istio.io/istio@v0.0.0-20240520182934-d79c90f27776/manifests/charts/ztunnel/values.yaml

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/manifests/charts/ztunnel/values.yaml (about)

     1  defaults:
     2    # Hub to pull from. Image will be `Hub/Image:Tag-Variant`
     3    hub: gcr.io/istio-testing
     4    # Tag to pull from. Image will be `Hub/Image:Tag-Variant`
     5    tag: latest
     6    # Variant to pull. Options are "debug" or "distroless". Unset will use the default for the given version.
     7    variant: ""
     8  
     9    # Image name to pull from. Image will be `Hub/Image:Tag-Variant`
    10    # If Image contains a "/", it will replace the entire `image` in the pod.
    11    image: ztunnel
    12  
    13    # Labels to apply to all top level resources
    14    labels: {}
    15    # Annotations to apply to all top level resources
    16    annotations: {}
    17  
    18    # Additional volumeMounts to the ztunnel container
    19    volumeMounts: []
    20  
    21    # Additional volumes to the ztunnel pod
    22    volumes: []
    23  
    24    # Annotations added to each pod. The default annotations are required for scraping prometheus (in most environments).
    25    podAnnotations:
    26      prometheus.io/port: "15020"
    27      prometheus.io/scrape: "true"
    28  
    29    # Additional labels to apply on the pod level
    30    podLabels: {}
    31  
    32    # Pod resource configuration
    33    resources:
    34      requests:
    35        cpu: 200m
    36        # Ztunnel memory scales with the size of the cluster and traffic load
    37        # While there are many factors, this is enough for ~200k pod cluster or 100k concurrently open connections.
    38        memory: 512Mi
    39  
    40    # List of secret names to add to the service account as image pull secrets
    41    imagePullSecrets: []
    42  
    43    # A `key: value` mapping of environment variables to add to the pod
    44    env: {}
    45  
    46    # Override for the pod imagePullPolicy
    47    imagePullPolicy: ""
    48  
    49    # Settings for multicluster
    50    multiCluster:
    51      # The name of the cluster we are installing in. Note this is a user-defined name, which must be consistent
    52      # with Istiod configuration.
    53      clusterName: ""
    54  
    55    # meshConfig defines runtime configuration of components.
    56    # For ztunnel, only defaultConfig is used, but this is nested under `meshConfig` for consistency with other
    57    # components.
    58    # TODO: https://github.com/istio/istio/issues/43248
    59    meshConfig:
    60      defaultConfig:
    61        proxyMetadata: {}
    62  
    63    # This value defines:
    64    # 1. how many seconds kube waits for ztunnel pod to gracefully exit before forcibly terminating it (this value)
    65    # 2. how many seconds ztunnel waits to drain its own connections (this value - 1 sec)
    66    # Default K8S value is 30 seconds
    67    terminationGracePeriodSeconds: 30
    68  
    69    # Revision is set as 'version' label and part of the resource names when installing multiple control planes.
    70    revision: ""
    71  
    72    # The customized CA address to retrieve certificates for the pods in the cluster.
    73    # CSR clients such as the Istio Agent and ingress gateways can use this to specify the CA endpoint.
    74    caAddress: ""
    75  
    76    # Used to locate istiod.
    77    istioNamespace: istio-system
    78  
    79    # Configuration log level of ztunnel binary, default is info.
    80    # Valid values are: trace, debug, info, warn, error
    81    logLevel: info
    82  
    83    # Set to `type: RuntimeDefault` to use the default profile if available.
    84    seLinuxOptions: {}
    85    # TODO Ambient inpod - for OpenShift, set to the following to get writable sockets in hostmounts to work, eventually consider CSI driver instead
    86    #seLinuxOptions:
    87    #  type: spc_t