Event Gateway CRD reference

Find out more about the Event Gateway custom resource properties.

Note: This reference page applies only to the operator-managed gateway, and includes only the Event Gateway CR properties that you might want to view or update. Do not edit any CR properties that are not listed on this page.
Table 1. spec
Field Type Description
config string N/A. Usage not advised.
deployNetworkPolicies boolean Control the deployment of NetworkPolicies that are used by the instance. (default: true)
endpoints []Table 2 Deprecated: List of endpoint configurations. Use `spec.listener.{0}.groups.{0}.endpoint instead.
fips Table 3 Object containing Federal Information Processing Standard (FIPS) configuration.
gatewayGroupName string The name of the gateway group to which this gateway is to be added.
gatewayID string The identifier of the gateway group to which this gateway is to be added.
gatewayContact string The contact information of the gateway administrator.
license Table 4 Object containing product licensing details.
listeners []Table 16 Configure event gateway listeners.
manager Table 21 Configure Event Manager instance to register the gateway.
managerEndpoint string Deprecated: The endpoint address for an Event Manager instance. Use spec.manager.endpoint instead.
maxNumKafkaBrokers integer Deprecated: The maximum number of Kafka brokers your Event Gateway can connect to. Default is 20. Use spec.listener.{0}.groups.{0}.maxNumKafkaBrokers instead.
openTelemetry Table 13 Configuration for OpenTelemetry
replicas integer The number of replicas for the gateway deployment
security Table 7 Object containing security configuration.
template Table 5 Object containing Kubernetes resource overrides.
tls Table 11 Deprecated: Object containing TLS configuration. Use spec.listener.{0}.tls instead.
traceSpec string Dynamically configurable trace specification
Table 2. spec.endpoints
Field Type Description
annotations map[string]string The annotations to use in place of the Ingress default settings.
class string The ingress class name to use on the ingress resource, defaults to nginx.
host string The DNS resolvable hostname to set on the ingress endpoint.
name string The name of the endpoint being configured. For valid values, see the following important notes.
Note:
  • On the Red Hat OpenShift Container Platform, annotations and class are not valid configuration options because OpenShift routes are created.
  • On the Red Hat OpenShift Container Platform, if you are creating wildcard routes, then you must specify host.
  • On other Kubernetes platforms you must specify host values for exposed endpoints.
Table 3. spec.fips
Field Type Description
mode string The value for Federal Information Processing Standard (FIPS) mode. Valid value is ‘wall’.
Table 4. spec.license
Field Type Description
accept boolean Setting to true will declare that you have accepted the license terms and conditions. (default: false)
license string The license with which you are installing the product.
metric string The license metric being used for your product license.
use string The usage of the license with which you are installing the product.
Table 5. spec.template
Field Type Description
annotations object Annotations that will be added to all Kubernetes resources used by the instance. Any annotations that are added to the template object and subsequently deleted are not automatically removed from resources that are already instantiated. These annotations need to be manually removed from the existing resources.
labels object Labels that will be added to all Kubernetes resources used by the instance.
pod Table 6 Object containing pod override configuration.
Table 6. spec.template.pod
Field Type Description
spec Kubernetes pod specification object Kubernetes pod spec overrides.
Table 7. spec.security
Field Type Description
connection Table 9 Object containing connection options.
authentication Table 8 Object containing authentication options.
Table 8. spec.security.authentication
Field Type Description
maxRetries integer The maximum number of failed authentication attempts after which further attempts are blocked. Default is -1 (no limit).
retryBackoffMs integer The backoff time in milliseconds between consecutive failed authentication attempts. Default is 0.
lockoutPeriod integer The duration in seconds while the account is locked after an unsuccessful authentication attempt. Default is 0.
Table 9. spec.security.connection
Field Type Description
closeDelayMs integer The minimum delay in milliseconds after you close a connection. This helps prevent spam. Default is 8000.
closeJitterMs integer Additional delay in milliseconds after you close a connection. This helps prevent attacks. Default is 4000.
perSubLimit integer The maximum allowed TCP connections for each subscription. Default is -1 (no limit).
request Table 10 Request properties.
Table 10. spec.security.connection.request
Field Type Description
maxSizeBytes integer The maximum size allowed for the request payload in bytes. Default is -1 (no limit).
Table 11. spec.tls
Field Type Description
caCertificate string The key in the secret that holds the value of the CA certificate.
caSecretName string The name of a secret containing a root CA certificate that the product should use when creating additional certificates.
key string The key in the secret that holds the value of the private key.
secretName string The name of a secret containing certificates for securing component communications.
serverCertificate string The key in the secret that holds the value of the server certificate.
trustedCertificate array[Table 12] A set of secrets containing certificates which the Event Gateway should trust when communicating with other services, such as gateways or OIDC providers.
Table 12. spec.tls.trustedCertificate
Field Type Description
certificate string The key within the specified secret that holds the value of the CA certificate.
secretName string The name of a Kubernetes secret containing a CA certificate to add to the truststore.
Table 13. spec.openTelemetry
Field Type Description
endpoint string The endpoint to send the OpenTelemetry metrics. Must include protocol http:// or https://
protocol string The transport protocol to use, grpc (default) or http/protobuf.
interval integer The interval between reporting of metrics in milliseconds. Default is 30000.
tls Table 14otelTLS The configuration of SSL Certificates for mTLS and a trusted certificate for endpoint server validation.
instrumentations []Table 15 A list of instrumentations to enable in addition to those for the Event Manager and Event Gateway.
metricsEnablement [] Configure Event Gateway OpenTelemetry metrics enablement.
tracesEnablement [] Configure Event Gateway OpenTelemetry trace enablement.
Table 14. spec.openTelemetry.tls
Field Type Description
clientCertificate string The key in the secret that holds the value of the PKCS8 encoded client certificate to use for mutualTLS (mTLS).
clientKey string The key in the secret that holds the value of the PKCS8 encoded private key certificate to use for mutualTLS (mTLS).
secretName string The name of a secret containing certificates for securing component communications for mutualTLS (mTLS).
trustedCertificate [] Configuration of a secret containing a TLS certificate to trust to validate the endpoint servers identity.
Table 15. spec.openTelemetry.instrumentations
Field Type Description
name string The instrumentation name.
enabled boolean Whether to enable or disabled the specified instrumentation.
Important: The instrumentation name should be the instrumentation shortname. The supplied shortname is then configured as an environment variable against the relevant pod as OTEL_INSTRUMENTATION_<name>_ENABLED=<enabled> automatically.
Table 16. spec.listeners
Field Type Description
groups []Table 17 Groups of the listener.
name string Name of the listener.
port integer Port number of the listener.
tls Table 19 Configure TLS for the Event Gateway listener.
Table 17. spec.listeners.groups
Field Type Description
endpoint Table 18 Object containing endpoint configuration for the listener group.
maxNumKafkaBrokers integer The maximum number of Kafka brokers your Event Gateway can connect to. Default is 20. (minimum: 1, maximum: 50)
name string Name of the group in the listener.
type string Type of the group: ‘EXPLICIT’ or ‘WILDCARD’. Default is ‘EXPLICIT’.
Table 18. spec.listeners.groups.endpoint
Field Type Description
annotations map[string]string Annotations for ingress resources.
class string The ingress class name.
host string The host to set on the endpoint resource.
Table 19. spec.listeners.tls
Field Type Description
caCertificate string The key in the secret that holds the value of the CA certificate.
caSecret Table 20 The details of the root CA certificate that the product should use when creating additional certificates.
certificateType string The type of certificate to generate: ‘wildcard’ for a single wildcard certificate (*.example.com), or ‘explicit’ for a single certificate with explicit hostnames as SANs. Defaults to ‘explicit’.
key string The key in the secret that holds the value of the private key.
secretName string The name of a secret containing certificates for securing component communications.
serverCertificate string The key in the secret that holds the value of the server certificate.
Table 20. spec.listeners.tls.caSecret
Field Type Description
certificate string The key in the secret that holds the value of the certificate.
secretName string The name of a secret containing a root CA certificate that the product should use when creating additional certificates.
Table 21. spec.manager
Field Type Description
apiKey Table 22 Manager API key
endpoint string Manager endpoint
trustedCertificate   Trustore for communicating with the manager.
Table 22. spec.manager.apiKey
Field Type Description
key string The key in the secret that holds the value of the API key.
secretName string The name of a secret containing API key for authenticating with the manager.
Important: Status field is used to display specific information about the instance. Do not edit the status field manually
Table 23. status
Field Type Description
conditions array[condition] A list of conditions representing the state of the custom resource.
versions Table 28 Object containing versioning information.
endpoints array[Table 30] A list of endpoints exposed by the instance.
phase string A value representing the phase in which the instance is operating. One of Running, Failed or Pending.
Table 24. status.versions
Field Type Description
reconciled string The reconciled version of the instance
available Table 25 Object containing available versions.
Table 25. status.versions.available
Field Type Description
versions array[Table 26] A list of the available versions.
channels array[Table 27] A list of the available channels.
Table 26. tatus.versions.available.versions
Field Type Description
name string The semantic version number.
licenses array[] A list of available licenses.
Table 27. status.versions.available.channels
Field Type Description
name string The semantic version number.
licenses array[Table 28] A list of available licenses.
Table 28. status.versions.available.channels.licences
Field Type Description
name string The semantic version number.
displayName string Optional display name for the license.
link string Link to the license content.
matchesCurrentType boolean True if the license matches the type of license used by the current operand.
licenseUseList array[string] A list of available license uses.
availableMetrics array[string] A list of available licenses metrics.
Table 29. status.conditions
Field Type Description
lastTransitionTime string The time at which the condition was applied.
message string Human-readable message indicating details about the condition.
reason string Machine-readable, UpperCamelCase text indicating the reason for the condition.
status string Indicates whether that condition is applicable. One of True, False or Unknown.
Table 30. status.endpoints
Field Type Description
name string Unique name for the endpoint.
type string Type of service the endpoint is exposing. For example UI or API.
uri string The URI of the endpoint.