API Reference

Complete API reference for gNMIc Operator CRDs

Cluster

API Version: operator.gnmic.dev/v1alpha1

ClusterSpec

FieldTypeRequiredDefaultDescription
replicasint32Yes-Number of gNMIc pods
imagestringYes-Container image
apiAPISpecYes-API configuration
grpcTunnelGRPCTunnelConfigNo-gRPC tunnel server configuration
resourcesResourceRequirementsNo-Pod resources
env[]EnvVarNo-Environment variables

APISpec

FieldTypeRequiredDefaultDescription
restPortint32Yes-REST API port
gnmiPortint32No-gNMI server port
tlsClusterTLSConfigNo-TLS configuration

ClusterTLSConfig

FieldTypeRequiredDefaultDescription
issuerRefstringNo-cert-manager Issuer name for certificates
useCSIDriverboolNofalseUse cert-manager CSI driver instead of projected volumes
bundleRefstringNo-Additional CA bundle for client certificate verification

GRPCTunnelConfig

FieldTypeRequiredDefaultDescription
portint32Yes-Port for the gRPC tunnel server
tlsClusterTLSConfigNo-TLS configuration for the tunnel
serviceServiceConfigNo-Kubernetes service configuration

ServiceConfig

FieldTypeRequiredDefaultDescription
typeServiceTypeNoLoadBalancerKubernetes service type (ClusterIP, NodePort, LoadBalancer)
annotationsmap[string]stringNo-Annotations to add to the service

ClusterStatus

FieldTypeDescription
readyReplicasint32Number of ready replicas
pipelinesCountint32Number of enabled pipelines referencing this cluster
targetsCountint32Total unique targets across all pipelines
subscriptionsCountint32Total unique subscriptions across all pipelines
inputsCountint32Total unique inputs across all pipelines
outputsCountint32Total unique outputs across all pipelines
conditions[]ConditionStandard Kubernetes conditions

Cluster Conditions

TypeDescription
ReadyAll replicas are ready and configured
CertificatesReadyTLS certificates are issued (when TLS enabled)
ConfigAppliedConfiguration successfully applied to pods

Pipeline

API Version: operator.gnmic.dev/v1alpha1

PipelineSpec

FieldTypeRequiredDefaultDescription
clusterRefstringYes-Reference to Cluster
enabledboolYes-Whether pipeline is active
targetRefs[]stringNo-Direct target references
targetSelectors[]LabelSelectorNo-Target label selectors
tunnelTargetPolicyRefs[]stringNo-Direct tunnel target policy references
tunnelTargetPolicySelectors[]LabelSelectorNo-Tunnel target policy label selectors
subscriptionRefs[]stringNo-Direct subscription references
subscriptionSelectors[]LabelSelectorNo-Subscription label selectors
outputsOutputSelectorNo-Output selection
inputsInputSelectorNo-Input selection

OutputSelector

FieldTypeRequiredDescription
outputRefs[]stringNoDirect output references
outputSelectors[]LabelSelectorNoOutput label selectors
processorRefs[]stringNoDirect processor references (order preserved)
processorSelectors[]LabelSelectorNoProcessor label selectors (sorted by name)

InputSelector

FieldTypeRequiredDescription
inputRefs[]stringNoDirect input references
inputSelectors[]LabelSelectorNoInput label selectors
processorRefs[]stringNoDirect processor references (order preserved)
processorSelectors[]LabelSelectorNoProcessor label selectors (sorted by name)

PipelineStatus

FieldTypeDescription
statusstringPipeline status (Active, Incomplete, Error)
targetsCountint32Number of resolved static targets
tunnelTargetPoliciesCountint32Number of resolved tunnel target policies
subscriptionsCountint32Number of resolved subscriptions
inputsCountint32Number of resolved inputs
outputsCountint32Number of resolved outputs
conditions[]ConditionStandard Kubernetes conditions

Pipeline Conditions

TypeDescription
ReadyPipeline has required resources (targets+subscriptions OR inputs) AND outputs
ResourcesResolvedAll referenced resources were successfully resolved

Target

API Version: operator.gnmic.dev/v1alpha1

TargetSpec

FieldTypeRequiredDefaultDescription
addressstringYes-Device address (host:port)
profilestringYes-Reference to TargetProfile

TargetSource

API Version: operator.gnmic.dev/v1alpha1

TargetSourceSpec

FieldTypeRequiredDefaultDescription
httpHTTPConfigNo-HTTP endpoint for target discovery
consulConsulConfigNo-Consul service discovery config
configMapstringNo-ConfigMap name containing targets
podSelectorLabelSelectorNo-Select Kubernetes Pods as targets
serviceSelectorLabelSelectorNo-Select Kubernetes Services as targets
labelsmap[string]stringNo-Labels to apply to discovered targets

HTTPConfig

FieldTypeRequiredDescription
urlstringYesURL of the HTTP endpoint

ConsulConfig

FieldTypeRequiredDescription
urlstringYesConsul server URL

TargetSourceStatus

FieldTypeDescription
statusstringSync status (Synced, Error, Pending)
targetsCountint32Number of discovered targets
lastSyncTimeLast successful sync timestamp

TargetProfile

API Version: operator.gnmic.dev/v1alpha1

TargetProfileSpec

FieldTypeRequiredDefaultDescription
credentialsRefstringNo-Reference to credentials Secret
insecureboolNofalseSkip TLS
skipVerifyboolNofalseSkip certificate verification
timeoutdurationNo-Connection timeout
tlsCAstringNo-TLS CA certificate
tlsCertstringNo-TLS client certificate
tlsKeystringNo-TLS client key

Subscription

API Version: operator.gnmic.dev/v1alpha1

SubscriptionSpec

FieldTypeRequiredDefaultDescription
paths[]stringYes-YANG paths to subscribe
modestringNoSTREAM/SAMPLESubscription mode (combining mode and streamMode)
sampleIntervaldurationNo-Sample interval
encodingstringNo-Data encoding
prefixstringNo-Path prefix

Subscription Modes

ModeDescription
streamContinuous streaming
onceSingle request/response
pollClient-initiated polling

Stream Modes

ModeDescription
samplePeriodic sampling
on-changeValue change triggered
target-definedDevice determines

Output

API Version: operator.gnmic.dev/v1alpha1

OutputSpec

FieldTypeRequiredDefaultDescription
typestringYes-Output type
configJSONYes-Type-specific config
serviceOutputServiceSpecNo-K8s Service config

OutputServiceSpec

FieldTypeRequiredDefaultDescription
typeServiceTypeNoClusterIPService type
annotationsmap[string]stringNo-Service annotations

Output Types

TypeDescription
prometheusPrometheus metrics endpoint
kafkaApache Kafka
influxdbInfluxDB
natsNATS messaging
fileFile output
stanNATS Streaming
tcpTCP socket
udpUDP socket

Input

API Version: operator.gnmic.dev/v1alpha1

InputSpec

FieldTypeRequiredDefaultDescription
typestringYes-Input type
configJSONYes-Type-specific config

Input Types

TypeDescription
kafkaApache Kafka consumer
natsNATS subscriber
stanNATS Streaming subscriber

Processor

API Version: operator.gnmic.dev/v1alpha1

Processors transform telemetry data as it flows through gNMIc. They are attached to outputs or inputs via the Pipeline resource.

ProcessorSpec

FieldTypeRequiredDefaultDescription
typestringYes-Processor type
configJSONYes-Type-specific config

Processor Types

TypeDescription
event-add-tagAdd static tags to events
event-dropDrop events matching conditions
event-stringsTransform string values
event-convertConvert value types
event-extract-tagsExtract tags from values
event-triggerExecute actions on events
event-writeWrite events to outputs
event-deleteDelete values from events
event-mergeMerge multiple events
event-to-tagConvert values to tags

Processor Ordering

When processors are attached to an output or input via a Pipeline:

  1. processorRefs: Applied first, in exact order specified (duplicates allowed)
  2. processorSelectors: Applied after refs, sorted by name, deduplicated

Example:

processorRefs: [proc-c, proc-a, proc-c]  # Order: c, a, c
processorSelectors:
  - matchLabels:
      auto: "true"  # Matches: proc-b, proc-d
                    # Sorted: b, d (a and c skipped if in refs)
# Final order: [proc-c, proc-a, proc-c, proc-b, proc-d]

TunnelTargetPolicy

API Version: operator.gnmic.dev/v1alpha1

Defines matching rules for devices connecting via gRPC tunnel and associates them with a TargetProfile.

TunnelTargetPolicySpec

FieldTypeRequiredDefaultDescription
matchTunnelTargetMatchNo-Match criteria (if not set, matches all targets)
profilestringYes-Reference to a TargetProfile

TunnelTargetMatch

FieldTypeRequiredDescription
typestringNoRegex pattern to match target type
idstringNoRegex pattern to match target ID

Example

apiVersion: operator.gnmic.dev/v1alpha1
kind: TunnelTargetPolicy
metadata:
  name: core-routers
  labels:
    tier: core
spec:
  match:
    type: "router"
    id: "^core-.*"
  profile: router-profile

Common Types

LabelSelector

Standard Kubernetes label selector:

matchLabels:
  key: value
matchExpressions:
  - key: tier
    operator: In
    values: [frontend, backend]

ResourceRequirements

Standard Kubernetes resource requirements:

requests:
  memory: "128Mi"
  cpu: "100m"
limits:
  memory: "256Mi"
  cpu: "500m"

EnvVar

Standard Kubernetes environment variable:

- name: VAR_NAME
  value: "value"
- name: SECRET_VAR
  valueFrom:
    secretKeyRef:
      name: secret-name
      key: secret-key