conf/config-default.yaml - apisix-ingress-controller - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more
 # contributor license agreements.  See the NOTICE file distributed with
 # this work for additional information regarding copyright ownership.
 # The ASF licenses this file to You under the Apache License, Version 2.0
 # (the "License"); you may not use this file except in compliance with
 # the License.  You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 # log options
 log_level: "info"    # the error log level, default is info, optional values are:
                      # debug
                      # info
                      # warn
                      # error
                      # panic
                      # fatal
 log_output: "stderr" # the output file path of error log, default is stderr, when
                      # the file path is "stderr" or "stdout", logs are marshalled
                      # plainly, which is more readable for human; otherwise logs
                      # are marshalled in JSON format, which can be parsed by
                      # programs easily.

 log_rotate_output_path: ""  # rotate output path, the logs will be written in this file
 log_rotation_max_size: 100  # rotate max size, max size in megabytes of log file before it get rotated. It defaults to 100
 log_rotation_max_age: 0     # rotate max age, max age of old log files to retain
 log_rotation_max_backups: 0 # rotate max backups, max numbers of old log files to retain

 cert_file: "/etc/webhook/certs/cert.pem" # the TLS certificate file path.
 key_file: "/etc/webhook/certs/key.pem"   # the TLS key file path.

 http_listen: ":8080"   # the HTTP Server listen address, default is ":8080"
 https_listen: ":8443"   # the HTTPS Server listen address, default is ":8443"
 ingress_publish_service: ""  # the controller will use the Endpoint of this Service to
                              # update the status information of the Ingress resource.
                              # The format is "namespace/svc-name" to solve the situation that
                              # the data plane and the controller are not deployed in the same namespace.
 ingress_status_address: []   # when there is no available information on the Service
                              # used for publishing on the data plane,
                              # the static address provided here will be
                              # used to update the status information of Ingress.
                              # When ingress-publish-service is specified at the same time, ingress-status-address is preferred.
                              # For example, no available LB exists in the bare metal environment.
 enable_profiling: true # enable profiling via web interfaces
                        # host:port/debug/pprof, default is true.
 apisix_resource_sync_interval: "1h" # Default interval for synchronizing Kubernetes resources to APISIX

 # Kubernetes related configurations.
 kubernetes:
   kubeconfig: ""                       # the Kubernetes configuration file path, default is
                                        # "", so the in-cluster configuration will be used.
   resync_interval: "6h"                # how long should apisix-ingress-controller
                                        # re-synchronizes with Kubernetes, default is 6h,
                                        # and the minimal resync interval is 30s.
   namespace_selector: [""]             # namespace_selector represent basis for selecting managed namespaces.
                                        # the field is support since version 1.4.0
                                        # For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching"
   election_id: "ingress-apisix-leader" # the election id for the controller leader campaign,
                                        # only the leader will watch and delivery resource changes,
                                        # other instances (as candidates) stand by.
   ingress_class: "apisix-and-all"      # apisix-and-all is a special value, it handles Ingress resources with ingressClassName=apisix and all CRDs.
                                        # this field can be used for both Ingress Object and custom resources.
                                        # IngressClassName in Kubernetes clusters version v1.18.0
                                        # or higher or the annotation "kubernetes.io/ingress.class"
                                        # (deprecated).
   ingress_version: "networking/v1"     # the supported ingress api group version, can be "networking/v1beta1"
                                        # , "networking/v1" (for Kubernetes version v1.19.0 or higher), and
                                        # "extensions/v1beta1", default is "networking/v1".
   watch_endpointslices: false          # whether to watch EndpointSlices rather than Endpoints.

   apisix_route_version: "apisix.apache.org/v2"  # the supported apisixroute api group version.
                                                      # the latest version is "apisix.apache.org/v2".

   enable_gateway_api: false            # whether to enable support for Gateway API.
                                        # Note: This feature is currently under development and may not work as expected.
                                        # It is not recommended to use it in a production environment.
                                        # Before we announce support for it to reach Beta level or GA.
   api_version: apisix.apache.org/v2    # the default value of API version is "apisix.apache.org/v2", only support "apisix.apache.org/v2".

   plugin_metadata_cm: plugin-metadata-config-map

   disable_status_updates: false # In the case of a large number of resources and the status of resources is not concerned
                     # you can consider disabling status to speed up the synchronization cycle of resources.
 # APISIX related configurations.

 etcdserver:
   enabled: false  # When enabled, the configuration of apisix will be optional.
   listen_address: ":12379"
   prefix: /apisix
   ssl_key_encrypt_salt: edd1c9f0985e76a2  # Need to be consistent with the apisix.ssl.key_encrypt_salt, ref https://github.com/apache/apisix/blob/release/3.2/conf/config-default.yaml#L115.
                                           # key_encrypt_salt is used to encrypt SSL keys.

 apisix:
   admin_api_version: v3  # the APISIX admin API version. can be "v2" or "v3"

   default_cluster_base_url: "http://127.0.0.1:9180/apisix/admin" # The base url of admin api / manager api
                                                                  # of the default APISIX cluster

   default_cluster_admin_key: "" # the admin key used for the authentication of admin api / manager api in the
                                 # default APISIX cluster, by default this field is unset.

   default_cluster_name: "default" # name of the default APISIX cluster.
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# log options
	log_level: "info" # the error log level, default is info, optional values are:
	# debug
	# info
	# warn
	# error
	# panic
	# fatal
	log_output: "stderr" # the output file path of error log, default is stderr, when
	# the file path is "stderr" or "stdout", logs are marshalled
	# plainly, which is more readable for human; otherwise logs
	# are marshalled in JSON format, which can be parsed by
	# programs easily.

	log_rotate_output_path: "" # rotate output path, the logs will be written in this file
	log_rotation_max_size: 100 # rotate max size, max size in megabytes of log file before it get rotated. It defaults to 100
	log_rotation_max_age: 0 # rotate max age, max age of old log files to retain
	log_rotation_max_backups: 0 # rotate max backups, max numbers of old log files to retain

	cert_file: "/etc/webhook/certs/cert.pem" # the TLS certificate file path.
	key_file: "/etc/webhook/certs/key.pem" # the TLS key file path.

	http_listen: ":8080" # the HTTP Server listen address, default is ":8080"
	https_listen: ":8443" # the HTTPS Server listen address, default is ":8443"
	ingress_publish_service: "" # the controller will use the Endpoint of this Service to
	# update the status information of the Ingress resource.
	# The format is "namespace/svc-name" to solve the situation that
	# the data plane and the controller are not deployed in the same namespace.
	ingress_status_address: [] # when there is no available information on the Service
	# used for publishing on the data plane,
	# the static address provided here will be
	# used to update the status information of Ingress.
	# When ingress-publish-service is specified at the same time, ingress-status-address is preferred.
	# For example, no available LB exists in the bare metal environment.
	enable_profiling: true # enable profiling via web interfaces
	# host:port/debug/pprof, default is true.
	apisix_resource_sync_interval: "1h" # Default interval for synchronizing Kubernetes resources to APISIX

	# Kubernetes related configurations.
	kubernetes:
	kubeconfig: "" # the Kubernetes configuration file path, default is
	# "", so the in-cluster configuration will be used.
	resync_interval: "6h" # how long should apisix-ingress-controller
	# re-synchronizes with Kubernetes, default is 6h,
	# and the minimal resync interval is 30s.
	namespace_selector: [""] # namespace_selector represent basis for selecting managed namespaces.
	# the field is support since version 1.4.0
	# For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching"
	election_id: "ingress-apisix-leader" # the election id for the controller leader campaign,
	# only the leader will watch and delivery resource changes,
	# other instances (as candidates) stand by.
	ingress_class: "apisix-and-all" # apisix-and-all is a special value, it handles Ingress resources with ingressClassName=apisix and all CRDs.
	# this field can be used for both Ingress Object and custom resources.
	# IngressClassName in Kubernetes clusters version v1.18.0
	# or higher or the annotation "kubernetes.io/ingress.class"
	# (deprecated).
	ingress_version: "networking/v1" # the supported ingress api group version, can be "networking/v1beta1"
	# , "networking/v1" (for Kubernetes version v1.19.0 or higher), and
	# "extensions/v1beta1", default is "networking/v1".
	watch_endpointslices: false # whether to watch EndpointSlices rather than Endpoints.

	apisix_route_version: "apisix.apache.org/v2" # the supported apisixroute api group version.
	# the latest version is "apisix.apache.org/v2".

	enable_gateway_api: false # whether to enable support for Gateway API.
	# Note: This feature is currently under development and may not work as expected.
	# It is not recommended to use it in a production environment.
	# Before we announce support for it to reach Beta level or GA.
	api_version: apisix.apache.org/v2 # the default value of API version is "apisix.apache.org/v2", only support "apisix.apache.org/v2".

	plugin_metadata_cm: plugin-metadata-config-map

	disable_status_updates: false # In the case of a large number of resources and the status of resources is not concerned
	# you can consider disabling status to speed up the synchronization cycle of resources.
	# APISIX related configurations.

	etcdserver:
	enabled: false # When enabled, the configuration of apisix will be optional.
	listen_address: ":12379"
	prefix: /apisix
	ssl_key_encrypt_salt: edd1c9f0985e76a2 # Need to be consistent with the apisix.ssl.key_encrypt_salt, ref https://github.com/apache/apisix/blob/release/3.2/conf/config-default.yaml#L115.
	# key_encrypt_salt is used to encrypt SSL keys.

	apisix:
	admin_api_version: v3 # the APISIX admin API version. can be "v2" or "v3"

	default_cluster_base_url: "http://127.0.0.1:9180/apisix/admin" # The base url of admin api / manager api
	# of the default APISIX cluster

	default_cluster_admin_key: "" # the admin key used for the authentication of admin api / manager api in the
	# default APISIX cluster, by default this field is unset.

	default_cluster_name: "default" # name of the default APISIX cluster.