field NameRequiredNullableTypeDescriptionFormat

allowedPeers

  

List of V1NetworkBaselineStatusPeer

  

38.1.7.6. V1NetworkBaselinePeerEntity

Field NameRequiredNullableTypeDescriptionFormat

id

  

String

  

type

  

StorageNetworkEntityInfoType

 

UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES,

38.1.7.7. V1NetworkBaselineStatusPeer

Field NameRequiredNullableTypeDescriptionFormat

entity

  

V1NetworkBaselinePeerEntity

  

port

  

Long

The port and protocol of the destination of the given connection.

int64

protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

ingress

  

Boolean

A boolean representing whether the query is for an ingress or egress connection. This is defined with respect to the current deployment. Thus: - If the connection in question is in the outEdges of the current deployment, this should be false. - If it is in the outEdges of the peer deployment, this should be true.

 

38.2. ApplyNetworkPolicy

POST /v1/networkpolicies/apply/{clusterId}

38.2.1. Description

38.2.2. Parameters

38.2.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.2.2.2. Body Parameter

NameDescriptionRequiredDefaultPattern

body

StorageNetworkPolicyModification

X

  

38.2.3. Return Type

Object

38.2.4. Content Type

  • application/json

38.2.5. Responses

Table 38.2. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

38.2.6. Samples

38.2.7. Common object reference

38.2.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.2.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.2.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.2.7.3. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.2.7.4. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.3. ApplyNetworkPolicyYamlForDeployment

POST /v1/networkpolicies/apply/deployment/{deploymentId}

38.3.1. Description

38.3.2. Parameters

38.3.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

deploymentId

 

X

null

 

38.3.2.2. Body Parameter

NameDescriptionRequiredDefaultPattern

body

V1ApplyNetworkPolicyYamlForDeploymentRequest

X

  

38.3.3. Return Type

Object

38.3.4. Content Type

  • application/json

38.3.5. Responses

Table 38.3. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

38.3.6. Samples

38.3.7. Common object reference

38.3.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.3.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.3.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.3.7.3. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.3.7.4. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.3.7.5. V1ApplyNetworkPolicyYamlForDeploymentRequest

Field NameRequiredNullableTypeDescriptionFormat

deploymentId

  

String

  

modification

  

StorageNetworkPolicyModification

  

38.4. GetDiffFlowsBetweenPolicyAndBaselineForDeployment

GET /v1/networkpolicies/baselinecomparison/{id}

38.4.1. Description

38.4.2. Parameters

38.4.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

id

 

X

null

 

38.4.3. Return Type

V1GetDiffFlowsResponse

38.4.4. Content Type

  • application/json

38.4.5. Responses

Table 38.4. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetDiffFlowsResponse

0

An unexpected error response.

RuntimeError

38.4.6. Samples

38.4.7. Common object reference

38.4.7.1. DeploymentListenPort

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

l4protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.4.7.2. NetworkEntityInfoExternalSource

Update normalizeDupNameExtSrcs(…​) in central/networkgraph/aggregator/aggregator.go whenever this message is updated.

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

cidr

  

String

  

default

  

Boolean

default indicates whether the external source is user-generated or system-generated.

 

38.4.7.3. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.4.7.3.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.4.7.4. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.4.7.5. StorageL4Protocol

Enum Values

L4_PROTOCOL_UNKNOWN

L4_PROTOCOL_TCP

L4_PROTOCOL_UDP

L4_PROTOCOL_ICMP

L4_PROTOCOL_RAW

L4_PROTOCOL_SCTP

L4_PROTOCOL_ANY

38.4.7.6. StorageNetworkBaselineConnectionProperties

NetworkBaselineConnectionProperties represents information about a baseline connection next available tag: 4
Field NameRequiredNullableTypeDescriptionFormat

ingress

  

Boolean

  

port

  

Long

 

int64

protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.4.7.7. StorageNetworkEntityInfo

Field NameRequiredNullableTypeDescriptionFormat

type

  

StorageNetworkEntityInfoType

 

UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES,

id

  

String

  

deployment

  

StorageNetworkEntityInfoDeployment

  

externalSource

  

NetworkEntityInfoExternalSource

  

38.4.7.8. StorageNetworkEntityInfoDeployment

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

namespace

  

String

  

cluster

  

String

  

listenPorts

  

List of DeploymentListenPort

  

38.4.7.9. StorageNetworkEntityInfoType

  • INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
Enum Values

UNKNOWN_TYPE

DEPLOYMENT

INTERNET

LISTEN_ENDPOINT

EXTERNAL_SOURCE

INTERNAL_ENTITIES

38.4.7.10. V1GetDiffFlowsGroupedFlow

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

properties

  

List of StorageNetworkBaselineConnectionProperties

  

38.4.7.11. V1GetDiffFlowsReconciledFlow

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

added

  

List of StorageNetworkBaselineConnectionProperties

  

removed

  

List of StorageNetworkBaselineConnectionProperties

  

unchanged

  

List of StorageNetworkBaselineConnectionProperties

  

38.4.7.12. V1GetDiffFlowsResponse

Field NameRequiredNullableTypeDescriptionFormat

added

  

List of V1GetDiffFlowsGroupedFlow

  

removed

  

List of V1GetDiffFlowsGroupedFlow

  

reconciled

  

List of V1GetDiffFlowsReconciledFlow

  

38.5. GetNetworkGraph

GET /v1/networkpolicies/cluster/{clusterId}

38.5.1. Description

38.5.2. Parameters

38.5.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.5.2.2. Query Parameters

NameDescriptionRequiredDefaultPattern

query

 

-

null

 

includePorts

If set to true, include port-level information in the network policy graph.

-

null

 

scope.query

 

-

null

 

38.5.3. Return Type

V1NetworkGraph

38.5.4. Content Type

  • application/json

38.5.5. Responses

Table 38.5. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1NetworkGraph

0

An unexpected error response.

RuntimeError

38.5.6. Samples

38.5.7. Common object reference

38.5.7.1. DeploymentListenPort

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

l4protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.5.7.2. NetworkEntityInfoExternalSource

Update normalizeDupNameExtSrcs(…​) in central/networkgraph/aggregator/aggregator.go whenever this message is updated.

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

cidr

  

String

  

default

  

Boolean

default indicates whether the external source is user-generated or system-generated.

 

38.5.7.3. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.5.7.3.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.5.7.4. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.5.7.5. StorageL4Protocol

Enum Values

L4_PROTOCOL_UNKNOWN

L4_PROTOCOL_TCP

L4_PROTOCOL_UDP

L4_PROTOCOL_ICMP

L4_PROTOCOL_RAW

L4_PROTOCOL_SCTP

L4_PROTOCOL_ANY

38.5.7.6. StorageNetworkEntityInfo

Field NameRequiredNullableTypeDescriptionFormat

type

  

StorageNetworkEntityInfoType

 

UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES,

id

  

String

  

deployment

  

StorageNetworkEntityInfoDeployment

  

externalSource

  

NetworkEntityInfoExternalSource

  

38.5.7.7. StorageNetworkEntityInfoDeployment

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

namespace

  

String

  

cluster

  

String

  

listenPorts

  

List of DeploymentListenPort

  

38.5.7.8. StorageNetworkEntityInfoType

  • INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
Enum Values

UNKNOWN_TYPE

DEPLOYMENT

INTERNET

LISTEN_ENDPOINT

EXTERNAL_SOURCE

INTERNAL_ENTITIES

38.5.7.9. V1NetworkEdgeProperties

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

lastActiveTimestamp

  

Date

 

date-time

38.5.7.10. V1NetworkEdgePropertiesBundle

Field NameRequiredNullableTypeDescriptionFormat

properties

  

List of V1NetworkEdgeProperties

  

38.5.7.11. V1NetworkGraph

Field NameRequiredNullableTypeDescriptionFormat

epoch

  

Long

 

int64

nodes

  

List of V1NetworkNode

  

38.5.7.12. V1NetworkNode

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

internetAccess

  

Boolean

  

policyIds

  

List of string

  

nonIsolatedIngress

  

Boolean

  

nonIsolatedEgress

  

Boolean

  

queryMatch

  

Boolean

  

outEdges

  

Map of V1NetworkEdgePropertiesBundle

  

38.6. GetBaselineGeneratedNetworkPolicyForDeployment

POST /v1/networkpolicies/generate/baseline/{deploymentId}

38.6.1. Description

38.6.2. Parameters

38.6.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

deploymentId

 

X

null

 

38.6.2.2. Body Parameter

NameDescriptionRequiredDefaultPattern

body

V1GetBaselineGeneratedPolicyForDeploymentRequest

X

  

38.6.3. Return Type

V1GetBaselineGeneratedPolicyForDeploymentResponse

38.6.4. Content Type

  • application/json

38.6.5. Responses

Table 38.6. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetBaselineGeneratedPolicyForDeploymentResponse

0

An unexpected error response.

RuntimeError

38.6.6. Samples

38.6.7. Common object reference

38.6.7.1. GenerateNetworkPoliciesRequestDeleteExistingPoliciesMode

Enum Values

UNKNOWN

NONE

GENERATED_ONLY

ALL

38.6.7.2. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.6.7.2.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.6.7.3. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.6.7.4. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.6.7.5. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.6.7.6. V1GetBaselineGeneratedPolicyForDeploymentRequest

Field NameRequiredNullableTypeDescriptionFormat

deploymentId

  

String

  

deleteExisting

  

GenerateNetworkPoliciesRequestDeleteExistingPoliciesMode

 

UNKNOWN, NONE, GENERATED_ONLY, ALL,

includePorts

  

Boolean

  

38.6.7.7. V1GetBaselineGeneratedPolicyForDeploymentResponse

Field NameRequiredNullableTypeDescriptionFormat

modification

  

StorageNetworkPolicyModification

  

38.7. GenerateNetworkPolicies

GET /v1/networkpolicies/generate/{clusterId}

38.7.1. Description

38.7.2. Parameters

38.7.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.7.2.2. Query Parameters

NameDescriptionRequiredDefaultPattern

query

 

-

null

 

deleteExisting

 

-

UNKNOWN

 

networkDataSince

 

-

null

 

includePorts

 

-

null

 

38.7.3. Return Type

V1GenerateNetworkPoliciesResponse

38.7.4. Content Type

  • application/json

38.7.5. Responses

Table 38.7. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GenerateNetworkPoliciesResponse

0

An unexpected error response.

RuntimeError

38.7.6. Samples

38.7.7. Common object reference

38.7.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.7.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.7.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.7.7.3. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.7.7.4. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.7.7.5. V1GenerateNetworkPoliciesResponse

Next available tag: 2
Field NameRequiredNullableTypeDescriptionFormat

modification

  

StorageNetworkPolicyModification

  

38.8. GetNetworkPolicies

GET /v1/networkpolicies

38.8.1. Description

38.8.2. Parameters

38.8.2.1. Query Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

-

null

 

deploymentQuery

 

-

null

 

namespace

 

-

null

 

38.8.3. Return Type

V1NetworkPoliciesResponse

38.8.4. Content Type

  • application/json

38.8.5. Responses

Table 38.8. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1NetworkPoliciesResponse

0

An unexpected error response.

RuntimeError

38.8.6. Samples

38.8.7. Common object reference

38.8.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.8.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.8.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.8.7.3. StorageIPBlock

Field NameRequiredNullableTypeDescriptionFormat

cidr

  

String

  

except

  

List of string

  

38.8.7.4. StorageLabelSelector

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Field NameRequiredNullableTypeDescriptionFormat

matchLabels

  

Map of string

This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.

 

requirements

  

List of StorageLabelSelectorRequirement

  

38.8.7.5. StorageLabelSelectorOperator

Enum Values

UNKNOWN

IN

NOT_IN

EXISTS

NOT_EXISTS

38.8.7.6. StorageLabelSelectorRequirement

Next available tag: 4
Field NameRequiredNullableTypeDescriptionFormat

key

  

String

  

op

  

StorageLabelSelectorOperator

 

UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,

values

  

List of string

  

38.8.7.7. StorageNetworkPolicy

Field NameRequiredNullableTypeDescriptionFormat

id

  

String

  

name

  

String

  

clusterId

  

String

  

clusterName

  

String

  

namespace

  

String

  

labels

  

Map of string

  

annotations

  

Map of string

  

spec

  

StorageNetworkPolicySpec

  

yaml

  

String

  

apiVersion

  

String

  

created

  

Date

 

date-time

38.8.7.8. StorageNetworkPolicyEgressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

to

  

List of StorageNetworkPolicyPeer

  

38.8.7.9. StorageNetworkPolicyIngressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

from

  

List of StorageNetworkPolicyPeer

  

38.8.7.10. StorageNetworkPolicyPeer

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

namespaceSelector

  

StorageLabelSelector

  

ipBlock

  

StorageIPBlock

  

38.8.7.11. StorageNetworkPolicyPort

Field NameRequiredNullableTypeDescriptionFormat

protocol

  

StorageProtocol

 

UNSET_PROTOCOL, TCP_PROTOCOL, UDP_PROTOCOL, SCTP_PROTOCOL,

port

  

Integer

 

int32

portName

  

String

  

38.8.7.12. StorageNetworkPolicySpec

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

ingress

  

List of StorageNetworkPolicyIngressRule

  

egress

  

List of StorageNetworkPolicyEgressRule

  

policyTypes

  

List of StorageNetworkPolicyType

  

38.8.7.13. StorageNetworkPolicyType

Enum Values

UNSET_NETWORK_POLICY_TYPE

INGRESS_NETWORK_POLICY_TYPE

EGRESS_NETWORK_POLICY_TYPE

38.8.7.14. StorageProtocol

Enum Values

UNSET_PROTOCOL

TCP_PROTOCOL

UDP_PROTOCOL

SCTP_PROTOCOL

38.8.7.15. V1NetworkPoliciesResponse

Field NameRequiredNullableTypeDescriptionFormat

networkPolicies

  

List of StorageNetworkPolicy

  

38.9. GetNetworkGraphEpoch

GET /v1/networkpolicies/graph/epoch

38.9.1. Description

38.9.2. Parameters

38.9.2.1. Query Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

-

null

 

38.9.3. Return Type

V1NetworkGraphEpoch

38.9.4. Content Type

  • application/json

38.9.5. Responses

Table 38.9. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1NetworkGraphEpoch

0

An unexpected error response.

RuntimeError

38.9.6. Samples

38.9.7. Common object reference

38.9.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.9.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.9.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.9.7.3. V1NetworkGraphEpoch

Field NameRequiredNullableTypeDescriptionFormat

epoch

  

Long

 

int64

38.10. GetNetworkPolicy

GET /v1/networkpolicies/{id}

38.10.1. Description

38.10.2. Parameters

38.10.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

id

 

X

null

 

38.10.3. Return Type

StorageNetworkPolicy

38.10.4. Content Type

  • application/json

38.10.5. Responses

Table 38.10. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

StorageNetworkPolicy

0

An unexpected error response.

RuntimeError

38.10.6. Samples

38.10.7. Common object reference

38.10.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.10.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.10.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.10.7.3. StorageIPBlock

Field NameRequiredNullableTypeDescriptionFormat

cidr

  

String

  

except

  

List of string

  

38.10.7.4. StorageLabelSelector

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Field NameRequiredNullableTypeDescriptionFormat

matchLabels

  

Map of string

This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.

 

requirements

  

List of StorageLabelSelectorRequirement

  

38.10.7.5. StorageLabelSelectorOperator

Enum Values

UNKNOWN

IN

NOT_IN

EXISTS

NOT_EXISTS

38.10.7.6. StorageLabelSelectorRequirement

Next available tag: 4
Field NameRequiredNullableTypeDescriptionFormat

key

  

String

  

op

  

StorageLabelSelectorOperator

 

UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,

values

  

List of string

  

38.10.7.7. StorageNetworkPolicy

Field NameRequiredNullableTypeDescriptionFormat

id

  

String

  

name

  

String

  

clusterId

  

String

  

clusterName

  

String

  

namespace

  

String

  

labels

  

Map of string

  

annotations

  

Map of string

  

spec

  

StorageNetworkPolicySpec

  

yaml

  

String

  

apiVersion

  

String

  

created

  

Date

 

date-time

38.10.7.8. StorageNetworkPolicyEgressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

to

  

List of StorageNetworkPolicyPeer

  

38.10.7.9. StorageNetworkPolicyIngressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

from

  

List of StorageNetworkPolicyPeer

  

38.10.7.10. StorageNetworkPolicyPeer

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

namespaceSelector

  

StorageLabelSelector

  

ipBlock

  

StorageIPBlock

  

38.10.7.11. StorageNetworkPolicyPort

Field NameRequiredNullableTypeDescriptionFormat

protocol

  

StorageProtocol

 

UNSET_PROTOCOL, TCP_PROTOCOL, UDP_PROTOCOL, SCTP_PROTOCOL,

port

  

Integer

 

int32

portName

  

String

  

38.10.7.12. StorageNetworkPolicySpec

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

ingress

  

List of StorageNetworkPolicyIngressRule

  

egress

  

List of StorageNetworkPolicyEgressRule

  

policyTypes

  

List of StorageNetworkPolicyType

  

38.10.7.13. StorageNetworkPolicyType

Enum Values

UNSET_NETWORK_POLICY_TYPE

INGRESS_NETWORK_POLICY_TYPE

EGRESS_NETWORK_POLICY_TYPE

38.10.7.14. StorageProtocol

Enum Values

UNSET_PROTOCOL

TCP_PROTOCOL

UDP_PROTOCOL

SCTP_PROTOCOL

38.11. SendNetworkPolicyYAML

POST /v1/networkpolicies/simulate/{clusterId}/notify

38.11.1. Description

38.11.2. Parameters

38.11.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.11.2.2. Body Parameter

NameDescriptionRequiredDefaultPattern

body

StorageNetworkPolicyModification

X

  

38.11.2.3. Query Parameters

NameDescriptionRequiredDefaultPattern

notifierIds

String

-

null

 

38.11.3. Return Type

Object

38.11.4. Content Type

  • application/json

38.11.5. Responses

Table 38.11. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

Object

0

An unexpected error response.

RuntimeError

38.11.6. Samples

38.11.7. Common object reference

38.11.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.11.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.11.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.11.7.3. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.11.7.4. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.12. SimulateNetworkGraph

POST /v1/networkpolicies/simulate/{clusterId}

38.12.1. Description

38.12.2. Parameters

38.12.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.12.2.2. Body Parameter

NameDescriptionRequiredDefaultPattern

body

StorageNetworkPolicyModification

X

  

38.12.2.3. Query Parameters

NameDescriptionRequiredDefaultPattern

query

 

-

null

 

includePorts

If set to true, include port-level information in the network policy graph.

-

null

 

includeNodeDiff

 

-

null

 

scope.query

 

-

null

 

38.12.3. Return Type

V1SimulateNetworkGraphResponse

38.12.4. Content Type

  • application/json

38.12.5. Responses

Table 38.12. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1SimulateNetworkGraphResponse

0

An unexpected error response.

RuntimeError

38.12.6. Samples

38.12.7. Common object reference

38.12.7.1. DeploymentListenPort

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

l4protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.12.7.2. NetworkEntityInfoExternalSource

Update normalizeDupNameExtSrcs(…​) in central/networkgraph/aggregator/aggregator.go whenever this message is updated.

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

cidr

  

String

  

default

  

Boolean

default indicates whether the external source is user-generated or system-generated.

 

38.12.7.3. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.12.7.3.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.12.7.4. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.12.7.5. StorageIPBlock

Field NameRequiredNullableTypeDescriptionFormat

cidr

  

String

  

except

  

List of string

  

38.12.7.6. StorageL4Protocol

Enum Values

L4_PROTOCOL_UNKNOWN

L4_PROTOCOL_TCP

L4_PROTOCOL_UDP

L4_PROTOCOL_ICMP

L4_PROTOCOL_RAW

L4_PROTOCOL_SCTP

L4_PROTOCOL_ANY

38.12.7.7. StorageLabelSelector

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Field NameRequiredNullableTypeDescriptionFormat

matchLabels

  

Map of string

This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.

 

requirements

  

List of StorageLabelSelectorRequirement

  

38.12.7.8. StorageLabelSelectorOperator

Enum Values

UNKNOWN

IN

NOT_IN

EXISTS

NOT_EXISTS

38.12.7.9. StorageLabelSelectorRequirement

Next available tag: 4
Field NameRequiredNullableTypeDescriptionFormat

key

  

String

  

op

  

StorageLabelSelectorOperator

 

UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,

values

  

List of string

  

38.12.7.10. StorageNetworkEntityInfo

Field NameRequiredNullableTypeDescriptionFormat

type

  

StorageNetworkEntityInfoType

 

UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES,

id

  

String

  

deployment

  

StorageNetworkEntityInfoDeployment

  

externalSource

  

NetworkEntityInfoExternalSource

  

38.12.7.11. StorageNetworkEntityInfoDeployment

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

namespace

  

String

  

cluster

  

String

  

listenPorts

  

List of DeploymentListenPort

  

38.12.7.12. StorageNetworkEntityInfoType

  • INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
Enum Values

UNKNOWN_TYPE

DEPLOYMENT

INTERNET

LISTEN_ENDPOINT

EXTERNAL_SOURCE

INTERNAL_ENTITIES

38.12.7.13. StorageNetworkPolicy

Field NameRequiredNullableTypeDescriptionFormat

id

  

String

  

name

  

String

  

clusterId

  

String

  

clusterName

  

String

  

namespace

  

String

  

labels

  

Map of string

  

annotations

  

Map of string

  

spec

  

StorageNetworkPolicySpec

  

yaml

  

String

  

apiVersion

  

String

  

created

  

Date

 

date-time

38.12.7.14. StorageNetworkPolicyEgressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

to

  

List of StorageNetworkPolicyPeer

  

38.12.7.15. StorageNetworkPolicyIngressRule

Field NameRequiredNullableTypeDescriptionFormat

ports

  

List of StorageNetworkPolicyPort

  

from

  

List of StorageNetworkPolicyPeer

  

38.12.7.16. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.12.7.17. StorageNetworkPolicyPeer

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

namespaceSelector

  

StorageLabelSelector

  

ipBlock

  

StorageIPBlock

  

38.12.7.18. StorageNetworkPolicyPort

Field NameRequiredNullableTypeDescriptionFormat

protocol

  

StorageProtocol

 

UNSET_PROTOCOL, TCP_PROTOCOL, UDP_PROTOCOL, SCTP_PROTOCOL,

port

  

Integer

 

int32

portName

  

String

  

38.12.7.19. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.12.7.20. StorageNetworkPolicySpec

Field NameRequiredNullableTypeDescriptionFormat

podSelector

  

StorageLabelSelector

  

ingress

  

List of StorageNetworkPolicyIngressRule

  

egress

  

List of StorageNetworkPolicyEgressRule

  

policyTypes

  

List of StorageNetworkPolicyType

  

38.12.7.21. StorageNetworkPolicyType

Enum Values

UNSET_NETWORK_POLICY_TYPE

INGRESS_NETWORK_POLICY_TYPE

EGRESS_NETWORK_POLICY_TYPE

38.12.7.22. StorageProtocol

Enum Values

UNSET_PROTOCOL

TCP_PROTOCOL

UDP_PROTOCOL

SCTP_PROTOCOL

38.12.7.23. V1NetworkEdgeProperties

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

lastActiveTimestamp

  

Date

 

date-time

38.12.7.24. V1NetworkEdgePropertiesBundle

Field NameRequiredNullableTypeDescriptionFormat

properties

  

List of V1NetworkEdgeProperties

  

38.12.7.25. V1NetworkGraph

Field NameRequiredNullableTypeDescriptionFormat

epoch

  

Long

 

int64

nodes

  

List of V1NetworkNode

  

38.12.7.26. V1NetworkGraphDiff

Field NameRequiredNullableTypeDescriptionFormat

DEPRECATEDNodeDiffs

  

Map of V1NetworkNodeDiff

  

nodeDiffs

  

Map of V1NetworkNodeDiff

  

38.12.7.27. V1NetworkNode

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

internetAccess

  

Boolean

  

policyIds

  

List of string

  

nonIsolatedIngress

  

Boolean

  

nonIsolatedEgress

  

Boolean

  

queryMatch

  

Boolean

  

outEdges

  

Map of V1NetworkEdgePropertiesBundle

  

38.12.7.28. V1NetworkNodeDiff

Field NameRequiredNullableTypeDescriptionFormat

policyIds

  

List of string

  

DEPRECATEDOutEdges

  

Map of V1NetworkEdgePropertiesBundle

  

outEdges

  

Map of V1NetworkEdgePropertiesBundle

  

nonIsolatedIngress

  

Boolean

  

nonIsolatedEgress

  

Boolean

  

38.12.7.29. V1NetworkPolicyInSimulation

Field NameRequiredNullableTypeDescriptionFormat

policy

  

StorageNetworkPolicy

  

status

  

V1NetworkPolicyInSimulationStatus

 

INVALID, UNCHANGED, MODIFIED, ADDED, DELETED,

oldPolicy

  

StorageNetworkPolicy

  

38.12.7.30. V1NetworkPolicyInSimulationStatus

Enum Values

INVALID

UNCHANGED

MODIFIED

ADDED

DELETED

38.12.7.31. V1SimulateNetworkGraphResponse

Field NameRequiredNullableTypeDescriptionFormat

simulatedGraph

  

V1NetworkGraph

  

policies

  

List of V1NetworkPolicyInSimulation

  

added

  

V1NetworkGraphDiff

  

removed

  

V1NetworkGraphDiff

  

38.13. GetDiffFlowsFromUndoModificationForDeployment

GET /v1/networkpolicies/undobaselinecomparison/{id}

38.13.1. Description

38.13.2. Parameters

38.13.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

id

 

X

null

 

38.13.3. Return Type

V1GetDiffFlowsResponse

38.13.4. Content Type

  • application/json

38.13.5. Responses

Table 38.13. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetDiffFlowsResponse

0

An unexpected error response.

RuntimeError

38.13.6. Samples

38.13.7. Common object reference

38.13.7.1. DeploymentListenPort

Field NameRequiredNullableTypeDescriptionFormat

port

  

Long

 

int64

l4protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.13.7.2. NetworkEntityInfoExternalSource

Update normalizeDupNameExtSrcs(…​) in central/networkgraph/aggregator/aggregator.go whenever this message is updated.

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

cidr

  

String

  

default

  

Boolean

default indicates whether the external source is user-generated or system-generated.

 

38.13.7.3. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.13.7.3.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.13.7.4. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.13.7.5. StorageL4Protocol

Enum Values

L4_PROTOCOL_UNKNOWN

L4_PROTOCOL_TCP

L4_PROTOCOL_UDP

L4_PROTOCOL_ICMP

L4_PROTOCOL_RAW

L4_PROTOCOL_SCTP

L4_PROTOCOL_ANY

38.13.7.6. StorageNetworkBaselineConnectionProperties

NetworkBaselineConnectionProperties represents information about a baseline connection next available tag: 4
Field NameRequiredNullableTypeDescriptionFormat

ingress

  

Boolean

  

port

  

Long

 

int64

protocol

  

StorageL4Protocol

 

L4_PROTOCOL_UNKNOWN, L4_PROTOCOL_TCP, L4_PROTOCOL_UDP, L4_PROTOCOL_ICMP, L4_PROTOCOL_RAW, L4_PROTOCOL_SCTP, L4_PROTOCOL_ANY,

38.13.7.7. StorageNetworkEntityInfo

Field NameRequiredNullableTypeDescriptionFormat

type

  

StorageNetworkEntityInfoType

 

UNKNOWN_TYPE, DEPLOYMENT, INTERNET, LISTEN_ENDPOINT, EXTERNAL_SOURCE, INTERNAL_ENTITIES,

id

  

String

  

deployment

  

StorageNetworkEntityInfoDeployment

  

externalSource

  

NetworkEntityInfoExternalSource

  

38.13.7.8. StorageNetworkEntityInfoDeployment

Field NameRequiredNullableTypeDescriptionFormat

name

  

String

  

namespace

  

String

  

cluster

  

String

  

listenPorts

  

List of DeploymentListenPort

  

38.13.7.9. StorageNetworkEntityInfoType

  • INTERNAL_ENTITIES: INTERNAL_ENTITIES is for grouping all internal entities under a single network graph node
Enum Values

UNKNOWN_TYPE

DEPLOYMENT

INTERNET

LISTEN_ENDPOINT

EXTERNAL_SOURCE

INTERNAL_ENTITIES

38.13.7.10. V1GetDiffFlowsGroupedFlow

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

properties

  

List of StorageNetworkBaselineConnectionProperties

  

38.13.7.11. V1GetDiffFlowsReconciledFlow

Field NameRequiredNullableTypeDescriptionFormat

entity

  

StorageNetworkEntityInfo

  

added

  

List of StorageNetworkBaselineConnectionProperties

  

removed

  

List of StorageNetworkBaselineConnectionProperties

  

unchanged

  

List of StorageNetworkBaselineConnectionProperties

  

38.13.7.12. V1GetDiffFlowsResponse

Field NameRequiredNullableTypeDescriptionFormat

added

  

List of V1GetDiffFlowsGroupedFlow

  

removed

  

List of V1GetDiffFlowsGroupedFlow

  

reconciled

  

List of V1GetDiffFlowsReconciledFlow

  

38.14. GetUndoModification

GET /v1/networkpolicies/undo/{clusterId}

38.14.1. Description

38.14.2. Parameters

38.14.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

clusterId

 

X

null

 

38.14.3. Return Type

V1GetUndoModificationResponse

38.14.4. Content Type

  • application/json

38.14.5. Responses

Table 38.14. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetUndoModificationResponse

0

An unexpected error response.

RuntimeError

38.14.6. Samples

38.14.7. Common object reference

38.14.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.14.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.14.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.14.7.3. StorageNetworkPolicyApplicationUndoRecord

Field NameRequiredNullableTypeDescriptionFormat

clusterId

  

String

  

user

  

String

  

applyTimestamp

  

Date

 

date-time

originalModification

  

StorageNetworkPolicyModification

  

undoModification

  

StorageNetworkPolicyModification

  

38.14.7.4. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.14.7.5. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.14.7.6. V1GetUndoModificationResponse

Field NameRequiredNullableTypeDescriptionFormat

undoRecord

  

StorageNetworkPolicyApplicationUndoRecord

  

38.15. GetUndoModificationForDeployment

GET /v1/networkpolicies/undo/deployment/{id}

38.15.1. Description

38.15.2. Parameters

38.15.2.1. Path Parameters

NameDescriptionRequiredDefaultPattern

id

 

X

null

 

38.15.3. Return Type

V1GetUndoModificationForDeploymentResponse

38.15.4. Content Type

  • application/json

38.15.5. Responses

Table 38.15. HTTP Response Codes
CodeMessageDatatype

200

A successful response.

V1GetUndoModificationForDeploymentResponse

0

An unexpected error response.

RuntimeError

38.15.6. Samples

38.15.7. Common object reference

38.15.7.1. ProtobufAny

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

38.15.7.1.1. JSON representation

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}
{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}
Field NameRequiredNullableTypeDescriptionFormat

typeUrl

  

String

A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in path/google.protobuf.Duration). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme http, https, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, https is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than http, https (or the empty scheme) might be used with implementation specific semantics.

 

value

  

byte[]

Must be a valid serialized protocol buffer of the above specified type.

byte

38.15.7.2. RuntimeError

Field NameRequiredNullableTypeDescriptionFormat

error

  

String

  

code

  

Integer

 

int32

message

  

String

  

details

  

List of ProtobufAny

  

38.15.7.3. StorageNetworkPolicyApplicationUndoRecord

Field NameRequiredNullableTypeDescriptionFormat

clusterId

  

String

  

user

  

String

  

applyTimestamp

  

Date

 

date-time

originalModification

  

StorageNetworkPolicyModification

  

undoModification

  

StorageNetworkPolicyModification

  

38.15.7.4. StorageNetworkPolicyModification

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

applyYaml

  

String

  

toDelete

  

List of StorageNetworkPolicyReference

  

38.15.7.5. StorageNetworkPolicyReference

Next available tag: 3
Field NameRequiredNullableTypeDescriptionFormat

namespace

  

String

  

name

  

String

  

38.15.7.6. V1GetUndoModificationForDeploymentResponse

Field NameRequiredNullableTypeDescriptionFormat

undoRecord

  

StorageNetworkPolicyApplicationUndoRecord

  
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.