github.com/projectcontour/contour@v1.28.2/site/content/docs/v1.4.0/configuration.md

github.com/projectcontour/contour@v1.28.2/site/content/docs/v1.4.0/configuration.md (about)

     1  # Contour Configuration Reference
     2  
     3  ## Configuration File
     4  
     5  A configuration file can be passed to the `--config-path` argument of the `contour serve` command to specify additional configuration to Contour.
     6  In most deployments, this file is passed to Contour via a ConfigMap which is mounted as a volume to the Contour pod.
     7  
     8  The Contour configuration file is optional.
     9  In its absence, Contour will operate with reasonable defaults.
    10  Where Contour settings can also be specified with command-line flags, the command-line value takes precedence over the configuration file.
    11  
    12  | Field Name | Type | Default | Description |
    13  |------------|------|---------|-------------|
    14  | accesslog-format | string | `envoy` | This key sets the global [access log format][2] for Envoy. Valid options are `envoy` or `json`. |
    15  | debug | boolean | `false` | Enables debug logging. |
    16  | disablePermitInsecure | boolean | `false` | If this field is true, Contour will ignore `PermitInsecure` field in HTTPProxy documents. |
    17  | envoy-service-name | string | `envoy` | This sets the service name that will be inspected for address details to be applied to Ingress objects. |
    18  | envoy-service-namespace | string | `projectcontour` | This sets the namespace of the service that will be inspected for address details to be applied to Ingress objects. |
    19  | ingress-status-address | string | None | If present, this specifies the address that will be copied into the Ingress status for each Ingress that Contour manages. It is exclusive with `envoy-service-name` and `envoy-service-namespace`.|
    20  | incluster | boolean | `false` | This field specifies that Contour is running in a Kubernetes cluster and should use the in-cluster client access configuration.  |
    21  | json-fields | string array | [fields][5]| This is the list the field names to include in the JSON [access log format][2]. |
    22  | kubeconfig | string | `$HOME/.kube/config` | Path to a Kubernetes [kubeconfig file][3] for when Contour is executed outside a cluster. |
    23  | leaderelection | leaderelection | | The [leader election configuration](#leader-election-configuration). |
    24  | request-timeout | [duration][4] | `0s` | This field specifies the default request timeout as a Go duration string. Zero means there is no timeout. |
    25  | tls | TLS | | The default [TLS configuration](#tls-configuration). |
    26  {: class="table thead-dark table-bordered"}
    27  
    28  ### TLS Configuration
    29  
    30  The TLS configuration block can be used to configure default values for how
    31  Contour should provision TLS hosts.
    32  
    33  | Field Name | Type| Default  | Description |
    34  |------------|-----|----------|-------------|
    35  | minimum-protocol-version| string | `""` | This field specifies the minimum TLS protocol version that is allowed. Valid options are `1.2` and `1.3`. Any other value defaults to TLS 1.1. |
    36  {: class="table thead-dark table-bordered"}
    37  
    38  ### Leader Election Configuration
    39  
    40  The leader election configuration block configures how a deployment with more than one Contour pod elects a leader.
    41  The Contour leader is responsible for updating the status field on Ingress and HTTPProxy documents.
    42  In the vast majority of deployments, only the `configmap-name` and `configmap-namespace` fields should require any configuration.
    43  
    44  | Field Name | Type | Default | Description |
    45  |------------|------|---------|-------------|
    46  | configmap-name | string | `leader-elect` | The name of the ConfigMap that Contour leader election will lease. |
    47  | configmap-namespace | string | `projectcontour` | The namespace of the ConfigMap that Contour leader election will lease. If the `CONTOUR_NAMESPACE` environment variable is present, Contour will populate this field with its value. |
    48  | lease-duration | [duration][4] | `15s` | The duration of the leadership lease. |
    49  | renew-deadline | [duration][4] | `10s` | The length of time that the leader will retry refreshing leadership before giving up. |
    50  | retry-period | [duration][4] | `2s` | The interval at which Contour will attempt to the acquire leadership lease. |
    51  {: class="table thead-dark table-bordered"}
    52  
    53  ### Configuration Example
    54  
    55  The following is an example ConfigMap with configuration file included:
    56  
    57  ```yaml
    58  apiVersion: v1
    59  kind: ConfigMap
    60  metadata:
    61    name: contour
    62    namespace: projectcontour
    63  data:
    64    contour.yaml: |
    65      # should contour expect to be running inside a k8s cluster
    66      # incluster: true
    67      #
    68      # path to kubeconfig (if not running inside a k8s cluster)
    69      # kubeconfig: /path/to/.kube/config
    70      #
    71      # disable ingressroute permitInsecure field
    72      # disablePermitInsecure: false
    73      tls:
    74        # minimum TLS version that Contour will negotiate
    75        # minimumProtocolVersion: "1.1"
    76      # The following config shows the defaults for the leader election.
    77      # leaderelection:
    78        # configmap-name: leader-elect
    79        # configmap-namespace: projectcontour
    80  ```
    81  
    82  _Note:_ The default example `contour` includes this [file][1] for easy deployment of Contour.
    83  
    84  [1]: {{< param github_url >}}/tree/{{page.version}}/examples/contour/01-contour-config.yaml
    85  [2]: /guides/structured-logs
    86  [3]: https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/
    87  [4]: https://golang.org/pkg/time/#ParseDuration
    88  [5]: https://godoc.org/github.com/projectcontour/contour/internal/envoy#DefaultFields