diff --git a/api/v1alpha1/backendtrafficpolicy_types.go b/api/v1alpha1/backendtrafficpolicy_types.go
index 79b0e5a540a..d230e2a4cac 100644
--- a/api/v1alpha1/backendtrafficpolicy_types.go
+++ b/api/v1alpha1/backendtrafficpolicy_types.go
@@ -15,13 +15,13 @@ const (
KindBackendTrafficPolicy = "BackendTrafficPolicy"
)
+// BackendTrafficPolicy allows the user to configure the behavior of the connection
+// between the Envoy Proxy listener and the backend service.
+//
// +kubebuilder:object:root=true
// +kubebuilder:resource:categories=envoy-gateway,shortName=btp
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
-
-// BackendTrafficPolicy allows the user to configure the behavior of the connection
-// between the Envoy Proxy listener and the backend service.
type BackendTrafficPolicy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
@@ -33,16 +33,15 @@ type BackendTrafficPolicy struct {
Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}
-// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
+// BackendTrafficPolicySpec defines the desired state of BackendTrafficPolicy.
//
+// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.group == 'gateway.networking.k8s.io' : true ", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute'] : true", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? !has(self.targetRef.sectionName) : true",message="this policy does not yet support the sectionName field"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.group == 'gateway.networking.k8s.io') : true ", message="this policy can only have a targetRefs[*].group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute']) : true ", message="this policy can only have a targetRefs[*].kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, !has(ref.sectionName)) : true",message="this policy does not yet support the sectionName field"
-//
-// BackendTrafficPolicySpec defines the desired state of BackendTrafficPolicy.
type BackendTrafficPolicySpec struct {
PolicyTargetReferences `json:",inline"`
ClusterSettings `json:",inline"`
@@ -74,11 +73,28 @@ type BackendTrafficPolicySpec struct {
//
// +optional
ResponseOverride []*ResponseOverride `json:"responseOverride,omitempty"`
+ // HTTPUpgrade defines the configuration for HTTP protocol upgrades.
+ // If not specified, the default upgrade configuration(websocket) will be used.
+ //
+ // +optional
+ // +notImplementedHide
+ HTTPUpgrade []*ProtocolUpgradeConfig `json:"httpUpgrade,omitempty"`
}
-// +kubebuilder:object:root=true
+type ProtocolUpgradeConfig struct {
+ // Type is the case-insensitive type of protocol upgrade.
+ // e.g. `websocket`, `CONNECT`, `spdy/3.1` etc.
+ //
+ // +kubebuilder:validation:Required
+ Type string `json:"type"`
+ // Disabled indicates whether the upgrade is disabled.
+ // +optional
+ Disabled *bool `json:"disabled"`
+}
// BackendTrafficPolicyList contains a list of BackendTrafficPolicy resources.
+//
+// +kubebuilder:object:root=true
type BackendTrafficPolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index 5efdb1bde99..97fddd3ff62 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -626,6 +626,17 @@ func (in *BackendTrafficPolicySpec) DeepCopyInto(out *BackendTrafficPolicySpec)
}
}
}
+ if in.HTTPUpgrade != nil {
+ in, out := &in.HTTPUpgrade, &out.HTTPUpgrade
+ *out = make([]*ProtocolUpgradeConfig, len(*in))
+ for i := range *in {
+ if (*in)[i] != nil {
+ in, out := &(*in)[i], &(*out)[i]
+ *out = new(ProtocolUpgradeConfig)
+ (*in).DeepCopyInto(*out)
+ }
+ }
+ }
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendTrafficPolicySpec.
@@ -4413,6 +4424,26 @@ func (in *ProcessingModeOptions) DeepCopy() *ProcessingModeOptions {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ProtocolUpgradeConfig) DeepCopyInto(out *ProtocolUpgradeConfig) {
+ *out = *in
+ if in.Disabled != nil {
+ in, out := &in.Disabled, &out.Disabled
+ *out = new(bool)
+ **out = **in
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProtocolUpgradeConfig.
+func (in *ProtocolUpgradeConfig) DeepCopy() *ProtocolUpgradeConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(ProtocolUpgradeConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ProxyAccessLog) DeepCopyInto(out *ProxyAccessLog) {
*out = *in
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml
index c135bead9bf..3b741521296 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml
@@ -532,6 +532,24 @@ spec:
Default: TerminateConnection
type: string
type: object
+ httpUpgrade:
+ description: |-
+ HTTPUpgrade defines the configuration for HTTP protocol upgrades.
+ If not specified, the default upgrade configuration(websocket) will be used.
+ items:
+ properties:
+ disabled:
+ description: Disabled indicates whether the upgrade is disabled.
+ type: boolean
+ type:
+ description: |-
+ Type is the case-insensitive type of protocol upgrade.
+ e.g. `websocket`, `CONNECT`, `spdy/3.1` etc.
+ type: string
+ required:
+ - type
+ type: object
+ type: array
loadBalancer:
description: |-
LoadBalancer policy to apply when routing traffic from the gateway to
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index 3d309ad68cd..32c07223e3a 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -3170,6 +3170,21 @@ _Appears in:_
| `attributes` | _string array_ | false | | Defines which attributes are sent to the external processor. Envoy Gateway currently
supports only the following attribute prefixes: connection, source, destination,
request, response, upstream and xds.route.
https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes |
+#### ProtocolUpgradeConfig
+
+
+
+
+
+_Appears in:_
+- [BackendTrafficPolicySpec](#backendtrafficpolicyspec)
+
+| Field | Type | Required | Default | Description |
+| --- | --- | --- | --- | --- |
+| `type` | _string_ | true | | Type is the case-insensitive type of protocol upgrade.
e.g. `websocket`, `CONNECT`, `spdy/3.1` etc. |
+| `disabled` | _boolean_ | false | | Disabled indicates whether the upgrade is disabled. |
+
+
#### ProviderType
_Underlying type:_ _string_