manifests/charts/istio-cni/values.yaml - dubbo-go-pixiu - Git at Google

 cni:
   hub: ""
   tag: ""
   image: install-cni
   pullPolicy: ""

   logLevel: info

   # Configuration file to insert istio-cni plugin configuration
   # by default this will be the first file found in the cni-conf-dir
   # Example
   # cniConfFileName: 10-calico.conflist

   # CNI bin and conf dir override settings
   # defaults:
   cniBinDir: /opt/cni/bin
   cniConfDir: /etc/cni/net.d
   cniConfFileName: ""

   excludeNamespaces:
     - dubbo-system
     - kube-system

   # Custom annotations on pod level, if you need them
   podAnnotations: {}

   # If this value is set a RoleBinding will be created
   # in the same namespace as the istio-cni DaemonSet is created.
   # This can be used to bind a preexisting ClusterRole to the istio/cni ServiceAccount
   # e.g. if you use PodSecurityPolicies
   psp_cluster_role: ""

   # Deploy the config files as plugin chain (value "true") or as standalone files in the conf dir (value "false")?
   # Some k8s flavors (e.g. OpenShift) do not support the chain approach, set to false if this is the case
   chained: true

   # Allow the istio-cni container to run in privileged mode, needed for some platforms (e.g. OpenShift)
   privileged: false

   repair:
     enabled: true
     hub: ""
     tag: ""

     labelPods: true
     deletePods: true

     initContainerName: "istio-validation"

     brokenPodLabelKey: "cni.istio.io/uninitialized"
     brokenPodLabelValue: "true"

   resources:
     requests:
       cpu: 100m
       memory: 100Mi

   # Experimental taint controller for further race condition mitigation
   taint:
     enabled: false

   resourceQuotas:
     enabled: false
     pods: 5000

 # Revision is set as 'version' label and part of the resource names when installing multiple control planes.
 revision: ""

 # For Helm compatibility.
 ownerName: ""

 global:
   # Default hub for Istio images.
   # Releases are published to docker hub under 'istio' project.
   # Dev builds from prow are on gcr.io
   hub: apache

   # Default tag for Istio images.
   tag: latest

   # Specify image pull policy if default behavior isn't desired.
   # Default behavior: latest images will be Always else IfNotPresent.
   imagePullPolicy: ""

   # ImagePullSecrets for all ServiceAccount, list of secrets in the same namespace
   # to use for pulling any images in pods that reference this ServiceAccount.
   # For components that don't use ServiceAccounts (i.e. grafana, servicegraph, tracing)
   # ImagePullSecrets will be added to the corresponding Deployment(StatefulSet) objects.
   # Must be set for any cluster configured with private docker registry.
   imagePullSecrets: []
   # - private-registry-key

   # Default resources allocated
   defaultResources:
      requests:
        cpu: 100m
        memory: 100Mi
	cni:
	hub: ""
	tag: ""
	image: install-cni
	pullPolicy: ""

	logLevel: info

	# Configuration file to insert istio-cni plugin configuration
	# by default this will be the first file found in the cni-conf-dir
	# Example
	# cniConfFileName: 10-calico.conflist

	# CNI bin and conf dir override settings
	# defaults:
	cniBinDir: /opt/cni/bin
	cniConfDir: /etc/cni/net.d
	cniConfFileName: ""

	excludeNamespaces:
	- dubbo-system
	- kube-system

	# Custom annotations on pod level, if you need them
	podAnnotations: {}

	# If this value is set a RoleBinding will be created
	# in the same namespace as the istio-cni DaemonSet is created.
	# This can be used to bind a preexisting ClusterRole to the istio/cni ServiceAccount
	# e.g. if you use PodSecurityPolicies
	psp_cluster_role: ""

	# Deploy the config files as plugin chain (value "true") or as standalone files in the conf dir (value "false")?
	# Some k8s flavors (e.g. OpenShift) do not support the chain approach, set to false if this is the case
	chained: true

	# Allow the istio-cni container to run in privileged mode, needed for some platforms (e.g. OpenShift)
	privileged: false

	repair:
	enabled: true
	hub: ""
	tag: ""

	labelPods: true
	deletePods: true

	initContainerName: "istio-validation"

	brokenPodLabelKey: "cni.istio.io/uninitialized"
	brokenPodLabelValue: "true"

	resources:
	requests:
	cpu: 100m
	memory: 100Mi

	# Experimental taint controller for further race condition mitigation
	taint:
	enabled: false

	resourceQuotas:
	enabled: false
	pods: 5000

	# Revision is set as 'version' label and part of the resource names when installing multiple control planes.
	revision: ""

	# For Helm compatibility.
	ownerName: ""

	global:
	# Default hub for Istio images.
	# Releases are published to docker hub under 'istio' project.
	# Dev builds from prow are on gcr.io
	hub: apache

	# Default tag for Istio images.
	tag: latest

	# Specify image pull policy if default behavior isn't desired.
	# Default behavior: latest images will be Always else IfNotPresent.
	imagePullPolicy: ""

	# ImagePullSecrets for all ServiceAccount, list of secrets in the same namespace
	# to use for pulling any images in pods that reference this ServiceAccount.
	# For components that don't use ServiceAccounts (i.e. grafana, servicegraph, tracing)
	# ImagePullSecrets will be added to the corresponding Deployment(StatefulSet) objects.
	# Must be set for any cluster configured with private docker registry.
	imagePullSecrets: []
	# - private-registry-key

	# Default resources allocated
	defaultResources:
	requests:
	cpu: 100m
	memory: 100Mi