istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pilot/pkg/config/kube/gateway/testdata/deployment/waypoint.yaml (about) 1 apiVersion: gateway.networking.k8s.io/v1beta1 2 kind: Gateway 3 metadata: 4 annotations: 5 gateway.istio.io/controller-version: "5" 6 --- 7 apiVersion: v1 8 kind: ServiceAccount 9 metadata: 10 annotations: {} 11 labels: 12 gateway.istio.io/managed: istio.io-mesh-controller 13 gateway.networking.k8s.io/gateway-name: namespace 14 istio.io/gateway-name: namespace 15 topology.istio.io/network: network-1 16 name: namespace 17 namespace: default 18 ownerReferences: 19 - apiVersion: gateway.networking.k8s.io/v1beta1 20 kind: Gateway 21 name: namespace 22 uid: "" 23 --- 24 apiVersion: apps/v1 25 kind: Deployment 26 metadata: 27 annotations: {} 28 labels: 29 gateway.istio.io/managed: istio.io-mesh-controller 30 gateway.networking.k8s.io/gateway-name: namespace 31 istio.io/gateway-name: namespace 32 topology.istio.io/network: network-1 33 name: namespace 34 namespace: default 35 ownerReferences: 36 - apiVersion: gateway.networking.k8s.io/v1beta1 37 kind: Gateway 38 name: namespace 39 uid: "" 40 spec: 41 selector: 42 matchLabels: 43 gateway.networking.k8s.io/gateway-name: namespace 44 template: 45 metadata: 46 annotations: 47 istio.io/rev: default 48 prometheus.io/path: /stats/prometheus 49 prometheus.io/port: "15020" 50 prometheus.io/scrape: "true" 51 labels: 52 gateway.istio.io/managed: istio.io-mesh-controller 53 gateway.networking.k8s.io/gateway-name: namespace 54 istio.io/dataplane-mode: none 55 istio.io/gateway-name: namespace 56 service.istio.io/canonical-name: namespace 57 service.istio.io/canonical-revision: latest 58 sidecar.istio.io/inject: "false" 59 topology.istio.io/network: network-1 60 spec: 61 containers: 62 - args: 63 - proxy 64 - waypoint 65 - --domain 66 - $(POD_NAMESPACE).svc.<no value> 67 - --serviceCluster 68 - namespace.$(POD_NAMESPACE) 69 - --proxyLogLevel 70 - <nil> 71 - --proxyComponentLogLevel 72 - <nil> 73 - --log_output_level 74 - <nil> 75 env: 76 - name: ISTIO_META_SERVICE_ACCOUNT 77 valueFrom: 78 fieldRef: 79 fieldPath: spec.serviceAccountName 80 - name: ISTIO_META_NODE_NAME 81 valueFrom: 82 fieldRef: 83 fieldPath: spec.nodeName 84 - name: PILOT_CERT_PROVIDER 85 value: <no value> 86 - name: CA_ADDR 87 value: istiod-<no value>.<no value>.svc:15012 88 - name: POD_NAME 89 valueFrom: 90 fieldRef: 91 fieldPath: metadata.name 92 - name: POD_NAMESPACE 93 valueFrom: 94 fieldRef: 95 fieldPath: metadata.namespace 96 - name: INSTANCE_IP 97 valueFrom: 98 fieldRef: 99 fieldPath: status.podIP 100 - name: SERVICE_ACCOUNT 101 valueFrom: 102 fieldRef: 103 fieldPath: spec.serviceAccountName 104 - name: HOST_IP 105 valueFrom: 106 fieldRef: 107 fieldPath: status.hostIP 108 - name: ISTIO_CPU_LIMIT 109 valueFrom: 110 resourceFieldRef: 111 resource: limits.cpu 112 - name: PROXY_CONFIG 113 value: | 114 {} 115 - name: GOMEMLIMIT 116 valueFrom: 117 resourceFieldRef: 118 resource: limits.memory 119 - name: GOMAXPROCS 120 valueFrom: 121 resourceFieldRef: 122 resource: limits.cpu 123 - name: ISTIO_META_CLUSTER_ID 124 value: Kubernetes 125 - name: ISTIO_META_NETWORK 126 value: network-1 127 - name: ISTIO_META_INTERCEPTION_MODE 128 value: REDIRECT 129 - name: ISTIO_META_WORKLOAD_NAME 130 value: namespace 131 - name: ISTIO_META_OWNER 132 value: kubernetes://apis/apps/v1/namespaces/default/deployments/namespace 133 - name: ISTIO_META_MESH_ID 134 value: cluster.local 135 image: test/proxyv2:test 136 name: istio-proxy 137 ports: 138 - containerPort: 15021 139 name: status-port 140 protocol: TCP 141 - containerPort: 15090 142 name: http-envoy-prom 143 protocol: TCP 144 readinessProbe: 145 failureThreshold: 4 146 httpGet: 147 path: /healthz/ready 148 port: 15021 149 scheme: HTTP 150 initialDelaySeconds: 0 151 periodSeconds: 15 152 successThreshold: 1 153 timeoutSeconds: 1 154 resources: 155 limits: 156 cpu: "2" 157 memory: 1Gi 158 requests: 159 cpu: 100m 160 memory: 128Mi 161 securityContext: 162 capabilities: 163 drop: 164 - ALL 165 privileged: false 166 runAsGroup: 1337 167 runAsUser: 0 168 startupProbe: 169 failureThreshold: 30 170 httpGet: 171 path: /healthz/ready 172 port: 15021 173 scheme: HTTP 174 initialDelaySeconds: 1 175 periodSeconds: 1 176 successThreshold: 1 177 timeoutSeconds: 1 178 volumeMounts: 179 - mountPath: /var/run/secrets/workload-spiffe-uds 180 name: workload-socket 181 - mountPath: /var/run/secrets/istio 182 name: istiod-ca-cert 183 - mountPath: /var/lib/istio/data 184 name: istio-data 185 - mountPath: /etc/istio/proxy 186 name: istio-envoy 187 - mountPath: /var/run/secrets/tokens 188 name: istio-token 189 - mountPath: /etc/istio/pod 190 name: istio-podinfo 191 serviceAccountName: namespace 192 terminationGracePeriodSeconds: 2 193 volumes: 194 - emptyDir: {} 195 name: workload-socket 196 - emptyDir: 197 medium: Memory 198 name: istio-envoy 199 - emptyDir: 200 medium: Memory 201 name: go-proxy-envoy 202 - emptyDir: {} 203 name: istio-data 204 - emptyDir: {} 205 name: go-proxy-data 206 - downwardAPI: 207 items: 208 - fieldRef: 209 fieldPath: metadata.labels 210 path: labels 211 - fieldRef: 212 fieldPath: metadata.annotations 213 path: annotations 214 name: istio-podinfo 215 - name: istio-token 216 projected: 217 sources: 218 - serviceAccountToken: 219 audience: istio-ca 220 expirationSeconds: 43200 221 path: istio-token 222 - configMap: 223 name: istio-ca-root-cert 224 name: istiod-ca-cert 225 --- 226 apiVersion: v1 227 kind: Service 228 metadata: 229 annotations: {} 230 labels: 231 gateway.istio.io/managed: istio.io-mesh-controller 232 gateway.networking.k8s.io/gateway-name: namespace 233 istio.io/gateway-name: namespace 234 topology.istio.io/network: network-1 235 name: namespace 236 namespace: default 237 ownerReferences: 238 - apiVersion: gateway.networking.k8s.io/v1beta1 239 kind: Gateway 240 name: namespace 241 uid: "" 242 spec: 243 ports: 244 - appProtocol: tcp 245 name: status-port 246 port: 15021 247 protocol: TCP 248 - appProtocol: all 249 name: mesh 250 port: 15008 251 protocol: TCP 252 selector: 253 gateway.networking.k8s.io/gateway-name: namespace 254 type: ClusterIP 255 ---