{
  "properties": {
    "apiVersion": {
      "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
      "type": "string"
    },
    "kind": {
      "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
      "type": "string"
    },
    "metadata": {
      "type": "object"
    },
    "spec": {
      "description": "BGPPeerSpec contains the specification for a BGPPeer resource.",
      "properties": {
        "asNumber": {
          "description": "The AS Number of the peer.",
          "format": "int32",
          "type": "integer"
        },
        "filters": {
          "description": "The ordered set of BGPFilters applied on this BGP peer.",
          "items": {
            "type": "string"
          },
          "type": "array"
        },
        "keepOriginalNextHop": {
          "description": "Option to keep the original nexthop field when routes are sent to a BGP Peer.\nSetting \"true\" configures the selected BGP Peers node to use the \"next hop keep;\"\ninstead of \"next hop self;\"(default) in the specific branch of the Node on \"bird.cfg\".\nNote: that this field is deprecated. Users should use the NextHopMode field to control\nthe next hop attribute for a BGP peer.",
          "type": "boolean"
        },
        "localWorkloadSelector": {
          "description": "Selector for the local workload that the node should peer with. When this is set, the peerSelector and peerIP fields must be empty,\nand the ASNumber must not be empty.",
          "type": "string"
        },
        "maxRestartTime": {
          "description": "Time to allow for software restart.  When specified, this is configured as the graceful\nrestart timeout.  When not specified, the BIRD default of 120s is used.",
          "type": "string"
        },
        "nextHopMode": {
          "allOf": [
            {
              "enum": [
                "Auto",
                "Self",
                "Keep"
              ]
            },
            {
              "enum": [
                "Auto",
                "Self",
                "Keep"
              ]
            }
          ],
          "description": "NextHopMode defines the method of calculating the next hop attribute for received routes.\nThis replaces and expands the deprecated KeepOriginalNextHop field.\nUsers should use this setting to control the next hop attribute for a BGP peer.\nWhen this is set, the value of the KeepOriginalNextHop field is ignored.\nif neither keepOriginalNextHop or nextHopMode is specified, BGP's default behaviour is used.\nSet it to \u201cAuto\u201d to apply BGP\u2019s default behaviour.\nSet it to \"Self\" to configure \"next hop self;\" in \"bird.cfg\".\nSet it to \"Keep\" to configure \"next hop keep;\" in \"bird.cfg\".",
          "type": "string"
        },
        "node": {
          "description": "The node name identifying the Calico node instance that is targeted by this peer.\nIf this is not set, and no nodeSelector is specified, then this BGP peer selects all\nnodes in the cluster.",
          "type": "string"
        },
        "nodeSelector": {
          "description": "Selector for the nodes that should have this peering.  When this is set, the Node\nfield must be empty.",
          "type": "string"
        },
        "numAllowedLocalASNumbers": {
          "description": "Maximum number of local AS numbers that are allowed in the AS path for received routes.\nThis removes BGP loop prevention and should only be used if absolutely necessary.",
          "format": "int32",
          "type": "integer"
        },
        "password": {
          "description": "Optional BGP password for the peerings generated by this BGPPeer resource.",
          "properties": {
            "secretKeyRef": {
              "description": "Selects a key of a secret in the node pod's namespace.",
              "properties": {
                "key": {
                  "description": "The key of the secret to select from.  Must be a valid secret key.",
                  "type": "string"
                },
                "name": {
                  "default": "",
                  "description": "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
                  "type": "string"
                },
                "optional": {
                  "description": "Specify whether the Secret or its key must be defined",
                  "type": "boolean"
                }
              },
              "required": [
                "key"
              ],
              "type": "object",
              "x-kubernetes-map-type": "atomic",
              "additionalProperties": false
            }
          },
          "type": "object",
          "additionalProperties": false
        },
        "peerIP": {
          "description": "The IP address of the peer followed by an optional port number to peer with.\nIf port number is given, format should be `[<IPv6>]:port` or `<IPv4>:<port>` for IPv4.\nIf optional port number is not set, and this peer IP and ASNumber belongs to a calico/node\nwith ListenPort set in BGPConfiguration, then we use that port to peer.",
          "type": "string"
        },
        "peerSelector": {
          "description": "Selector for the remote nodes to peer with.  When this is set, the PeerIP and\nASNumber fields must be empty.  For each peering between the local node and\nselected remote nodes, we configure an IPv4 peering if both ends have\nNodeBGPSpec.IPv4Address specified, and an IPv6 peering if both ends have\nNodeBGPSpec.IPv6Address specified.  The remote AS number comes from the remote\nnode's NodeBGPSpec.ASNumber, or the global default if that is not set.",
          "type": "string"
        },
        "reachableBy": {
          "description": "Add an exact, i.e. /32, static route toward peer IP in order to prevent route flapping.\nReachableBy contains the address of the gateway which peer can be reached by.",
          "type": "string"
        },
        "reversePeering": {
          "description": "ReversePeering, for peerings between Calico nodes controls whether\nthe reverse peering from nodes selected by peerSelector is generated\nautomatically. If set to Manual, a separate BGPPeer must be created\nfor the reverse peering. [Default: Auto]",
          "enum": [
            "Auto",
            "Manual"
          ],
          "type": "string"
        },
        "sourceAddress": {
          "description": "Specifies whether and how to configure a source address for the peerings generated by\nthis BGPPeer resource.  Default value \"UseNodeIP\" means to configure the node IP as the\nsource address.  \"None\" means not to configure a source address.",
          "type": "string"
        },
        "ttlSecurity": {
          "description": "TTLSecurity enables the generalized TTL security mechanism (GTSM) which protects against spoofed packets by\nignoring received packets with a smaller than expected TTL value. The provided value is the number of hops\n(edges) between the peers.",
          "type": "integer"
        }
      },
      "type": "object",
      "additionalProperties": false
    }
  },
  "type": "object"
}