Private Ingress
PrivateIngress
Defines the high-level intent for an internal-only entry point to services.
Manages private traffic within the organization's network, translating intent into internal load balancers and network endpoints. This facilitates secure cross-project connectivity and service discovery within the private VPC infrastructure without public exposure.
| Property | Type | Description |
|---|---|---|
| apiVersion | string | |
| kind | string | |
| metadata | map | |
| spec | Spec |
Spec
Contains the user-defined configuration for the private ingress. Encapsulates load balancing topography, regional placement, authorization database dependencies, and the cross-project access controls underpinning the Hub and Spoke network model.
| Property | Type | Description |
|---|---|---|
| description | string | This description is optional but will drastically improve the understand of the AI assistant about the structural elements of the organization |
| authorizationDatabase | string | The name of the Database manifest to use for storing authorization policies. |
| region | string | The GCP region where the ingress gateway's compute resources will be deployed. |
| config | Config | Advanced configuration for the ingress gateway's behavior. |
| authorizedProjects | list of SourceProjectReference | A list of source projects that will be granted access to this PrivateIngress. Source project will be granted access to the Ingress gateway through HUB and SPOKE |
Config
| Property | Type | Description |
|---|---|---|
| timeoutSec | int64 | The overall request timeout in seconds for the backend service. |
| connectionDrainingTimeoutSec | int64 | The time, in seconds, to wait for connections to drain before shutting down a backend instance. Dictates the connection draining timeout for the backend service resources associated with this ingress. |
| customRequestHeaders | list of string | A list of custom headers to add to requests forwarded to backends. |
| customResponseHeaders | list of string | A list of custom headers to add to responses sent to clients. |
| loadBalancing | LoadBalancing | Defines the load balancing policy for the gateway's backend services. |
LoadBalancing
| Property | Type | Description |
|---|---|---|
| balancingMode | string | The load balancing algorithm to use. |
| capacityScaler | double | A value between 0.0 and 1.0 that scales the capacity of the backend service. |
| description | string | A description for the load balancing policy. |
| maxConnections | int64 | The maximum number of connections per instance. |
| maxRate | int64 | The maximum requests per second per instance. |
| maxUtilization | double | The maximum CPU utilization of an instance. |
SourceProjectReference
Fully qualified reference to a specific Project manifest.
Specifies the environment and OU coordinate of the intended project, needed since projects aren't globally unique by name alone.
| Property | Type | Description |
|---|---|---|
| name | string | The 'metadata.name' of the target 'Project' manifest being referenced. |
| environment | string | The 'metadata.name' of the 'Environment' manifest that is the parent of the target project. If omitted, it defaults to the current 'Environment'. |
| organizationalUnit | string | The 'metadata.name' of the 'OrganizationalUnit' manifest that is the parent of the target environment. If omitted, it defaults to the current 'OrganizationalUnit'. |