| cni: |
| hub: "" |
| tag: "" |
| image: install-cni |
| pullPolicy: "" |
| |
| logLevel: info |
| |
| # Configuration file to insert istio-cni plugin configuration |
| # by default this will be the first file found in the cni-conf-dir |
| # Example |
| # cniConfFileName: 10-calico.conflist |
| |
| # CNI bin and conf dir override settings |
| # defaults: |
| cniBinDir: /opt/cni/bin |
| cniConfDir: /etc/cni/net.d |
| cniConfFileName: "" |
| |
| excludeNamespaces: |
| - dubbo-system |
| - kube-system |
| |
| # Custom annotations on pod level, if you need them |
| podAnnotations: {} |
| |
| # If this value is set a RoleBinding will be created |
| # in the same namespace as the istio-cni DaemonSet is created. |
| # This can be used to bind a preexisting ClusterRole to the istio/cni ServiceAccount |
| # e.g. if you use PodSecurityPolicies |
| psp_cluster_role: "" |
| |
| # Deploy the config files as plugin chain (value "true") or as standalone files in the conf dir (value "false")? |
| # Some k8s flavors (e.g. OpenShift) do not support the chain approach, set to false if this is the case |
| chained: true |
| |
| # Allow the istio-cni container to run in privileged mode, needed for some platforms (e.g. OpenShift) |
| privileged: false |
| |
| repair: |
| enabled: true |
| hub: "" |
| tag: "" |
| |
| labelPods: true |
| deletePods: true |
| |
| initContainerName: "istio-validation" |
| |
| brokenPodLabelKey: "cni.istio.io/uninitialized" |
| brokenPodLabelValue: "true" |
| |
| resources: |
| requests: |
| cpu: 100m |
| memory: 100Mi |
| |
| # Experimental taint controller for further race condition mitigation |
| taint: |
| enabled: false |
| |
| resourceQuotas: |
| enabled: false |
| pods: 5000 |
| |
| # Revision is set as 'version' label and part of the resource names when installing multiple control planes. |
| revision: "" |
| |
| # For Helm compatibility. |
| ownerName: "" |
| |
| global: |
| # Default hub for Istio images. |
| # Releases are published to docker hub under 'istio' project. |
| # Dev builds from prow are on gcr.io |
| hub: apache |
| |
| # Default tag for Istio images. |
| tag: latest |
| |
| # Specify image pull policy if default behavior isn't desired. |
| # Default behavior: latest images will be Always else IfNotPresent. |
| imagePullPolicy: "" |
| |
| # ImagePullSecrets for all ServiceAccount, list of secrets in the same namespace |
| # to use for pulling any images in pods that reference this ServiceAccount. |
| # For components that don't use ServiceAccounts (i.e. grafana, servicegraph, tracing) |
| # ImagePullSecrets will be added to the corresponding Deployment(StatefulSet) objects. |
| # Must be set for any cluster configured with private docker registry. |
| imagePullSecrets: [] |
| # - private-registry-key |
| |
| # Default resources allocated |
| defaultResources: |
| requests: |
| cpu: 100m |
| memory: 100Mi |