From 21f9a59c8ab9fb356010a41e0498cad1a2607cb0 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 1 Apr 2026 01:47:27 +0900 Subject: [PATCH 1/9] api: bandwidth limit Signed-off-by: kkk777-7 --- api/v1alpha1/backendtrafficpolicy_types.go | 6 ++ api/v1alpha1/bandwidthlimit_types.go | 82 +++++++++++++++++++ api/v1alpha1/zz_generated.deepcopy.go | 51 ++++++++++++ ....envoyproxy.io_backendtrafficpolicies.yaml | 70 ++++++++++++++++ ....envoyproxy.io_backendtrafficpolicies.yaml | 70 ++++++++++++++++ site/content/en/latest/api/extension_types.md | 48 +++++++++++ test/helm/gateway-crds-helm/all.out.yaml | 70 ++++++++++++++++ test/helm/gateway-crds-helm/e2e.out.yaml | 70 ++++++++++++++++ .../envoy-gateway-crds.out.yaml | 70 ++++++++++++++++ 9 files changed, 537 insertions(+) create mode 100644 api/v1alpha1/bandwidthlimit_types.go diff --git a/api/v1alpha1/backendtrafficpolicy_types.go b/api/v1alpha1/backendtrafficpolicy_types.go index b548416d86..d3349353cc 100644 --- a/api/v1alpha1/backendtrafficpolicy_types.go +++ b/api/v1alpha1/backendtrafficpolicy_types.go @@ -62,6 +62,12 @@ type BackendTrafficPolicySpec struct { // +optional RateLimit *RateLimitSpec `json:"rateLimit,omitempty"` + // BandwidthLimit allows the user to limit the bandwidth of traffic + // sent to and received from the backend. + // +optional + // +notImplementedHide + BandwidthLimit *BandwidthLimitSpec `json:"bandwidthLimit,omitempty"` + // FaultInjection defines the fault injection policy to be applied. This configuration can be used to // inject delays and abort requests to mimic failure scenarios such as service failures and overloads // +optional diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go new file mode 100644 index 0000000000..7f83b0d74d --- /dev/null +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -0,0 +1,82 @@ +// Copyright Envoy Gateway Authors +// SPDX-License-Identifier: Apache-2.0 +// The full text of the Apache license is available in the LICENSE file at +// the root of the repo. + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/api/resource" + gwapiv1 "sigs.k8s.io/gateway-api/apis/v1" +) + +// BandwidthLimitDirection specifies which direction of traffic the bandwidth limit applies to. +// +// +kubebuilder:validation:Enum=Request;Response;Both +type BandwidthLimitDirection string + +const ( + // BandwidthLimitDirectionRequest limits traffic from the client to the upstream. + BandwidthLimitDirectionRequest BandwidthLimitDirection = "Request" + + // BandwidthLimitDirectionResponse limits traffic from the upstream to the client. + BandwidthLimitDirectionResponse BandwidthLimitDirection = "Response" + + // BandwidthLimitDirectionBoth limits traffic in both directions. + BandwidthLimitDirectionBoth BandwidthLimitDirection = "Both" +) + +// BandwidthLimitSpec defines the desired state of BandwidthLimit. +// +// +kubebuilder:validation:XValidation:rule="!has(self.fillInterval) || (duration(self.fillInterval) >= duration('20ms'))",message="fillInterval must be at least 20ms" +type BandwidthLimitSpec struct { + // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. + // + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" + Limit resource.Quantity `json:"limit"` + + // Direction controls which traffic direction the bandwidth limit applies to. + // Request limits traffic from the client to the upstream (ingress). + // Response limits traffic from the upstream to the client (egress). + // Both limits traffic in both directions. + // + // +kubebuilder:default=Both + Direction BandwidthLimitDirection `json:"direction"` + + // FillInterval is the token bucket refill interval. + // Minimum allowed value is 20ms. Defaults to 50ms if not specified. + // + // +optional + FillInterval *gwapiv1.Duration `json:"fillInterval,omitempty"` + + // BandwidthLimitResponseTrailers configures the trailer headers appended to responses + // when bandwidth limiting introduces delays. + // + // +optional + ResponseTrailers *BandwidthLimitResponseTrailers `json:"responseTrailers,omitempty"` +} + +type BandwidthLimitResponseTrailers struct { + // Enable specifies whether to append trailer headers with delay metrics. + // Defaults to false. + // + // The following four trailers can be added: + // "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + // including request body transfer time and the time added by the filter. + // "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + // including response body transfer time and the time added by the filter. + // "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + // "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + // + // Only effective when Direction is Response or Both. + // + // +kubebuilder:default=false + Enable bool `json:"enable"` + + // Prefix is prepended to each trailer header name. + // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + // + // +optional + Prefix *string `json:"prefix,omitempty"` +} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index c7e280afe8..402a9ad7d9 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -733,6 +733,11 @@ func (in *BackendTrafficPolicySpec) DeepCopyInto(out *BackendTrafficPolicySpec) *out = new(RateLimitSpec) (*in).DeepCopyInto(*out) } + if in.BandwidthLimit != nil { + in, out := &in.BandwidthLimit, &out.BandwidthLimit + *out = new(BandwidthLimitSpec) + (*in).DeepCopyInto(*out) + } if in.FaultInjection != nil { in, out := &in.FaultInjection, &out.FaultInjection *out = new(FaultInjection) @@ -859,6 +864,52 @@ func (in *BackendUtilization) DeepCopy() *BackendUtilization { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BandwidthLimitResponseTrailers) DeepCopyInto(out *BandwidthLimitResponseTrailers) { + *out = *in + if in.Prefix != nil { + in, out := &in.Prefix, &out.Prefix + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitResponseTrailers. +func (in *BandwidthLimitResponseTrailers) DeepCopy() *BandwidthLimitResponseTrailers { + if in == nil { + return nil + } + out := new(BandwidthLimitResponseTrailers) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BandwidthLimitSpec) DeepCopyInto(out *BandwidthLimitSpec) { + *out = *in + out.Limit = in.Limit.DeepCopy() + if in.FillInterval != nil { + in, out := &in.FillInterval, &out.FillInterval + *out = new(v1.Duration) + **out = **in + } + if in.ResponseTrailers != nil { + in, out := &in.ResponseTrailers, &out.ResponseTrailers + *out = new(BandwidthLimitResponseTrailers) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitSpec. +func (in *BandwidthLimitSpec) DeepCopy() *BandwidthLimitSpec { + if in == nil { + return nil + } + out := new(BandwidthLimitSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { *out = *in diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index a8096a4a43..0e7d864d7d 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -50,6 +50,76 @@ spec: spec: description: spec defines the desired state of BackendTrafficPolicy. properties: + bandwidthLimit: + description: |- + BandwidthLimit allows the user to limit the bandwidth of traffic + sent to and received from the backend. + properties: + direction: + default: Both + description: |- + Direction controls which traffic direction the bandwidth limit applies to. + Request limits traffic from the client to the upstream (ingress). + Response limits traffic from the upstream to the client (egress). + Both limits traffic in both directions. + enum: + - Request + - Response + - Both + type: string + fillInterval: + description: |- + FillInterval is the token bucket refill interval. + Minimum allowed value is 20ms. Defaults to 50ms if not specified. + pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ + type: string + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: + description: |- + BandwidthLimitResponseTrailers configures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + enable: + default: false + description: |- + Enable specifies whether to append trailer headers with delay metrics. + Defaults to false. + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + + Only effective when Direction is Response or Both. + type: boolean + prefix: + description: |- + Prefix is prepended to each trailer header name. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + type: string + required: + - enable + type: object + required: + - direction + - limit + type: object + x-kubernetes-validations: + - message: fillInterval must be at least 20ms + rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= + duration(''20ms''))' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index c096366836..4d7eb921b1 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -49,6 +49,76 @@ spec: spec: description: spec defines the desired state of BackendTrafficPolicy. properties: + bandwidthLimit: + description: |- + BandwidthLimit allows the user to limit the bandwidth of traffic + sent to and received from the backend. + properties: + direction: + default: Both + description: |- + Direction controls which traffic direction the bandwidth limit applies to. + Request limits traffic from the client to the upstream (ingress). + Response limits traffic from the upstream to the client (egress). + Both limits traffic in both directions. + enum: + - Request + - Response + - Both + type: string + fillInterval: + description: |- + FillInterval is the token bucket refill interval. + Minimum allowed value is 20ms. Defaults to 50ms if not specified. + pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ + type: string + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: + description: |- + BandwidthLimitResponseTrailers configures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + enable: + default: false + description: |- + Enable specifies whether to append trailer headers with delay metrics. + Defaults to false. + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + + Only effective when Direction is Response or Both. + type: boolean + prefix: + description: |- + Prefix is prepended to each trailer header name. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + type: string + required: + - enable + type: object + required: + - direction + - limit + type: object + x-kubernetes-validations: + - message: fillInterval must be at least 20ms + rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= + duration(''20ms''))' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 721af52804..540e44b2c0 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -601,6 +601,54 @@ _Appears in:_ | `keepResponseHeaders` | _boolean_ | false | false | KeepResponseHeaders keeps the ORCA load report headers/trailers before sending the response to the client.
Defaults to false. | +#### BandwidthLimitDirection + +_Underlying type:_ _string_ + +BandwidthLimitDirection specifies which direction of traffic the bandwidth limit applies to. + +_Appears in:_ +- [BandwidthLimitSpec](#bandwidthlimitspec) + +| Value | Description | +| ----- | ----------- | +| `Request` | BandwidthLimitDirectionRequest limits traffic from the client to the upstream.
| +| `Response` | BandwidthLimitDirectionResponse limits traffic from the upstream to the client.
| +| `Both` | BandwidthLimitDirectionBoth limits traffic in both directions.
| + + +#### BandwidthLimitResponseTrailers + + + + + +_Appears in:_ +- [BandwidthLimitSpec](#bandwidthlimitspec) + +| Field | Type | Required | Default | Description | +| --- | --- | --- | --- | --- | +| `enable` | _boolean_ | true | false | Enable specifies whether to append trailer headers with delay metrics.
Defaults to false.
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter.
Only effective when Direction is Response or Both. | +| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". | + + +#### BandwidthLimitSpec + + + +BandwidthLimitSpec defines the desired state of BandwidthLimit. + +_Appears in:_ +- [BackendTrafficPolicySpec](#backendtrafficpolicyspec) + +| Field | Type | Required | Default | Description | +| --- | --- | --- | --- | --- | +| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | +| `direction` | _[BandwidthLimitDirection](#bandwidthlimitdirection)_ | true | Both | Direction controls which traffic direction the bandwidth limit applies to.
Request limits traffic from the client to the upstream (ingress).
Response limits traffic from the upstream to the client (egress).
Both limits traffic in both directions. | +| `fillInterval` | _[Duration](https://gateway-api.sigs.k8s.io/reference/1.4/spec/#duration)_ | false | | FillInterval is the token bucket refill interval.
Minimum allowed value is 20ms. Defaults to 50ms if not specified. | +| `responseTrailers` | _[BandwidthLimitResponseTrailers](#bandwidthlimitresponsetrailers)_ | false | | BandwidthLimitResponseTrailers configures the trailer headers appended to responses
when bandwidth limiting introduces delays. | + + #### BasicAuth diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index c965f47037..b55c576c00 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22577,6 +22577,76 @@ spec: spec: description: spec defines the desired state of BackendTrafficPolicy. properties: + bandwidthLimit: + description: |- + BandwidthLimit allows the user to limit the bandwidth of traffic + sent to and received from the backend. + properties: + direction: + default: Both + description: |- + Direction controls which traffic direction the bandwidth limit applies to. + Request limits traffic from the client to the upstream (ingress). + Response limits traffic from the upstream to the client (egress). + Both limits traffic in both directions. + enum: + - Request + - Response + - Both + type: string + fillInterval: + description: |- + FillInterval is the token bucket refill interval. + Minimum allowed value is 20ms. Defaults to 50ms if not specified. + pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ + type: string + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: + description: |- + BandwidthLimitResponseTrailers configures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + enable: + default: false + description: |- + Enable specifies whether to append trailer headers with delay metrics. + Defaults to false. + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + + Only effective when Direction is Response or Both. + type: boolean + prefix: + description: |- + Prefix is prepended to each trailer header name. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + type: string + required: + - enable + type: object + required: + - direction + - limit + type: object + x-kubernetes-validations: + - message: fillInterval must be at least 20ms + rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= + duration(''20ms''))' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index 5a3f65e2d0..decd56f177 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -550,6 +550,76 @@ spec: spec: description: spec defines the desired state of BackendTrafficPolicy. properties: + bandwidthLimit: + description: |- + BandwidthLimit allows the user to limit the bandwidth of traffic + sent to and received from the backend. + properties: + direction: + default: Both + description: |- + Direction controls which traffic direction the bandwidth limit applies to. + Request limits traffic from the client to the upstream (ingress). + Response limits traffic from the upstream to the client (egress). + Both limits traffic in both directions. + enum: + - Request + - Response + - Both + type: string + fillInterval: + description: |- + FillInterval is the token bucket refill interval. + Minimum allowed value is 20ms. Defaults to 50ms if not specified. + pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ + type: string + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: + description: |- + BandwidthLimitResponseTrailers configures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + enable: + default: false + description: |- + Enable specifies whether to append trailer headers with delay metrics. + Defaults to false. + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + + Only effective when Direction is Response or Both. + type: boolean + prefix: + description: |- + Prefix is prepended to each trailer header name. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + type: string + required: + - enable + type: object + required: + - direction + - limit + type: object + x-kubernetes-validations: + - message: fillInterval must be at least 20ms + rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= + duration(''20ms''))' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index 30388d77d8..e5ee8e1329 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -550,6 +550,76 @@ spec: spec: description: spec defines the desired state of BackendTrafficPolicy. properties: + bandwidthLimit: + description: |- + BandwidthLimit allows the user to limit the bandwidth of traffic + sent to and received from the backend. + properties: + direction: + default: Both + description: |- + Direction controls which traffic direction the bandwidth limit applies to. + Request limits traffic from the client to the upstream (ingress). + Response limits traffic from the upstream to the client (egress). + Both limits traffic in both directions. + enum: + - Request + - Response + - Both + type: string + fillInterval: + description: |- + FillInterval is the token bucket refill interval. + Minimum allowed value is 20ms. Defaults to 50ms if not specified. + pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ + type: string + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: + description: |- + BandwidthLimitResponseTrailers configures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + enable: + default: false + description: |- + Enable specifies whether to append trailer headers with delay metrics. + Defaults to false. + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + + Only effective when Direction is Response or Both. + type: boolean + prefix: + description: |- + Prefix is prepended to each trailer header name. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + type: string + required: + - enable + type: object + required: + - direction + - limit + type: object + x-kubernetes-validations: + - message: fillInterval must be at least 20ms + rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= + duration(''20ms''))' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. From 6d6457ccc043089ae2f632bcff85c499c00da538 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 1 Apr 2026 21:45:21 +0900 Subject: [PATCH 2/9] api: fix response trailers and add cel Signed-off-by: kkk777-7 --- api/v1alpha1/bandwidthlimit_types.go | 11 +- ....envoyproxy.io_backendtrafficpolicies.yaml | 18 ++- ....envoyproxy.io_backendtrafficpolicies.yaml | 18 ++- site/content/en/latest/api/extension_types.md | 3 +- .../backendtrafficpolicy_test.go | 116 ++++++++++++++++++ test/helm/gateway-crds-helm/all.out.yaml | 18 ++- test/helm/gateway-crds-helm/e2e.out.yaml | 18 ++- .../envoy-gateway-crds.out.yaml | 18 ++- 8 files changed, 155 insertions(+), 65 deletions(-) diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go index 7f83b0d74d..09c80e4d11 100644 --- a/api/v1alpha1/bandwidthlimit_types.go +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -29,6 +29,7 @@ const ( // BandwidthLimitSpec defines the desired state of BandwidthLimit. // // +kubebuilder:validation:XValidation:rule="!has(self.fillInterval) || (duration(self.fillInterval) >= duration('20ms'))",message="fillInterval must be at least 20ms" +// +kubebuilder:validation:XValidation:rule="!has(self.responseTrailers) || self.direction == 'Response' || self.direction == 'Both'",message="responseTrailers can only be specified when direction is Response or Both" type BandwidthLimitSpec struct { // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. // @@ -58,8 +59,8 @@ type BandwidthLimitSpec struct { } type BandwidthLimitResponseTrailers struct { - // Enable specifies whether to append trailer headers with delay metrics. - // Defaults to false. + // Prefix is prepended to each trailer header name with delay metrics. + // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". // // The following four trailers can be added: // "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -71,12 +72,6 @@ type BandwidthLimitResponseTrailers struct { // // Only effective when Direction is Response or Both. // - // +kubebuilder:default=false - Enable bool `json:"enable"` - - // Prefix is prepended to each trailer header name. - // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - // // +optional Prefix *string `json:"prefix,omitempty"` } diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 0e7d864d7d..cad6f29bed 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -88,11 +88,10 @@ spec: BandwidthLimitResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: - enable: - default: false + prefix: description: |- - Enable specifies whether to append trailer headers with delay metrics. - Defaults to false. + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -103,14 +102,7 @@ spec: "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. Only effective when Direction is Response or Both. - type: boolean - prefix: - description: |- - Prefix is prepended to each trailer header name. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". type: string - required: - - enable type: object required: - direction @@ -120,6 +112,10 @@ spec: - message: fillInterval must be at least 20ms rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= duration(''20ms''))' + - message: responseTrailers can only be specified when direction is + Response or Both + rule: '!has(self.responseTrailers) || self.direction == ''Response'' + || self.direction == ''Both''' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 4d7eb921b1..07f905bef5 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -87,11 +87,10 @@ spec: BandwidthLimitResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: - enable: - default: false + prefix: description: |- - Enable specifies whether to append trailer headers with delay metrics. - Defaults to false. + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -102,14 +101,7 @@ spec: "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. Only effective when Direction is Response or Both. - type: boolean - prefix: - description: |- - Prefix is prepended to each trailer header name. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". type: string - required: - - enable type: object required: - direction @@ -119,6 +111,10 @@ spec: - message: fillInterval must be at least 20ms rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= duration(''20ms''))' + - message: responseTrailers can only be specified when direction is + Response or Both + rule: '!has(self.responseTrailers) || self.direction == ''Response'' + || self.direction == ''Both''' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 540e44b2c0..bc216e76b3 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -628,8 +628,7 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `enable` | _boolean_ | true | false | Enable specifies whether to append trailer headers with delay metrics.
Defaults to false.
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter.
Only effective when Direction is Response or Both. | -| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". | +| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name with delay metrics.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms".
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter.
Only effective when Direction is Response or Both. | #### BandwidthLimitSpec diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go index c40689176e..c7d860fd5a 100644 --- a/test/cel-validation/backendtrafficpolicy_test.go +++ b/test/cel-validation/backendtrafficpolicy_test.go @@ -2752,6 +2752,122 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, wantErrors: []string{"either compression or compressor can be set, not both"}, }, + { + desc: "valid bandwidthLimit with fillInterval of 20ms", + mutate: func(btp *egv1a1.BackendTrafficPolicy) { + btp.Spec = egv1a1.BackendTrafficPolicySpec{ + PolicyTargetReferences: egv1a1.PolicyTargetReferences{ + TargetRef: &gwapiv1.LocalPolicyTargetReferenceWithSectionName{ + LocalPolicyTargetReference: gwapiv1.LocalPolicyTargetReference{ + Group: "gateway.networking.k8s.io", + Kind: "Gateway", + Name: "eg", + }, + }, + }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{ + Limit: resource.MustParse("10M"), + Direction: egv1a1.BandwidthLimitDirectionBoth, + FillInterval: ptr.To(gwapiv1.Duration("20ms")), + }, + } + }, + wantErrors: []string{}, + }, + { + desc: "invalid bandwidthLimit with fillInterval less than 20ms", + mutate: func(btp *egv1a1.BackendTrafficPolicy) { + btp.Spec = egv1a1.BackendTrafficPolicySpec{ + PolicyTargetReferences: egv1a1.PolicyTargetReferences{ + TargetRef: &gwapiv1.LocalPolicyTargetReferenceWithSectionName{ + LocalPolicyTargetReference: gwapiv1.LocalPolicyTargetReference{ + Group: "gateway.networking.k8s.io", + Kind: "Gateway", + Name: "eg", + }, + }, + }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{ + Limit: resource.MustParse("10M"), + Direction: egv1a1.BandwidthLimitDirectionBoth, + FillInterval: ptr.To(gwapiv1.Duration("19ms")), + }, + } + }, + wantErrors: []string{"fillInterval must be at least 20ms"}, + }, + { + desc: "valid bandwidthLimit with direction Response and responseTrailers", + mutate: func(btp *egv1a1.BackendTrafficPolicy) { + btp.Spec = egv1a1.BackendTrafficPolicySpec{ + PolicyTargetReferences: egv1a1.PolicyTargetReferences{ + TargetRef: &gwapiv1.LocalPolicyTargetReferenceWithSectionName{ + LocalPolicyTargetReference: gwapiv1.LocalPolicyTargetReference{ + Group: "gateway.networking.k8s.io", + Kind: "Gateway", + Name: "eg", + }, + }, + }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{ + Limit: resource.MustParse("10M"), + Direction: egv1a1.BandwidthLimitDirectionResponse, + ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ + Prefix: ptr.To("x-eg"), + }, + }, + } + }, + wantErrors: []string{}, + }, + { + desc: "valid bandwidthLimit with direction Both and responseTrailers", + mutate: func(btp *egv1a1.BackendTrafficPolicy) { + btp.Spec = egv1a1.BackendTrafficPolicySpec{ + PolicyTargetReferences: egv1a1.PolicyTargetReferences{ + TargetRef: &gwapiv1.LocalPolicyTargetReferenceWithSectionName{ + LocalPolicyTargetReference: gwapiv1.LocalPolicyTargetReference{ + Group: "gateway.networking.k8s.io", + Kind: "Gateway", + Name: "eg", + }, + }, + }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{ + Limit: resource.MustParse("10M"), + Direction: egv1a1.BandwidthLimitDirectionBoth, + ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ + Prefix: ptr.To("x-eg"), + }, + }, + } + }, + wantErrors: []string{}, + }, + { + desc: "invalid bandwidthLimit with direction Request and responseTrailers", + mutate: func(btp *egv1a1.BackendTrafficPolicy) { + btp.Spec = egv1a1.BackendTrafficPolicySpec{ + PolicyTargetReferences: egv1a1.PolicyTargetReferences{ + TargetRef: &gwapiv1.LocalPolicyTargetReferenceWithSectionName{ + LocalPolicyTargetReference: gwapiv1.LocalPolicyTargetReference{ + Group: "gateway.networking.k8s.io", + Kind: "Gateway", + Name: "eg", + }, + }, + }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{ + Limit: resource.MustParse("10M"), + Direction: egv1a1.BandwidthLimitDirectionRequest, + ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ + Prefix: ptr.To("x-eg"), + }, + }, + } + }, + wantErrors: []string{"responseTrailers can only be specified when direction is Response or Both"}, + }, } for _, tc := range cases { diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index b55c576c00..4fd5a60893 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22615,11 +22615,10 @@ spec: BandwidthLimitResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: - enable: - default: false + prefix: description: |- - Enable specifies whether to append trailer headers with delay metrics. - Defaults to false. + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -22630,14 +22629,7 @@ spec: "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. Only effective when Direction is Response or Both. - type: boolean - prefix: - description: |- - Prefix is prepended to each trailer header name. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". type: string - required: - - enable type: object required: - direction @@ -22647,6 +22639,10 @@ spec: - message: fillInterval must be at least 20ms rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= duration(''20ms''))' + - message: responseTrailers can only be specified when direction is + Response or Both + rule: '!has(self.responseTrailers) || self.direction == ''Response'' + || self.direction == ''Both''' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index decd56f177..730859b50b 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -588,11 +588,10 @@ spec: BandwidthLimitResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: - enable: - default: false + prefix: description: |- - Enable specifies whether to append trailer headers with delay metrics. - Defaults to false. + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -603,14 +602,7 @@ spec: "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. Only effective when Direction is Response or Both. - type: boolean - prefix: - description: |- - Prefix is prepended to each trailer header name. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". type: string - required: - - enable type: object required: - direction @@ -620,6 +612,10 @@ spec: - message: fillInterval must be at least 20ms rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= duration(''20ms''))' + - message: responseTrailers can only be specified when direction is + Response or Both + rule: '!has(self.responseTrailers) || self.direction == ''Response'' + || self.direction == ''Both''' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index e5ee8e1329..8317273d40 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -588,11 +588,10 @@ spec: BandwidthLimitResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: - enable: - default: false + prefix: description: |- - Enable specifies whether to append trailer headers with delay metrics. - Defaults to false. + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer @@ -603,14 +602,7 @@ spec: "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. Only effective when Direction is Response or Both. - type: boolean - prefix: - description: |- - Prefix is prepended to each trailer header name. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". type: string - required: - - enable type: object required: - direction @@ -620,6 +612,10 @@ spec: - message: fillInterval must be at least 20ms rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= duration(''20ms''))' + - message: responseTrailers can only be specified when direction is + Response or Both + rule: '!has(self.responseTrailers) || self.direction == ''Response'' + || self.direction == ''Both''' circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. From 1632e87edfddf782df4210151aacd1fe526bc459 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Tue, 7 Apr 2026 01:08:23 +0900 Subject: [PATCH 3/9] api: redesign BandwidthLimitSpec with separate request/response configs Signed-off-by: kkk777-7 --- api/v1alpha1/bandwidthlimit_types.go | 56 ++++----- api/v1alpha1/zz_generated.deepcopy.go | 52 +++++++-- ....envoyproxy.io_backendtrafficpolicies.yaml | 108 +++++++++--------- ....envoyproxy.io_backendtrafficpolicies.yaml | 108 +++++++++--------- site/content/en/latest/api/extension_types.md | 39 ++++--- .../backendtrafficpolicy_test.go | 52 ++++----- test/helm/gateway-crds-helm/all.out.yaml | 108 +++++++++--------- test/helm/gateway-crds-helm/e2e.out.yaml | 108 +++++++++--------- .../envoy-gateway-crds.out.yaml | 108 +++++++++--------- 9 files changed, 375 insertions(+), 364 deletions(-) diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go index 09c80e4d11..fad1e6fc71 100644 --- a/api/v1alpha1/bandwidthlimit_types.go +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -7,51 +7,41 @@ package v1alpha1 import ( "k8s.io/apimachinery/pkg/api/resource" - gwapiv1 "sigs.k8s.io/gateway-api/apis/v1" -) - -// BandwidthLimitDirection specifies which direction of traffic the bandwidth limit applies to. -// -// +kubebuilder:validation:Enum=Request;Response;Both -type BandwidthLimitDirection string - -const ( - // BandwidthLimitDirectionRequest limits traffic from the client to the upstream. - BandwidthLimitDirectionRequest BandwidthLimitDirection = "Request" - - // BandwidthLimitDirectionResponse limits traffic from the upstream to the client. - BandwidthLimitDirectionResponse BandwidthLimitDirection = "Response" - - // BandwidthLimitDirectionBoth limits traffic in both directions. - BandwidthLimitDirectionBoth BandwidthLimitDirection = "Both" ) // BandwidthLimitSpec defines the desired state of BandwidthLimit. // -// +kubebuilder:validation:XValidation:rule="!has(self.fillInterval) || (duration(self.fillInterval) >= duration('20ms'))",message="fillInterval must be at least 20ms" -// +kubebuilder:validation:XValidation:rule="!has(self.responseTrailers) || self.direction == 'Response' || self.direction == 'Both'",message="responseTrailers can only be specified when direction is Response or Both" +// +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.response)",message="at least one of request or response must be specified" type BandwidthLimitSpec struct { + // Request configures the bandwidth limit for client-to-upstream (ingress) traffic. + // + // +optional + Request *BandwidthLimitRequestConfig `json:"request,omitempty"` + + // Response configures the bandwidth limit for upstream-to-client (egress) traffic. + // + // +optional + Response *BandwidthLimitResponseConfig `json:"response,omitempty"` +} + +// BandwidthLimitRequestConfig defines the bandwidth limit configuration for the request direction. +type BandwidthLimitRequestConfig struct { // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. // // +kubebuilder:validation:XIntOrString // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" Limit resource.Quantity `json:"limit"` +} - // Direction controls which traffic direction the bandwidth limit applies to. - // Request limits traffic from the client to the upstream (ingress). - // Response limits traffic from the upstream to the client (egress). - // Both limits traffic in both directions. - // - // +kubebuilder:default=Both - Direction BandwidthLimitDirection `json:"direction"` - - // FillInterval is the token bucket refill interval. - // Minimum allowed value is 20ms. Defaults to 50ms if not specified. +// BandwidthLimitResponseConfig defines the bandwidth limit configuration for the response direction. +type BandwidthLimitResponseConfig struct { + // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. // - // +optional - FillInterval *gwapiv1.Duration `json:"fillInterval,omitempty"` + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" + Limit resource.Quantity `json:"limit"` - // BandwidthLimitResponseTrailers configures the trailer headers appended to responses + // ResponseTrailers con figures the trailer headers appended to responses // when bandwidth limiting introduces delays. // // +optional @@ -70,8 +60,6 @@ type BandwidthLimitResponseTrailers struct { // "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. // "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. // - // Only effective when Direction is Response or Both. - // // +optional Prefix *string `json:"prefix,omitempty"` } diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index c8ae08efdd..f0e317fdd5 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -864,6 +864,43 @@ func (in *BackendUtilization) DeepCopy() *BackendUtilization { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BandwidthLimitRequestConfig) DeepCopyInto(out *BandwidthLimitRequestConfig) { + *out = *in + out.Limit = in.Limit.DeepCopy() +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitRequestConfig. +func (in *BandwidthLimitRequestConfig) DeepCopy() *BandwidthLimitRequestConfig { + if in == nil { + return nil + } + out := new(BandwidthLimitRequestConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BandwidthLimitResponseConfig) DeepCopyInto(out *BandwidthLimitResponseConfig) { + *out = *in + out.Limit = in.Limit.DeepCopy() + if in.ResponseTrailers != nil { + in, out := &in.ResponseTrailers, &out.ResponseTrailers + *out = new(BandwidthLimitResponseTrailers) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitResponseConfig. +func (in *BandwidthLimitResponseConfig) DeepCopy() *BandwidthLimitResponseConfig { + if in == nil { + return nil + } + out := new(BandwidthLimitResponseConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BandwidthLimitResponseTrailers) DeepCopyInto(out *BandwidthLimitResponseTrailers) { *out = *in @@ -887,15 +924,14 @@ func (in *BandwidthLimitResponseTrailers) DeepCopy() *BandwidthLimitResponseTrai // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BandwidthLimitSpec) DeepCopyInto(out *BandwidthLimitSpec) { *out = *in - out.Limit = in.Limit.DeepCopy() - if in.FillInterval != nil { - in, out := &in.FillInterval, &out.FillInterval - *out = new(v1.Duration) - **out = **in + if in.Request != nil { + in, out := &in.Request, &out.Request + *out = new(BandwidthLimitRequestConfig) + (*in).DeepCopyInto(*out) } - if in.ResponseTrailers != nil { - in, out := &in.ResponseTrailers, &out.ResponseTrailers - *out = new(BandwidthLimitResponseTrailers) + if in.Response != nil { + in, out := &in.Response, &out.Response + *out = new(BandwidthLimitResponseConfig) (*in).DeepCopyInto(*out) } } diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 019981383c..cb8b0d2175 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -55,67 +55,63 @@ spec: BandwidthLimit allows the user to limit the bandwidth of traffic sent to and received from the backend. properties: - direction: - default: Both - description: |- - Direction controls which traffic direction the bandwidth limit applies to. - Request limits traffic from the client to the upstream (ingress). - Response limits traffic from the upstream to the client (egress). - Both limits traffic in both directions. - enum: - - Request - - Response - - Both - type: string - fillInterval: - description: |- - FillInterval is the token bucket refill interval. - Minimum allowed value is 20ms. Defaults to 50ms if not specified. - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second - throughput rate. - x-kubernetes-int-or-string: true - responseTrailers: - description: |- - BandwidthLimitResponseTrailers configures the trailer headers appended to responses - when bandwidth limiting introduces delays. + request: + description: Request configures the bandwidth limit for client-to-upstream + (ingress) traffic. properties: - prefix: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + required: + - limit + type: object + response: + description: Response configures the bandwidth limit for upstream-to-client + (egress) traffic. + properties: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - - The following four trailers can be added: - "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer - including request body transfer time and the time added by the filter. - "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer - including response body transfer time and the time added by the filter. - "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. - "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. - - Only effective when Direction is Response or Both. - type: string + ResponseTrailers con figures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + prefix: + description: |- + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + type: string + type: object + required: + - limit type: object - required: - - direction - - limit type: object x-kubernetes-validations: - - message: fillInterval must be at least 20ms - rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= - duration(''20ms''))' - - message: responseTrailers can only be specified when direction is - Response or Both - rule: '!has(self.responseTrailers) || self.direction == ''Response'' - || self.direction == ''Both''' + - message: at least one of request or response must be specified + rule: has(self.request) || has(self.response) circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 95e33e7f71..989a2afd1d 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -54,67 +54,63 @@ spec: BandwidthLimit allows the user to limit the bandwidth of traffic sent to and received from the backend. properties: - direction: - default: Both - description: |- - Direction controls which traffic direction the bandwidth limit applies to. - Request limits traffic from the client to the upstream (ingress). - Response limits traffic from the upstream to the client (egress). - Both limits traffic in both directions. - enum: - - Request - - Response - - Both - type: string - fillInterval: - description: |- - FillInterval is the token bucket refill interval. - Minimum allowed value is 20ms. Defaults to 50ms if not specified. - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second - throughput rate. - x-kubernetes-int-or-string: true - responseTrailers: - description: |- - BandwidthLimitResponseTrailers configures the trailer headers appended to responses - when bandwidth limiting introduces delays. + request: + description: Request configures the bandwidth limit for client-to-upstream + (ingress) traffic. properties: - prefix: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + required: + - limit + type: object + response: + description: Response configures the bandwidth limit for upstream-to-client + (egress) traffic. + properties: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - - The following four trailers can be added: - "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer - including request body transfer time and the time added by the filter. - "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer - including response body transfer time and the time added by the filter. - "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. - "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. - - Only effective when Direction is Response or Both. - type: string + ResponseTrailers con figures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + prefix: + description: |- + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + type: string + type: object + required: + - limit type: object - required: - - direction - - limit type: object x-kubernetes-validations: - - message: fillInterval must be at least 20ms - rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= - duration(''20ms''))' - - message: responseTrailers can only be specified when direction is - Response or Both - rule: '!has(self.responseTrailers) || self.direction == ''Response'' - || self.direction == ''Both''' + - message: at least one of request or response must be specified + rule: has(self.request) || has(self.response) circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index e206617391..2427cc0d68 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -600,20 +600,33 @@ _Appears in:_ | `keepResponseHeaders` | _boolean_ | false | false | KeepResponseHeaders keeps the ORCA load report headers/trailers before sending the response to the client.
Defaults to false. | -#### BandwidthLimitDirection +#### BandwidthLimitRequestConfig + -_Underlying type:_ _string_ -BandwidthLimitDirection specifies which direction of traffic the bandwidth limit applies to. +BandwidthLimitRequestConfig defines the bandwidth limit configuration for the request direction. _Appears in:_ - [BandwidthLimitSpec](#bandwidthlimitspec) -| Value | Description | -| ----- | ----------- | -| `Request` | BandwidthLimitDirectionRequest limits traffic from the client to the upstream.
| -| `Response` | BandwidthLimitDirectionResponse limits traffic from the upstream to the client.
| -| `Both` | BandwidthLimitDirectionBoth limits traffic in both directions.
| +| Field | Type | Required | Default | Description | +| --- | --- | --- | --- | --- | +| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | + + +#### BandwidthLimitResponseConfig + + + +BandwidthLimitResponseConfig defines the bandwidth limit configuration for the response direction. + +_Appears in:_ +- [BandwidthLimitSpec](#bandwidthlimitspec) + +| Field | Type | Required | Default | Description | +| --- | --- | --- | --- | --- | +| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | +| `responseTrailers` | _[BandwidthLimitResponseTrailers](#bandwidthlimitresponsetrailers)_ | false | | ResponseTrailers con figures the trailer headers appended to responses
when bandwidth limiting introduces delays. | #### BandwidthLimitResponseTrailers @@ -623,11 +636,11 @@ _Appears in:_ _Appears in:_ -- [BandwidthLimitSpec](#bandwidthlimitspec) +- [BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig) | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name with delay metrics.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms".
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter.
Only effective when Direction is Response or Both. | +| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name with delay metrics.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms".
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. | #### BandwidthLimitSpec @@ -641,10 +654,8 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | -| `direction` | _[BandwidthLimitDirection](#bandwidthlimitdirection)_ | true | Both | Direction controls which traffic direction the bandwidth limit applies to.
Request limits traffic from the client to the upstream (ingress).
Response limits traffic from the upstream to the client (egress).
Both limits traffic in both directions. | -| `fillInterval` | _[Duration](https://gateway-api.sigs.k8s.io/reference/1.4/spec/#duration)_ | false | | FillInterval is the token bucket refill interval.
Minimum allowed value is 20ms. Defaults to 50ms if not specified. | -| `responseTrailers` | _[BandwidthLimitResponseTrailers](#bandwidthlimitresponsetrailers)_ | false | | BandwidthLimitResponseTrailers configures the trailer headers appended to responses
when bandwidth limiting introduces delays. | +| `request` | _[BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig)_ | false | | Request configures the bandwidth limit for client-to-upstream (ingress) traffic. | +| `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures the bandwidth limit for upstream-to-client (egress) traffic. | #### BasicAuth diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go index c7d860fd5a..48770090ef 100644 --- a/test/cel-validation/backendtrafficpolicy_test.go +++ b/test/cel-validation/backendtrafficpolicy_test.go @@ -2753,7 +2753,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { wantErrors: []string{"either compression or compressor can be set, not both"}, }, { - desc: "valid bandwidthLimit with fillInterval of 20ms", + desc: "valid bandwidthLimit with request only", mutate: func(btp *egv1a1.BackendTrafficPolicy) { btp.Spec = egv1a1.BackendTrafficPolicySpec{ PolicyTargetReferences: egv1a1.PolicyTargetReferences{ @@ -2766,16 +2766,16 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ - Limit: resource.MustParse("10M"), - Direction: egv1a1.BandwidthLimitDirectionBoth, - FillInterval: ptr.To(gwapiv1.Duration("20ms")), + Request: &egv1a1.BandwidthLimitRequestConfig{ + Limit: resource.MustParse("10M"), + }, }, } }, wantErrors: []string{}, }, { - desc: "invalid bandwidthLimit with fillInterval less than 20ms", + desc: "valid bandwidthLimit with response only", mutate: func(btp *egv1a1.BackendTrafficPolicy) { btp.Spec = egv1a1.BackendTrafficPolicySpec{ PolicyTargetReferences: egv1a1.PolicyTargetReferences{ @@ -2788,16 +2788,16 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ - Limit: resource.MustParse("10M"), - Direction: egv1a1.BandwidthLimitDirectionBoth, - FillInterval: ptr.To(gwapiv1.Duration("19ms")), + Response: &egv1a1.BandwidthLimitResponseConfig{ + Limit: resource.MustParse("100M"), + }, }, } }, - wantErrors: []string{"fillInterval must be at least 20ms"}, + wantErrors: []string{}, }, { - desc: "valid bandwidthLimit with direction Response and responseTrailers", + desc: "valid bandwidthLimit with request and response set to different limits", mutate: func(btp *egv1a1.BackendTrafficPolicy) { btp.Spec = egv1a1.BackendTrafficPolicySpec{ PolicyTargetReferences: egv1a1.PolicyTargetReferences{ @@ -2810,10 +2810,11 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ - Limit: resource.MustParse("10M"), - Direction: egv1a1.BandwidthLimitDirectionResponse, - ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ - Prefix: ptr.To("x-eg"), + Request: &egv1a1.BandwidthLimitRequestConfig{ + Limit: resource.MustParse("10M"), + }, + Response: &egv1a1.BandwidthLimitResponseConfig{ + Limit: resource.MustParse("100M"), }, }, } @@ -2821,7 +2822,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { wantErrors: []string{}, }, { - desc: "valid bandwidthLimit with direction Both and responseTrailers", + desc: "valid bandwidthLimit with response and responseTrailers", mutate: func(btp *egv1a1.BackendTrafficPolicy) { btp.Spec = egv1a1.BackendTrafficPolicySpec{ PolicyTargetReferences: egv1a1.PolicyTargetReferences{ @@ -2834,10 +2835,11 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ - Limit: resource.MustParse("10M"), - Direction: egv1a1.BandwidthLimitDirectionBoth, - ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ - Prefix: ptr.To("x-eg"), + Response: &egv1a1.BandwidthLimitResponseConfig{ + Limit: resource.MustParse("10M"), + ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ + Prefix: ptr.To("x-eg"), + }, }, }, } @@ -2845,7 +2847,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { wantErrors: []string{}, }, { - desc: "invalid bandwidthLimit with direction Request and responseTrailers", + desc: "invalid bandwidthLimit with neither request nor response", mutate: func(btp *egv1a1.BackendTrafficPolicy) { btp.Spec = egv1a1.BackendTrafficPolicySpec{ PolicyTargetReferences: egv1a1.PolicyTargetReferences{ @@ -2857,16 +2859,10 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, }, }, - BandwidthLimit: &egv1a1.BandwidthLimitSpec{ - Limit: resource.MustParse("10M"), - Direction: egv1a1.BandwidthLimitDirectionRequest, - ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ - Prefix: ptr.To("x-eg"), - }, - }, + BandwidthLimit: &egv1a1.BandwidthLimitSpec{}, } }, - wantErrors: []string{"responseTrailers can only be specified when direction is Response or Both"}, + wantErrors: []string{"at least one of request or response must be specified"}, }, } diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index f121699fe7..efaa389046 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22582,67 +22582,63 @@ spec: BandwidthLimit allows the user to limit the bandwidth of traffic sent to and received from the backend. properties: - direction: - default: Both - description: |- - Direction controls which traffic direction the bandwidth limit applies to. - Request limits traffic from the client to the upstream (ingress). - Response limits traffic from the upstream to the client (egress). - Both limits traffic in both directions. - enum: - - Request - - Response - - Both - type: string - fillInterval: - description: |- - FillInterval is the token bucket refill interval. - Minimum allowed value is 20ms. Defaults to 50ms if not specified. - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second - throughput rate. - x-kubernetes-int-or-string: true - responseTrailers: - description: |- - BandwidthLimitResponseTrailers configures the trailer headers appended to responses - when bandwidth limiting introduces delays. + request: + description: Request configures the bandwidth limit for client-to-upstream + (ingress) traffic. properties: - prefix: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + required: + - limit + type: object + response: + description: Response configures the bandwidth limit for upstream-to-client + (egress) traffic. + properties: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - - The following four trailers can be added: - "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer - including request body transfer time and the time added by the filter. - "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer - including response body transfer time and the time added by the filter. - "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. - "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. - - Only effective when Direction is Response or Both. - type: string + ResponseTrailers con figures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + prefix: + description: |- + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + type: string + type: object + required: + - limit type: object - required: - - direction - - limit type: object x-kubernetes-validations: - - message: fillInterval must be at least 20ms - rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= - duration(''20ms''))' - - message: responseTrailers can only be specified when direction is - Response or Both - rule: '!has(self.responseTrailers) || self.direction == ''Response'' - || self.direction == ''Both''' + - message: at least one of request or response must be specified + rule: has(self.request) || has(self.response) circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index 443f31233d..c20658ceca 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -555,67 +555,63 @@ spec: BandwidthLimit allows the user to limit the bandwidth of traffic sent to and received from the backend. properties: - direction: - default: Both - description: |- - Direction controls which traffic direction the bandwidth limit applies to. - Request limits traffic from the client to the upstream (ingress). - Response limits traffic from the upstream to the client (egress). - Both limits traffic in both directions. - enum: - - Request - - Response - - Both - type: string - fillInterval: - description: |- - FillInterval is the token bucket refill interval. - Minimum allowed value is 20ms. Defaults to 50ms if not specified. - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second - throughput rate. - x-kubernetes-int-or-string: true - responseTrailers: - description: |- - BandwidthLimitResponseTrailers configures the trailer headers appended to responses - when bandwidth limiting introduces delays. + request: + description: Request configures the bandwidth limit for client-to-upstream + (ingress) traffic. properties: - prefix: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + required: + - limit + type: object + response: + description: Response configures the bandwidth limit for upstream-to-client + (egress) traffic. + properties: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - - The following four trailers can be added: - "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer - including request body transfer time and the time added by the filter. - "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer - including response body transfer time and the time added by the filter. - "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. - "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. - - Only effective when Direction is Response or Both. - type: string + ResponseTrailers con figures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + prefix: + description: |- + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + type: string + type: object + required: + - limit type: object - required: - - direction - - limit type: object x-kubernetes-validations: - - message: fillInterval must be at least 20ms - rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= - duration(''20ms''))' - - message: responseTrailers can only be specified when direction is - Response or Both - rule: '!has(self.responseTrailers) || self.direction == ''Response'' - || self.direction == ''Both''' + - message: at least one of request or response must be specified + rule: has(self.request) || has(self.response) circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index 32e2646de3..10c6c76c6e 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -555,67 +555,63 @@ spec: BandwidthLimit allows the user to limit the bandwidth of traffic sent to and received from the backend. properties: - direction: - default: Both - description: |- - Direction controls which traffic direction the bandwidth limit applies to. - Request limits traffic from the client to the upstream (ingress). - Response limits traffic from the upstream to the client (egress). - Both limits traffic in both directions. - enum: - - Request - - Response - - Both - type: string - fillInterval: - description: |- - FillInterval is the token bucket refill interval. - Minimum allowed value is 20ms. Defaults to 50ms if not specified. - pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$ - type: string - limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second - throughput rate. - x-kubernetes-int-or-string: true - responseTrailers: - description: |- - BandwidthLimitResponseTrailers configures the trailer headers appended to responses - when bandwidth limiting introduces delays. + request: + description: Request configures the bandwidth limit for client-to-upstream + (ingress) traffic. properties: - prefix: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + required: + - limit + type: object + response: + description: Response configures the bandwidth limit for upstream-to-client + (egress) traffic. + properties: + limit: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Limit specifies the bandwidth limit as a bytes-per-second + throughput rate. + x-kubernetes-int-or-string: true + responseTrailers: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". - - The following four trailers can be added: - "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer - including request body transfer time and the time added by the filter. - "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer - including response body transfer time and the time added by the filter. - "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. - "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. - - Only effective when Direction is Response or Both. - type: string + ResponseTrailers con figures the trailer headers appended to responses + when bandwidth limiting introduces delays. + properties: + prefix: + description: |- + Prefix is prepended to each trailer header name with delay metrics. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + + The following four trailers can be added: + "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer + including request body transfer time and the time added by the filter. + "bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer + including response body transfer time and the time added by the filter. + "bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter. + "bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. + type: string + type: object + required: + - limit type: object - required: - - direction - - limit type: object x-kubernetes-validations: - - message: fillInterval must be at least 20ms - rule: '!has(self.fillInterval) || (duration(self.fillInterval) >= - duration(''20ms''))' - - message: responseTrailers can only be specified when direction is - Response or Both - rule: '!has(self.responseTrailers) || self.direction == ''Response'' - || self.direction == ''Both''' + - message: at least one of request or response must be specified + rule: has(self.request) || has(self.response) circuitBreaker: description: |- Circuit Breaker settings for the upstream connections and requests. From ee25b2a6d9585cc9e18c01301729e26ab33b5386 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 15 Apr 2026 00:54:20 +0900 Subject: [PATCH 4/9] define bandwidth limit value and update crd comments Signed-off-by: kkk777-7 --- api/v1alpha1/bandwidthlimit_types.go | 32 ++++---- api/v1alpha1/zz_generated.deepcopy.go | 20 ++++- ....envoyproxy.io_backendtrafficpolicies.yaml | 78 ++++++++++++++----- ....envoyproxy.io_backendtrafficpolicies.yaml | 78 ++++++++++++++----- site/content/en/latest/api/extension_types.md | 27 +++++-- test/helm/gateway-crds-helm/all.out.yaml | 78 ++++++++++++++----- test/helm/gateway-crds-helm/e2e.out.yaml | 78 ++++++++++++++----- .../envoy-gateway-crds.out.yaml | 78 ++++++++++++++----- 8 files changed, 344 insertions(+), 125 deletions(-) diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go index fad1e6fc71..9f1b257334 100644 --- a/api/v1alpha1/bandwidthlimit_types.go +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -13,12 +13,12 @@ import ( // // +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.response)",message="at least one of request or response must be specified" type BandwidthLimitSpec struct { - // Request configures the bandwidth limit for client-to-upstream (ingress) traffic. + // Request configures the bandwidth limit for incoming traffic (gateway to backend). // // +optional Request *BandwidthLimitRequestConfig `json:"request,omitempty"` - // Response configures the bandwidth limit for upstream-to-client (egress) traffic. + // Response configures the bandwidth limit for outgoing traffic (backend to gateway). // // +optional Response *BandwidthLimitResponseConfig `json:"response,omitempty"` @@ -26,28 +26,34 @@ type BandwidthLimitSpec struct { // BandwidthLimitRequestConfig defines the bandwidth limit configuration for the request direction. type BandwidthLimitRequestConfig struct { - // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. - // - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" - Limit resource.Quantity `json:"limit"` + // Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. + Limit BandwidthLimitValue `json:"limit"` } // BandwidthLimitResponseConfig defines the bandwidth limit configuration for the response direction. type BandwidthLimitResponseConfig struct { - // Limit specifies the bandwidth limit as a bytes-per-second throughput rate. - // - // +kubebuilder:validation:XIntOrString - // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" - Limit resource.Quantity `json:"limit"` + // Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. + Limit BandwidthLimitValue `json:"limit"` - // ResponseTrailers con figures the trailer headers appended to responses + // ResponseTrailers configures the trailer headers appended to responses // when bandwidth limiting introduces delays. // // +optional ResponseTrailers *BandwidthLimitResponseTrailers `json:"responseTrailers,omitempty"` } +// BandwidthLimitValue defines the bandwidth limit value and its time unit. +type BandwidthLimitValue struct { + // Request specifies the bandwidth limit. + // + // +kubebuilder:validation:XIntOrString + // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" + Request resource.Quantity `json:"request"` + + // Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). + Unit RateLimitUnit `json:"unit"` +} + type BandwidthLimitResponseTrailers struct { // Prefix is prepended to each trailer header name with delay metrics. // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index b882eb0330..afbc3e2bc5 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -867,7 +867,7 @@ func (in *BackendUtilization) DeepCopy() *BackendUtilization { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BandwidthLimitRequestConfig) DeepCopyInto(out *BandwidthLimitRequestConfig) { *out = *in - out.Limit = in.Limit.DeepCopy() + in.Limit.DeepCopyInto(&out.Limit) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitRequestConfig. @@ -883,7 +883,7 @@ func (in *BandwidthLimitRequestConfig) DeepCopy() *BandwidthLimitRequestConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BandwidthLimitResponseConfig) DeepCopyInto(out *BandwidthLimitResponseConfig) { *out = *in - out.Limit = in.Limit.DeepCopy() + in.Limit.DeepCopyInto(&out.Limit) if in.ResponseTrailers != nil { in, out := &in.ResponseTrailers, &out.ResponseTrailers *out = new(BandwidthLimitResponseTrailers) @@ -946,6 +946,22 @@ func (in *BandwidthLimitSpec) DeepCopy() *BandwidthLimitSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BandwidthLimitValue) DeepCopyInto(out *BandwidthLimitValue) { + *out = *in + out.Request = in.Request.DeepCopy() +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitValue. +func (in *BandwidthLimitValue) DeepCopy() *BandwidthLimitValue { + if in == nil { + return nil + } + out := new(BandwidthLimitValue) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BasicAuth) DeepCopyInto(out *BasicAuth) { *out = *in diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index e86a72e287..4ffe3dec55 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -56,39 +56,75 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for client-to-upstream - (ingress) traffic. + description: Request configures the bandwidth limit for incoming + traffic (gateway to backend). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object required: - limit type: object response: - description: Response configures the bandwidth limit for upstream-to-client - (egress) traffic. + description: Response configures the bandwidth limit for outgoing + traffic (backend to gateway). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object responseTrailers: description: |- - ResponseTrailers con figures the trailer headers appended to responses + ResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: prefix: diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index d097249146..df553df931 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -55,39 +55,75 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for client-to-upstream - (ingress) traffic. + description: Request configures the bandwidth limit for incoming + traffic (gateway to backend). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object required: - limit type: object response: - description: Response configures the bandwidth limit for upstream-to-client - (egress) traffic. + description: Response configures the bandwidth limit for outgoing + traffic (backend to gateway). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object responseTrailers: description: |- - ResponseTrailers con figures the trailer headers appended to responses + ResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: prefix: diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 2081916cbe..2b2d3f7c10 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -611,7 +611,7 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | +| `limit` | _[BandwidthLimitValue](#bandwidthlimitvalue)_ | true | | Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. | #### BandwidthLimitResponseConfig @@ -625,8 +625,8 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `limit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Limit specifies the bandwidth limit as a bytes-per-second throughput rate. | -| `responseTrailers` | _[BandwidthLimitResponseTrailers](#bandwidthlimitresponsetrailers)_ | false | | ResponseTrailers con figures the trailer headers appended to responses
when bandwidth limiting introduces delays. | +| `limit` | _[BandwidthLimitValue](#bandwidthlimitvalue)_ | true | | Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. | +| `responseTrailers` | _[BandwidthLimitResponseTrailers](#bandwidthlimitresponsetrailers)_ | false | | ResponseTrailers configures the trailer headers appended to responses
when bandwidth limiting introduces delays. | #### BandwidthLimitResponseTrailers @@ -654,8 +654,24 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `request` | _[BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig)_ | false | | Request configures the bandwidth limit for client-to-upstream (ingress) traffic. | -| `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures the bandwidth limit for upstream-to-client (egress) traffic. | +| `request` | _[BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig)_ | false | | Request configures the bandwidth limit for incoming traffic (gateway to backend). | +| `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures the bandwidth limit for outgoing traffic (backend to gateway). | + + +#### BandwidthLimitValue + + + +BandwidthLimitValue defines the bandwidth limit value and its time unit. + +_Appears in:_ +- [BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig) +- [BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig) + +| Field | Type | Required | Default | Description | +| --- | --- | --- | --- | --- | +| `request` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Request specifies the bandwidth limit. | +| `unit` | _[RateLimitUnit](#ratelimitunit)_ | true | | Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). | #### BasicAuth @@ -5168,6 +5184,7 @@ RateLimitUnit specifies the intervals for setting rate limits. Valid RateLimitUnit values are "Second", "Minute", "Hour", "Day", "Month" and "Year". _Appears in:_ +- [BandwidthLimitValue](#bandwidthlimitvalue) - [RateLimitValue](#ratelimitvalue) | Value | Description | diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index 5a3b4285dd..66f7086221 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22583,39 +22583,75 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for client-to-upstream - (ingress) traffic. + description: Request configures the bandwidth limit for incoming + traffic (gateway to backend). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object required: - limit type: object response: - description: Response configures the bandwidth limit for upstream-to-client - (egress) traffic. + description: Response configures the bandwidth limit for outgoing + traffic (backend to gateway). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object responseTrailers: description: |- - ResponseTrailers con figures the trailer headers appended to responses + ResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: prefix: diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index e576e523d9..7523d2f329 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -556,39 +556,75 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for client-to-upstream - (ingress) traffic. + description: Request configures the bandwidth limit for incoming + traffic (gateway to backend). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object required: - limit type: object response: - description: Response configures the bandwidth limit for upstream-to-client - (egress) traffic. + description: Response configures the bandwidth limit for outgoing + traffic (backend to gateway). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object responseTrailers: description: |- - ResponseTrailers con figures the trailer headers appended to responses + ResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: prefix: diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index 1870208336..3949f99b53 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -556,39 +556,75 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for client-to-upstream - (ingress) traffic. + description: Request configures the bandwidth limit for incoming + traffic (gateway to backend). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object required: - limit type: object response: - description: Response configures the bandwidth limit for upstream-to-client - (egress) traffic. + description: Response configures the bandwidth limit for outgoing + traffic (backend to gateway). properties: limit: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Limit specifies the bandwidth limit as a bytes-per-second + description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. - x-kubernetes-int-or-string: true + properties: + request: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Request specifies the bandwidth limit. + x-kubernetes-int-or-string: true + unit: + description: Unit specifies the time unit for the bandwidth + limit (e.g. Second, Minute, Hour). + enum: + - Second + - Minute + - Hour + - Day + - Month + - Year + type: string + required: + - request + - unit + type: object responseTrailers: description: |- - ResponseTrailers con figures the trailer headers appended to responses + ResponseTrailers configures the trailer headers appended to responses when bandwidth limiting introduces delays. properties: prefix: From 6c9e730964473ed04b372d2dceae1f90d75455c5 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 15 Apr 2026 14:57:49 +0900 Subject: [PATCH 5/9] update crd comments Signed-off-by: kkk777-7 --- api/v1alpha1/bandwidthlimit_types.go | 14 ++--- api/v1alpha1/zz_generated.deepcopy.go | 2 +- ....envoyproxy.io_backendtrafficpolicies.yaml | 54 ++++++++++--------- ....envoyproxy.io_backendtrafficpolicies.yaml | 54 ++++++++++--------- site/content/en/latest/api/extension_types.md | 8 +-- test/helm/gateway-crds-helm/all.out.yaml | 54 ++++++++++--------- test/helm/gateway-crds-helm/e2e.out.yaml | 54 ++++++++++--------- .../envoy-gateway-crds.out.yaml | 54 ++++++++++--------- 8 files changed, 153 insertions(+), 141 deletions(-) diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go index 9f1b257334..3848c21215 100644 --- a/api/v1alpha1/bandwidthlimit_types.go +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -13,12 +13,12 @@ import ( // // +kubebuilder:validation:XValidation:rule="has(self.request) || has(self.response)",message="at least one of request or response must be specified" type BandwidthLimitSpec struct { - // Request configures the bandwidth limit for incoming traffic (gateway to backend). + // Request configures bandwidth limits for traffic sent to the backend. // // +optional Request *BandwidthLimitRequestConfig `json:"request,omitempty"` - // Response configures the bandwidth limit for outgoing traffic (backend to gateway). + // Response configures bandwidth limits for traffic sent from the backend. // // +optional Response *BandwidthLimitResponseConfig `json:"response,omitempty"` @@ -44,19 +44,21 @@ type BandwidthLimitResponseConfig struct { // BandwidthLimitValue defines the bandwidth limit value and its time unit. type BandwidthLimitValue struct { - // Request specifies the bandwidth limit. + // Value specifies the bandwidth limit. // // +kubebuilder:validation:XIntOrString // +kubebuilder:validation:Pattern="^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$" - Request resource.Quantity `json:"request"` + Value resource.Quantity `json:"value"` // Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). Unit RateLimitUnit `json:"unit"` } type BandwidthLimitResponseTrailers struct { - // Prefix is prepended to each trailer header name with delay metrics. - // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + // Prefix is prepended to each trailer header name. + // If not set, no prefix is added and the trailers are named as-is. + // For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + // while leaving it unset produces "bandwidth-request-delay-ms". // // The following four trailers can be added: // "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index afbc3e2bc5..590b974f1c 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -949,7 +949,7 @@ func (in *BandwidthLimitSpec) DeepCopy() *BandwidthLimitSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BandwidthLimitValue) DeepCopyInto(out *BandwidthLimitValue) { *out = *in - out.Request = in.Request.DeepCopy() + out.Value = in.Value.DeepCopy() } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BandwidthLimitValue. diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 4ffe3dec55..d21c55bcd6 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -56,22 +56,13 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for incoming - traffic (gateway to backend). + description: Request configures bandwidth limits for traffic sent + to the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -83,30 +74,30 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object required: - limit type: object response: - description: Response configures the bandwidth limit for outgoing - traffic (backend to gateway). + description: Response configures bandwidth limits for traffic + sent from the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -118,9 +109,18 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object responseTrailers: description: |- @@ -129,8 +129,10 @@ spec: properties: prefix: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + Prefix is prepended to each trailer header name. + If not set, no prefix is added and the trailers are named as-is. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + while leaving it unset produces "bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index df553df931..c6e936141d 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -55,22 +55,13 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for incoming - traffic (gateway to backend). + description: Request configures bandwidth limits for traffic sent + to the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -82,30 +73,30 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object required: - limit type: object response: - description: Response configures the bandwidth limit for outgoing - traffic (backend to gateway). + description: Response configures bandwidth limits for traffic + sent from the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -117,9 +108,18 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object responseTrailers: description: |- @@ -128,8 +128,10 @@ spec: properties: prefix: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + Prefix is prepended to each trailer header name. + If not set, no prefix is added and the trailers are named as-is. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + while leaving it unset produces "bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 2b2d3f7c10..df274b54cb 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -640,7 +640,7 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name with delay metrics.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms".
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. | +| `prefix` | _string_ | false | | Prefix is prepended to each trailer header name.
If not set, no prefix is added and the trailers are named as-is.
For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms",
while leaving it unset produces "bandwidth-request-delay-ms".
The following four trailers can be added:
"bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer
including request body transfer time and the time added by the filter.
"bandwidth-response-delay-ms" is delay time in milliseconds it took for the response stream transfer
including response body transfer time and the time added by the filter.
"bandwidth-request-filter-delay-ms" is delay time in milliseconds in request stream transfer added by the filter.
"bandwidth-response-filter-delay-ms" is delay time in milliseconds that added by the filter. | #### BandwidthLimitSpec @@ -654,8 +654,8 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `request` | _[BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig)_ | false | | Request configures the bandwidth limit for incoming traffic (gateway to backend). | -| `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures the bandwidth limit for outgoing traffic (backend to gateway). | +| `request` | _[BandwidthLimitRequestConfig](#bandwidthlimitrequestconfig)_ | false | | Request configures bandwidth limits for traffic sent to the backend. | +| `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures bandwidth limits for traffic sent from the backend. | #### BandwidthLimitValue @@ -670,7 +670,7 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | -| `request` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Request specifies the bandwidth limit. | +| `value` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Value specifies the bandwidth limit. | | `unit` | _[RateLimitUnit](#ratelimitunit)_ | true | | Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). | diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index 66f7086221..d25d1c374d 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22583,22 +22583,13 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for incoming - traffic (gateway to backend). + description: Request configures bandwidth limits for traffic sent + to the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -22610,30 +22601,30 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object required: - limit type: object response: - description: Response configures the bandwidth limit for outgoing - traffic (backend to gateway). + description: Response configures bandwidth limits for traffic + sent from the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -22645,9 +22636,18 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object responseTrailers: description: |- @@ -22656,8 +22656,10 @@ spec: properties: prefix: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + Prefix is prepended to each trailer header name. + If not set, no prefix is added and the trailers are named as-is. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + while leaving it unset produces "bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index 7523d2f329..1d76f43d00 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -556,22 +556,13 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for incoming - traffic (gateway to backend). + description: Request configures bandwidth limits for traffic sent + to the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -583,30 +574,30 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object required: - limit type: object response: - description: Response configures the bandwidth limit for outgoing - traffic (backend to gateway). + description: Response configures bandwidth limits for traffic + sent from the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -618,9 +609,18 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object responseTrailers: description: |- @@ -629,8 +629,10 @@ spec: properties: prefix: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + Prefix is prepended to each trailer header name. + If not set, no prefix is added and the trailers are named as-is. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + while leaving it unset produces "bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index 3949f99b53..c0fdf7980e 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -556,22 +556,13 @@ spec: sent to and received from the backend. properties: request: - description: Request configures the bandwidth limit for incoming - traffic (gateway to backend). + description: Request configures bandwidth limits for traffic sent + to the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -583,30 +574,30 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object required: - limit type: object response: - description: Response configures the bandwidth limit for outgoing - traffic (backend to gateway). + description: Response configures bandwidth limits for traffic + sent from the backend. properties: limit: description: Limit specifies the bandwidth limit as a bytes-per-unit throughput rate. properties: - request: - allOf: - - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ - anyOf: - - type: integer - - type: string - description: Request specifies the bandwidth limit. - x-kubernetes-int-or-string: true unit: description: Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). @@ -618,9 +609,18 @@ spec: - Month - Year type: string + value: + allOf: + - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - pattern: ^[1-9]+[0-9]*([EPTGMK]i|[EPTGMk])?$ + anyOf: + - type: integer + - type: string + description: Value specifies the bandwidth limit. + x-kubernetes-int-or-string: true required: - - request - unit + - value type: object responseTrailers: description: |- @@ -629,8 +629,10 @@ spec: properties: prefix: description: |- - Prefix is prepended to each trailer header name with delay metrics. - For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms". + Prefix is prepended to each trailer header name. + If not set, no prefix is added and the trailers are named as-is. + For example, setting "x-eg" produces trailers such as "x-eg-bandwidth-request-delay-ms", + while leaving it unset produces "bandwidth-request-delay-ms". The following four trailers can be added: "bandwidth-request-delay-ms" is delay time in milliseconds it took for the request stream transfer From f8d9ff586695215cd4791f20a553f32dccf05aad Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 15 Apr 2026 21:02:28 +0900 Subject: [PATCH 6/9] update cel validation test Signed-off-by: kkk777-7 --- .../backendtrafficpolicy_test.go | 25 +++++++++++++++---- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go index 0eef27ba26..e8b65d1a72 100644 --- a/test/cel-validation/backendtrafficpolicy_test.go +++ b/test/cel-validation/backendtrafficpolicy_test.go @@ -2971,7 +2971,10 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ Request: &egv1a1.BandwidthLimitRequestConfig{ - Limit: resource.MustParse("10M"), + Limit: egv1a1.BandwidthLimitValue{ + Value: resource.MustParse("10M"), + Unit: egv1a1.RateLimitUnitSecond, + }, }, }, } @@ -2993,7 +2996,10 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ Response: &egv1a1.BandwidthLimitResponseConfig{ - Limit: resource.MustParse("100M"), + Limit: egv1a1.BandwidthLimitValue{ + Value: resource.MustParse("100M"), + Unit: egv1a1.RateLimitUnitSecond, + }, }, }, } @@ -3015,10 +3021,16 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ Request: &egv1a1.BandwidthLimitRequestConfig{ - Limit: resource.MustParse("10M"), + Limit: egv1a1.BandwidthLimitValue{ + Value: resource.MustParse("10M"), + Unit: egv1a1.RateLimitUnitSecond, + }, }, Response: &egv1a1.BandwidthLimitResponseConfig{ - Limit: resource.MustParse("100M"), + Limit: egv1a1.BandwidthLimitValue{ + Value: resource.MustParse("100M"), + Unit: egv1a1.RateLimitUnitSecond, + }, }, }, } @@ -3040,7 +3052,10 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { }, BandwidthLimit: &egv1a1.BandwidthLimitSpec{ Response: &egv1a1.BandwidthLimitResponseConfig{ - Limit: resource.MustParse("10M"), + Limit: egv1a1.BandwidthLimitValue{ + Value: resource.MustParse("10M"), + Unit: egv1a1.RateLimitUnitSecond, + }, ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ Prefix: ptr.To("x-eg"), }, From 295c0aa2a5faab155f4a4eceaf1b54cea626b8fd Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Wed, 15 Apr 2026 22:18:23 +0900 Subject: [PATCH 7/9] remove ptr Signed-off-by: kkk777-7 --- test/cel-validation/backendtrafficpolicy_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go index e07e14e619..96e4edb28c 100644 --- a/test/cel-validation/backendtrafficpolicy_test.go +++ b/test/cel-validation/backendtrafficpolicy_test.go @@ -3056,7 +3056,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { Unit: egv1a1.RateLimitUnitSecond, }, ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ - Prefix: ptr.To("x-eg"), + Prefix: new("x-eg"), }, }, }, From dcc60b3d744e53f48bde755f902f0d61014badc5 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Thu, 23 Apr 2026 12:59:08 +0900 Subject: [PATCH 8/9] update: define bandwidth limit unit Signed-off-by: kkk777-7 --- api/v1alpha1/bandwidthlimit_types.go | 21 +++++++++++++++++- ....envoyproxy.io_backendtrafficpolicies.yaml | 6 ----- ....envoyproxy.io_backendtrafficpolicies.yaml | 6 ----- site/content/en/latest/api/extension_types.md | 22 ++++++++++++++++--- test/helm/gateway-crds-helm/all.out.yaml | 6 ----- test/helm/gateway-crds-helm/e2e.out.yaml | 6 ----- .../envoy-gateway-crds.out.yaml | 6 ----- 7 files changed, 39 insertions(+), 34 deletions(-) diff --git a/api/v1alpha1/bandwidthlimit_types.go b/api/v1alpha1/bandwidthlimit_types.go index 3848c21215..3ae3cede69 100644 --- a/api/v1alpha1/bandwidthlimit_types.go +++ b/api/v1alpha1/bandwidthlimit_types.go @@ -51,9 +51,10 @@ type BandwidthLimitValue struct { Value resource.Quantity `json:"value"` // Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). - Unit RateLimitUnit `json:"unit"` + Unit BandwidthLimitUnit `json:"unit"` } +// BandwidthLimitResponseTrailers defines the trailer headers appended to responses. type BandwidthLimitResponseTrailers struct { // Prefix is prepended to each trailer header name. // If not set, no prefix is added and the trailers are named as-is. @@ -71,3 +72,21 @@ type BandwidthLimitResponseTrailers struct { // +optional Prefix *string `json:"prefix,omitempty"` } + +// BandwidthLimitUnit specifies the intervals for setting bandwidth limits. +// Valid BandwidthLimitUnit values are "Second", "Minute", "Hour". +// +// +kubebuilder:validation:Enum=Second;Minute;Hour +type BandwidthLimitUnit string + +// BandwidthLimitUnit constants. +const ( + // BandwidthLimitUnitSecond specifies the bandwidth limit interval to be 1 second. + BandwidthLimitUnitSecond BandwidthLimitUnit = "Second" + + // BandwidthLimitUnitMinute specifies the bandwidth limit interval to be 1 minute. + BandwidthLimitUnitMinute BandwidthLimitUnit = "Minute" + + // BandwidthLimitUnitHour specifies the bandwidth limit interval to be 1 hour. + BandwidthLimitUnitHour BandwidthLimitUnit = "Hour" +) diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index cdd27aaf17..bc9767dde0 100644 --- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -70,9 +70,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: @@ -105,9 +102,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: diff --git a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml index 5271c74d24..0d8f2ee79a 100644 --- a/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml +++ b/charts/gateway-helm/charts/crds/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml @@ -69,9 +69,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: @@ -104,9 +101,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index 451bc72c99..176fd56a7e 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -633,7 +633,7 @@ _Appears in:_ - +BandwidthLimitResponseTrailers defines the trailer headers appended to responses. _Appears in:_ - [BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig) @@ -658,6 +658,23 @@ _Appears in:_ | `response` | _[BandwidthLimitResponseConfig](#bandwidthlimitresponseconfig)_ | false | | Response configures bandwidth limits for traffic sent from the backend. | +#### BandwidthLimitUnit + +_Underlying type:_ _string_ + +BandwidthLimitUnit specifies the intervals for setting bandwidth limits. +Valid BandwidthLimitUnit values are "Second", "Minute", "Hour". + +_Appears in:_ +- [BandwidthLimitValue](#bandwidthlimitvalue) + +| Value | Description | +| ----- | ----------- | +| `Second` | BandwidthLimitUnitSecond specifies the bandwidth limit interval to be 1 second.
| +| `Minute` | BandwidthLimitUnitMinute specifies the bandwidth limit interval to be 1 minute.
| +| `Hour` | BandwidthLimitUnitHour specifies the bandwidth limit interval to be 1 hour.
| + + #### BandwidthLimitValue @@ -671,7 +688,7 @@ _Appears in:_ | Field | Type | Required | Default | Description | | --- | --- | --- | --- | --- | | `value` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.32/#quantity-resource-api)_ | true | | Value specifies the bandwidth limit. | -| `unit` | _[RateLimitUnit](#ratelimitunit)_ | true | | Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). | +| `unit` | _[BandwidthLimitUnit](#bandwidthlimitunit)_ | true | | Unit specifies the time unit for the bandwidth limit (e.g. Second, Minute, Hour). | #### BasicAuth @@ -5204,7 +5221,6 @@ RateLimitUnit specifies the intervals for setting rate limits. Valid RateLimitUnit values are "Second", "Minute", "Hour", "Day", "Month" and "Year". _Appears in:_ -- [BandwidthLimitValue](#bandwidthlimitvalue) - [RateLimitValue](#ratelimitvalue) | Value | Description | diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml index 305e1cf966..3444c8b601 100644 --- a/test/helm/gateway-crds-helm/all.out.yaml +++ b/test/helm/gateway-crds-helm/all.out.yaml @@ -22597,9 +22597,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: @@ -22632,9 +22629,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: diff --git a/test/helm/gateway-crds-helm/e2e.out.yaml b/test/helm/gateway-crds-helm/e2e.out.yaml index da0d5f7fb3..6812184192 100644 --- a/test/helm/gateway-crds-helm/e2e.out.yaml +++ b/test/helm/gateway-crds-helm/e2e.out.yaml @@ -570,9 +570,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: @@ -605,9 +602,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml index 4a8901d751..563325d13c 100644 --- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml +++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml @@ -570,9 +570,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: @@ -605,9 +602,6 @@ spec: - Second - Minute - Hour - - Day - - Month - - Year type: string value: allOf: From 9a271b7ae1757e4287d110211605d90678f42db0 Mon Sep 17 00:00:00 2001 From: kkk777-7 Date: Thu, 23 Apr 2026 15:43:28 +0900 Subject: [PATCH 9/9] fix: cel test Signed-off-by: kkk777-7 --- test/cel-validation/backendtrafficpolicy_test.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go index b3e5158198..b8d283d020 100644 --- a/test/cel-validation/backendtrafficpolicy_test.go +++ b/test/cel-validation/backendtrafficpolicy_test.go @@ -3094,7 +3094,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { Request: &egv1a1.BandwidthLimitRequestConfig{ Limit: egv1a1.BandwidthLimitValue{ Value: resource.MustParse("10M"), - Unit: egv1a1.RateLimitUnitSecond, + Unit: egv1a1.BandwidthLimitUnitSecond, }, }, }, @@ -3119,7 +3119,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { Response: &egv1a1.BandwidthLimitResponseConfig{ Limit: egv1a1.BandwidthLimitValue{ Value: resource.MustParse("100M"), - Unit: egv1a1.RateLimitUnitSecond, + Unit: egv1a1.BandwidthLimitUnitSecond, }, }, }, @@ -3144,13 +3144,13 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { Request: &egv1a1.BandwidthLimitRequestConfig{ Limit: egv1a1.BandwidthLimitValue{ Value: resource.MustParse("10M"), - Unit: egv1a1.RateLimitUnitSecond, + Unit: egv1a1.BandwidthLimitUnitSecond, }, }, Response: &egv1a1.BandwidthLimitResponseConfig{ Limit: egv1a1.BandwidthLimitValue{ Value: resource.MustParse("100M"), - Unit: egv1a1.RateLimitUnitSecond, + Unit: egv1a1.BandwidthLimitUnitSecond, }, }, }, @@ -3175,7 +3175,7 @@ func TestBackendTrafficPolicyTarget(t *testing.T) { Response: &egv1a1.BandwidthLimitResponseConfig{ Limit: egv1a1.BandwidthLimitValue{ Value: resource.MustParse("10M"), - Unit: egv1a1.RateLimitUnitSecond, + Unit: egv1a1.BandwidthLimitUnitSecond, }, ResponseTrailers: &egv1a1.BandwidthLimitResponseTrailers{ Prefix: new("x-eg"),