openapi: 3.0.0 servers: - description: NGINX Controller API url: 'https://{{CONTROLLER_FQDN}}/api/v1' info: title: Components API description: >- Use the Components API to define child components (for example, microservices) for your Apps. version: v1 paths: '/services/environments/{environmentName}/apps/{appName}/components': get: tags: - Components summary: List all Components description: > Returns a list of all of the Component resources that are contained by the specified App. operationId: listAppComponents responses: '200': description: Successfully retrieved a list of Component resources. content: application/json: schema: $ref: '#/components/schemas/ComponentList' '400': description: >- Bad input parameter, or possibly a bad URI. Check the input for typos and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '404': description: >- The resource defined in the URI could not be found. Check the URI for errors and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' post: tags: - Components summary: Create a Component description: | Creates a new Component resource. operationId: createAppComponent requestBody: description: Defines the Component resource to create. content: application/json: schema: $ref: '#/components/schemas/Component' examples: ComponentRequest: $ref: '#/components/examples/ComponentRequest' responses: '201': description: Successfully created the requested Component resource. content: application/json: schema: $ref: '#/components/schemas/Component' '202': description: >- The Component resource has been accepted for creation. The Component will be created after it is done configuring. content: application/json: schema: $ref: '#/components/schemas/Component' '400': description: >- Bad input parameter, or possibly a bad URI. Check the input for typos and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '404': description: >- The resource defined in the URI could not be found. Check the URI for errors and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '409': description: >- The request failed due to a conflict with an existing resource. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '429': description: > The request to create a Component resource failed due to exceeding request processing threshold. Allow the server to process existing requests, then try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' parameters: - name: environmentName description: >- The name of the Environment that contains the Component's parent App. in: path required: true schema: $ref: '#/components/schemas/EnvironmentName' - name: appName description: >- The name of the App that contains the Component resource. in: path required: true schema: $ref: '#/components/schemas/AppName' '/services/environments/{environmentName}/apps/{appName}/components/{componentName}': get: tags: - Components summary: Get a Component description: | Returns information for the specified Component. operationId: getAppComponent responses: '200': description: >- Successfully returned the requested Component resource. content: application/json: schema: $ref: '#/components/schemas/Component' '400': description: >- Bad input parameter, or possibly a bad URI. Check the input for typos and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '404': description: >- The resource defined in the URI could not be found. Check the URI for errors and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' put: tags: - Components summary: Upsert a Component description: > Creates a new Component or updates an existing Component resource. operationId: updateAppComponent requestBody: description: Defines the Component resource to create or update. content: application/json: schema: $ref: '#/components/schemas/Component' examples: ComponentRequest: $ref: '#/components/examples/ComponentRequest' responses: '200': description: Successfully updated the specified Component resource. content: application/json: schema: $ref: '#/components/schemas/Component' '201': description: Successfully created the specified Component resource. content: application/json: schema: $ref: '#/components/schemas/Component' '202': description: >- The Component resource has been accepted for creation or update. The Component will be created or updated after it is done configuring. content: application/json: schema: $ref: '#/components/schemas/Component' '400': description: >- Bad input parameter, or possibly a bad URI. Check the input for typos and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '404': description: >- The resource defined in the URI could not be found. Check the URI for errors and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '409': description: >- The request failed due to a conflict with an existing resource. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '429': description: > The request to update or create a Component resource failed due to exceeding request processing threshold. Allow the server to process existing requests, then try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' delete: tags: - Components summary: Delete a Component description: Deletes the specified Component resource. operationId: deleteAppComponent responses: '202': description: > Component resource has been marked for deletion. The resource will be deleted after the underlying resources have been freed. content: application/json: schema: $ref: '#/components/schemas/Component' '204': description: > Successfully deleted the specified Component. No content returned. '404': description: >- The resource defined in the URI could not be found. Check the URI for errors and try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' '429': description: > The request to delete a Component resource failed due to exceeding request processing threshold. Allow the server to process existing requests, then try again. content: application/json: schema: $ref: '#/components/schemas/ErrorModel' parameters: - name: environmentName description: >- The name of the Environment that contains the Component's parent App. in: path required: true schema: $ref: '#/components/schemas/EnvironmentName' - name: appName description: >- The name of the App that contains the Component resource. in: path required: true schema: $ref: '#/components/schemas/AppName' - name: componentName description: The name of the Component resource. in: path required: true schema: $ref: '#/components/schemas/ComponentName' components: schemas: ComponentList: type: object properties: items: type: array items: $ref: '#/components/schemas/Component' EnvironmentName: type: string AppName: type: string SelfLinks: type: object description: > The SelfLinks object contains a link from the resource to itself. This object is used only in responses. properties: rel: type: string example: /api/v1/services/environments/prod description: > `rel` contains the complete path fragment of a URI and can be used to construct a query to the object. ResourceMeta: type: object required: - name properties: name: type: string pattern: >- ^[^A-Z\s\x00-\x1f\x60\x7f\;\*\"\[\]\{\}\\\/%\?:=&\~\^|#<>]+$ minLength: 1 maxLength: 1024 example: resource-name description: > Resource name is a unique identifier for a resource within the context of a namespace. Resource names must conform to [RFC 1738 Section 2.2](https://www.ietf.org/rfc/rfc1738.txt) and have a valid syntax for email addresses. The following rules are enforced: - do not utilize URL encoding; - do not include spaces; - do not use uppercase characters, for example, 'A-Z'; extended character sets are supported; - do not use the following characters: `"`, `*`, `:`, `;`, `/`, `\`, `%`, `?`, `hash`, `=`, `&`, `|`, `~`, `^`, `{`, `}`, `[`, `]`, `<`, `>`; - cannot start or end with an `@` sign; For example: For a collection resource located at `https://controller.example.com/api/v1/services/apps/shopping_@1` the resource name is "shopping_@1". displayName: type: string example: My Display Name description: > `displayName` is a user friendly resource name. It can be used to define a longer, and less constrained, name for a resource. Display names: - are optional (defaults to an empty string if no value is provided), - do not have to be unique, - cannot be assigned by the server. description: type: string example: >- This is a sample description string. It provides information about the resource. description: > `description` is a free-form text property. You can use it to provide information that helps to identify the resource. Descriptions: - are optional (defaults to an empty string if no value is provided), - do not have to be unique, - cannot be assigned by the server. kind: type: string example: - description: > Kind is a string representation of an API resource's data type. It is assigned by the server and cannot be changed. When creating a `kind`, the server uses hyphens to connect word segments; singleton and collection item resources are not pluralized. uid: type: string format: uuid example: d290f1ee-6c54-4b01-90e6-d701748f0851 description: > Unique Identifier (UID) UID is a unique identifier in time and space for a resource. When you create a resource, the server assigns a UID to the resource. Refer to [IETF RFC 4122](https://tools.ietf.org/html/rfc4122) for more information. tags: type: array items: type: string example: - production_public - dev - new_app - us-west-1 - emea description: > You can assign `tags` to a resource as a way to help map, scope, and organize resources. The system uses tag selectors to specify selection criteria that match resources that have particular tags. ref: type: string example: /services/environments/prod description: > The `ref` field contains a reference to another NGINX Controller resource. links: $ref: '#/components/schemas/SelfLinks' createTime: type: string format: date-time example: '2019-07-29T09:12:33.001Z' description: > A timestamp that represents the server time when the resource was created. Create time is not guaranteed to be set in "happens-before" order across separate operations. In JSON format, `create_time` type is encoded as a string in the [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt). For example: 2018-04-01T01:30:15.01Z Create Time is assigned by the server and cannot be changed. updateTime: type: string format: date-time example: '2019-07-29T10:12:33.001Z' description: > A timestamp that represents the server time when the resource was last modified. Resources that have never been updated do not have an `update_time` stamp. The default value for resources that have never been updated is the local language-specific equivalent of "null". In JSON format, `update_time` type is encoded as a string as described in [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt). NginxDirective: x-f5-experimental: true required: - directive properties: directive: type: string description: > The name of the NGINX directive. For a list of NGINX Directives, refer to [the NGINX documentation](http://nginx.org/en/docs/dirindex.html). args: type: array description: Directive arguments. items: type: string block: type: array description: >- The directives to include within a block directive or context. items: $ref: '#/components/schemas/NginxDirective' NginxConf: x-f5-experimental: true required: - path - op - block properties: path: type: string description: > Path is a JSONPath expression. See [goessner.net/articles/JsonPath](https://goessner.net/articles/JsonPath/) for more information on JSONPath. example: '$..[?(@.directive==''server'')]' op: type: string description: > Indicates where to insert the block of directives in relation to the directives selected by the given path. * `APPEND` - Add after the selected directives * `APPEND_CHILD` - Add after the last directive in the selected directives' block * `PREPEND` - Add before the selected directives * `PREPEND_CHILD` - Add before the first directive in the selected directives' block enum: - APPEND - APPEND_CHILD - PREPEND - PREPEND_CHILD block: type: array description: > Block contains a list of directives that you want to add to the NGINX configuration. items: $ref: '#/components/schemas/NginxDirective' NginxConfs: x-f5-experimental: true description: NGINX raw configuration type: array items: $ref: '#/components/schemas/NginxConf' ComponentStateCommon: type: object description: Settings common to Web & TCP/UDP Components. properties: nginxConfs: $ref: '#/components/schemas/NginxConfs' URIMatchMethod: description: >- Specifies how to determine a match between an incoming Web URI and configured Web URI. type: string enum: - PREFIX - REGEX - REGEX_CASE_SENSITIVE - SUFFIX - EXACT default: PREFIX NamedLinks: allOf: - $ref: '#/components/schemas/SelfLinks' - type: object description: > Contains information about the object being referred to. These are generally details -- like the object name and display name -- that are useful to a consumer of the API that performs further processing. This object is only present in responses. properties: name: type: string example: production description: | The name of the linked resource. displayName: type: string example: Production Environment description: A user friendly resource name. ResourceRef: type: object required: - ref properties: ref: type: string example: /services/environments/prod description: | A reference to another NGINX Controller resource. links: $ref: '#/components/schemas/NamedLinks' ServiceConfigState: type: string enum: - ENABLED - DISABLED default: DISABLED TLS: description: TLS settings applicable to URIs. type: object required: - certRef properties: certRef: $ref: '#/components/schemas/ResourceRef' protocols: type: array items: type: string pattern: 'TLSv1|TLSv1\.[1-3]|SSLv2|SSLv3' cipher: type: string example: >- ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; preferServerCipher: $ref: '#/components/schemas/ServiceConfigState' sessionCache: type: string enum: - 'OFF' - NONE - BUILTIN - SHARED default: 'OFF' IngressUri: type: object properties: matchMethod: $ref: '#/components/schemas/URIMatchMethod' tls: $ref: '#/components/schemas/TLS' serverPoolPort: x-f5-experimental: true description: >- The port number used when the IngressUri is deployed to an Instance that's a member of a BIG-IP server pool. type: integer IngressUris: type: object description: > Defines the URI in Gateways and Components. The URI has different requirements depending on where it is used. For Web URIs in Gateways, `uris` must be a complete URI that follows the format `://host[:port]`; additionally each URI can have a match method specified and an HTTPS URI can include TLS information. Examples: - `http://www.f5.com` - `https://www.f5.com` - `http://www.f5.com:8080` - `http://*.info.f5.com` For Web URIs in Components, `uris` can be either a complete URI that follows the format `://host[:port][/path]` or a relative path that follows the format `/path[/...]`; additionally each URI can have a match method specified and an HTTPS URI can include TLS information. Examples: - `/images` - `/*.jpg` - `/locations/us/wa*` - `http://www.f5.com:8080/sales` - `http://*.f5.com:5050/testing` For TCP/UDP URIs in Gateways and Components,`uris` must be a complete URI that follows the format `://<*|IP>:`; additionally a tcp+tls URI can include TLS information. Match method is not applicable to TCP/UDP URIs. Examples: - `tcp://192.168.1.1:12345` - `tcp+tls://192.168.1.1:12346` - `tcp://192.168.1.1:12345-12350` - `tcp://*:12345` - `udp://192.168.1.1:12345` - `udp://*:12345` In a TCP/UDP Component, URIs can either all have a protocol of udp or a mix of TCP and tcp+tls. additionalProperties: description: Provide the URI associated with the resource. $ref: '#/components/schemas/IngressUri' ComponentIngressCommon: description: Ingress settings common to Web and TCP/UDP components. type: object required: - uris properties: uris: $ref: '#/components/schemas/IngressUris' gatewayRefs: description: Reference(s) to existing Gateway resource(s). type: array items: $ref: '#/components/schemas/ResourceRef' tls: $ref: '#/components/schemas/TLS' HeaderMatchMethod: type: string enum: - PREFIX - REGEX - REGEX_CASE_SENSITIVE - SUFFIX - EXACT default: REGEX IngressHeader: type: object properties: name: type: string nameMatchMethod: $ref: '#/components/schemas/HeaderMatchMethod' value: type: string valueMatchMethod: $ref: '#/components/schemas/HeaderMatchMethod' WebIngressCommon: description: >- Ingress settings in a Gateway and Component that apply only to Web Components. type: object properties: methods: description: Specifies the HTTP method to use in requests. type: array items: type: string enum: - POST - GET - PUT - DELETE - PATCH - HEAD - TRACE - OPTIONS - CONNECT clientMaxBodySize: description: >- Sets the maximum allowed size of the client request body, specified in the “Content-Length” request header field. type: string pattern: '^[0-9]+[k|K|m|M]{1}$' deprecated: true externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size headers: description: >- Specifies the match method for headers to be used in requests. x-f5-experimental: true type: array items: $ref: '#/components/schemas/IngressHeader' http2: description: > Enable or disable HTTP/2 connections on the port. Normally, for this to work the `ssl` parameter should be specified as well, but NGINX can also be configured to accept HTTP/2 connections without SSL. Possible values are `ENABLED` or `DISABLED`. x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#listen spdy: description: > Enables or disables acceptance of the SPDY connections on the specified port. Normally, for this to work the `ssl` parameter should be specified as well, but NGINX can also be configured to accept SPDY connections without SSL. Possible values are `ENABLED` or `DISABLED`. x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#listen proxyProtocol: description: > Enables or disables the proxy protocol for all connections accepted on the specified port. The `proxy protocol` enables NGINX and NGINX Plus to receive client connection information passed through proxy servers and load balancers, such as HAproxy and Amazon Elastic Load Balancer (ELB). The possible values are `ENABLED` or `DISABLED`. x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#listen notFoundStatusCode: x-f5-experimental: true type: integer default: 404 headersHashBucketSize: description: >- Sets the bucket size for hash tables used by the `proxy_hide_header` and `proxy_set_header` directives. type: integer minimum: 1 externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_headers_hash_bucket_size headersHashMaxSize: description: >- Sets the maximum size of hash tables used by the `proxy_hide_header` and `proxy_set_header` directives. type: integer minimum: 1 externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_headers_hash_max_size ComponentWebIngressClient: description: >- Non-buffer settings in a Component applicable to Web client requests. type: object properties: bodyInFileOnly: description: >- Determines whether NGINX Controller should save the entire client request body into a file. type: string enum: - ENABLED - DISABLED - CLEAN default: DISABLED externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_in_file_only bodyTimeout: description: Defines a timeout for reading the client request body. type: string pattern: '^[0-9]{1,12}[hms]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_timeout maxBodySize: description: > Sets the maximum allowed size of the client request body, specified in the “Content-Length” request header field. Disables checking of client request body size when set to 0. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size WebIngressBuffersCommon: description: >- Buffer settings common to a Gateway and Component applicable to web client requests. type: object properties: clientBodyBufferingIsEnabled: description: >- Enables or disables buffering of a client request body. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_request_buffering clientBodyBufferSize: description: >- Sets the buffer size for reading the client request body. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size clientBodyInSingleBuffer: description: >- Determines whether NGINX Controller should save the entire client request body in a single buffer. type: string enum: - ENABLED - DISABLED externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_in_single_buffer ComponentWebIngress: description: Ingress settings in a Web Component. allOf: - $ref: '#/components/schemas/ComponentIngressCommon' - $ref: '#/components/schemas/WebIngressCommon' - type: object properties: client: $ref: '#/components/schemas/ComponentWebIngressClient' buffers: $ref: '#/components/schemas/WebIngressBuffersCommon' MonitoringCommon: description: Monitor settings common to Web and TCP/UDP. type: object properties: defaultState: type: string enum: - HEALTHY - UNHEALTHY default: HEALTHY interval: type: integer minimum: 1 default: 5 consecutiveSuccessThreshold: type: integer minimum: 1 default: 1 consecutiveFailureThreshold: type: integer minimum: 1 default: 1 port: type: integer minimum: 1 maximum: 65535 MonitorResponseStatus: type: object properties: range: type: object properties: startCode: type: integer minimum: 100 maximum: 599 endCode: type: integer minimum: 100 maximum: 599 codes: type: array items: type: integer minimum: 100 maximum: 599 match: type: boolean default: true MonitorResponseContent: type: object properties: content: type: string match: type: boolean default: true WebMonitorResponse: description: >- Settings that define successful responses to a Web monitor. type: object properties: status: $ref: '#/components/schemas/MonitorResponseStatus' headers: type: object additionalProperties: $ref: '#/components/schemas/MonitorResponseContent' body: $ref: '#/components/schemas/MonitorResponseContent' WebMonitoring: description: >- Health monitor settings across all workload groups in a Web Component. allOf: - $ref: '#/components/schemas/MonitoringCommon' - type: object properties: uri: description: >- URI containing the relative path that the monitor probe is sent to; the host is specified in the URI in the workload group. type: string default: / response: description: >- Settings that define successful responses to a Web monitor. $ref: '#/components/schemas/WebMonitorResponse' RoundRobinLB: type: object required: - type properties: type: type: string enum: - ROUND_ROBIN IPHashLB: type: object description: IP Hash Load Balancing only applicable to Web Components. required: - type properties: type: type: string enum: - IPHASH LeastConnLB: type: object required: - type properties: type: type: string enum: - LEAST_CONNECTIONS HashLBMethod: type: object required: - type - userKey properties: type: type: string enum: - HASH userKey: type: string consistentHash: $ref: '#/components/schemas/ServiceConfigState' LeastTimeLBMethod: type: object required: - type properties: type: type: string enum: - LEAST_TIME latencyParameter: type: string description: > Values applicable to a Web Component are: [HEADER, LAST_BYTE, LAST_BYTE_INFLIGHT]; Values applicable to a TCP/UDP Component are: [CONNECT, FIRST_BYTE, LAST_BYTE, LAST_BYTE_INFLIGHT]. The default value is used for a web Component; there is no default for a TCP/UDP Component. enum: - HEADER - CONNECT - FIRST_BYTE - LAST_BYTE - LAST_BYTE_INFLIGHT default: HEADER RandomLBMethod: type: object required: - type properties: type: type: string enum: - RANDOM twoServerLBMethod: type: string description: > Values applicable to a Web Component are: [LEAST_CONNECTIONS, LEAST_TIME_HEADER, LEAST_TIME_LAST_BYTE]; Values applicable to a TCP/UDP Component are: [LEAST_CONNECTIONS, LEAST_TIME_CONNECT, LEAST_TIME_FIRST_BYTE, LEAST_TIME_LAST_BYTE]. enum: - LEAST_CONNECTIONS - LEAST_TIME_HEADER - LEAST_TIME_CONNECT - LEAST_TIME_FIRST_BYTE - LEAST_TIME_LAST_BYTE LoadBalancingMethod: discriminator: propertyName: type mapping: ROUND_ROBIN: '#/components/schemas/RoundRobinLB' IPHASH: '#/components/schemas/IPHashLB' LEAST_CONNECTIONS: '#/components/schemas/LeastConnLB' HASH: '#/components/schemas/HashLBMethod' LEAST_TIME: '#/components/schemas/LeastTimeLBMethod' RANDOM: '#/components/schemas/RandomLBMethod' oneOf: - $ref: '#/components/schemas/RoundRobinLB' - $ref: '#/components/schemas/IPHashLB' - $ref: '#/components/schemas/LeastConnLB' - $ref: '#/components/schemas/HashLBMethod' - $ref: '#/components/schemas/LeastTimeLBMethod' - $ref: '#/components/schemas/RandomLBMethod' DNSServiceDiscovery: required: - servers properties: servers: type: array description: > Array of DNS servers. Possible options are: - An IPv4 address with an optional port number. Port 53 is used if not specified. For example, "10.1.1.1", "10.1.1.1:5353". - An IPv6 address with an optional port number. Port 53 is used if not specified. For example, "[2001::1]", "[2001::1]:5353", - Fully qualified domain name (FQDN). ASCII characters only. NGINX uses the OS name server configuration to identify the IP addresses of the DNS servers to use. items: type: string pattern: >- ^(?:(?:(?:(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.){3}(?:25[0-5]|2[0-4]\d|[01]?\d\d?)(?::(?:[1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5]))?$)|(?:\[\s*(?:(?:(?:[0-9a-fA-F]{1,4}:){7}(?:[0-9a-fA-F]{1,4}|:))|(?:(?:[0-9a-fA-F]{1,4}:){6}(?::[0-9a-fA-F]{1,4}|(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(?:(?:[0-9a-fA-F]{1,4}:){5}(?:(?:(?::[0-9a-fA-F]{1,4}){1,2})|:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(?:(?:[0-9a-fA-F]{1,4}:){4}(?:(?:(?::[0-9a-fA-F]{1,4}){1,3})|(?:(?::[0-9a-fA-F]{1,4})?:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9a-fA-F]{1,4}:){3}(?:(?:(?::[0-9a-fA-F]{1,4}){1,4})|(?:(?::[0-9a-fA-F]{1,4}){0,2}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9a-fA-F]{1,4}:){2}(?:(?:(?::[0-9a-fA-F]{1,4}){1,5})|(?:(?::[0-9a-fA-F]{1,4}){0,3}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?:(?:[0-9a-fA-F]{1,4}:){1}(?:(?:(?::[0-9a-fA-F]{1,4}){1,6})|(?:(?::[0-9a-fA-F]{1,4}){0,4}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(?::(?:(?:(?::[0-9a-fA-F]{1,4}){1,7})|(?:(?::[0-9a-fA-F]{1,4}){0,5}:(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(?:%.+)?](?::(?:[1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5]))?\s*$)|(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[-0-9a-zA-Z]{0,61}[0-9a-zA-Z])?)*$)) minLength: 1 example: '10.1.1.1:5353' minItems: 1 uniqueItems: true ttl: type: string pattern: '^[0-9]+[h|m|s]{1}$' description: Overrides the TTL setting present in the DNS record. example: 10s timeout: type: string pattern: '^[0-9]+[h|m|s]{1}$' description: Sets the timeout for domain name resolution. example: 10s WorkloadGroupCommon: description: Settings common to Web and TCP/UDP workloadGroups. type: object properties: locationRefs: type: array items: $ref: '#/components/schemas/ResourceRef' loadBalancingMethod: $ref: '#/components/schemas/LoadBalancingMethod' dnsServiceDiscovery: $ref: '#/components/schemas/DNSServiceDiscovery' WebProxy: description: >- Proxy retry and timeout settings applicable to servers in a Web workloadGroup associated with a Component. type: object properties: nextUpstream: description: >- Specifies in which cases a request should be passed to the next server. type: array items: type: string enum: - ERROR - TIMEOUT - INVALID_HEADER - HTTP_500 - HTTP_502 - HTTP_503 - HTTP_504 - HTTP_403 - HTTP_404 - HTTP_429 - NON_IDEMPOTENT - 'OFF' connectTimeout: description: >- Defines a timeout for establishing a connection with a proxied server. type: string pattern: '^[0-9]{1,12}[hms]?$' sendTimeout: description: >- Sets a timeout for transmitting a request to the proxied server. type: string pattern: '^[0-9]{1,12}[hms]?$' SessionPersistenceCookie: type: object required: - type properties: type: type: string enum: - COOKIE srvID: type: string expireTime: type: string pattern: '^[0-9]+[h|m|s]{1}$' domain: type: string path: type: string SessionPersistenceRoute: type: object required: - type - routeInfoLocation properties: type: type: string enum: - ROUTE routeInfoLocation: type: string enum: - COOKIE - URI - BOTH SessionPersistenceCookieLearn: type: object required: - type - create - lookup properties: type: type: string enum: - COOKIE_LEARN create: type: string pattern: ^\$.+ lookup: type: string pattern: ^\$.+ SessionPersistence: description: SessionPersistence settings in a Web workloadGroup. discriminator: propertyName: type mapping: COOKIE: '#/components/schemas/SessionPersistenceCookie' ROUTE: '#/components/schemas/SessionPersistenceRoute' COOKIE_LEARN: '#/components/schemas/SessionPersistenceCookieLearn' oneOf: - $ref: '#/components/schemas/SessionPersistenceCookie' - $ref: '#/components/schemas/SessionPersistenceRoute' - $ref: '#/components/schemas/SessionPersistenceCookieLearn' WorkloadUri: type: object properties: weight: type: integer minimum: 1 default: 1 maxConns: type: integer minimum: 0 default: 0 maxFails: type: integer minimum: 0 default: 1 failTimeout: x-f5-experimental: true type: string default: 10s pattern: '^[0-9]+[h|m|s]{1}$' isBackup: type: boolean default: false isDown: type: boolean default: false route: x-f5-experimental: true type: string srvService: type: string slowStart: x-f5-experimental: true type: integer minimum: 0 default: 0 isDrain: type: boolean default: false WebWorkloadGroup: description: >- Group of servers hosting a part of a Web application represented by a Component. allOf: - $ref: '#/components/schemas/WorkloadGroupCommon' - type: object properties: proxy: $ref: '#/components/schemas/WebProxy' sessionPersistence: $ref: '#/components/schemas/SessionPersistence' uris: type: object description: > The URI for a server hosting a part of a Web application. It must conform to the format `schema://address[:port]` where schema is chosen from http or https, address is IP or hostname, schema and address must be provided. For example: - `http://192.0.2.247` - `https://192.0.2.247:8443` - `https://www.f5workload.com` additionalProperties: $ref: '#/components/schemas/WorkloadUri' BackendBuffers: description: >- Proxy buffer settings applicable to servers across all Web workloadGroups associated with a Component. type: object properties: headerSize: description: >- Sets the size of the buffer used for reading the first part of the response received from the proxied server. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size isEnabled: description: >- Enables or disables buffering of responses from the proxied server. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering size: description: >- Sets the number and size of the buffers used for reading a response from the proxied server, for a single connection. type: object properties: number: type: integer size: type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffers busySize: description: >- When buffering of responses from the proxied server is enabled, it limits the total size of buffers that can be busy sending a response to the client while the response is not yet fully read. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_busy_buffers_size ignoreClientAbort: description: >- Determines whether the connection with a proxied server should be closed when a client closes the connection without waiting for a response. type: string enum: - ENABLED - DISABLED externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ignore_client_abort forceRanges: description: >- Enables byte-range support for both cached and uncached responses from the proxied server regardless of the "Accept-Ranges" field in these responses. type: string enum: - ENABLED - DISABLED externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_force_ranges httpVersion: description: Sets the HTTP protocol version for proxying. type: string enum: - '1.0' - '1.1' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_http_version rate: description: > Limits the speed (in bytes per second) of reading the response from the proxied server. Disables rate limiting when set to 0. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_limit_rate readTimeout: description: >- Defines a timeout for reading a response from the proxied server. type: string pattern: '^[0-9]{1,12}[hms]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_read_timeout maxTempFileSize: description: > Sets the maximum size of the temporary file that the response can be saved into. Note that the buffering of responses from proxied server is enabled and the response does not fit into the buffers. Disables temporary file usage when set to 0. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_max_temp_file_size tempFileWriteSize: description: > Limits the size of data written to a temporary file at a time, when buffering of responses from the proxied server to temporary files is enabled. Disables temporary file usage when set to 0. type: string pattern: '^[0-9]{1,12}[kKmM]?$' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_temp_file_write_size WebBackend: description: | Backend settings in a Web Component. type: object properties: keepAlive: type: object properties: connections: type: integer minimum: 0 default: 0 requestsPerConn: type: integer idleTimeout: type: string pattern: '^[0-9]+[h|m|s]{1}$' example: 1h monitoring: $ref: '#/components/schemas/WebMonitoring' workloadGroups: type: object additionalProperties: $ref: '#/components/schemas/WebWorkloadGroup' preserveHostHeader: x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' queue: x-f5-experimental: true type: object required: - length properties: length: type: integer timeOut: type: string pattern: '^[0-9]+[h|m|s]{1}$' example: 1h httpVersion: x-f5-experimental: true type: string pattern: '^[1-3]{1}\.[0-1]{1}$' example: 1 ntlmAuthentication: x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' persistentState: x-f5-experimental: true type: string buffers: $ref: '#/components/schemas/BackendBuffers' isSocketKeepaliveEnabled: description: >- Configures the “TCP keepalive” behavior for outgoing connections to a proxied server. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_socket_keepalive ignoreHeaders: description: >- Disables processing of certain response header fields from the proxied server. type: array items: type: string example: - X-Accel-Redirect - X-Accel-Expires - X-Accel-Limit-Rate - X-Accel-Buffering - X-Accel-Charset - Expires - Cache-Control - Set-Cookie - Vary externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ignore_headers debugHeaders: description: >- Permits passing otherwise disabled header fields from a proxied server to a client. type: array items: type: string example: - X-Accel-Redirect - X-Accel-Expires - X-Accel-Limit-Rate - X-Accel-Buffering - X-Accel-Charset - Expires - Cache-Control - Set-Cookie - Vary externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass_header tls: description: >- TLS settings applicable to servers in Web workloadGroups. type: object properties: cipher: description: >- Specifies the enabled ciphers for requests to a proxied HTTPS server. type: string example: >- ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_ciphers name: description: >- Allows overriding the server name used to verify the certificate of the proxied HTTPS server. type: string example: $proxy_host externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_name protocols: description: >- Enables the specified protocols for requests to a proxied HTTPS server. type: array items: type: string pattern: 'TLSv1|TLSv1\.[1-3]|SSLv2|SSLv3' externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_protocols isServerNameEnabled: description: >- Enables or disables passing of the server name through TLS Server Name Indication extension (SNI, RFC 6066) when establishing a connection with the proxied HTTPS server. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_server_name isSessionReuseEnabled: description: >- Determines whether SSL sessions can be reused when working with the proxied server. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_session_reuse isVerifiedEnabled: description: >- Enables or disables verification of the proxied HTTPS server certificate. type: boolean externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_verify verifyDepth: description: >- Sets the verification depth in the proxied HTTPS server certificates chain. type: integer minimum: 0 externalDocs: url: >- https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_verify_depth ApplicableUri: type: object required: - uri properties: uri: type: string matchMethod: $ref: '#/components/schemas/URIMatchMethod' ApplicableUris: type: array description: > Defines an array of ingress URIs with a corresponding matchMethod that this rewrite rule applies to. By default, a rewrite rule applies to all of the ingress URIs in the component. A rewrite rule can also be applied at a gateway level by specifying ingress URIs from the gateway. For example "http://www.nginx.com". Note that applying the rewrite rule to URIs at a gateway level can affect other components. The URI and the matchMethod must match an ingress URI defined either at the component or gateway level. If no match is found the request is rejected. items: $ref: '#/components/schemas/ApplicableUri' UriRewrite: type: object required: - incomingPattern - rewritePattern properties: applicableURIs: $ref: '#/components/schemas/ApplicableUris' incomingPattern: type: string description: >- The regex pattern to match against the request URIs that are expected to be rewritten. rewritePattern: type: string description: >- The replacement regex pattern to apply to the URIs that are to be rewritten. minLength: 1 afterExecute: type: string enum: - NONE - LAST - BREAK - REDIRECT - PERMANENT default: BREAK UriRedirect: type: object required: - responseCode properties: applicableURIs: $ref: '#/components/schemas/ApplicableUris' responseCode: type: integer minimum: 300 maximum: 308 url: type: string minLength: 1 description: >- The return url to use for responses in the 301-308 range. text: type: string description: The return text to send for 300 responses. ProgrammabilityAction: type: string enum: - ADD - MODIFY - DELETE CookieModification: type: object required: - action - cookieName properties: action: $ref: '#/components/schemas/ProgrammabilityAction' cookieName: type: string cookieValue: type: string ProgrammabilityAddRequestHeader: type: object required: - action - headerName - headerValue properties: action: type: string description: Adds request header details. enum: - ADD headerName: type: string description: The name of the response header to modify. minLength: 1 headerValue: type: string description: The value to apply to the request header. minLength: 1 applicableURIs: $ref: '#/components/schemas/ApplicableUris' ProgrammabilityDeleteRequestHeader: type: object required: - action - headerName properties: action: type: string description: Deletes request header details. enum: - DELETE headerName: type: string description: The name of the request header to modify. minLength: 1 applicableURIs: $ref: '#/components/schemas/ApplicableUris' RequestHeaderModification: discriminator: propertyName: action mapping: ADD: '#/components/schemas/ProgrammabilityAddRequestHeader' DELETE: >- #/components/schemas/ProgrammabilityDeleteRequestHeader oneOf: - $ref: '#/components/schemas/ProgrammabilityAddRequestHeader' - $ref: >- #/components/schemas/ProgrammabilityDeleteRequestHeader ProgrammabilityAddResponseHeader: type: object required: - action - headerName - headerValue properties: action: type: string description: Adds response header details. enum: - ADD headerName: type: string description: The name of the response header to modify. minLength: 1 headerValue: type: string description: The value to apply to the response header. minLength: 1 responseCodeFilter: type: string description: The value to apply to the response code filter. enum: - ALWAYS - PRE_DEFINED default: PRE_DEFINED applicableURIs: $ref: '#/components/schemas/ApplicableUris' ProgrammabilityDeleteResponseHeader: type: object required: - action - headerName properties: action: type: string description: Deletes response header details. enum: - DELETE headerName: type: string description: > The name of the response header to modify. > Warning: `Date`, `Content-Length`, and `Connection` headers cannot be deleted. minLength: 1 applicableURIs: $ref: '#/components/schemas/ApplicableUris' ResponseHeaderModification: discriminator: propertyName: action mapping: ADD: '#/components/schemas/ProgrammabilityAddResponseHeader' DELETE: >- #/components/schemas/ProgrammabilityDeleteResponseHeader oneOf: - $ref: '#/components/schemas/ProgrammabilityAddResponseHeader' - $ref: >- #/components/schemas/ProgrammabilityDeleteResponseHeader Programmability: type: object properties: uriRewrites: type: array items: $ref: '#/components/schemas/UriRewrite' httpHttpsRedirect: x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' uriRedirects: x-f5-experimental: true type: array items: $ref: '#/components/schemas/UriRedirect' cookieModifications: x-f5-experimental: true type: array items: $ref: '#/components/schemas/CookieModification' requestHeaderModifications: type: array items: $ref: '#/components/schemas/RequestHeaderModification' responseHeaderModifications: type: array items: $ref: '#/components/schemas/ResponseHeaderModification' Logging: description: Settings for error logs and access logs. type: object properties: errorLog: $ref: '#/components/schemas/ServiceConfigState' accessLog: type: object properties: state: $ref: '#/components/schemas/ServiceConfigState' format: type: string WAF: description: >- Defines the desired configurations for the WAF associated with the application component. properties: isEnabled: type: boolean default: true description: Indicates whether the WAF is enabled or not. isMonitorOnly: type: boolean default: true description: >- Indicates whether the WAF will monitor or block security violations. signatureOverrides: type: object additionalProperties: type: object properties: action: type: string enum: - IGNORE description: > Identifies overrides for the signatures contained within the associated security strategy. example: '1234': action: IGNORE '1235': action: IGNORE APIKeyClientAuth: description: >- Defines how an API client should provide their API Key credentials. required: - keyLocation properties: keyLocation: type: string enum: - HEADER - QUERY_PARAM key: type: string JWTClientAuth: description: Defines how an API Client should provide their JWT. required: - keyLocation properties: keyLocation: type: string enum: - BEARER - HEADER - QUERY_PARAM - COOKIE key: type: string ConditionalAuthPolicy: description: >- Defines further fine-grained access control on top of API Key or JWT Auth. required: - sourceType - comparisonType - comparisonValues - action - denyStatusCode properties: sourceType: type: string enum: - HEADER - JWT_CLAIM sourceKey: type: string comparisonType: type: string enum: - EQUALS - NOT_EQUALS - IN - CONTAINS comparisonValues: type: array description: Valid values for the sourceType. items: oneOf: - type: string - type: integer action: type: string enum: - ALLOW - DENY denyStatusCode: type: integer RateLimit: required: - rate properties: rate: type: string pattern: '^[0-9]+r\/[m|s]{1}$' description: > Sets the maximum number of allowed requests. You can specify the rate limit as requests per second (r/s) or requests per minute (r/m). example: 10r/s burstBeforeReject: type: integer minimum: 0 burstBeforeDelay: type: integer minimum: 0 statusCode: type: integer default: 429 key: type: string default: $binary_remote_addr description: >- Parameters (NGINX variable) for a shared memory zone that stores states for various keys; used for `limit_req_zone`. Security: type: object description: >- Defines the desired security configurations for the application component. properties: strategyRef: $ref: '#/components/schemas/ResourceRef' waf: $ref: '#/components/schemas/WAF' identityProviderRefs: type: array items: $ref: '#/components/schemas/ResourceRef' description: >- The list of Identity Providers that are used in this Security policy. apiKeyClientAuth: $ref: '#/components/schemas/APIKeyClientAuth' jwtClientAuth: $ref: '#/components/schemas/JWTClientAuth' conditionalAuthPolicies: type: object additionalProperties: $ref: '#/components/schemas/ConditionalAuthPolicy' rateLimits: type: object additionalProperties: $ref: '#/components/schemas/RateLimit' interceptWorkloadErrors: x-f5-experimental: true $ref: '#/components/schemas/ServiceConfigState' PublishedApiRefs: type: array items: $ref: '#/components/schemas/ResourceRef' GZip: properties: isEnabled: type: boolean externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip buffers: type: object properties: number: type: integer size: type: string pattern: '^[0-9]+[k|K|m|M]{1}$' externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_buffers level: type: integer minimum: 1 maximum: 9 externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_comp_level disabledUserAgents: type: array items: type: string minItems: 1 uniqueItems: true externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_disable httpVersion: type: string pattern: '^[1-3]{1}\.[0-1]{1}$' externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_http_version minLength: type: integer externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_min_length proxied: type: string enum: - DISABLED - EXPIRED - NOCACHE - NOSTORE - PRIVATE - NOLASTMODIFIED - NOETAG - AUTH - ANY externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_proxied mimeTypes: type: array items: type: string minItems: 1 uniqueItems: true externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_types vary: type: string enum: - DISABLED - ENABLED externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_vary static: type: string enum: - DISABLED - ENABLED - ALWAYS externalDocs: url: >- http://nginx.org/en/docs/http/ngx_http_gzip_static_module.html#gzip_static Compression: description: Gzip compression settings. type: object properties: gzip: $ref: '#/components/schemas/GZip' ComponentWebDesiredState: description: > The desired settings in the Web Component that the user wants in the configuration on NGINX instances associated with the Gateways which this component references. allOf: - $ref: '#/components/schemas/ComponentStateCommon' - type: object required: - ingress - backend properties: componentType: description: >- Defines the Component type. The default type is Web. type: string enum: - WEB ingress: $ref: '#/components/schemas/ComponentWebIngress' backend: $ref: '#/components/schemas/WebBackend' programmability: $ref: '#/components/schemas/Programmability' logging: $ref: '#/components/schemas/Logging' security: $ref: '#/components/schemas/Security' publishedApiRefs: $ref: '#/components/schemas/PublishedApiRefs' errorSetRef: $ref: '#/components/schemas/ResourceRef' compression: $ref: '#/components/schemas/Compression' ComponentTcpUdpIngress: description: Ingress settings in a TCP/UDP Component. allOf: - $ref: '#/components/schemas/ComponentIngressCommon' TcpUdpMonitoring: description: >- Health monitor settings across all workload groups in a TCP/UDP Component. allOf: - $ref: '#/components/schemas/MonitoringCommon' - type: object properties: send: description: Probe request for a TCP/UDP monitor. type: string response: description: >- Case-sensitive regular expression for the expected success response to a TCP/UDP monitor. type: string TcpUdpProxy: description: >- Proxy retry and timeout settings applicable to servers in a TcpUdp workloadGroup associated with a Component. type: object properties: nextUpstream: description: >- When a connection to the proxied server cannot be established, determines whether a client connection will be passed to the next server. type: string enum: - 'ON' - 'OFF' default: 'OFF' connectTimeout: description: >- Defines a timeout for establishing a connection with the proxied server. type: string pattern: '^[0-9]{1,12}[hms]?$' proxyTimeout: description: >- Sets the timeout between two successive read or write operations on client or proxied server connections. type: string pattern: '^[0-9]{1,12}[hms]?$' TcpUdpWorkloadGroup: description: >- Group of servers hosting a part of a TCP/UDP application represented by a Component. allOf: - $ref: '#/components/schemas/WorkloadGroupCommon' - type: object properties: proxy: $ref: '#/components/schemas/TcpUdpProxy' uris: type: object description: > The URI for a server hosting a part of a TCP/UDP application. The URI must conform to the format `schema://address:port` where schema is chosen from tcp, udp, or tcp+tls, address is IP or hostname. All three of schema, address, and port must be provided. For example: - `tcp://192.0.2.247:8443` - `tcp+tls://192.0.2.247:8449` - `udp://www.f5workload.com:989` additionalProperties: $ref: '#/components/schemas/WorkloadUri' TcpUdpBackend: description: | Backend settings in a TCP/UDP Component. type: object properties: monitoring: $ref: '#/components/schemas/TcpUdpMonitoring' workloadGroups: type: object additionalProperties: $ref: '#/components/schemas/TcpUdpWorkloadGroup' ComponentTcpUdpDesiredState: description: >- The desired settings in the TCP/UDP Component to use in the configuration on NGINX instances associated with the Gateways that this Component references. allOf: - $ref: '#/components/schemas/ComponentStateCommon' - type: object required: - componentType - ingress - backend properties: componentType: description: >- Defines what type of Component this is. The type must be TCPUDP. type: string enum: - TCPUDP ingress: $ref: '#/components/schemas/ComponentTcpUdpIngress' backend: $ref: '#/components/schemas/TcpUdpBackend' logging: $ref: '#/components/schemas/Logging' ComponentDesiredState: description: > The desired component settings to use in the NGINX instance configuration that's associated with the Gateways that this component references. oneOf: - $ref: '#/components/schemas/ComponentWebDesiredState' - $ref: '#/components/schemas/ComponentTcpUdpDesiredState' ConfigStateTally: type: object properties: isConfigured: type: boolean description: The configuration operation is complete. isConfiguring: type: boolean description: >- The configuration of the resource, or of its child(ren), is in process. isError: type: boolean description: >- An error occurred while configuring the resource or its child(ren). isDeleting: type: boolean description: >- A delete operation is in progress for the resource or its child(ren). total: type: integer description: >- The total number of resources to which the configuration operation applies. configured: type: integer description: >- The number of resources that have a complete and valid configuration. configuring: type: integer description: >- The number of resources that are in the process of being configured. error: type: integer description: >- The number of resources that have encountered an error during the configuration process. deleting: type: integer description: >- The number of resources that are in the process of being deleted. ConfigCondition: type: object properties: type: type: string description: The condition type. message: type: string description: >- A human-readable message that provides additional information about the configuration operation. ConfigState: type: object description: > A representation of the resource's current configuration state that comprises the status of the resource itself (`selfConfigState`) and any child resources (`childrenConfigState`). The conditions array provides additional information during configuration changes. properties: selfConfigState: $ref: '#/components/schemas/ConfigStateTally' childrenConfigState: $ref: '#/components/schemas/ConfigStateTally' conditions: type: array items: $ref: '#/components/schemas/ConfigCondition' ComponentWebCurrentStatus: description: > The current snapshot of the web component settings that are reflected in the configuration on NGINX instances associated with the Gateways that this component references. These settings should converge to those in Desired State as the new configuration is applied unless there are issues; the State setting gives a summary of how the convergence is proceeding. allOf: - $ref: '#/components/schemas/ComponentStateCommon' - type: object properties: componentType: description: Defines what type of Component this is. type: string enum: - WEB ingress: $ref: '#/components/schemas/ComponentWebIngress' backend: $ref: '#/components/schemas/WebBackend' programmability: $ref: '#/components/schemas/Programmability' logging: $ref: '#/components/schemas/Logging' security: $ref: '#/components/schemas/Security' publishedApiRefs: $ref: '#/components/schemas/PublishedApiRefs' errorSetRef: $ref: '#/components/schemas/ResourceRef' compression: $ref: '#/components/schemas/Compression' state: $ref: '#/components/schemas/ConfigState' ComponentTcpUdpCurrentStatus: description: > The current snapshot of the TCP/UDP component settings that are reflected in the configuration on NGINX instances associated with the Gateways that this component references. These settings should converge to those in Desired State as the new configuration is applied unless there are issues; the State setting gives a summary of how the convergence is proceeding. allOf: - $ref: '#/components/schemas/ComponentStateCommon' - type: object properties: componentType: description: Defines what type of Component this is. type: string enum: - TCPUDP ingress: $ref: '#/components/schemas/ComponentTcpUdpIngress' backend: $ref: '#/components/schemas/TcpUdpBackend' logging: $ref: '#/components/schemas/Logging' state: $ref: '#/components/schemas/ConfigState' ComponentCurrentStatus: description: > The current snapshot of the component settings that are reflected in the configuration on NGINX instances associated with the Gateways that this Component references. These settings should converge to those in Desired State as the new configuration is applied unless there are issues; the State setting gives a summary of how the convergence is proceeding. oneOf: - $ref: '#/components/schemas/ComponentWebCurrentStatus' - $ref: '#/components/schemas/ComponentTcpUdpCurrentStatus' Component: description: > A component represents the processing –- reverse proxying, rate limiting, security policy enforcement, header rewrites, etc. –- of traffic associated with a logical part (for example, microservice) of an application/API. It also defines the subsequent load balancing of traffic to workloads implementing that part of the application/API. A component can be either a web or a TCP/UDP component –- indicated by the component type. Web components are used to configure NGINX functionality associated with HTTP/HTTPS protocols and inherit web and common settings from linked Gateways. TCP/UDP components are used to configure NGINX functionality associated with TCP/UDP protocols and inherit TCP/UDP and common settings from linked Gateways. type: object required: - metadata - desiredState properties: metadata: $ref: '#/components/schemas/ResourceMeta' desiredState: $ref: '#/components/schemas/ComponentDesiredState' currentStatus: $ref: '#/components/schemas/ComponentCurrentStatus' ErrorDetail: type: object required: - description properties: description: type: string example: >- Error doing : . This can lead to . Try to resolve the issue. description: > A detailed error message returned by the server. These messages contain the following information, where applicable: - What happened. - Why it happened. - What the consequences are (if any). - Recommended action to take to resolve the issue. ErrorModel: type: object required: - message - code properties: message: type: string example: Error doing . description: > A human-readable message, in English, that describes the error. code: type: integer example: 1234567 description: > A numeric error code that can be used to identify errors for support purposes. details: type: array items: $ref: '#/components/schemas/ErrorDetail' ComponentName: type: string examples: ComponentRequest: value: metadata: name: resource-name displayName: My Display Name description: >- This is a sample description string. It provides information about the resource. tags: - production_public - dev - new_app - us-west-1 - emea desiredState: ingress: uris: /api/golf/: matchMethod: PREFIX gatewayRefs: - ref: /services/environments/dev/gateways/sportsgw publishedApiRefs: - ref: >- /services/environments/dev/apps/sports/published-apis/golf-pub backend: workloadGroups: serverGrp1: uris: '{{httpWorkloadInstance1}}': {} monitoring: {} security: rateLimit: defaultLimit: rate: 1 rateMeasure: SECONDS