DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods
new()
Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
mixinInstance(metadata)
withAnnotations(annotations)
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
withAnnotationsMixin(annotations)
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
withClusterName(clusterName)
The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
withFinalizers(finalizers)
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.
withFinalizersMixin(finalizers)
Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.
withGenerateName(generateName)
GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.
If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).
Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
withLabels(labels)
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
withLabelsMixin(labels)
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
withManagedFields(managedFields)
ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn’t need to set or understand this field. A workflow can be the user’s name, a controller’s name, or the name of a specific apply path like “ci-cd”. The set of fields is always in the version that the workflow used when modifying the object.
This field is alpha and can be changed or removed without notice.
withManagedFields takes an array of type managedFieldsType. You can create
an instance of managedFieldsType with hidden.meta.v1.managedFieldsEntry.new().
see hidden.meta.v1.managedFieldsEntry
withManagedFieldsMixin(managedFields)
ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn’t need to set or understand this field. A workflow can be the user’s name, a controller’s name, or the name of a specific apply path like “ci-cd”. The set of fields is always in the version that the workflow used when modifying the object.
This field is alpha and can be changed or removed without notice.
withManagedFieldsMixin takes an array of type managedFieldsType. You can create
an instance of managedFieldsType with hidden.meta.v1.managedFieldsEntry.new().
see hidden.meta.v1.managedFieldsEntry
withName(name)
Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names
withNamespace(namespace)
Namespace defines the space within each name must be unique. An empty namespace is equivalent to the “default” namespace, but “default” is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.
Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces
withOwnerReferences(ownerReferences)
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
withOwnerReferences takes an array of type ownerReferencesType. You can create
an instance of ownerReferencesType with hidden.meta.v1.ownerReference.new().
see hidden.meta.v1.ownerReference
withOwnerReferencesMixin(ownerReferences)
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
withOwnerReferencesMixin takes an array of type ownerReferencesType. You can create
an instance of ownerReferencesType with hidden.meta.v1.ownerReference.new().
see hidden.meta.v1.ownerReference
An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects.
When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.
DEPRECATED - initializers are an alpha field and will be removed in v1.15.
mixinInstance(initializers)
withPending(pending)
Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.
withPending takes an array of type pendingType. You can create
an instance of pendingType with hidden.meta.v1.initializer.new().
see hidden.meta.v1.initializer
withPendingMixin(pending)
Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.
withPendingMixin takes an array of type pendingType. You can create
an instance of pendingType with hidden.meta.v1.initializer.new().
see hidden.meta.v1.initializer
Specification of the desired behavior for this NetworkPolicy.
mixinInstance(spec)
withEgress(egress)
List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8
withEgress takes an array of type egressType. You can create
an instance of egressType with hidden.extensions.v1beta1.networkPolicyEgressRule.new().
see hidden.extensions.v1beta1.networkPolicyEgressRule
withEgressMixin(egress)
List of egress rules to be applied to the selected pods. Outgoing traffic is allowed if there are no NetworkPolicies selecting the pod (and cluster policy otherwise allows the traffic), OR if the traffic matches at least one egress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy limits all outgoing traffic (and serves solely to ensure that the pods it selects are isolated by default). This field is beta-level in 1.8
withEgressMixin takes an array of type egressType. You can create
an instance of egressType with hidden.extensions.v1beta1.networkPolicyEgressRule.new().
see hidden.extensions.v1beta1.networkPolicyEgressRule
withIngress(ingress)
List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).
withIngress takes an array of type ingressType. You can create
an instance of ingressType with hidden.extensions.v1beta1.networkPolicyIngressRule.new().
see hidden.extensions.v1beta1.networkPolicyIngressRule
withIngressMixin(ingress)
List of ingress rules to be applied to the selected pods. Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod OR if the traffic source is the pod’s local node, OR if the traffic matches at least one ingress rule across all of the NetworkPolicy objects whose podSelector matches the pod. If this field is empty then this NetworkPolicy does not allow any traffic (and serves solely to ensure that the pods it selects are isolated by default).
withIngressMixin takes an array of type ingressType. You can create
an instance of ingressType with hidden.extensions.v1beta1.networkPolicyIngressRule.new().
see hidden.extensions.v1beta1.networkPolicyIngressRule
withPolicyTypes(policyTypes)
List of rule types that the NetworkPolicy relates to. Valid options are “Ingress”, “Egress”, or “Ingress,Egress”. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ “Egress” ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include “Egress” (since such a policy would not include an Egress section and would otherwise default to just [ “Ingress” ]). This field is beta-level in 1.8
withPolicyTypesMixin(policyTypes)
List of rule types that the NetworkPolicy relates to. Valid options are “Ingress”, “Egress”, or “Ingress,Egress”. If this field is not specified, it will default based on the existence of Ingress or Egress rules; policies that contain an Egress section are assumed to affect Egress, and all policies (whether or not they contain an Ingress section) are assumed to affect Ingress. If you want to write an egress-only policy, you must explicitly specify policyTypes [ “Egress” ]. Likewise, if you want to write a policy that specifies that no egress is allowed, you must specify a policyTypes value that include “Egress” (since such a policy would not include an Egress section and would otherwise default to just [ “Ingress” ]). This field is beta-level in 1.8
Selects the pods to which this NetworkPolicy object applies. The array of ingress rules is applied to any pods selected by this field. Multiple network policies can select the same set of pods. In this case, the ingress rules for each are combined additively. This field is NOT optional and follows standard label selector semantics. An empty podSelector matches all pods in this namespace.
mixinInstance(podSelector)
withMatchExpressions(matchExpressions)
matchExpressions is a list of label selector requirements. The requirements are ANDed.
withMatchExpressions takes an array of type matchExpressionsType. You can create
an instance of matchExpressionsType with hidden.meta.v1.labelSelectorRequirement.new().
see hidden.meta.v1.labelSelectorRequirement
withMatchExpressionsMixin(matchExpressions)
matchExpressions is a list of label selector requirements. The requirements are ANDed.
withMatchExpressionsMixin takes an array of type matchExpressionsType. You can create
an instance of matchExpressionsType with hidden.meta.v1.labelSelectorRequirement.new().
see hidden.meta.v1.labelSelectorRequirement
withMatchLabels(matchLabels)
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
withMatchLabelsMixin(matchLabels)
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.