github.com/replicatedcom/ship@v0.50.0/integration/init/istio-1.0.3/expected/.ship/upstream/charts/mixer/templates/config.yaml (about) 1 apiVersion: "config.istio.io/v1alpha2" 2 kind: attributemanifest 3 metadata: 4 name: istioproxy 5 namespace: {{ .Release.Namespace }} 6 spec: 7 attributes: 8 origin.ip: 9 valueType: IP_ADDRESS 10 origin.uid: 11 valueType: STRING 12 origin.user: 13 valueType: STRING 14 request.headers: 15 valueType: STRING_MAP 16 request.id: 17 valueType: STRING 18 request.host: 19 valueType: STRING 20 request.method: 21 valueType: STRING 22 request.path: 23 valueType: STRING 24 request.reason: 25 valueType: STRING 26 request.referer: 27 valueType: STRING 28 request.scheme: 29 valueType: STRING 30 request.total_size: 31 valueType: INT64 32 request.size: 33 valueType: INT64 34 request.time: 35 valueType: TIMESTAMP 36 request.useragent: 37 valueType: STRING 38 response.code: 39 valueType: INT64 40 response.duration: 41 valueType: DURATION 42 response.headers: 43 valueType: STRING_MAP 44 response.total_size: 45 valueType: INT64 46 response.size: 47 valueType: INT64 48 response.time: 49 valueType: TIMESTAMP 50 source.uid: 51 valueType: STRING 52 source.user: # DEPRECATED 53 valueType: STRING 54 source.principal: 55 valueType: STRING 56 destination.uid: 57 valueType: STRING 58 destination.principal: 59 valueType: STRING 60 destination.port: 61 valueType: INT64 62 connection.event: 63 valueType: STRING 64 connection.id: 65 valueType: STRING 66 connection.received.bytes: 67 valueType: INT64 68 connection.received.bytes_total: 69 valueType: INT64 70 connection.sent.bytes: 71 valueType: INT64 72 connection.sent.bytes_total: 73 valueType: INT64 74 connection.duration: 75 valueType: DURATION 76 connection.mtls: 77 valueType: BOOL 78 connection.requested_server_name: 79 valueType: STRING 80 context.protocol: 81 valueType: STRING 82 context.timestamp: 83 valueType: TIMESTAMP 84 context.time: 85 valueType: TIMESTAMP 86 # Deprecated, kept for compatibility 87 context.reporter.local: 88 valueType: BOOL 89 context.reporter.kind: 90 valueType: STRING 91 context.reporter.uid: 92 valueType: STRING 93 api.service: 94 valueType: STRING 95 api.version: 96 valueType: STRING 97 api.operation: 98 valueType: STRING 99 api.protocol: 100 valueType: STRING 101 request.auth.principal: 102 valueType: STRING 103 request.auth.audiences: 104 valueType: STRING 105 request.auth.presenter: 106 valueType: STRING 107 request.auth.claims: 108 valueType: STRING_MAP 109 request.auth.raw_claims: 110 valueType: STRING 111 request.api_key: 112 valueType: STRING 113 114 --- 115 apiVersion: "config.istio.io/v1alpha2" 116 kind: attributemanifest 117 metadata: 118 name: kubernetes 119 namespace: {{ .Release.Namespace }} 120 spec: 121 attributes: 122 source.ip: 123 valueType: IP_ADDRESS 124 source.labels: 125 valueType: STRING_MAP 126 source.metadata: 127 valueType: STRING_MAP 128 source.name: 129 valueType: STRING 130 source.namespace: 131 valueType: STRING 132 source.owner: 133 valueType: STRING 134 source.service: # DEPRECATED 135 valueType: STRING 136 source.serviceAccount: 137 valueType: STRING 138 source.services: 139 valueType: STRING 140 source.workload.uid: 141 valueType: STRING 142 source.workload.name: 143 valueType: STRING 144 source.workload.namespace: 145 valueType: STRING 146 destination.ip: 147 valueType: IP_ADDRESS 148 destination.labels: 149 valueType: STRING_MAP 150 destination.metadata: 151 valueType: STRING_MAP 152 destination.owner: 153 valueType: STRING 154 destination.name: 155 valueType: STRING 156 destination.container.name: 157 valueType: STRING 158 destination.namespace: 159 valueType: STRING 160 destination.service: # DEPRECATED 161 valueType: STRING 162 destination.service.uid: 163 valueType: STRING 164 destination.service.name: 165 valueType: STRING 166 destination.service.namespace: 167 valueType: STRING 168 destination.service.host: 169 valueType: STRING 170 destination.serviceAccount: 171 valueType: STRING 172 destination.workload.uid: 173 valueType: STRING 174 destination.workload.name: 175 valueType: STRING 176 destination.workload.namespace: 177 valueType: STRING 178 --- 179 apiVersion: "config.istio.io/v1alpha2" 180 kind: stdio 181 metadata: 182 name: handler 183 namespace: {{ .Release.Namespace }} 184 spec: 185 outputAsJson: true 186 --- 187 apiVersion: "config.istio.io/v1alpha2" 188 kind: logentry 189 metadata: 190 name: accesslog 191 namespace: {{ .Release.Namespace }} 192 spec: 193 severity: '"Info"' 194 timestamp: request.time 195 variables: 196 sourceIp: source.ip | ip("0.0.0.0") 197 sourceApp: source.labels["app"] | "" 198 sourcePrincipal: source.principal | "" 199 sourceName: source.name | "" 200 sourceWorkload: source.workload.name | "" 201 sourceNamespace: source.namespace | "" 202 sourceOwner: source.owner | "" 203 destinationApp: destination.labels["app"] | "" 204 destinationIp: destination.ip | ip("0.0.0.0") 205 destinationServiceHost: destination.service.host | "" 206 destinationWorkload: destination.workload.name | "" 207 destinationName: destination.name | "" 208 destinationNamespace: destination.namespace | "" 209 destinationOwner: destination.owner | "" 210 destinationPrincipal: destination.principal | "" 211 apiClaims: request.auth.raw_claims | "" 212 apiKey: request.api_key | request.headers["x-api-key"] | "" 213 protocol: request.scheme | context.protocol | "http" 214 method: request.method | "" 215 url: request.path | "" 216 responseCode: response.code | 0 217 responseSize: response.size | 0 218 requestSize: request.size | 0 219 requestId: request.headers["x-request-id"] | "" 220 clientTraceId: request.headers["x-client-trace-id"] | "" 221 latency: response.duration | "0ms" 222 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 223 requestedServerName: connection.requested_server_name | "" 224 userAgent: request.useragent | "" 225 responseTimestamp: response.time 226 receivedBytes: request.total_size | 0 227 sentBytes: response.total_size | 0 228 referer: request.referer | "" 229 httpAuthority: request.headers[":authority"] | request.host | "" 230 xForwardedFor: request.headers["x-forwarded-for"] | "0.0.0.0" 231 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 232 monitored_resource_type: '"global"' 233 --- 234 apiVersion: "config.istio.io/v1alpha2" 235 kind: logentry 236 metadata: 237 name: tcpaccesslog 238 namespace: {{ .Release.Namespace }} 239 spec: 240 severity: '"Info"' 241 timestamp: context.time | timestamp("2017-01-01T00:00:00Z") 242 variables: 243 connectionEvent: connection.event | "" 244 sourceIp: source.ip | ip("0.0.0.0") 245 sourceApp: source.labels["app"] | "" 246 sourcePrincipal: source.principal | "" 247 sourceName: source.name | "" 248 sourceWorkload: source.workload.name | "" 249 sourceNamespace: source.namespace | "" 250 sourceOwner: source.owner | "" 251 destinationApp: destination.labels["app"] | "" 252 destinationIp: destination.ip | ip("0.0.0.0") 253 destinationServiceHost: destination.service.host | "" 254 destinationWorkload: destination.workload.name | "" 255 destinationName: destination.name | "" 256 destinationNamespace: destination.namespace | "" 257 destinationOwner: destination.owner | "" 258 destinationPrincipal: destination.principal | "" 259 protocol: context.protocol | "tcp" 260 connectionDuration: connection.duration | "0ms" 261 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 262 requestedServerName: connection.requested_server_name | "" 263 receivedBytes: connection.received.bytes | 0 264 sentBytes: connection.sent.bytes | 0 265 totalReceivedBytes: connection.received.bytes_total | 0 266 totalSentBytes: connection.sent.bytes_total | 0 267 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 268 monitored_resource_type: '"global"' 269 --- 270 apiVersion: "config.istio.io/v1alpha2" 271 kind: rule 272 metadata: 273 name: stdio 274 namespace: {{ .Release.Namespace }} 275 spec: 276 match: context.protocol == "http" || context.protocol == "grpc" 277 actions: 278 - handler: handler.stdio 279 instances: 280 - accesslog.logentry 281 --- 282 apiVersion: "config.istio.io/v1alpha2" 283 kind: rule 284 metadata: 285 name: stdiotcp 286 namespace: {{ .Release.Namespace }} 287 spec: 288 match: context.protocol == "tcp" 289 actions: 290 - handler: handler.stdio 291 instances: 292 - tcpaccesslog.logentry 293 --- 294 apiVersion: "config.istio.io/v1alpha2" 295 kind: metric 296 metadata: 297 name: requestcount 298 namespace: {{ .Release.Namespace }} 299 spec: 300 value: "1" 301 dimensions: 302 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 303 source_workload: source.workload.name | "unknown" 304 source_workload_namespace: source.workload.namespace | "unknown" 305 source_principal: source.principal | "unknown" 306 source_app: source.labels["app"] | "unknown" 307 source_version: source.labels["version"] | "unknown" 308 destination_workload: destination.workload.name | "unknown" 309 destination_workload_namespace: destination.workload.namespace | "unknown" 310 destination_principal: destination.principal | "unknown" 311 destination_app: destination.labels["app"] | "unknown" 312 destination_version: destination.labels["version"] | "unknown" 313 destination_service: destination.service.host | "unknown" 314 destination_service_name: destination.service.name | "unknown" 315 destination_service_namespace: destination.service.namespace | "unknown" 316 request_protocol: api.protocol | context.protocol | "unknown" 317 response_code: response.code | 200 318 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 319 monitored_resource_type: '"UNSPECIFIED"' 320 --- 321 apiVersion: "config.istio.io/v1alpha2" 322 kind: metric 323 metadata: 324 name: requestduration 325 namespace: {{ .Release.Namespace }} 326 spec: 327 value: response.duration | "0ms" 328 dimensions: 329 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 330 source_workload: source.workload.name | "unknown" 331 source_workload_namespace: source.workload.namespace | "unknown" 332 source_principal: source.principal | "unknown" 333 source_app: source.labels["app"] | "unknown" 334 source_version: source.labels["version"] | "unknown" 335 destination_workload: destination.workload.name | "unknown" 336 destination_workload_namespace: destination.workload.namespace | "unknown" 337 destination_principal: destination.principal | "unknown" 338 destination_app: destination.labels["app"] | "unknown" 339 destination_version: destination.labels["version"] | "unknown" 340 destination_service: destination.service.host | "unknown" 341 destination_service_name: destination.service.name | "unknown" 342 destination_service_namespace: destination.service.namespace | "unknown" 343 request_protocol: api.protocol | context.protocol | "unknown" 344 response_code: response.code | 200 345 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 346 monitored_resource_type: '"UNSPECIFIED"' 347 --- 348 apiVersion: "config.istio.io/v1alpha2" 349 kind: metric 350 metadata: 351 name: requestsize 352 namespace: {{ .Release.Namespace }} 353 spec: 354 value: request.size | 0 355 dimensions: 356 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 357 source_workload: source.workload.name | "unknown" 358 source_workload_namespace: source.workload.namespace | "unknown" 359 source_principal: source.principal | "unknown" 360 source_app: source.labels["app"] | "unknown" 361 source_version: source.labels["version"] | "unknown" 362 destination_workload: destination.workload.name | "unknown" 363 destination_workload_namespace: destination.workload.namespace | "unknown" 364 destination_principal: destination.principal | "unknown" 365 destination_app: destination.labels["app"] | "unknown" 366 destination_version: destination.labels["version"] | "unknown" 367 destination_service: destination.service.host | "unknown" 368 destination_service_name: destination.service.name | "unknown" 369 destination_service_namespace: destination.service.namespace | "unknown" 370 request_protocol: api.protocol | context.protocol | "unknown" 371 response_code: response.code | 200 372 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 373 monitored_resource_type: '"UNSPECIFIED"' 374 --- 375 apiVersion: "config.istio.io/v1alpha2" 376 kind: metric 377 metadata: 378 name: responsesize 379 namespace: {{ .Release.Namespace }} 380 spec: 381 value: response.size | 0 382 dimensions: 383 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 384 source_workload: source.workload.name | "unknown" 385 source_workload_namespace: source.workload.namespace | "unknown" 386 source_principal: source.principal | "unknown" 387 source_app: source.labels["app"] | "unknown" 388 source_version: source.labels["version"] | "unknown" 389 destination_workload: destination.workload.name | "unknown" 390 destination_workload_namespace: destination.workload.namespace | "unknown" 391 destination_principal: destination.principal | "unknown" 392 destination_app: destination.labels["app"] | "unknown" 393 destination_version: destination.labels["version"] | "unknown" 394 destination_service: destination.service.host | "unknown" 395 destination_service_name: destination.service.name | "unknown" 396 destination_service_namespace: destination.service.namespace | "unknown" 397 request_protocol: api.protocol | context.protocol | "unknown" 398 response_code: response.code | 200 399 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 400 monitored_resource_type: '"UNSPECIFIED"' 401 --- 402 apiVersion: "config.istio.io/v1alpha2" 403 kind: metric 404 metadata: 405 name: tcpbytesent 406 namespace: {{ .Release.Namespace }} 407 spec: 408 value: connection.sent.bytes | 0 409 dimensions: 410 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 411 source_workload: source.workload.name | "unknown" 412 source_workload_namespace: source.workload.namespace | "unknown" 413 source_principal: source.principal | "unknown" 414 source_app: source.labels["app"] | "unknown" 415 source_version: source.labels["version"] | "unknown" 416 destination_workload: destination.workload.name | "unknown" 417 destination_workload_namespace: destination.workload.namespace | "unknown" 418 destination_principal: destination.principal | "unknown" 419 destination_app: destination.labels["app"] | "unknown" 420 destination_version: destination.labels["version"] | "unknown" 421 destination_service: destination.service.name | "unknown" 422 destination_service_name: destination.service.name | "unknown" 423 destination_service_namespace: destination.service.namespace | "unknown" 424 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 425 monitored_resource_type: '"UNSPECIFIED"' 426 --- 427 apiVersion: "config.istio.io/v1alpha2" 428 kind: metric 429 metadata: 430 name: tcpbytereceived 431 namespace: {{ .Release.Namespace }} 432 spec: 433 value: connection.received.bytes | 0 434 dimensions: 435 reporter: conditional((context.reporter.kind | "inbound") == "outbound", "source", "destination") 436 source_workload: source.workload.name | "unknown" 437 source_workload_namespace: source.workload.namespace | "unknown" 438 source_principal: source.principal | "unknown" 439 source_app: source.labels["app"] | "unknown" 440 source_version: source.labels["version"] | "unknown" 441 destination_workload: destination.workload.name | "unknown" 442 destination_workload_namespace: destination.workload.namespace | "unknown" 443 destination_principal: destination.principal | "unknown" 444 destination_app: destination.labels["app"] | "unknown" 445 destination_version: destination.labels["version"] | "unknown" 446 destination_service: destination.service.name | "unknown" 447 destination_service_name: destination.service.name | "unknown" 448 destination_service_namespace: destination.service.namespace | "unknown" 449 connection_security_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none")) 450 monitored_resource_type: '"UNSPECIFIED"' 451 --- 452 apiVersion: "config.istio.io/v1alpha2" 453 kind: prometheus 454 metadata: 455 name: handler 456 namespace: {{ .Release.Namespace }} 457 spec: 458 metrics: 459 - name: requests_total 460 instance_name: requestcount.metric.{{ .Release.Namespace }} 461 kind: COUNTER 462 label_names: 463 - reporter 464 - source_app 465 - source_principal 466 - source_workload 467 - source_workload_namespace 468 - source_version 469 - destination_app 470 - destination_principal 471 - destination_workload 472 - destination_workload_namespace 473 - destination_version 474 - destination_service 475 - destination_service_name 476 - destination_service_namespace 477 - request_protocol 478 - response_code 479 - connection_security_policy 480 - name: request_duration_seconds 481 instance_name: requestduration.metric.{{ .Release.Namespace }} 482 kind: DISTRIBUTION 483 label_names: 484 - reporter 485 - source_app 486 - source_principal 487 - source_workload 488 - source_workload_namespace 489 - source_version 490 - destination_app 491 - destination_principal 492 - destination_workload 493 - destination_workload_namespace 494 - destination_version 495 - destination_service 496 - destination_service_name 497 - destination_service_namespace 498 - request_protocol 499 - response_code 500 - connection_security_policy 501 buckets: 502 explicit_buckets: 503 bounds: [0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10] 504 - name: request_bytes 505 instance_name: requestsize.metric.{{ .Release.Namespace }} 506 kind: DISTRIBUTION 507 label_names: 508 - reporter 509 - source_app 510 - source_principal 511 - source_workload 512 - source_workload_namespace 513 - source_version 514 - destination_app 515 - destination_principal 516 - destination_workload 517 - destination_workload_namespace 518 - destination_version 519 - destination_service 520 - destination_service_name 521 - destination_service_namespace 522 - request_protocol 523 - response_code 524 - connection_security_policy 525 buckets: 526 exponentialBuckets: 527 numFiniteBuckets: 8 528 scale: 1 529 growthFactor: 10 530 - name: response_bytes 531 instance_name: responsesize.metric.{{ .Release.Namespace }} 532 kind: DISTRIBUTION 533 label_names: 534 - reporter 535 - source_app 536 - source_principal 537 - source_workload 538 - source_workload_namespace 539 - source_version 540 - destination_app 541 - destination_principal 542 - destination_workload 543 - destination_workload_namespace 544 - destination_version 545 - destination_service 546 - destination_service_name 547 - destination_service_namespace 548 - request_protocol 549 - response_code 550 - connection_security_policy 551 buckets: 552 exponentialBuckets: 553 numFiniteBuckets: 8 554 scale: 1 555 growthFactor: 10 556 - name: tcp_sent_bytes_total 557 instance_name: tcpbytesent.metric.{{ .Release.Namespace }} 558 kind: COUNTER 559 label_names: 560 - reporter 561 - source_app 562 - source_principal 563 - source_workload 564 - source_workload_namespace 565 - source_version 566 - destination_app 567 - destination_principal 568 - destination_workload 569 - destination_workload_namespace 570 - destination_version 571 - destination_service 572 - destination_service_name 573 - destination_service_namespace 574 - connection_security_policy 575 - name: tcp_received_bytes_total 576 instance_name: tcpbytereceived.metric.{{ .Release.Namespace }} 577 kind: COUNTER 578 label_names: 579 - reporter 580 - source_app 581 - source_principal 582 - source_workload 583 - source_workload_namespace 584 - source_version 585 - destination_app 586 - destination_principal 587 - destination_workload 588 - destination_workload_namespace 589 - destination_version 590 - destination_service 591 - destination_service_name 592 - destination_service_namespace 593 - connection_security_policy 594 --- 595 apiVersion: "config.istio.io/v1alpha2" 596 kind: rule 597 metadata: 598 name: promhttp 599 namespace: {{ .Release.Namespace }} 600 spec: 601 match: context.protocol == "http" || context.protocol == "grpc" 602 actions: 603 - handler: handler.prometheus 604 instances: 605 - requestcount.metric 606 - requestduration.metric 607 - requestsize.metric 608 - responsesize.metric 609 --- 610 apiVersion: "config.istio.io/v1alpha2" 611 kind: rule 612 metadata: 613 name: promtcp 614 namespace: {{ .Release.Namespace }} 615 spec: 616 match: context.protocol == "tcp" 617 actions: 618 - handler: handler.prometheus 619 instances: 620 - tcpbytesent.metric 621 - tcpbytereceived.metric 622 --- 623 624 apiVersion: "config.istio.io/v1alpha2" 625 kind: kubernetesenv 626 metadata: 627 name: handler 628 namespace: {{ .Release.Namespace }} 629 spec: 630 # when running from mixer root, use the following config after adding a 631 # symbolic link to a kubernetes config file via: 632 # 633 # $ ln -s ~/.kube/config mixer/adapter/kubernetes/kubeconfig 634 # 635 # kubeconfig_path: "mixer/adapter/kubernetes/kubeconfig" 636 637 --- 638 apiVersion: "config.istio.io/v1alpha2" 639 kind: rule 640 metadata: 641 name: kubeattrgenrulerule 642 namespace: {{ .Release.Namespace }} 643 spec: 644 actions: 645 - handler: handler.kubernetesenv 646 instances: 647 - attributes.kubernetes 648 --- 649 apiVersion: "config.istio.io/v1alpha2" 650 kind: rule 651 metadata: 652 name: tcpkubeattrgenrulerule 653 namespace: {{ .Release.Namespace }} 654 spec: 655 match: context.protocol == "tcp" 656 actions: 657 - handler: handler.kubernetesenv 658 instances: 659 - attributes.kubernetes 660 --- 661 apiVersion: "config.istio.io/v1alpha2" 662 kind: kubernetes 663 metadata: 664 name: attributes 665 namespace: {{ .Release.Namespace }} 666 spec: 667 # Pass the required attribute data to the adapter 668 source_uid: source.uid | "" 669 source_ip: source.ip | ip("0.0.0.0") # default to unspecified ip addr 670 destination_uid: destination.uid | "" 671 destination_port: destination.port | 0 672 attribute_bindings: 673 # Fill the new attributes from the adapter produced output. 674 # $out refers to an instance of OutputTemplate message 675 source.ip: $out.source_pod_ip | ip("0.0.0.0") 676 source.uid: $out.source_pod_uid | "unknown" 677 source.labels: $out.source_labels | emptyStringMap() 678 source.name: $out.source_pod_name | "unknown" 679 source.namespace: $out.source_namespace | "default" 680 source.owner: $out.source_owner | "unknown" 681 source.serviceAccount: $out.source_service_account_name | "unknown" 682 source.workload.uid: $out.source_workload_uid | "unknown" 683 source.workload.name: $out.source_workload_name | "unknown" 684 source.workload.namespace: $out.source_workload_namespace | "unknown" 685 destination.ip: $out.destination_pod_ip | ip("0.0.0.0") 686 destination.uid: $out.destination_pod_uid | "unknown" 687 destination.labels: $out.destination_labels | emptyStringMap() 688 destination.name: $out.destination_pod_name | "unknown" 689 destination.container.name: $out.destination_container_name | "unknown" 690 destination.namespace: $out.destination_namespace | "default" 691 destination.owner: $out.destination_owner | "unknown" 692 destination.serviceAccount: $out.destination_service_account_name | "unknown" 693 destination.workload.uid: $out.destination_workload_uid | "unknown" 694 destination.workload.name: $out.destination_workload_name | "unknown" 695 destination.workload.namespace: $out.destination_workload_namespace | "unknown" 696 697 --- 698 # Configuration needed by Mixer. 699 # Mixer cluster is delivered via CDS 700 # Specify mixer cluster settings 701 apiVersion: networking.istio.io/v1alpha3 702 kind: DestinationRule 703 metadata: 704 name: istio-policy 705 namespace: {{ .Release.Namespace }} 706 spec: 707 host: istio-policy.{{ .Release.Namespace }}.svc.cluster.local 708 trafficPolicy: 709 {{- if .Values.global.controlPlaneSecurityEnabled }} 710 portLevelSettings: 711 - port: 712 number: 15004 713 tls: 714 mode: ISTIO_MUTUAL 715 {{- end}} 716 connectionPool: 717 http: 718 http2MaxRequests: 10000 719 maxRequestsPerConnection: 10000 720 --- 721 apiVersion: networking.istio.io/v1alpha3 722 kind: DestinationRule 723 metadata: 724 name: istio-telemetry 725 namespace: {{ .Release.Namespace }} 726 spec: 727 host: istio-telemetry.{{ .Release.Namespace }}.svc.cluster.local 728 trafficPolicy: 729 {{- if .Values.global.controlPlaneSecurityEnabled }} 730 portLevelSettings: 731 - port: 732 number: 15004 733 tls: 734 mode: ISTIO_MUTUAL 735 {{- end}} 736 connectionPool: 737 http: 738 http2MaxRequests: 10000 739 maxRequestsPerConnection: 10000 740 ---