--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.16.3 operatorframework.io/installed-alongside-4fd2d4304a7d92cb: metallb-system/metallb-operator.v4.18.0-202509240837 creationTimestamp: "2025-10-11T10:47:51Z" generation: 4 labels: olm.managed: "true" operators.coreos.com/metallb-operator.metallb-system: "" managedFields: - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:status: f:acceptedNames: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:conditions: k:{"type":"Established"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} k:{"type":"NamesAccepted"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} manager: kube-apiserver operation: Update subresource: status time: "2025-10-11T10:47:51Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:controller-gen.kubebuilder.io/version: {} f:operatorframework.io/installed-alongside-4fd2d4304a7d92cb: {} f:labels: .: {} f:olm.managed: {} f:spec: f:conversion: {} f:group: {} f:names: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:scope: {} f:versions: {} manager: catalog operation: Update time: "2025-10-11T10:48:13Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:labels: f:operators.coreos.com/metallb-operator.metallb-system: {} f:spec: f:conversion: f:strategy: {} f:webhook: .: {} f:clientConfig: .: {} f:caBundle: {} f:service: .: {} f:name: {} f:namespace: {} f:path: {} f:port: {} f:conversionReviewVersions: {} manager: olm operation: Update time: "2025-10-11T10:48:15Z" name: bgppeers.metallb.io resourceVersion: "27815" uid: 3bfec0ba-4dd0-4a5e-9a53-c2e9078049f6 spec: conversion: strategy: Webhook webhook: clientConfig: caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ2RENDQVdLZ0F3SUJBZ0lJYjQ1Q2l6VUZhVGN3Q2dZSUtvWkl6ajBFQXdJd1FqRVdNQlFHQTFVRUNoTU4KVW1Wa0lFaGhkQ3dnU1c1akxqRW9NQ1lHQTFVRUF4TWZiMnh0TFhObGJHWnphV2R1WldRdE5tWTRaVFF5T0dJegpOVEExTmprek56QWVGdzB5TlRFd01URXhNRFE0TUROYUZ3MHlOekV3TVRFeE1EUTRNRE5hTUVJeEZqQVVCZ05WCkJBb1REVkpsWkNCSVlYUXNJRWx1WXk0eEtEQW1CZ05WQkFNVEgyOXNiUzF6Wld4bWMybG5ibVZrTFRabU9HVTAKTWpoaU16VXdOVFk1TXpjd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFTdG5lelUrVnJVSmJhZgp2WWIxTWl6OEZ4aE5Nbi9tUWZXc2hIb0E3R1IzUTE5dU1iTDYvVEF0ejg3ajVYQWNFSTJoNHZZc29yN0RQK0UvCldXdWhvL01NbzBJd1FEQU9CZ05WSFE4QkFmOEVCQU1DQWdRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlYKSFE0RUZnUVV4V0FFUmMwMXdNdU1tWUhueEprZjdwRkRNSzR3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnUjh1eApTWk5tc0ZsdVZBdTcyUG1jZjVzL2RLL29paFFHVkdZZ29Vc2JxZWtDSVFEUU1BOHJZTzliV05nQVdmYUZIdU90Cmw0WHN3UnhCWjg4RHd4VDRrRGVONHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== service: name: metallb-operator-webhook-server-service namespace: metallb-system path: /convert port: 443 conversionReviewVersions: - v1beta1 - v1beta2 group: metallb.io names: kind: BGPPeer listKind: BGPPeerList plural: bgppeers singular: bgppeer scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .spec.peerAddress name: Address type: string - jsonPath: .spec.peerASN name: ASN type: string - jsonPath: .spec.bfdProfile name: BFD Profile type: string - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string deprecated: true deprecationWarning: v1beta1 is deprecated, please use v1beta2 name: v1beta1 schema: openAPIV3Schema: description: BGPPeer is the Schema for the peers API. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: BGPPeerSpec defines the desired state of Peer. properties: bfdProfile: type: string ebgpMultiHop: description: EBGP peer is multi-hops away type: boolean holdTime: description: Requested BGP hold time, per RFC4271. type: string keepaliveTime: description: Requested BGP keepalive time, per RFC4271. type: string myASN: description: AS number to use for the local end of the session. format: int32 maximum: 4294967295 minimum: 0 type: integer nodeSelectors: description: |- Only connect to this peer on nodes that match one of these selectors. items: properties: matchExpressions: items: properties: key: type: string operator: type: string values: items: type: string minItems: 1 type: array required: - key - operator - values type: object type: array matchLabels: additionalProperties: type: string type: object type: object type: array password: description: Authentication password for routers enforcing TCP MD5 authenticated sessions type: string peerASN: description: AS number to expect from the remote end of the session. format: int32 maximum: 4294967295 minimum: 0 type: integer peerAddress: description: Address to dial when establishing the session. type: string peerPort: description: Port to dial when establishing the session. maximum: 16384 minimum: 0 type: integer routerID: description: BGP router ID to advertise to the peer type: string sourceAddress: description: Source address to use when establishing the session. type: string required: - myASN - peerASN - peerAddress type: object status: description: BGPPeerStatus defines the observed state of Peer. type: object type: object served: true storage: false subresources: status: {} - additionalPrinterColumns: - jsonPath: .spec.peerAddress name: Address type: string - jsonPath: .spec.peerASN name: ASN type: string - jsonPath: .spec.bfdProfile name: BFD Profile type: string - jsonPath: .spec.ebgpMultiHop name: Multi Hops type: string name: v1beta2 schema: openAPIV3Schema: description: BGPPeer is the Schema for the peers API. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: BGPPeerSpec defines the desired state of Peer. properties: bfdProfile: description: The name of the BFD Profile to be used for the BFD session associated to the BGP session. If not set, the BFD session won't be set up. type: string connectTime: description: Requested BGP connect time, controls how long BGP waits between connection attempts to a neighbor. type: string x-kubernetes-validations: - message: connect time should be between 1 seconds to 65535 rule: duration(self).getSeconds() >= 1 && duration(self).getSeconds() <= 65535 - message: connect time should contain a whole number of seconds rule: duration(self).getMilliseconds() % 1000 == 0 disableMP: default: false description: To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. type: boolean dynamicASN: description: |- DynamicASN detects the AS number to use for the remote end of the session without explicitly setting it via the ASN field. Limited to: internal - if the neighbor's ASN is different than MyASN connection is denied. external - if the neighbor's ASN is the same as MyASN the connection is denied. ASN and DynamicASN are mutually exclusive and one of them must be specified. enum: - internal - external type: string ebgpMultiHop: description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. type: boolean enableGracefulRestart: description: |- EnableGracefulRestart allows BGP peer to continue to forward data packets along known routes while the routing protocol information is being restored. This field is immutable because it requires restart of the BGP session Supported for FRR mode only. type: boolean x-kubernetes-validations: - message: EnableGracefulRestart cannot be changed after creation rule: self == oldSelf holdTime: description: Requested BGP hold time, per RFC4271. type: string keepaliveTime: description: Requested BGP keepalive time, per RFC4271. type: string myASN: description: AS number to use for the local end of the session. format: int32 maximum: 4294967295 minimum: 0 type: integer nodeSelectors: description: |- Only connect to this peer on nodes that match one of these selectors. items: description: |- A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: |- operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: |- values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array x-kubernetes-list-type: atomic required: - key - operator type: object type: array x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string description: |- matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic type: array password: description: Authentication password for routers enforcing TCP MD5 authenticated sessions type: string passwordSecret: description: |- passwordSecret is name of the authentication secret for BGP Peer. the secret must be of type "kubernetes.io/basic-auth", and created in the same namespace as the MetalLB deployment. The password is stored in the secret as the key "password". properties: name: description: name is unique within a namespace to reference a secret resource. type: string namespace: description: namespace defines the space within which the secret name must be unique. type: string type: object x-kubernetes-map-type: atomic peerASN: description: |- AS number to expect from the remote end of the session. ASN and DynamicASN are mutually exclusive and one of them must be specified. format: int32 maximum: 4294967295 minimum: 0 type: integer peerAddress: description: Address to dial when establishing the session. type: string peerPort: default: 179 description: Port to dial when establishing the session. maximum: 16384 minimum: 0 type: integer routerID: description: BGP router ID to advertise to the peer type: string sourceAddress: description: Source address to use when establishing the session. type: string vrf: description: |- To set if we want to peer with the BGPPeer using an interface belonging to a host vrf type: string required: - myASN - peerAddress type: object status: description: BGPPeerStatus defines the observed state of Peer. type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: BGPPeer listKind: BGPPeerList plural: bgppeers singular: bgppeer conditions: - lastTransitionTime: "2025-10-11T10:47:51Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2025-10-11T10:47:51Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1beta2