mirror of https://github.com/istio/istio.io.git
Automator: update istio.io@ reference docs (#11583)
This commit is contained in:
Istio Automation
GitHub
parent
e320f6ad2b
commit
e465d49209
|
|
@ -1420,6 +1420,12 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td>The SPIFFE bundle trust domain to endpoint mappings. Istiod retrieves the root certificate from each SPIFFE bundle endpoint and uses it to verify client certifiates from that trust domain. The endpoint must be compliant to the SPIFFE Bundle Endpoint standard. For details, please refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE_Trust_Domain_and_Bundle.md . No need to configure this for root certificates issued via Istiod or web-PKI based root certificates. Use || between <trustdomain, endpoint> tuples. Use | as delimiter between trust domain and endpoint in each tuple. For example: foo|https://url/for/foo||bar|https://url/for/bar</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
|
|||
|
|
@ -7722,6 +7722,12 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -7767,7 +7773,7 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -221,11 +221,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -245,7 +245,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1001,6 +1001,12 @@ These environment variables affect the behavior of the <code>operator</code> com
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -1046,7 +1052,7 @@ These environment variables affect the behavior of the <code>operator</code> com
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -23,11 +23,11 @@ remove_toc_prefix: 'pilot-agent '
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -47,7 +47,7 @@ remove_toc_prefix: 'pilot-agent '
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -77,11 +77,11 @@ See each sub-command's help for details on how to use the generated script.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -101,7 +101,7 @@ See each sub-command's help for details on how to use the generated script.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -142,11 +142,11 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -166,7 +166,7 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -206,11 +206,11 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -230,7 +230,7 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -269,11 +269,11 @@ to your powershell profile.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -293,7 +293,7 @@ to your powershell profile.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -339,11 +339,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -363,7 +363,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -405,12 +405,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -435,7 +435,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -585,12 +585,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -615,7 +615,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -700,11 +700,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -724,7 +724,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -790,11 +790,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -814,7 +814,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -847,12 +847,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -877,7 +877,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -919,11 +919,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -943,7 +943,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1924,6 +1924,12 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUST_DOMAIN</code></td>
|
||||
<td>String</td>
|
||||
<td><code>cluster.local</code></td>
|
||||
|
|
@ -2011,7 +2017,7 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>XDS_AUTH_PROVIDER</code></td>
|
||||
|
|
|
|||
|
|
@ -269,12 +269,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -299,7 +299,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1223,6 +1223,12 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td>OIDC token issuer. If set, will be used to check the tokens.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -1274,7 +1280,7 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -1420,6 +1420,12 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td>The SPIFFE bundle trust domain to endpoint mappings. Istiod retrieves the root certificate from each SPIFFE bundle endpoint and uses it to verify client certifiates from that trust domain. The endpoint must be compliant to the SPIFFE Bundle Endpoint standard. For details, please refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE_Trust_Domain_and_Bundle.md . No need to configure this for root certificates issued via Istiod or web-PKI based root certificates. Use || between <trustdomain, endpoint> tuples. Use | as delimiter between trust domain and endpoint in each tuple. For example: foo|https://url/for/foo||bar|https://url/for/bar</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
|
|||
|
|
@ -7722,6 +7722,12 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -7767,7 +7773,7 @@ These environment variables affect the behavior of the <code>istioctl</code> com
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -221,11 +221,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -245,7 +245,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, patch, processing, proxyconfig, retry, security, serviceentry, spiffe, status, telemetry, tpath, translator, trustBundle, util, validation, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1001,6 +1001,12 @@ These environment variables affect the behavior of the <code>operator</code> com
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -1046,7 +1052,7 @@ These environment variables affect the behavior of the <code>operator</code> com
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
|
|
@ -23,11 +23,11 @@ remove_toc_prefix: 'pilot-agent '
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -47,7 +47,7 @@ remove_toc_prefix: 'pilot-agent '
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -77,11 +77,11 @@ See each sub-command's help for details on how to use the generated script.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -101,7 +101,7 @@ See each sub-command's help for details on how to use the generated script.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -142,11 +142,11 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -166,7 +166,7 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -206,11 +206,11 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -230,7 +230,7 @@ If it is not installed already, you can install it via your OS's package man
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -269,11 +269,11 @@ to your powershell profile.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -293,7 +293,7 @@ to your powershell profile.
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -339,11 +339,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -363,7 +363,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -405,12 +405,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -435,7 +435,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -585,12 +585,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -615,7 +615,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -700,11 +700,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -724,7 +724,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -790,11 +790,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -814,7 +814,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -847,12 +847,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -877,7 +877,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -919,11 +919,11 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -943,7 +943,7 @@ to enable it. You can execute the following once:</p>
|
|||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, authn, authorization, ca, cache, citadelclient, controllers, default, delta, dns, gateway, gcecred, googleca, googlecas, grpcgen, healthcheck, iptables, klog, kube, mockcred, model, proxyconfig, retry, sds, security, serviceentry, spiffe, status, stsclient, stsserver, telemetry, token, trustBundle, validation, wasm, wle, xdsproxy] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1924,6 +1924,12 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td>A list of comma separated audiences to check in the JWT token before issuing a certificate. The token is accepted if it matches with one of the audiences</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUST_DOMAIN</code></td>
|
||||
<td>String</td>
|
||||
<td><code>cluster.local</code></td>
|
||||
|
|
@ -2011,7 +2017,7 @@ Only applies when traffic from all groups (i.e. "*") is being redirected
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>XDS_AUTH_PROVIDER</code></td>
|
||||
|
|
|
|||
|
|
@ -269,12 +269,12 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_caller <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] (default ``)</td>
|
||||
<td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] (default ``)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_output_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_rotate <string></code></td>
|
||||
|
|
@ -299,7 +299,7 @@ to enable it. You can execute the following once:</p>
|
|||
<tr>
|
||||
<td><code>--log_stacktrace_level <string></code></td>
|
||||
<td></td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
<td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, adsc, all, analysis, authn, authorization, ca, controllers, default, delta, file, gateway, grpcgen, installer, klog, kube, model, monitor, pkica, pkira, processing, proxyconfig, retry, rootcertrotator, secretcontroller, security, serverca, serviceentry, spiffe, status, telemetry, tpath, trustBundle, util, validation, validationController, validationServer, wasm, wle] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>--log_target <stringArray></code></td>
|
||||
|
|
@ -1223,6 +1223,12 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td>OIDC token issuer. If set, will be used to check the tokens.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>TRUSTED_GATEWAY_CIDR</code></td>
|
||||
<td>String</td>
|
||||
<td><code></code></td>
|
||||
<td>If set, any connections from gateway to Istiod with this CIDR range are treated as trusted for using authenication mechanisms like XFCC. This can only be used when the network where Istiod and the authenticating gateways are running in a trusted/secure network</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><code>UNSAFE_ENABLE_ADMIN_ENDPOINTS</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
|
|
@ -1274,7 +1280,7 @@ These environment variables affect the behavior of the <code>pilot-discovery</co
|
|||
<td><code>XDS_AUTH_PLAINTEXT</code></td>
|
||||
<td>Boolean</td>
|
||||
<td><code>false</code></td>
|
||||
<td>Authenticate plain text requests - used if Istiod is behind a gateway handling TLS</td>
|
||||
<td>Authenticate plain text requests - used if Istiod is running on a secure/trusted network</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
|
|
|||
Loading…
Reference in New Issue