istio.io/istio@v0.0.0-20240520182934-d79c90f27776/samples/addons/kiali.yaml (about) 1 --- 2 # Source: kiali-server/templates/serviceaccount.yaml 3 apiVersion: v1 4 kind: ServiceAccount 5 metadata: 6 name: kiali 7 namespace: istio-system 8 labels: 9 helm.sh/chart: kiali-server-1.82.0 10 app: kiali 11 app.kubernetes.io/name: kiali 12 app.kubernetes.io/instance: kiali 13 version: "v1.82.0" 14 app.kubernetes.io/version: "v1.82.0" 15 app.kubernetes.io/managed-by: Helm 16 app.kubernetes.io/part-of: "kiali" 17 ... 18 --- 19 # Source: kiali-server/templates/configmap.yaml 20 apiVersion: v1 21 kind: ConfigMap 22 metadata: 23 name: kiali 24 namespace: istio-system 25 labels: 26 helm.sh/chart: kiali-server-1.82.0 27 app: kiali 28 app.kubernetes.io/name: kiali 29 app.kubernetes.io/instance: kiali 30 version: "v1.82.0" 31 app.kubernetes.io/version: "v1.82.0" 32 app.kubernetes.io/managed-by: Helm 33 app.kubernetes.io/part-of: "kiali" 34 data: 35 config.yaml: | 36 additional_display_details: 37 - annotation: kiali.io/api-spec 38 icon_annotation: kiali.io/api-type 39 title: API Documentation 40 auth: 41 openid: {} 42 openshift: 43 client_id_prefix: kiali 44 strategy: anonymous 45 clustering: 46 autodetect_secrets: 47 enabled: true 48 label: kiali.io/multiCluster=true 49 clusters: [] 50 deployment: 51 accessible_namespaces: 52 - '**' 53 additional_service_yaml: {} 54 affinity: 55 node: {} 56 pod: {} 57 pod_anti: {} 58 configmap_annotations: {} 59 custom_secrets: [] 60 host_aliases: [] 61 hpa: 62 api_version: autoscaling/v2 63 spec: {} 64 image_digest: "" 65 image_name: quay.io/kiali/kiali 66 image_pull_policy: Always 67 image_pull_secrets: [] 68 image_version: v1.82 69 ingress: 70 additional_labels: {} 71 class_name: nginx 72 override_yaml: 73 metadata: {} 74 ingress_enabled: false 75 instance_name: kiali 76 logger: 77 log_format: text 78 log_level: info 79 sampler_rate: "1" 80 time_field_format: 2006-01-02T15:04:05Z07:00 81 namespace: istio-system 82 node_selector: {} 83 pod_annotations: {} 84 pod_labels: 85 sidecar.istio.io/inject: "false" 86 priority_class_name: "" 87 replicas: 1 88 resources: 89 limits: 90 memory: 1Gi 91 requests: 92 cpu: 10m 93 memory: 64Mi 94 secret_name: kiali 95 security_context: {} 96 service_annotations: {} 97 service_type: "" 98 tolerations: [] 99 version_label: v1.82.0 100 view_only_mode: false 101 external_services: 102 custom_dashboards: 103 enabled: true 104 istio: 105 root_namespace: istio-system 106 tracing: 107 enabled: false 108 identity: 109 cert_file: "" 110 private_key_file: "" 111 istio_namespace: istio-system 112 kiali_feature_flags: 113 certificates_information_indicators: 114 enabled: true 115 secrets: 116 - cacerts 117 - istio-ca-secret 118 disabled_features: [] 119 validations: 120 ignore: 121 - KIA1301 122 login_token: 123 signing_key: CHANGEME00000000 124 server: 125 observability: 126 metrics: 127 enabled: true 128 port: 9090 129 port: 20001 130 web_root: /kiali 131 ... 132 --- 133 # Source: kiali-server/templates/role-viewer.yaml 134 apiVersion: rbac.authorization.k8s.io/v1 135 kind: ClusterRole 136 metadata: 137 name: kiali-viewer 138 labels: 139 helm.sh/chart: kiali-server-1.82.0 140 app: kiali 141 app.kubernetes.io/name: kiali 142 app.kubernetes.io/instance: kiali 143 version: "v1.82.0" 144 app.kubernetes.io/version: "v1.82.0" 145 app.kubernetes.io/managed-by: Helm 146 app.kubernetes.io/part-of: "kiali" 147 rules: 148 - apiGroups: [""] 149 resources: 150 - configmaps 151 - endpoints 152 - pods/log 153 verbs: 154 - get 155 - list 156 - watch 157 - apiGroups: [""] 158 resources: 159 - namespaces 160 - pods 161 - replicationcontrollers 162 - services 163 verbs: 164 - get 165 - list 166 - watch 167 - apiGroups: [""] 168 resources: 169 - pods/portforward 170 verbs: 171 - create 172 - post 173 - apiGroups: ["extensions", "apps"] 174 resources: 175 - daemonsets 176 - deployments 177 - replicasets 178 - statefulsets 179 verbs: 180 - get 181 - list 182 - watch 183 - apiGroups: ["batch"] 184 resources: 185 - cronjobs 186 - jobs 187 verbs: 188 - get 189 - list 190 - watch 191 - apiGroups: 192 - networking.istio.io 193 - security.istio.io 194 - extensions.istio.io 195 - telemetry.istio.io 196 - gateway.networking.k8s.io 197 resources: ["*"] 198 verbs: 199 - get 200 - list 201 - watch 202 - apiGroups: ["apps.openshift.io"] 203 resources: 204 - deploymentconfigs 205 verbs: 206 - get 207 - list 208 - watch 209 - apiGroups: ["project.openshift.io"] 210 resources: 211 - projects 212 verbs: 213 - get 214 - apiGroups: ["route.openshift.io"] 215 resources: 216 - routes 217 verbs: 218 - get 219 - apiGroups: ["authentication.k8s.io"] 220 resources: 221 - tokenreviews 222 verbs: 223 - create 224 ... 225 --- 226 # Source: kiali-server/templates/role.yaml 227 apiVersion: rbac.authorization.k8s.io/v1 228 kind: ClusterRole 229 metadata: 230 name: kiali 231 labels: 232 helm.sh/chart: kiali-server-1.82.0 233 app: kiali 234 app.kubernetes.io/name: kiali 235 app.kubernetes.io/instance: kiali 236 version: "v1.82.0" 237 app.kubernetes.io/version: "v1.82.0" 238 app.kubernetes.io/managed-by: Helm 239 app.kubernetes.io/part-of: "kiali" 240 rules: 241 - apiGroups: [""] 242 resources: 243 - configmaps 244 - endpoints 245 - pods/log 246 verbs: 247 - get 248 - list 249 - watch 250 - apiGroups: [""] 251 resources: 252 - namespaces 253 - pods 254 - replicationcontrollers 255 - services 256 verbs: 257 - get 258 - list 259 - watch 260 - patch 261 - apiGroups: [""] 262 resources: 263 - pods/portforward 264 verbs: 265 - create 266 - post 267 - apiGroups: ["extensions", "apps"] 268 resources: 269 - daemonsets 270 - deployments 271 - replicasets 272 - statefulsets 273 verbs: 274 - get 275 - list 276 - watch 277 - patch 278 - apiGroups: ["batch"] 279 resources: 280 - cronjobs 281 - jobs 282 verbs: 283 - get 284 - list 285 - watch 286 - patch 287 - apiGroups: 288 - networking.istio.io 289 - security.istio.io 290 - extensions.istio.io 291 - telemetry.istio.io 292 - gateway.networking.k8s.io 293 resources: ["*"] 294 verbs: 295 - get 296 - list 297 - watch 298 - create 299 - delete 300 - patch 301 - apiGroups: ["apps.openshift.io"] 302 resources: 303 - deploymentconfigs 304 verbs: 305 - get 306 - list 307 - watch 308 - patch 309 - apiGroups: ["project.openshift.io"] 310 resources: 311 - projects 312 verbs: 313 - get 314 - apiGroups: ["route.openshift.io"] 315 resources: 316 - routes 317 verbs: 318 - get 319 - apiGroups: ["authentication.k8s.io"] 320 resources: 321 - tokenreviews 322 verbs: 323 - create 324 ... 325 --- 326 # Source: kiali-server/templates/rolebinding.yaml 327 apiVersion: rbac.authorization.k8s.io/v1 328 kind: ClusterRoleBinding 329 metadata: 330 name: kiali 331 labels: 332 helm.sh/chart: kiali-server-1.82.0 333 app: kiali 334 app.kubernetes.io/name: kiali 335 app.kubernetes.io/instance: kiali 336 version: "v1.82.0" 337 app.kubernetes.io/version: "v1.82.0" 338 app.kubernetes.io/managed-by: Helm 339 app.kubernetes.io/part-of: "kiali" 340 roleRef: 341 apiGroup: rbac.authorization.k8s.io 342 kind: ClusterRole 343 name: kiali 344 subjects: 345 - kind: ServiceAccount 346 name: kiali 347 namespace: istio-system 348 ... 349 --- 350 # Source: kiali-server/templates/role-controlplane.yaml 351 apiVersion: rbac.authorization.k8s.io/v1 352 kind: Role 353 metadata: 354 name: kiali-controlplane 355 namespace: istio-system 356 labels: 357 helm.sh/chart: kiali-server-1.82.0 358 app: kiali 359 app.kubernetes.io/name: kiali 360 app.kubernetes.io/instance: kiali 361 version: "v1.82.0" 362 app.kubernetes.io/version: "v1.82.0" 363 app.kubernetes.io/managed-by: Helm 364 app.kubernetes.io/part-of: "kiali" 365 rules: 366 - apiGroups: [""] 367 resourceNames: 368 - cacerts 369 - istio-ca-secret 370 resources: 371 - secrets 372 verbs: 373 - get 374 - list 375 - watch 376 ... 377 --- 378 # Source: kiali-server/templates/rolebinding-controlplane.yaml 379 apiVersion: rbac.authorization.k8s.io/v1 380 kind: RoleBinding 381 metadata: 382 name: kiali-controlplane 383 namespace: istio-system 384 labels: 385 helm.sh/chart: kiali-server-1.82.0 386 app: kiali 387 app.kubernetes.io/name: kiali 388 app.kubernetes.io/instance: kiali 389 version: "v1.82.0" 390 app.kubernetes.io/version: "v1.82.0" 391 app.kubernetes.io/managed-by: Helm 392 app.kubernetes.io/part-of: "kiali" 393 roleRef: 394 apiGroup: rbac.authorization.k8s.io 395 kind: Role 396 name: kiali-controlplane 397 subjects: 398 - kind: ServiceAccount 399 name: kiali 400 namespace: istio-system 401 ... 402 --- 403 # Source: kiali-server/templates/service.yaml 404 apiVersion: v1 405 kind: Service 406 metadata: 407 name: kiali 408 namespace: istio-system 409 labels: 410 helm.sh/chart: kiali-server-1.82.0 411 app: kiali 412 app.kubernetes.io/name: kiali 413 app.kubernetes.io/instance: kiali 414 version: "v1.82.0" 415 app.kubernetes.io/version: "v1.82.0" 416 app.kubernetes.io/managed-by: Helm 417 app.kubernetes.io/part-of: "kiali" 418 annotations: 419 spec: 420 ports: 421 - name: http 422 appProtocol: http 423 protocol: TCP 424 port: 20001 425 - name: http-metrics 426 appProtocol: http 427 protocol: TCP 428 port: 9090 429 selector: 430 app.kubernetes.io/name: kiali 431 app.kubernetes.io/instance: kiali 432 ... 433 --- 434 # Source: kiali-server/templates/deployment.yaml 435 apiVersion: apps/v1 436 kind: Deployment 437 metadata: 438 name: kiali 439 namespace: istio-system 440 labels: 441 helm.sh/chart: kiali-server-1.82.0 442 app: kiali 443 app.kubernetes.io/name: kiali 444 app.kubernetes.io/instance: kiali 445 version: "v1.82.0" 446 app.kubernetes.io/version: "v1.82.0" 447 app.kubernetes.io/managed-by: Helm 448 app.kubernetes.io/part-of: "kiali" 449 spec: 450 replicas: 1 451 selector: 452 matchLabels: 453 app.kubernetes.io/name: kiali 454 app.kubernetes.io/instance: kiali 455 strategy: 456 rollingUpdate: 457 maxSurge: 1 458 maxUnavailable: 1 459 type: RollingUpdate 460 template: 461 metadata: 462 name: kiali 463 labels: 464 helm.sh/chart: kiali-server-1.82.0 465 app: kiali 466 app.kubernetes.io/name: kiali 467 app.kubernetes.io/instance: kiali 468 version: "v1.82.0" 469 app.kubernetes.io/version: "v1.82.0" 470 app.kubernetes.io/managed-by: Helm 471 app.kubernetes.io/part-of: "kiali" 472 sidecar.istio.io/inject: "false" 473 annotations: 474 checksum/config: 19405f971010f37081fa485f6c53616dfdf97d1d372e4ac9e09434cf0e71f02d 475 prometheus.io/scrape: "true" 476 prometheus.io/port: "9090" 477 kiali.io/dashboards: go,kiali 478 spec: 479 serviceAccountName: kiali 480 containers: 481 - image: "quay.io/kiali/kiali:v1.82" 482 imagePullPolicy: Always 483 name: kiali 484 command: 485 - "/opt/kiali/kiali" 486 - "-config" 487 - "/kiali-configuration/config.yaml" 488 securityContext: 489 allowPrivilegeEscalation: false 490 privileged: false 491 readOnlyRootFilesystem: true 492 runAsNonRoot: true 493 capabilities: 494 drop: 495 - ALL 496 ports: 497 - name: api-port 498 containerPort: 20001 499 - name: http-metrics 500 containerPort: 9090 501 readinessProbe: 502 httpGet: 503 path: /kiali/healthz 504 port: api-port 505 scheme: HTTP 506 initialDelaySeconds: 5 507 periodSeconds: 30 508 livenessProbe: 509 httpGet: 510 path: /kiali/healthz 511 port: api-port 512 scheme: HTTP 513 initialDelaySeconds: 5 514 periodSeconds: 30 515 env: 516 - name: ACTIVE_NAMESPACE 517 valueFrom: 518 fieldRef: 519 fieldPath: metadata.namespace 520 - name: LOG_LEVEL 521 value: "info" 522 - name: LOG_FORMAT 523 value: "text" 524 - name: LOG_TIME_FIELD_FORMAT 525 value: "2006-01-02T15:04:05Z07:00" 526 - name: LOG_SAMPLER_RATE 527 value: "1" 528 volumeMounts: 529 - name: kiali-configuration 530 mountPath: "/kiali-configuration" 531 - name: kiali-cert 532 mountPath: "/kiali-cert" 533 - name: kiali-secret 534 mountPath: "/kiali-secret" 535 - name: kiali-cabundle 536 mountPath: "/kiali-cabundle" 537 resources: 538 limits: 539 memory: 1Gi 540 requests: 541 cpu: 10m 542 memory: 64Mi 543 volumes: 544 - name: kiali-configuration 545 configMap: 546 name: kiali 547 - name: kiali-cert 548 secret: 549 secretName: istio.kiali-service-account 550 optional: true 551 - name: kiali-secret 552 secret: 553 secretName: kiali 554 optional: true 555 - name: kiali-cabundle 556 configMap: 557 name: kiali-cabundle 558 optional: true 559 ...