RouterAccess resource¶
Configuration for secure access to the site router. The configuration includes TLS credentials and router ports. The RouterAccess resource is used to implement link access for sites.
Metadata properties¶
name
string
required
The name of the resource.
| See also | Kubernetes object names |
|---|
namespace
string
The namespace of the resource.
| See also | Platform concept, Kubernetes namespaces |
|---|
Spec properties¶
roles
array
required
The named interfaces by which a router can be accessed. These
include "inter-router" for links between interior routers and
"edge" for links from edge routers to interior routers.
tlsCredentials
string
required
The name of a bundle of TLS certificates used for mutual TLS
router-to-router communication. The bundle contains the
server certificate and key and the trusted client certificate
(usually a CA).
On Kubernetes, the value is the name of a Secret in the
current namespace.
On Docker, Podman, and Linux, the value is the name of a
directory under `input/certs/` in the current namespace.
| See also | Kubernetes TLS secrets |
|---|
generateTlsCredentials
boolean
When set, Skupper generates the TLS credentials to be
stored in the Secret specified by `tlsCredentials`. See
also `issuer`.
| Default | False |
|---|
issuer
string
The name of the Kubernetes Secret containing the signing CA
used to generate TLS certificates for the RouterAccess when
`generateTlsCredentials` is set.
accessType
string
Configures the access type for the router endpoints.
Available access types and the default selection is
configured on the Skupper controller for Kubernetes.
The options available by default are:
- `local`: No external ingress. Implies a Kubernetes Service with type CluterIP.
- `route`: Exposed via an OpenShift Route.
- `loadbalancer`: Exposed via a Kubernetes Service with type LoadBalancer.
| Default | On OpenShift, the default is | ||||
|---|---|---|---|---|---|
| Choices |
|
bindHost
string
The hostname or IP address of the network interface to bind
to. By default, Skupper binds all the interfaces on the host.
| Default |
|
|---|
subjectAlternativeNames
array
The hostnames and IPs secured by the router TLS certificate.
| Default | The current hostname and the IP address of each bound network interface |
|---|
settings
object
advanced
A map containing additional settings. Each map entry has a
string name and a string value.
**Note:** In general, we recommend not changing settings from
their default values.
Status properties¶
status
string
The current state of the resource.
- `Pending`: The resource is being processed.
- `Error`: There was an error processing the resource. See
`message` for more information.
- `Ready`: The resource is ready to use.
message
string
A human-readable status message. Error messages are reported
here.
conditions
array
advanced
A set of named conditions describing the current state of the
resource.
- `Configured`: The router access configuration has been applied to
the router.
- `Resolved`: The connection endpoints are available.
- `Ready`: The router access is ready to use. All other
conditions are true.
| See also | Kubernetes conditions |
|---|
endpoints
array
advanced
An array of connection endpoints. Each item has a name, host,
port, and group.