mirror of https://github.com/istio/istio.io.git
Update reference docs. (#5173)
preliminary.istio.io will now display reference material for the release-1.4 branches of istio/istio, istio/api, and istio/operator.
This commit is contained in:
Martin Taillefer
GitHub
parent
32592c56b2
commit
d6445fc726
|
|
@ -47,7 +47,7 @@ Below is our list of existing features and their current phases. This informatio
|
|||
| [Locality load balancing](/docs/ops/traffic-management/locality-load-balancing/) | Beta
|
||||
| Enabling custom filters in Envoy | Alpha
|
||||
| CNI container interface | Alpha
|
||||
| [Sidecar API](/docs/reference/config/networking/v1alpha3/sidecar/) | Alpha
|
||||
| [Sidecar API](/docs/reference/config/networking/sidecar/) | Alpha
|
||||
|
||||
The `Sidecar` runtime is considered Beta. However, its API is still subject to a backwards incompatible change. Due to this, we advertise it as Alpha.
|
||||
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ So what might have gone wrong? Ah... The answer is that I forgot to tell you to
|
|||
an external service, in this case to the Google Books web service. By default, the Istio sidecar proxies
|
||||
([Envoy proxies](https://www.envoyproxy.io)) **block all the traffic to destinations outside the cluster**. To enable
|
||||
such traffic, you must define a
|
||||
[mesh-external service entry](/docs/reference/config/networking/v1alpha3/service-entry/).
|
||||
[mesh-external service entry](/docs/reference/config/networking/service-entry/).
|
||||
|
||||
### Enable HTTPS access to a Google Books web service
|
||||
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ _reviews_ service always calls the _ratings_ service. In addition, route all the
|
|||
service to _ratings v2_ that uses your database.
|
||||
|
||||
Specify the routing for both services above by adding two
|
||||
[virtual services](/docs/reference/config/networking/v1alpha3/virtual-service/). These virtual services are
|
||||
[virtual services](/docs/reference/config/networking/virtual-service/). These virtual services are
|
||||
specified in `samples/bookinfo/networking/virtual-service-ratings-mongodb.yaml` of an Istio release archive.
|
||||
***Important:*** make sure you
|
||||
[applied the default destination rules](/docs/examples/bookinfo/#apply-default-destination-rules) before running the
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ In my previous blog post, [Consuming External Web Services](/blog/2018/egress-ht
|
|||
over TCP. You will use the [Istio Bookinfo sample application](/docs/examples/bookinfo/), the version in which the book
|
||||
ratings data is persisted in a MySQL database. You deploy this database outside the cluster and configure the
|
||||
_ratings_ microservice to use it. You define a
|
||||
[Service Entry](/docs/reference/config/networking/v1alpha3/service-entry/) to allow the in-mesh applications to
|
||||
[Service Entry](/docs/reference/config/networking/service-entry/) to allow the in-mesh applications to
|
||||
access the external database.
|
||||
|
||||
## Bookinfo sample application with external ratings database
|
||||
|
|
@ -204,7 +204,7 @@ _reviews_ service always calls the _ratings_ service. In addition, route all the
|
|||
service to _ratings v2-mysql_ that uses your database.
|
||||
|
||||
Specify the routing for both services above by adding two
|
||||
[virtual services](/docs/reference/config/networking/v1alpha3/virtual-service/). These virtual services are
|
||||
[virtual services](/docs/reference/config/networking/virtual-service/). These virtual services are
|
||||
specified in `samples/bookinfo/networking/virtual-service-ratings-mysql.yaml` of an Istio release archive.
|
||||
***Important:*** make sure you
|
||||
[applied the default destination rules](/docs/examples/bookinfo/#apply-default-destination-rules) before running the
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ resources.
|
|||
|
||||
### `Gateway`
|
||||
|
||||
A [`Gateway`](/docs/reference/config/networking/v1alpha3/gateway/)
|
||||
A [`Gateway`](/docs/reference/config/networking/gateway/)
|
||||
configures a load balancer for HTTP/TCP traffic, regardless of
|
||||
where it will be running. Any number of gateways can exist within the mesh
|
||||
and multiple different gateway implementations can co-exist. In fact, a
|
||||
|
|
@ -157,7 +157,7 @@ scalability issues with the previous model.
|
|||
In effect, what has changed is that instead of configuring routing using a set of individual configuration resources
|
||||
(rules) for a particular destination service, each containing a precedence field to control the order of evaluation, we
|
||||
now configure the (virtual) destination itself, with all of its rules in an ordered list within a corresponding
|
||||
[`VirtualService`](/docs/reference/config/networking/v1alpha3/virtual-service/) resource.
|
||||
[`VirtualService`](/docs/reference/config/networking/virtual-service/) resource.
|
||||
For example, where previously we had two `RouteRule` resources for the
|
||||
[Bookinfo](/docs/examples/bookinfo/) application’s `reviews` service, like this:
|
||||
|
||||
|
|
@ -275,7 +275,7 @@ In addition to this fundamental restructuring, `VirtualService` includes several
|
|||
|
||||
### `DestinationRule`
|
||||
|
||||
A [`DestinationRule`](/docs/reference/config/networking/v1alpha3/destination-rule/)
|
||||
A [`DestinationRule`](/docs/reference/config/networking/destination-rule/)
|
||||
configures the set of policies to be applied while forwarding traffic to a service. They are
|
||||
intended to be authored by service owners, describing the circuit breakers, load balancer settings, TLS settings, etc..
|
||||
`DestinationRule` is more or less the same as its predecessor, `DestinationPolicy`, with the following exceptions:
|
||||
|
|
@ -319,7 +319,7 @@ Notice that, unlike `DestinationPolicy`, multiple policies (e.g., default and v2
|
|||
|
||||
### `ServiceEntry`
|
||||
|
||||
[`ServiceEntry`](/docs/reference/config/networking/v1alpha3/service-entry/)
|
||||
[`ServiceEntry`](/docs/reference/config/networking/service-entry/)
|
||||
is used to add additional entries into the service registry that Istio maintains internally.
|
||||
It is most commonly used to allow one to model traffic to external dependencies of the mesh
|
||||
such as APIs consumed from the web or traffic to services in legacy infrastructure.
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ attribution: Julien Senon
|
|||
target_release: 1.0
|
||||
---
|
||||
|
||||
This post provides instructions to manually create a custom ingress [gateway](/docs/reference/config/networking/v1alpha3/gateway/) with automatic provisioning of certificates based on cert-manager.
|
||||
This post provides instructions to manually create a custom ingress [gateway](/docs/reference/config/networking/gateway/) with automatic provisioning of certificates based on cert-manager.
|
||||
|
||||
The creation of custom ingress gateway could be used in order to have different `loadbalancer` in order to isolate traffic.
|
||||
|
||||
|
|
@ -231,4 +231,4 @@ The creation of custom ingress gateway could be used in order to have different
|
|||
SSL certificate verify ok.
|
||||
{{< /text >}}
|
||||
|
||||
**Congratulations!** You can now use your custom `istio-custom-gateway` [gateway](/docs/reference/config/networking/v1alpha3/gateway/) configuration object.
|
||||
**Congratulations!** You can now use your custom `istio-custom-gateway` [gateway](/docs/reference/config/networking/gateway/) configuration object.
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ higher-level APIs. [Knative Serving](https://knative.dev/docs/serving/), a compo
|
|||
serving serverless applications and functions, provides an opinionated workflow for application developers to manage routes and revisions of their services.
|
||||
Thanks to that opinionated approach, Knative Serving exposes a subset of Istio’s networking APIs that are most relevant to application developers via a simplified
|
||||
[Routes](https://github.com/knative/docs/blob/master/docs/serving/spec/knative-api-specification-1.0.md#route) object that supports revisions and traffic routing,
|
||||
abstracting Istio’s [`VirtualService`](/docs/reference/config/networking/v1alpha3/virtual-service/) and [`DestinationRule`](/docs/reference/config/networking/v1alpha3/destination-rule/)
|
||||
abstracting Istio’s [`VirtualService`](/docs/reference/config/networking/virtual-service/) and [`DestinationRule`](/docs/reference/config/networking/destination-rule/)
|
||||
resources.
|
||||
|
||||
As Istio has matured, we’ve also seen production users develop workload- and organization-specific abstractions on top of Istio’s infrastructure APIs.
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ This is where the BlackHole and Passthrough clusters are used.
|
|||
* **BlackHoleCluster** - The BlackHoleCluster is a virtual cluster created
|
||||
in the Envoy configuration when `global.outboundTrafficPolicy.mode` is set to
|
||||
`REGISTRY_ONLY`. In this mode, all traffic to external service is blocked unless
|
||||
[service entries](/docs/reference/config/networking/v1alpha3/service-entry)
|
||||
[service entries](/docs/reference/config/networking/service-entry)
|
||||
are explicitly added for each service. To implement this, the default virtual
|
||||
outbound listener at `0.0.0.0:15001` which uses
|
||||
[original destination](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/service_discovery#original-destination)
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ Next, when testing Istio's data plane performance at scale, it's important to te
|
|||
|
||||
Lastly, our test environment measures requests between two pods, not many. The client pod is [Fortio](http://fortio.org/), which sends traffic to the server pod.
|
||||
|
||||
Why test with only two pods? Because scaling up throughput (RPS) and connections (threads) has a greater effect on Envoy's performance than increasing the total size of the service registry — or, the total number of pods and services in the Kubernetes cluster. When the size of the service registry grows, Envoy does have to keep track of more endpoints, and lookup time per request does increase, but by a tiny constant. If you have many services, and this constant becomes a latency concern, Istio provides a [Sidecar resource](/docs/reference/config/networking/v1alpha3/sidecar/), which allows you to limit which services each Envoy knows about.
|
||||
Why test with only two pods? Because scaling up throughput (RPS) and connections (threads) has a greater effect on Envoy's performance than increasing the total size of the service registry — or, the total number of pods and services in the Kubernetes cluster. When the size of the service registry grows, Envoy does have to keep track of more endpoints, and lookup time per request does increase, but by a tiny constant. If you have many services, and this constant becomes a latency concern, Istio provides a [Sidecar resource](/docs/reference/config/networking/sidecar/), which allows you to limit which services each Envoy knows about.
|
||||
|
||||
## 3. Measure with and without proxies
|
||||
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ The CPU consumption scales with the following factors:
|
|||
|
||||
however this part is inherently horizontally scalable.
|
||||
|
||||
When [namespace isolation](/docs/reference/config/networking/v1alpha3/sidecar/) is enabled,
|
||||
When [namespace isolation](/docs/reference/config/networking/sidecar/) is enabled,
|
||||
a single Pilot instance can support 1000 services, 2000 sidecars with 1 vCPU and 1.5 GB of memory.
|
||||
You can increase the number of Pilot instances to reduce the amount of time it takes for the configuration
|
||||
to reach all proxies.
|
||||
|
|
|
|||
|
|
@ -389,7 +389,7 @@ work. As you'll remember from the [Architecture section](/docs/concepts/security
|
|||
authentication policies apply to requests that a service **receives**. To
|
||||
specify client-side authentication rules in mutual TLS, you need to specify the
|
||||
`TLSSettings` in the `DestinationRule`. You can find more information in our
|
||||
[TLS settings reference docs](/docs/reference/config/networking/v1alpha3/destination-rule/#TLSSettings).
|
||||
[TLS settings reference docs](/docs/reference/config/networking/destination-rule/#TLSSettings).
|
||||
Like other Istio configuration, you can specify authentication policies in
|
||||
`.yaml` files. You deploy policies using `kubectl`.
|
||||
|
||||
|
|
|
|||
|
|
@ -78,7 +78,7 @@ are built in to the API resources.
|
|||
|
||||
## Virtual services {#virtual-services}
|
||||
|
||||
[Virtual services](/docs/reference/config/networking/v1alpha3/virtual-service/#VirtualService),
|
||||
[Virtual services](/docs/reference/config/networking/virtual-service/#VirtualService),
|
||||
along with [destination rules](#destination-rules), are the key building blocks of Istio’s traffic
|
||||
routing functionality. A virtual service lets you configure how requests are
|
||||
routed to a service within an Istio service mesh, building on the basic
|
||||
|
|
@ -198,9 +198,9 @@ The `http` section contains the virtual service’s routing rules, describing
|
|||
match conditions and actions for routing HTTP/1.1, HTTP2, and gRPC traffic sent
|
||||
to the destination(s) specified in the hosts field (you can also use `tcp` and
|
||||
`tls` sections to configure routing rules for
|
||||
[TCP](/docs/reference/config/networking/v1alpha3/virtual-service/#TCPRoute) and
|
||||
[TCP](/docs/reference/config/networking/virtual-service/#TCPRoute) and
|
||||
unterminated
|
||||
[TLS](/docs/reference/config/networking/v1alpha3/virtual-service/#TLSRoute)
|
||||
[TLS](/docs/reference/config/networking/virtual-service/#TLSRoute)
|
||||
traffic). A routing rule consists of the destination where you want the traffic
|
||||
to go and zero or more match conditions, depending on your use case.
|
||||
|
||||
|
|
@ -322,7 +322,7 @@ You can also have multiple routing rules for any given virtual service. This
|
|||
lets you make your routing conditions as complex or simple as you like within a
|
||||
single virtual service. A full list of match condition fields and their possible
|
||||
values can be found in the
|
||||
[`HTTPMatchRequest` reference](/docs/reference/config/networking/v1alpha3/virtual-service/#HTTPMatchRequest).
|
||||
[`HTTPMatchRequest` reference](/docs/reference/config/networking/virtual-service/#HTTPMatchRequest).
|
||||
|
||||
In addition to using match conditions, you can distribute traffic
|
||||
by percentage "weight". This is useful for A/B testing and canary rollouts:
|
||||
|
|
@ -351,12 +351,12 @@ example:
|
|||
- Set a [retry policy](#retries) for calls to this destination.
|
||||
|
||||
To learn more about the actions available, see the
|
||||
[`HTTPRoute` reference](/docs/reference/config/networking/v1alpha3/virtual-service/#HTTPRoute).
|
||||
[`HTTPRoute` reference](/docs/reference/config/networking/virtual-service/#HTTPRoute).
|
||||
|
||||
## Destination rules {#destination-rules}
|
||||
|
||||
Along with [virtual services](#virtual-services),
|
||||
[destination rules](/docs/reference/config/networking/v1alpha3/destination-rule/#DestinationRule)
|
||||
[destination rules](/docs/reference/config/networking/destination-rule/#DestinationRule)
|
||||
are a key part of Istio’s traffic routing functionality. You can think of
|
||||
virtual services as how you route your traffic **to** a given destination, and
|
||||
then you use destination rules to configure what happens to traffic **for** that
|
||||
|
|
@ -372,7 +372,7 @@ Destination rules also let you customize Envoy’s traffic policies when calling
|
|||
the entire destination service or a particular service subset, such as your
|
||||
preferred load balancing model, TLS security mode, or circuit breaker settings.
|
||||
You can see a complete list of destination rule options in the
|
||||
[Destination Rule reference](/docs/reference/config/networking/v1alpha3/destination-rule/).
|
||||
[Destination Rule reference](/docs/reference/config/networking/destination-rule/).
|
||||
|
||||
### Load balancing options
|
||||
|
||||
|
|
@ -435,7 +435,7 @@ subset’s field.
|
|||
|
||||
## Gateways {#gateways}
|
||||
|
||||
You use a [gateway](/docs/reference/config/networking/v1alpha3/gateway/#Gateway) to
|
||||
You use a [gateway](/docs/reference/config/networking/gateway/#Gateway) to
|
||||
manage inbound and outbound traffic for your mesh, letting you specify which
|
||||
traffic you want to enter or leave the mesh. Gateway configurations are applied
|
||||
to standalone Envoy proxies that are running at the edge of the mesh, rather
|
||||
|
|
@ -518,7 +518,7 @@ traffic.
|
|||
## Service entries {#service-entries}
|
||||
|
||||
You use a
|
||||
[service entry](/docs/reference/config/networking/v1alpha3/service-entry/#ServiceEntry) to add
|
||||
[service entry](/docs/reference/config/networking/service-entry/#ServiceEntry) to add
|
||||
an entry to the service registry that Istio maintains internally. After you add
|
||||
the service entry, the Envoy proxies can send traffic to the service as if it
|
||||
was a service in your mesh. Configuring service entries allows you to manage
|
||||
|
|
@ -585,14 +585,14 @@ spec:
|
|||
{{< /text >}}
|
||||
|
||||
See the
|
||||
[Service Entry reference](/docs/reference/config/networking/v1alpha3/service-entry)
|
||||
[Service Entry reference](/docs/reference/config/networking/service-entry)
|
||||
for more possible configuration options.
|
||||
|
||||
## Sidecars {#sidecars}
|
||||
|
||||
By default, Istio configures every Envoy proxy to accept traffic on all the
|
||||
ports of its associated workload, and to reach every workload in the mesh when
|
||||
forwarding traffic. You can use a [sidecar](/docs/reference/config/networking/v1alpha3/sidecar/#Sidecar) configuration to do the following:
|
||||
forwarding traffic. You can use a [sidecar](/docs/reference/config/networking/sidecar/#Sidecar) configuration to do the following:
|
||||
|
||||
- Fine-tune the set of ports and protocols that an Envoy proxy accepts.
|
||||
- Limit the set of services that the Envoy proxy can reach.
|
||||
|
|
@ -621,7 +621,7 @@ spec:
|
|||
- "istio-system/*"
|
||||
{{< /text >}}
|
||||
|
||||
See the [Sidecar reference](/docs/reference/config/networking/v1alpha3/sidecar/)
|
||||
See the [Sidecar reference](/docs/reference/config/networking/sidecar/)
|
||||
for more details.
|
||||
|
||||
## Network resilience and testing {#network-resilience-and-testing}
|
||||
|
|
|
|||
|
|
@ -365,7 +365,7 @@ The `server: envoy` header indicates that the sidecar intercepted the traffic.
|
|||
1. Determine the VM instance's IP address.
|
||||
|
||||
1. Configure a service entry to enable service discovery for the VM. You can add VM services to the mesh using a
|
||||
[service entry](/docs/reference/config/networking/v1alpha3/service-entry/). Service entries let you manually add
|
||||
[service entry](/docs/reference/config/networking/service-entry/). Service entries let you manually add
|
||||
additional services to Pilot's abstract model of the mesh. Once VM services are part of the mesh's abstract model,
|
||||
other services can find and direct traffic to them. Each service entry configuration contains the IP addresses, ports,
|
||||
and appropriate labels of all VMs exposing a particular service, for example:
|
||||
|
|
|
|||
|
|
@ -230,7 +230,7 @@ The `server: envoy` header indicates that the sidecar intercepted the traffic.
|
|||
{{< /text >}}
|
||||
|
||||
1. Configure a service entry to enable service discovery for the VM. You can add VM services to the mesh using a
|
||||
[service entry](/docs/reference/config/networking/v1alpha3/service-entry/). Service entries let you manually add
|
||||
[service entry](/docs/reference/config/networking/service-entry/). Service entries let you manually add
|
||||
additional services to Pilot's abstract model of the mesh. Once VM services are part of the mesh's abstract model,
|
||||
other services can find and direct traffic to them. Each service entry configuration contains the IP addresses, ports,
|
||||
and appropriate labels of all VMs exposing a particular service, for example:
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ As a result, this field does not need to be configured.
|
|||
|
||||
In order for Istio to determine locality, a Service must be associated with the caller.
|
||||
|
||||
To determine when instances are unhealthy, the proxies require an [outlier detection](/docs/reference/config/networking/v1alpha3/destination-rule/#OutlierDetection)
|
||||
To determine when instances are unhealthy, the proxies require an [outlier detection](/docs/reference/config/networking/destination-rule/#OutlierDetection)
|
||||
configuration in a destination rule for each service.
|
||||
|
||||
## Locality-prioritized load balancing
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ source_repo: https://github.com/istio/istio
|
|||
title: istioctl
|
||||
description: Istio control interface.
|
||||
generator: pkg-collateral-docs
|
||||
number_of_entries: 69
|
||||
number_of_entries: 70
|
||||
---
|
||||
<p>Istio configuration command line utility for service operators to
|
||||
debug and diagnose their Istio mesh.
|
||||
|
|
@ -36,7 +36,7 @@ debug and diagnose their Istio mesh.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -76,7 +76,7 @@ debug and diagnose their Istio mesh.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -117,7 +117,7 @@ A group of commands used to interact with Istio authentication policies.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -164,7 +164,7 @@ and check if TLS settings are compatible between them.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -219,7 +219,7 @@ istioctl authn tls-check foo-656bd7df7c-5zp4s.default bar
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -271,7 +271,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -316,7 +316,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -359,7 +359,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -402,7 +402,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -445,7 +445,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -488,7 +488,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -531,7 +531,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -574,7 +574,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -617,7 +617,7 @@ istioctl d [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -659,7 +659,7 @@ istioctl deregister my-svc 172.17.0.2
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -702,7 +702,7 @@ istioctl deregister my-svc 172.17.0.2
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -756,7 +756,7 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -820,7 +820,7 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--meshConfigFile <string></code></td>
|
||||
|
|
@ -883,7 +883,7 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -947,7 +947,7 @@ istioctl experimental analyze -k -d false
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1013,7 +1013,7 @@ the cluster results of the client pod and the listener results of the server pod
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1069,7 +1069,7 @@ the cluster results of the client pod and the listener results of the server pod
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1112,7 +1112,7 @@ the cluster results of the client pod and the listener results of the server pod
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1152,7 +1152,7 @@ the cluster results of the client pod and the listener results of the server pod
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1209,7 +1209,7 @@ istioctl --kubeconfig=c0.yaml x create-remote-secret c1 \
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1252,7 +1252,7 @@ istioctl --kubeconfig=c0.yaml x create-remote-secret c1 \
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1300,7 +1300,7 @@ the configuration objects that affect that pod.</p>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1351,7 +1351,7 @@ also provides the inverse of "istioctl kube-inject -f".</p>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1411,7 +1411,7 @@ kubectl get deployment -o yaml | istioctl experimental kube-uninject -f - | kube
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1459,6 +1459,11 @@ kubectl get deployment -o yaml | istioctl experimental kube-uninject -f - | kube
|
|||
<td>Path to file containing IstioControlPlane CustomResource (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--force</code></td>
|
||||
<td></td>
|
||||
<td>Proceed even with validation errors </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--istioNamespace <string></code></td>
|
||||
<td><code>-i</code></td>
|
||||
<td>Istio system namespace (default `istio-system`)</td>
|
||||
|
|
@ -1471,7 +1476,7 @@ kubectl get deployment -o yaml | istioctl experimental kube-uninject -f - | kube
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1558,7 +1563,7 @@ customization file (default `[]`)</td>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1622,6 +1627,11 @@ e.g.
|
|||
<td>Path to file containing IstioControlPlane CustomResource (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--force</code></td>
|
||||
<td></td>
|
||||
<td>Proceed even with validation errors </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--istioNamespace <string></code></td>
|
||||
<td><code>-i</code></td>
|
||||
<td>Istio system namespace (default `istio-system`)</td>
|
||||
|
|
@ -1634,7 +1644,7 @@ e.g.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1701,7 +1711,7 @@ customization file (default `[]`)</td>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1756,7 +1766,7 @@ customization file (default `[]`)</td>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -1825,7 +1835,7 @@ calculated over a time interval of 1 minute.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1872,7 +1882,7 @@ istioctl experimental metrics productpage-v1.foo reviews-v1.bar ratings-v1.baz
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1910,7 +1920,7 @@ istioctl experimental metrics productpage-v1.foo reviews-v1.bar ratings-v1.baz
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -1960,7 +1970,7 @@ istioctl experimental metrics productpage-v1.foo reviews-v1.bar ratings-v1.baz
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2041,7 +2051,7 @@ because in previous versions webhooks manage their own configurations.</p>
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2132,7 +2142,7 @@ istioctl experimental post-install webhook enable --validation --webhook-secret
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2194,7 +2204,7 @@ istioctl experimental post-install webhook status --validation --validation-conf
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -2249,7 +2259,7 @@ istioctl experimental post-install webhook status --validation --validation-conf
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -2319,7 +2329,7 @@ istioctl experimental post-install webhook status --validation --validation-conf
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -2374,7 +2384,7 @@ istioctl experimental post-install webhook status --validation --validation-conf
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--logtostderr</code></td>
|
||||
|
|
@ -2427,7 +2437,7 @@ istioctl experimental post-install webhook status --validation --validation-conf
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2471,7 +2481,7 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2516,7 +2526,7 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2528,6 +2538,69 @@ THIS COMMAND IS STILL UNDER ACTIVE DEVELOPMENT AND NOT READY FOR PRODUCTION USE.
|
|||
<h3 id="istioctl-experimental-remove-from-mesh-service Examples">Examples</h3>
|
||||
<pre class="language-bash"><code>istioctl experimental remove-from-mesh service productpage
|
||||
</code></pre>
|
||||
<h2 id="istioctl-experimental-wait">istioctl experimental wait</h2>
|
||||
<p>Waits for the specified condition to be true of an Istio resource. For example:</p>
|
||||
<p>istioctl experimental wait --for-distribution virtual-service/default/bookinfo</p>
|
||||
<p>will block until the bookinfo virtual service has been distributed to all proxies in the mesh.
|
||||
</p>
|
||||
<pre class="language-bash"><code>istioctl experimental wait [flags] <type> <name>[.<namespace>]
|
||||
</code></pre>
|
||||
<table class="command-flags">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Flags</th>
|
||||
<th>Shorthand</th>
|
||||
<th>Description</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td><code>--context <string></code></td>
|
||||
<td></td>
|
||||
<td>The name of the kubeconfig context to use (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--for <string></code></td>
|
||||
<td></td>
|
||||
<td>wait condition, must be 'distribution' or 'delete' (default `distribution`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--istioNamespace <string></code></td>
|
||||
<td><code>-i</code></td>
|
||||
<td>Istio system namespace (default `istio-system`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--kubeconfig <string></code></td>
|
||||
<td><code>-c</code></td>
|
||||
<td>Kubernetes configuration file (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
<td><code>-n</code></td>
|
||||
<td>Config namespace (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--resource-version <string></code></td>
|
||||
<td></td>
|
||||
<td>wait for a specific version of config to become current, rather than using whatever is latest in kubernetes (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--threshold <float32></code></td>
|
||||
<td></td>
|
||||
<td>the ratio of distribution required for success (default 1.0) (default `1`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--timeout <duration></code></td>
|
||||
<td></td>
|
||||
<td>the duration to wait before failing (default 30s) (default `30s`)</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
<h2 id="istioctl-kube-inject">istioctl kube-inject</h2>
|
||||
<p></p>
|
||||
<p>kube-inject manually injects the Envoy sidecar into Kubernetes
|
||||
|
|
@ -2587,7 +2660,7 @@ kube-inject on deployments to get the most up-to-date changes.
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--meshConfigFile <string></code></td>
|
||||
|
|
@ -2668,7 +2741,7 @@ istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml \
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2720,7 +2793,7 @@ istioctl kube-inject -f samples/bookinfo/platform/kube/bookinfo.yaml \
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2784,7 +2857,7 @@ istioctl proxy-config c <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2864,7 +2937,7 @@ istioctl proxy-config ep <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -2944,7 +3017,7 @@ istioctl proxy-config l <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3018,7 +3091,7 @@ istioctl proxy-config l <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3083,7 +3156,7 @@ istioctl proxy-config r <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--name <string></code></td>
|
||||
|
|
@ -3147,7 +3220,7 @@ istioctl proxy-config r <pod-name[.namespace]> [flags]
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3204,7 +3277,7 @@ Retrieves last sent and last acknowledged xDS sync from Pilot to each Envoy in t
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3272,7 +3345,7 @@ Retrieves last sent and last acknowledged xDS sync from Pilot to each Envoy in t
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3322,7 +3395,7 @@ Retrieves last sent and last acknowledged xDS sync from Pilot to each Envoy in t
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3396,7 +3469,7 @@ Retrieves last sent and last acknowledged xDS sync from Pilot to each Envoy in t
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3453,7 +3526,7 @@ Retrieves last sent and last acknowledged xDS sync from Pilot to each Envoy in t
|
|||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,processing:error,source:error`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, cacheLog, citadelClientLog, configMapController, conversions, default, googleCAClientLog, grpcAdapter, kube, kube-converter, mcp, meshconfig, model, name, patch, processing, rbac, resource, runtime, sdsServiceLog, secretFetcherLog, source, stsClientLog, tpath, translator, util, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info,validation:error,processing:error,source:error`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--namespace <string></code></td>
|
||||
|
|
@ -3574,6 +3647,18 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_DISTRIBUTION_HISTORY_RETENTION</code></td>
|
||||
<td>Time Duration</td>
|
||||
<td><code>1m0s</code></td>
|
||||
<td>If enabled, Pilot will keep track of old versions of distributed config for this duration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_CONFIG_DISTRIBUTION_TRACKING</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
<td>If enabled, Pilot will assign meaningful nonces to each Envoy configuration message, and allow users to interrogate which envoy has which config from the debug interface.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_EDS_DEBOUNCE</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
|
|
@ -3616,6 +3701,12 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td>EnableRedisFilter enables injection of `envoy.filters.network.redis_proxy` in the filter chain.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_UNSAFE_REGEX</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If enabled, pilot will generate Envoy configuration that does not use safe_regex but the older, deprecated regex field. This should only be enabled to support legacy deployments that have not yet been migrated to the new safe regular expressions.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_HTTP10</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
|
|||
|
|
@ -21,11 +21,11 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -45,7 +45,7 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -159,11 +159,11 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -183,7 +183,7 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -261,11 +261,11 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -285,7 +285,7 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -314,12 +314,12 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -344,7 +344,7 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -484,6 +484,18 @@ These environment variables affect the behavior of the <code>pilot-agent</code>
|
|||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_DISTRIBUTION_HISTORY_RETENTION</code></td>
|
||||
<td>Time Duration</td>
|
||||
<td><code>1m0s</code></td>
|
||||
<td>If enabled, Pilot will keep track of old versions of distributed config for this duration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_CONFIG_DISTRIBUTION_TRACKING</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
<td>If enabled, Pilot will assign meaningful nonces to each Envoy configuration message, and allow users to interrogate which envoy has which config from the debug interface.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_EDS_DEBOUNCE</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
|
|
@ -526,6 +538,12 @@ These environment variables affect the behavior of the <code>pilot-agent</code>
|
|||
<td>EnableRedisFilter enables injection of `envoy.filters.network.redis_proxy` in the filter chain.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_UNSAFE_REGEX</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If enabled, pilot will generate Envoy configuration that does not use safe_regex but the older, deprecated regex field. This should only be enabled to support legacy deployments that have not yet been migrated to the new safe regular expressions.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_HTTP10</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -616,6 +634,36 @@ These environment variables affect the behavior of the <code>pilot-agent</code>
|
|||
<td>SDS address</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>STACKDRIVER_TRACING_DEBUG</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If set to true, enables trace output to stdout</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>STACKDRIVER_TRACING_ENABLED</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If enabled, stackdriver will get configured as the tracer.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>STACKDRIVER_TRACING_MAX_NUMBER_OF_ANNOTATIONS</code></td>
|
||||
<td>Integer</td>
|
||||
<td><code>200</code></td>
|
||||
<td>Sets the max number of annotations for stackdriver</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>STACKDRIVER_TRACING_MAX_NUMBER_OF_ATTRIBUTES</code></td>
|
||||
<td>Integer</td>
|
||||
<td><code>200</code></td>
|
||||
<td>Sets the max number of attributes for stackdriver</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>STACKDRIVER_TRACING_MAX_NUMBER_OF_MESSAGE_EVENTS</code></td>
|
||||
<td>Integer</td>
|
||||
<td><code>200</code></td>
|
||||
<td>Sets the max number of message events for stackdriver</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TERMINATION_DRAIN_DURATION_SECONDS</code></td>
|
||||
<td>Integer</td>
|
||||
<td><code>5</code></td>
|
||||
|
|
|
|||
|
|
@ -41,11 +41,11 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -65,7 +65,7 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -174,12 +174,12 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -204,7 +204,7 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -316,11 +316,11 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -340,7 +340,7 @@ number_of_entries: 5
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -394,12 +394,12 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -424,7 +424,7 @@ number_of_entries: 5
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, authn, caSecretController, configMapController, default, k8sController, mcp, model, pkiCaLog, rbac, rootCertRotator, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -504,6 +504,18 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_DISTRIBUTION_HISTORY_RETENTION</code></td>
|
||||
<td>Time Duration</td>
|
||||
<td><code>1m0s</code></td>
|
||||
<td>If enabled, Pilot will keep track of old versions of distributed config for this duration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_CONFIG_DISTRIBUTION_TRACKING</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
<td>If enabled, Pilot will assign meaningful nonces to each Envoy configuration message, and allow users to interrogate which envoy has which config from the debug interface.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_EDS_DEBOUNCE</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
|
|
@ -546,6 +558,12 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td>EnableRedisFilter enables injection of `envoy.filters.network.redis_proxy` in the filter chain.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_UNSAFE_REGEX</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If enabled, pilot will generate Envoy configuration that does not use safe_regex but the older, deprecated regex field. This should only be enabled to support legacy deployments that have not yet been migrated to the new safe regular expressions.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_HTTP10</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
|
|||
|
|
@ -47,11 +47,11 @@ number_of_entries: 4
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -71,7 +71,7 @@ number_of_entries: 4
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -157,11 +157,11 @@ number_of_entries: 4
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -181,7 +181,7 @@ number_of_entries: 4
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -276,12 +276,12 @@ number_of_entries: 4
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [all, default, model, rbac, validation] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -306,7 +306,7 @@ number_of_entries: 4
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [all, default, model, rbac, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -420,6 +420,18 @@ These environment variables affect the behavior of the <code>sidecar-injector</c
|
|||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_DISTRIBUTION_HISTORY_RETENTION</code></td>
|
||||
<td>Time Duration</td>
|
||||
<td><code>1m0s</code></td>
|
||||
<td>If enabled, Pilot will keep track of old versions of distributed config for this duration.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_CONFIG_DISTRIBUTION_TRACKING</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
<td>If enabled, Pilot will assign meaningful nonces to each Envoy configuration message, and allow users to interrogate which envoy has which config from the debug interface.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_EDS_DEBOUNCE</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>true</code></td>
|
||||
|
|
@ -462,6 +474,12 @@ These environment variables affect the behavior of the <code>sidecar-injector</c
|
|||
<td>EnableRedisFilter enables injection of `envoy.filters.network.redis_proxy` in the filter chain.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_ENABLE_UNSAFE_REGEX</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>If enabled, pilot will generate Envoy configuration that does not use safe_regex but the older, deprecated regex field. This should only be enabled to support legacy deployments that have not yet been migrated to the new safe regular expressions.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>PILOT_HTTP10</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ No
|
|||
</tr>
|
||||
<tr id="ConfigSource-tls_settings">
|
||||
<td><code>tlsSettings</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/destination-rule.html#TLSSettings">istio.networking.v1alpha3.TLSSettings</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/destination-rule.html#TLSSettings">istio.networking.v1alpha3.TLSSettings</a></code></td>
|
||||
<td>
|
||||
<p>Use the tls<em>settings to specify the tls mode to use. If the MCP server
|
||||
uses Istio mutual TLS and shares the root CA with Pilot, specify the TLS
|
||||
|
|
@ -488,7 +488,7 @@ No
|
|||
</tr>
|
||||
<tr id="MeshConfig-tcp_keepalive">
|
||||
<td><code>tcpKeepalive</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/destination-rule.html#ConnectionPoolSettings-TCPSettings-TcpKeepalive">istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/destination-rule.html#ConnectionPoolSettings-TCPSettings-TcpKeepalive">istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive</a></code></td>
|
||||
<td>
|
||||
<p>If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.</p>
|
||||
|
||||
|
|
@ -1633,7 +1633,7 @@ No
|
|||
</tr>
|
||||
<tr id="RemoteService-tls_settings">
|
||||
<td><code>tlsSettings</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/destination-rule.html#TLSSettings">istio.networking.v1alpha3.TLSSettings</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/destination-rule.html#TLSSettings">istio.networking.v1alpha3.TLSSettings</a></code></td>
|
||||
<td>
|
||||
<p>Use the tls_settings to specify the tls mode to use. If the remote service
|
||||
uses Istio mutual TLS and shares the root CA with Pilot, specify the TLS
|
||||
|
|
@ -1646,7 +1646,7 @@ No
|
|||
</tr>
|
||||
<tr id="RemoteService-tcp_keepalive">
|
||||
<td><code>tcpKeepalive</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/destination-rule.html#ConnectionPoolSettings-TCPSettings-TcpKeepalive">istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/destination-rule.html#ConnectionPoolSettings-TCPSettings-TcpKeepalive">istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive</a></code></td>
|
||||
<td>
|
||||
<p>If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.</p>
|
||||
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ components:
|
|||
galley:
|
||||
k8s:
|
||||
overlays:
|
||||
- apiVersion: apps/v1
|
||||
- apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
name: istio-galley
|
||||
patches:
|
||||
|
|
@ -1009,6 +1009,18 @@ No
|
|||
<td><code>apiVersion</code></td>
|
||||
<td><code>string</code></td>
|
||||
<td>
|
||||
</td>
|
||||
<td>
|
||||
No
|
||||
</td>
|
||||
</tr>
|
||||
<tr id="IstioControlPlane-placeholder">
|
||||
<td><code>placeholder</code></td>
|
||||
<td><code>string</code></td>
|
||||
<td>
|
||||
<p>GOFIELD:v11.ObjectMeta <code>json:"metadata,omitempty" protobuf:"bytes,7,opt,name=metadata"</code>
|
||||
GOFIELD:v11.TypeMeta <code>json:",inline"</code></p>
|
||||
|
||||
</td>
|
||||
<td>
|
||||
No
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@ description: Describes how to configure HTTP/TCP routing features.
|
|||
weight: 11
|
||||
aliases:
|
||||
- /docs/reference/config/istio.routing.v1alpha1/
|
||||
- /docs/reference/config/networking/v1alpha3/
|
||||
- /docs/reference/config/networking/
|
||||
---
|
||||
|
|
|
|||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Destination Rule
|
||||
description: Configuration affecting load balancing, outlier detection, etc.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/destination-rule.html
|
||||
location: https://istio.io/docs/reference/config/networking/destination-rule.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/destination-rule.html]
|
||||
number_of_entries: 16
|
||||
---
|
||||
<p><code>DestinationRule</code> defines policies that apply to traffic intended for a
|
||||
|
|
@ -392,7 +393,7 @@ after routing has occurred.</p>
|
|||
<p>The name of a service from the service registry. Service
|
||||
names are looked up from the platform’s service registry (e.g.,
|
||||
Kubernetes services, Consul services, etc.) and from the hosts
|
||||
declared by <a href="/docs/reference/config/networking/v1alpha3/service-entry/#ServiceEntry">ServiceEntries</a>. Rules defined for
|
||||
declared by <a href="/docs/reference/config/networking/service-entry/#ServiceEntry">ServiceEntries</a>. Rules defined for
|
||||
services that do not exist in the service registry will be ignored.</p>
|
||||
|
||||
<p><em>Note for Kubernetes users</em>: When short names are used (e.g. “reviews”
|
||||
|
|
@ -833,7 +834,7 @@ No
|
|||
<section>
|
||||
<p>A subset of endpoints of a service. Subsets can be used for scenarios
|
||||
like A/B testing, or routing to a specific version of a service. Refer
|
||||
to <a href="/docs/reference/config/networking/v1alpha3/virtual-service/#VirtualService">VirtualService</a> documentation for examples of using
|
||||
to <a href="/docs/reference/config/networking/virtual-service/#VirtualService">VirtualService</a> documentation for examples of using
|
||||
subsets in these scenarios. In addition, traffic policies defined at the
|
||||
service-level can be overridden at a subset-level. The following rule
|
||||
uses a round robin load balancing policy for all traffic going to a
|
||||
|
|
@ -1201,7 +1202,7 @@ No
|
|||
<tbody>
|
||||
<tr id="TrafficPolicy-PortTrafficPolicy-port">
|
||||
<td><code>port</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/virtual-service.html#PortSelector">PortSelector</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/virtual-service.html#PortSelector">PortSelector</a></code></td>
|
||||
<td>
|
||||
<p>Specifies the number of a port on the destination service
|
||||
on which this policy is being applied.</p>
|
||||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Envoy Filter
|
||||
description: Customizing Envoy configuration generated by Istio.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/envoy-filter.html
|
||||
location: https://istio.io/docs/reference/config/networking/envoy-filter.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/envoy-filter.html]
|
||||
number_of_entries: 21
|
||||
---
|
||||
<p><code>EnvoyFilter</code> provides a mechanism to customize the Envoy
|
||||
|
|
@ -198,7 +199,7 @@ generated by Istio Pilot.</p>
|
|||
<tbody>
|
||||
<tr id="EnvoyFilter-workload_selector">
|
||||
<td><code>workloadSelector</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/sidecar.html#WorkloadSelector">WorkloadSelector</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/sidecar.html#WorkloadSelector">WorkloadSelector</a></code></td>
|
||||
<td>
|
||||
<p>Criteria used to select the specific set of pods/VMs on which
|
||||
this patch configuration should be applied. If omitted, the set
|
||||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Gateway
|
||||
description: Configuration affecting edge load balancer.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/gateway.html
|
||||
location: https://istio.io/docs/reference/config/networking/gateway.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/gateway.html]
|
||||
number_of_entries: 6
|
||||
---
|
||||
<p><code>Gateway</code> describes a load balancer operating at the edge of the mesh
|
||||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Service Entry
|
||||
description: Configuration affecting service registry.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/service-entry.html
|
||||
location: https://istio.io/docs/reference/config/networking/service-entry.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/service-entry.html]
|
||||
number_of_entries: 4
|
||||
---
|
||||
<p><code>ServiceEntry</code> enables adding additional entries into Istio’s internal
|
||||
|
|
@ -372,7 +373,7 @@ No
|
|||
</tr>
|
||||
<tr id="ServiceEntry-ports">
|
||||
<td><code>ports</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/gateway.html#Port">Port[]</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/gateway.html#Port">Port[]</a></code></td>
|
||||
<td>
|
||||
<p>The ports associated with the external service. If the
|
||||
Endpoints are Unix domain socket addresses, there must be exactly one
|
||||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Sidecar
|
||||
description: Configuration affecting network reachability of a sidecar.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/sidecar.html
|
||||
location: https://istio.io/docs/reference/config/networking/sidecar.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/sidecar.html]
|
||||
number_of_entries: 7
|
||||
---
|
||||
<p><code>Sidecar</code> describes the configuration of the sidecar proxy that mediates
|
||||
|
|
@ -262,7 +263,7 @@ listener on the sidecar proxy attached to a workload instance.</p>
|
|||
<tbody>
|
||||
<tr id="IstioEgressListener-port">
|
||||
<td><code>port</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/gateway.html#Port">Port</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/gateway.html#Port">Port</a></code></td>
|
||||
<td>
|
||||
<p>The port associated with the listener. If using Unix domain socket,
|
||||
use 0 as the port number, with a valid protocol. The port if
|
||||
|
|
@ -375,7 +376,7 @@ traffic listener on the sidecar proxy attached to a workload instance.</p>
|
|||
<tbody>
|
||||
<tr id="IstioIngressListener-port">
|
||||
<td><code>port</code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/v1alpha3/gateway.html#Port">Port</a></code></td>
|
||||
<td><code><a href="/docs/reference/config/networking/gateway.html#Port">Port</a></code></td>
|
||||
<td>
|
||||
<p>The port associated with the listener.</p>
|
||||
|
||||
|
|
@ -0,0 +1 @@
|
|||
|
||||
|
|
@ -3,9 +3,10 @@ WARNING: THIS IS AN AUTO-GENERATED FILE, DO NOT EDIT. PLEASE MODIFY THE ORIGINAL
|
|||
source_repo: https://github.com/istio/api
|
||||
title: Virtual Service
|
||||
description: Configuration affecting label/content routing, sni routing, etc.
|
||||
location: https://istio.io/docs/reference/config/networking/v1alpha3/virtual-service.html
|
||||
location: https://istio.io/docs/reference/config/networking/virtual-service.html
|
||||
layout: protoc-gen-docs
|
||||
generator: protoc-gen-docs
|
||||
aliases: [/docs/reference/config/networking/v1alpha3/virtual-service.html]
|
||||
number_of_entries: 23
|
||||
---
|
||||
<p>Configuration affecting traffic routing. Here are a few terms useful to define
|
||||
|
|
@ -225,7 +226,7 @@ destination.host should unambiguously refer to a service in the service
|
|||
registry. Istio’s service registry is composed of all the services found
|
||||
in the platform’s service registry (e.g., Kubernetes services, Consul
|
||||
services), as well as services declared through the
|
||||
<a href="/docs/reference/config/networking/v1alpha3/service-entry/#ServiceEntry">ServiceEntry</a> resource.</p>
|
||||
<a href="/docs/reference/config/networking/service-entry/#ServiceEntry">ServiceEntry</a> resource.</p>
|
||||
|
||||
<p><em>Note for Kubernetes users</em>: When short names are used (e.g. “reviews”
|
||||
instead of “reviews.default.svc.cluster.local”), Istio will interpret
|
||||
|
|
@ -360,7 +361,7 @@ spec:
|
|||
<p>The name of a service from the service registry. Service
|
||||
names are looked up from the platform’s service registry (e.g.,
|
||||
Kubernetes services, Consul services, etc.) and from the hosts
|
||||
declared by <a href="/docs/reference/config/networking/v1alpha3/service-entry/#ServiceEntry">ServiceEntry</a>. Traffic forwarded to
|
||||
declared by <a href="/docs/reference/config/networking/service-entry/#ServiceEntry">ServiceEntry</a>. Traffic forwarded to
|
||||
destinations that are not found in either of the two, will be dropped.</p>
|
||||
|
||||
<p><em>Note for Kubernetes users</em>: When short names are used (e.g. “reviews”
|
||||
|
|
@ -720,7 +720,7 @@ No
|
|||
</tr>
|
||||
<tr id="Quota-charge">
|
||||
<td><code>charge</code></td>
|
||||
<td><code>int64</code></td>
|
||||
<td><code>int32</code></td>
|
||||
<td>
|
||||
<p>The quota amount to charge</p>
|
||||
|
||||
|
|
@ -1316,7 +1316,7 @@ specialized Mixer adapters and services can also generate attributes.</p>
|
|||
<a href="/docs/reference/config/policy-and-telemetry/attribute-vocabulary/">here</a>.</p>
|
||||
|
||||
<p>Attributes are strongly typed. The supported attribute types are defined by
|
||||
<a href="https://github.com/istio/api/blob/master/policy/v1beta1/value_type.proto">ValueType</a>.
|
||||
<a href="https://github.com/istio/api/blob/release-1.4/policy/v1beta1/value_type.proto">ValueType</a>.
|
||||
Each type of value is encoded into one of the so-called transport types present
|
||||
in this message.</p>
|
||||
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ This task demonstrates how to use a policy adapter to manipulate request headers
|
|||
|
||||
* Follow the set-up instructions in the [ingress task](/docs/tasks/traffic-management/ingress/) to configure an ingress using a gateway.
|
||||
|
||||
* Customize the [virtual service](/docs/reference/config/networking/v1alpha3/virtual-service/)
|
||||
* Customize the [virtual service](/docs/reference/config/networking/virtual-service/)
|
||||
configuration for the `httpbin` service containing two route rules that allow traffic for paths `/headers` and
|
||||
`/status`:
|
||||
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ $ for from in "foo" "bar" "legacy"; do kubectl exec $(kubectl get pod -l app=sle
|
|||
{{< /text >}}
|
||||
|
||||
You can also specify a subset of the clients' request to use `ISTIO_MUTUAL` mutual TLS in
|
||||
[`DestinationRule`](/docs/reference/config/networking/v1alpha3/destination-rule/).
|
||||
[`DestinationRule`](/docs/reference/config/networking/destination-rule/).
|
||||
After verifying it works by checking [Grafana to monitor](/docs/tasks/observability/metrics/using-istio-dashboard/),
|
||||
then increase the rollout scope and finally apply to all Istio client services.
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ The `httpbin` application serves as the backend service for this task.
|
|||
|
||||
## Configuring the circuit breaker
|
||||
|
||||
1. Create a [destination rule](/docs/reference/config/networking/v1alpha3/destination-rule/) to apply circuit breaking settings
|
||||
1. Create a [destination rule](/docs/reference/config/networking/destination-rule/) to apply circuit breaking settings
|
||||
when calling the `httpbin` service:
|
||||
|
||||
{{< warning >}}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ stricter control is usually preferable.
|
|||
This task shows you how to access external services in three different ways:
|
||||
|
||||
1. Allow the Envoy proxy to pass requests through to services that are not configured inside the mesh.
|
||||
1. Configure [service entries](/docs/reference/config/networking/v1alpha3/service-entry/) to provide controlled access to external services.
|
||||
1. Configure [service entries](/docs/reference/config/networking/service-entry/) to provide controlled access to external services.
|
||||
1. Completely bypass the Envoy proxy for a specific range of IPs.
|
||||
|
||||
## Before you begin
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ There, the external services are called directly from the client sidecar.
|
|||
This example also shows how to configure Istio to call external services, although this time
|
||||
indirectly via a dedicated _egress gateway_ service.
|
||||
|
||||
Istio uses [ingress and egress gateways](/docs/reference/config/networking/v1alpha3/gateway/)
|
||||
Istio uses [ingress and egress gateways](/docs/reference/config/networking/gateway/)
|
||||
to configure load balancers executing at the edge of a service mesh.
|
||||
An ingress gateway allows you to define entry points into the mesh that all incoming traffic flows through.
|
||||
Egress gateway is a symmetrical concept; it defines exit points from the mesh. Egress gateways allow
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ aliases:
|
|||
|
||||
The [Control Egress Traffic](/docs/tasks/traffic-management/egress/) task demonstrates how external, i.e., outside of the
|
||||
service mesh, HTTP and HTTPS services can be accessed from applications inside the mesh. As described in that task,
|
||||
a [`ServiceEntry`](/docs/reference/config/networking/v1alpha3/service-entry/) is used to configure Istio
|
||||
a [`ServiceEntry`](/docs/reference/config/networking/service-entry/) is used to configure Istio
|
||||
to access external services in a controlled way.
|
||||
This example shows how to configure Istio to perform {{< gloss >}}TLS origination{{< /gloss >}}
|
||||
for traffic to an external service. Istio will open HTTPS connections to the external service while the original
|
||||
|
|
|
|||
|
|
@ -7,13 +7,13 @@ aliases:
|
|||
- /docs/examples/advanced-gateways/ingress-certmgr/
|
||||
---
|
||||
|
||||
This example demonstrates the use of Istio as a secure Kubernetes Ingress controller with TLS certificates issued by [Let's Encrypt](https://letsencrypt.org/). While more powerful Istio concepts such as [gateway](/docs/reference/config/networking/v1alpha3/gateway) and [virtual service](/docs/reference/config/networking/v1alpha3/virtual-service) should be used for advanced traffic management, optional support of the Kubernetes Ingress is also available and can be used to simplify integration of legacy and third-party solutions into a service mesh and benefit from extensive telemetry and tracing capabilities that Istio provides.
|
||||
This example demonstrates the use of Istio as a secure Kubernetes Ingress controller with TLS certificates issued by [Let's Encrypt](https://letsencrypt.org/). While more powerful Istio concepts such as [gateway](/docs/reference/config/networking/gateway) and [virtual service](/docs/reference/config/networking/virtual-service) should be used for advanced traffic management, optional support of the Kubernetes Ingress is also available and can be used to simplify integration of legacy and third-party solutions into a service mesh and benefit from extensive telemetry and tracing capabilities that Istio provides.
|
||||
|
||||
You will start with a clean Istio installation, create an example service, expose it using the Kubernetes `Ingress` resource and get it secured by instructing cert-manager (bundled with Istio) to manage issuance and renewal of TLS certificates that will be further delivered to the Istio ingress [gateway](/docs/reference/config/networking/v1alpha3/gateway) and hot-swapped as necessary via the means of [Secrets Discovery Service (SDS)](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret).
|
||||
You will start with a clean Istio installation, create an example service, expose it using the Kubernetes `Ingress` resource and get it secured by instructing cert-manager (bundled with Istio) to manage issuance and renewal of TLS certificates that will be further delivered to the Istio ingress [gateway](/docs/reference/config/networking/gateway) and hot-swapped as necessary via the means of [Secrets Discovery Service (SDS)](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret).
|
||||
|
||||
## Before you begin
|
||||
|
||||
1. [Install Istio](/docs/setup/) making sure to enable ingress [gateway](/docs/reference/config/networking/v1alpha3/gateway) with Kubernetes Ingress support, [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret). Here's an example of how to do this for the [helm template](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template) installation path:
|
||||
1. [Install Istio](/docs/setup/) making sure to enable ingress [gateway](/docs/reference/config/networking/gateway) with Kubernetes Ingress support, [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret). Here's an example of how to do this for the [helm template](/docs/setup/install/helm/#option-1-install-with-helm-via-helm-template) installation path:
|
||||
|
||||
{{< text bash >}}
|
||||
$ helm template $HOME/istio-fetch/istio \
|
||||
|
|
@ -45,7 +45,7 @@ Configure your DNS zone so that the domain you'd like to use for this example is
|
|||
$ INGRESS_DOMAIN=mysubdomain.mydomain.edu
|
||||
{{< /text >}}
|
||||
|
||||
Your Istio installation contains an automatically generated [gateway](/docs/reference/config/networking/v1alpha3/gateway) resource configured to serve the routes defined by the Kubernetes `Ingress` resources. By default it does not use [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret), so you need to modify it in order to enable the delivery of the TLS certificates to the `istio-ingressgateway` via [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret):
|
||||
Your Istio installation contains an automatically generated [gateway](/docs/reference/config/networking/gateway) resource configured to serve the routes defined by the Kubernetes `Ingress` resources. By default it does not use [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret), so you need to modify it in order to enable the delivery of the TLS certificates to the `istio-ingressgateway` via [SDS](https://www.envoyproxy.io/docs/envoy/latest/configuration/security/secret):
|
||||
|
||||
{{< text bash >}}
|
||||
$ kubectl -n istio-system edit gateway
|
||||
|
|
@ -163,7 +163,7 @@ spec:
|
|||
EOF
|
||||
{{< /text >}}
|
||||
|
||||
Notice that the `secretName` matches the `credentialName` attribute value that you previously used while configuring the [gateway](/docs/reference/config/networking/v1alpha3/gateway) resource. The `Certificate` resource will be processed by cert-manager and a new certificate will eventually be issued. Consult the status of the `Certificate` resource to check the progress:
|
||||
Notice that the `secretName` matches the `credentialName` attribute value that you previously used while configuring the [gateway](/docs/reference/config/networking/gateway) resource. The `Certificate` resource will be processed by cert-manager and a new certificate will eventually be issued. Consult the status of the `Certificate` resource to check the progress:
|
||||
|
||||
{{< text bash >}}
|
||||
$ kubectl -n istio-system describe certificate ingress-cert
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ aliases:
|
|||
In a Kubernetes environment, the [Kubernetes Ingress Resource](https://kubernetes.io/docs/concepts/services-networking/ingress/)
|
||||
is used to specify services that should be exposed outside the cluster.
|
||||
In an Istio service mesh, a better approach (which also works in both Kubernetes and other environments) is to use a
|
||||
different configuration model, namely [Istio Gateway](/docs/reference/config/networking/v1alpha3/gateway/).
|
||||
different configuration model, namely [Istio Gateway](/docs/reference/config/networking/gateway/).
|
||||
A `Gateway` allows Istio features such as monitoring and route rules to be applied to traffic entering the cluster.
|
||||
|
||||
This task describes how to configure Istio to expose a service outside of the service mesh using an Istio `Gateway`.
|
||||
|
|
@ -122,7 +122,7 @@ Setting the ingress IP depends on the cluster provider:
|
|||
|
||||
## Configuring ingress using an Istio Gateway
|
||||
|
||||
An ingress [Gateway](/docs/reference/config/networking/v1alpha3/gateway/) describes a load balancer operating at the edge of the mesh that receives incoming HTTP/TCP connections.
|
||||
An ingress [Gateway](/docs/reference/config/networking/gateway/) describes a load balancer operating at the edge of the mesh that receives incoming HTTP/TCP connections.
|
||||
It configures exposed ports, protocols, etc.
|
||||
but, unlike [Kubernetes Ingress Resources](https://kubernetes.io/docs/concepts/services-networking/ingress/),
|
||||
does not include any traffic routing configuration. Traffic routing for ingress traffic is instead configured
|
||||
|
|
@ -178,11 +178,11 @@ Let's see how you can configure a `Gateway` on port 80 for HTTP traffic.
|
|||
EOF
|
||||
{{< /text >}}
|
||||
|
||||
You have now created a [virtual service](/docs/reference/config/networking/v1alpha3/virtual-service/)
|
||||
You have now created a [virtual service](/docs/reference/config/networking/virtual-service/)
|
||||
configuration for the `httpbin` service containing two route rules that allow traffic for paths `/status` and
|
||||
`/delay`.
|
||||
|
||||
The [gateways](/docs/reference/config/networking/v1alpha3/virtual-service/#VirtualService-gateways) list
|
||||
The [gateways](/docs/reference/config/networking/virtual-service/#VirtualService-gateways) list
|
||||
specifies that only requests through your `httpbin-gateway` are allowed.
|
||||
All other external requests will be rejected with a 404 response.
|
||||
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ This task shows you how to setup request timeouts in Envoy using Istio.
|
|||
|
||||
## Request timeouts
|
||||
|
||||
A timeout for http requests can be specified using the *timeout* field of the [route rule](/docs/reference/config/networking/v1alpha3/virtual-service/#HTTPRoute).
|
||||
A timeout for http requests can be specified using the *timeout* field of the [route rule](/docs/reference/config/networking/virtual-service/#HTTPRoute).
|
||||
By default, the timeout is disabled, but in this task you override the `reviews` service
|
||||
timeout to 1 second.
|
||||
To see its effect, however, you also introduce an artificial 2 second delay in calls
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ We're pleased to announce the availability of Istio 1.0.3. Please see below for
|
|||
|
||||
- [Validating webhook](/docs/ops/common-problems/validation) is now mandatory. Disabling it may result in Pilot crashes.
|
||||
|
||||
- [Service entry](/docs/reference/config/networking/v1alpha3/service-entry/) validation now rejects the wildcard hostname (`*`) when configuring DNS resolution. The API has never allowed this, however `ServiceEntry` was erroneously excluded from validation in the previous release. Use of wildcards as part of a hostname, e.g. `*.bar.com`, remains unchanged.
|
||||
- [Service entry](/docs/reference/config/networking/service-entry/) validation now rejects the wildcard hostname (`*`) when configuring DNS resolution. The API has never allowed this, however `ServiceEntry` was erroneously excluded from validation in the previous release. Use of wildcards as part of a hostname, e.g. `*.bar.com`, remains unchanged.
|
||||
|
||||
- The core dump path for `istio-proxy` has changed to `/var/lib/istio`.
|
||||
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ The Istio team would like to give huge thanks to everyone who has made a contrib
|
|||
### Networking
|
||||
|
||||
- **SNI Routing using Virtual Services**. Newly introduced `TLS` sections in
|
||||
[`VirtualService`](/docs/reference/config/networking/v1alpha3/virtual-service/) can be used to route TLS traffic
|
||||
[`VirtualService`](/docs/reference/config/networking/virtual-service/) can be used to route TLS traffic
|
||||
based on SNI values. Service ports named as TLS/HTTPS can be used in conjunction with
|
||||
virtual service TLS routes. TLS/HTTPS ports without an accompanying virtual service will be treated as opaque TCP.
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ memory or IP ports over time ([Issue 13355](https://github.com/istio/istio/issue
|
|||
|
||||
- Added missing validation to prevent gateway names from containing dots ([Issue 13211](https://github.com/istio/istio/issues/13211)).
|
||||
|
||||
- Fixed bug where [`ConsistentHashLB.minimumRingSize`](/docs/reference/config/networking/v1alpha3/destination-rule/#LoadBalancerSettings-ConsistentHashLB)
|
||||
- Fixed bug where [`ConsistentHashLB.minimumRingSize`](/docs/reference/config/networking/destination-rule/#LoadBalancerSettings-ConsistentHashLB)
|
||||
was defaulting to 0 instead of the documented 1024 ([Issue 13261](https://github.com/istio/istio/issues/13261)).
|
||||
|
||||
## Small enhancements
|
||||
|
|
|
|||
|
|
@ -16,9 +16,9 @@ aliases:
|
|||
- **Improved** [locality based routing](/docs/ops/traffic-management/locality-load-balancing/) in multicluster environments.
|
||||
- **Improved** outbound traffic policy in [`ALLOW_ANY` mode](/docs/reference/config/installation-options/#global-options). Traffic for unknown HTTP/HTTPS hosts on an existing port will be [forwarded as is](/docs/tasks/traffic-management/egress/egress-control/#envoy-passthrough-to-external-services). Unknown traffic will be logged in Envoy access logs.
|
||||
- **Added** support for setting HTTP idle timeouts to upstream services.
|
||||
- **Improved** Sidecar support for [NONE mode](/docs/reference/config/networking/v1alpha3/sidecar/#CaptureMode) (without iptables) .
|
||||
- **Improved** Sidecar support for [NONE mode](/docs/reference/config/networking/sidecar/#CaptureMode) (without iptables) .
|
||||
- **Added** ability to configure the [DNS refresh rate](/docs/reference/config/installation-options/#global-options) for sidecar Envoys, to reduce the load on the DNS servers.
|
||||
- **Graduated** [Sidecar API](/docs/reference/config/networking/v1alpha3/sidecar/) from Alpha to Alpha API and Beta runtime.
|
||||
- **Graduated** [Sidecar API](/docs/reference/config/networking/sidecar/) from Alpha to Alpha API and Beta runtime.
|
||||
|
||||
## Security
|
||||
|
||||
|
|
@ -29,7 +29,7 @@ aliases:
|
|||
- **Improved** JWT public key fetching logic to be more resilient to network failure.
|
||||
- **Fixed** [SAN](https://tools.ietf.org/html/rfc5280#section-4.2.1.6) field in workload certificates is set as `critical`. This fixes the issue that some custom certificate verifiers cannot verify Istio certificates.
|
||||
- **Fixed** mutual TLS probe rewrite for HTTPS probes.
|
||||
- **Graduated** [SNI with multiple certificates support at ingress gateway](/docs/reference/config/networking/v1alpha3/gateway/) from Alpha to Stable.
|
||||
- **Graduated** [SNI with multiple certificates support at ingress gateway](/docs/reference/config/networking/gateway/) from Alpha to Stable.
|
||||
- **Graduated** [certification management on Ingress Gateway](/docs/tasks/traffic-management/ingress/secure-ingress-sds/) from Alpha to Beta.
|
||||
|
||||
## Telemetry
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ aliases:
|
|||
- **Improved** load balancing to direct traffic to the [same region and zone](/faq/traffic-management/#controlling-inbound-ports) by default.
|
||||
- **Improved** Pilot by reducing CPU utilization. The reduction approaches 90% depending on the specific deployment.
|
||||
- **Improved** the `ServiceEntry` API to allow for the same hostname in different namespaces.
|
||||
- **Improved** the [Sidecar API](/docs/reference/config/networking/v1alpha3/sidecar/#OutboundTrafficPolicy) to customize the `OutboundTrafficPolicy` policy.
|
||||
- **Improved** the [Sidecar API](/docs/reference/config/networking/sidecar/#OutboundTrafficPolicy) to customize the `OutboundTrafficPolicy` policy.
|
||||
|
||||
## Security
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ Protocol sniffing is now enabled by default. Disable protocol sniffing with the
|
|||
previous behavior. To learn more see our [protocol selection page](/docs/ops/traffic-management/protocol-selection/).
|
||||
|
||||
To specify a hostname in multiple namespaces, you must select a single host using
|
||||
a [`Sidecar` resource](/docs/reference/config/networking/v1alpha3/sidecar/).
|
||||
a [`Sidecar` resource](/docs/reference/config/networking/sidecar/).
|
||||
|
||||
## Trust domain validation
|
||||
|
||||
|
|
|
|||
|
|
@ -100,3 +100,24 @@ messages:
|
|||
args:
|
||||
- name: combinedErr
|
||||
type: error
|
||||
|
||||
- name: "MisplacedAnnotation"
|
||||
code: IST0107
|
||||
level: Warning
|
||||
description: "An Istio annotation is applied to the wrong kind of resource."
|
||||
template: "Misplaced annotation: %s can only be applied to %s"
|
||||
args:
|
||||
- name: annotation
|
||||
type: string
|
||||
- name: kind
|
||||
type: string
|
||||
|
||||
- name: "UnknownAnnotation"
|
||||
code: IST0108
|
||||
level: Warning
|
||||
description: "An Istio annotation is not recognized for any kind of resource"
|
||||
template: "Unknown annotation: %s"
|
||||
args:
|
||||
- name: annotation
|
||||
type: string
|
||||
|
||||
|
|
|
|||
|
|
@ -25,9 +25,9 @@
|
|||
|
||||
# The repos to mine for docs, just add new entries here to pull in more repos.
|
||||
REPOS=(
|
||||
https://github.com/istio/istio.git@master
|
||||
https://github.com/istio/api.git@master
|
||||
https://github.com/istio/operator.git@master
|
||||
https://github.com/istio/istio.git@release-1.4
|
||||
https://github.com/istio/api.git@release-1.4
|
||||
https://github.com/istio/operator.git@release-1.4
|
||||
https://github.com/apigee/istio-mixer-adapter.git@master
|
||||
https://github.com/osswangxining/alicloud-istio-grpcadapter.git@master
|
||||
https://github.com/vmware/wavefront-adapter-for-istio.git@master
|
||||
|
|
@ -38,19 +38,19 @@ REPOS=(
|
|||
|
||||
# The components to build and extract usage docs from.
|
||||
COMPONENTS=(
|
||||
https://github.com/istio/istio.git@master@mixer/cmd/mixs@mixs
|
||||
https://github.com/istio/istio.git@master@istioctl/cmd/istioctl@istioctl
|
||||
https://github.com/istio/istio.git@master@pilot/cmd/pilot-agent@pilot-agent
|
||||
https://github.com/istio/istio.git@master@pilot/cmd/pilot-discovery@pilot-discovery
|
||||
https://github.com/istio/istio.git@master@sidecar-injector/cmd/sidecar-injector@sidecar-injector
|
||||
https://github.com/istio/istio.git@master@security/cmd/istio_ca@istio_ca
|
||||
https://github.com/istio/istio.git@master@security/cmd/node_agent@node_agent
|
||||
https://github.com/istio/istio.git@master@galley/cmd/galley@galley
|
||||
https://github.com/istio/operator.git@master@cmd/manager@operator
|
||||
https://github.com/istio/istio.git@release-1.4@mixer/cmd/mixs@mixs
|
||||
https://github.com/istio/istio.git@release-1.4@istioctl/cmd/istioctl@istioctl
|
||||
https://github.com/istio/istio.git@release-1.4@pilot/cmd/pilot-agent@pilot-agent
|
||||
https://github.com/istio/istio.git@release-1.4@pilot/cmd/pilot-discovery@pilot-discovery
|
||||
https://github.com/istio/istio.git@release-1.4@sidecar-injector/cmd/sidecar-injector@sidecar-injector
|
||||
https://github.com/istio/istio.git@release-1.4@security/cmd/istio_ca@istio_ca
|
||||
https://github.com/istio/istio.git@release-1.4@security/cmd/node_agent@node_agent
|
||||
https://github.com/istio/istio.git@release-1.4@galley/cmd/galley@galley
|
||||
https://github.com/istio/operator.git@release-1.4@cmd/manager@operator
|
||||
)
|
||||
|
||||
# The repo to fetch config analysis message data from
|
||||
CONFIG_ANALYSIS_MESSAGE_REPO="https://github.com/istio/istio.git@master@galley/pkg/config/analysis/msg/messages.yaml"
|
||||
CONFIG_ANALYSIS_MESSAGE_REPO="https://github.com/istio/istio.git@release-1.4@galley/pkg/config/analysis/msg/messages.yaml"
|
||||
|
||||
SCRIPTPATH="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
||||
ROOTDIR=$(dirname "${SCRIPTPATH}")
|
||||
|
|
|
|||
Loading…
Reference in New Issue