Class IngressRule
Specifies a network ingress rule for the cluster.
Namespace: Neon.Kube.ClusterDef
Assembly: Neon.Kube.dll
Syntax
public class IngressRule
Fields
DefaultTcpIdleTimeoutMinutes
The default TCP idle timeout in minutes. TCP connections managed by a rule
will be reset when the idle timeout is exceeded and IdleTcpReset
is set to true
.
Declaration
public const int DefaultTcpIdleTimeoutMinutes = 4
Field Value
Type | Description |
---|---|
int |
Properties
AddressRules
Optionally specifies whitelisted and/or blacklisted external addresses for
inbound traffic. This defaults to allowing inbound traffic from anywhere
when the property is null
or empty.
note
Address rules are processed in order, from first to last so you may consider putting your blacklist rules before your whitelist rules.
note
This is currently supported only for clusters hosted on Azure. AWS doesn't support this scenario and we currently don't support automatic router configuration for on-premise environments.
Declaration
[JsonProperty(PropertyName = "AddressRules", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "addressRules", ApplyNamingConventions = false)]
public List<AddressRule> AddressRules { get; set; }
Property Value
Type | Description |
---|---|
List<AddressRule> |
ExternalPort
The external ingress port used to handle external (generally Internet) traffic received by the cluster load balancer.
Declaration
[JsonProperty(PropertyName = "ExternalPort", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "externalPort", ApplyNamingConventions = false)]
public int ExternalPort { get; set; }
Property Value
Type | Description |
---|---|
int |
IdleTcpReset
Optionally controls whether the cluster router or load balancer sends a TCP RESET
packet to both ends of a TCP connection that has been idle for longer than
TcpIdleTimeoutMinutes. This defaults to true
.
note
At this point, this property is supported only in cloud environments where we can easily control the cluster's external loag balancer. This also has no impact for non-TCP rules.
Declaration
[JsonProperty(PropertyName = "IdleTcpReset", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "idleTcpReset", ApplyNamingConventions = false)]
public bool IdleTcpReset { get; set; }
Property Value
Type | Description |
---|---|
bool |
IngressHealthCheck
Optionally specifies the default cluster load balancer health check settings for the rule. This overrides the default IngressHealthCheck settings.
Declaration
[JsonProperty(PropertyName = "IngressHealthCheck", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "ingressHealthCheck", ApplyNamingConventions = false)]
public HealthCheckOptions IngressHealthCheck { get; set; }
Property Value
Type | Description |
---|---|
HealthCheckOptions |
Name
The name of the ingress rule.
Declaration
[JsonProperty(PropertyName = "Name", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "name", ApplyNamingConventions = false)]
public string Name { get; set; }
Property Value
Type | Description |
---|---|
string |
NodePort
The port on cluster nodes where external traffic received by the load balancer on ExternalPort will be forwarded. The cluster's ingress gateway (Istio) will be configured to listen for traffic on this port and route it into the cluster.
Declaration
[JsonProperty(PropertyName = "NodePort", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "nodePort", ApplyNamingConventions = false)]
public int NodePort { get; set; }
Property Value
Type | Description |
---|---|
int |
Protocol
Identifies the network protocol. This defaults to Tcp.
Declaration
[JsonProperty(PropertyName = "Protocol", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "protocol", ApplyNamingConventions = false)]
public IngressProtocol Protocol { get; set; }
Property Value
Type | Description |
---|---|
IngressProtocol |
TargetPort
The target ingress port internal to the cluster. The cluster's ingress gateway (Istio) applies routing rules (virtual service) to the network traffic as it was received on TargetPort. This decouples routing rules from NodePort which may change for different hosting environments.
This property is optional and defaults to zero, indicating that the traffic should be routed to just the node port but should not be routed through ingress gateway. This is useful for handling UDP traffic which Istio doesn't currently support and perhaps some other scenarios.
Declaration
[JsonProperty(PropertyName = "TargetPort", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "targetPort", ApplyNamingConventions = false)]
public int TargetPort { get; set; }
Property Value
Type | Description |
---|---|
int |
TcpIdleTimeoutMinutes
Optionally specifies the TCP idle time out for TCP related ingress protocols like Http, Https, and Tcp. Inbound TCP connections that have no network traffic going either way will be closed by supported load balancers or routers. This defaults to DefaultTcpIdleTimeoutMinutes (4 minutes).
note
At this point, this property is supported only in cloud environments where we can easily control the cluster's external loag balancer. This also has no impact for non-TCP rules.
Also note that this value may be modified to ensure that it honors the range of values supported by the current cloud.
Declaration
[JsonProperty(PropertyName = "TcpIdleTimeoutMinutes", Required = Required.Default, DefaultValueHandling = DefaultValueHandling.IgnoreAndPopulate)]
[YamlMember(Alias = "tcpIdleTimeoutMinutes", ApplyNamingConventions = false)]
public int TcpIdleTimeoutMinutes { get; set; }
Property Value
Type | Description |
---|---|
int |