istio.io/index.md at aaedef2d2211ceb51f7f32b0a4aaf47daa800fbc

12 KiB

Raw Blame History

title

description

weight

keywords

Installation Options

Describes the options available when installing Istio using the included Helm chart.

kubernetes

helm

To customize Istio install using Helm, use the --set <key>=<value> option in Helm command to override one or more values. The set of supported keys is shown in the table below.

`certmanager` options

Key	Default Value	Description
`certmanager.enabled`	`true`
`certmanager.hub`	`quay.io/jetstack`
`certmanager.tag`	`v0.3.1`
`certmanager.resources`	`{}`

`galley` options

Key	Default Value	Description
`galley.enabled`	`true`
`galley.replicaCount`	`1`
`galley.image`	`galley`

`gateways` options

Key	Default Value	Description
`gateways.enabled`	`true`
`gateways.istio-ingressgateway.enabled`	`true`
`gateways.istio-ingressgateway.labels.app`	`istio-ingressgateway`
`gateways.istio-ingressgateway.labels.istio`	`ingressgateway`
`gateways.istio-ingressgateway.replicaCount`	`1`
`gateways.istio-ingressgateway.autoscaleMin`	`1`
`gateways.istio-ingressgateway.autoscaleMax`	`5`
`gateways.istio-ingressgateway.resources`	`{}`
`gateways.istio-ingressgateway.loadBalancerIP`	`""`
`gateways.istio-ingressgateway.externalIPs`	[]
`gateways.istio-ingressgateway.serviceAnnotations`	`{}`
`gateways.istio-ingressgateway.type`	`LoadBalancer #change to NodePort, ClusterIP or LoadBalancer if need be`
`gateways.istio-ingressgateway.ports.targetPort`	`80`
`gateways.istio-ingressgateway.ports.name`	`http2`
`gateways.istio-ingressgateway.ports.nodePort`	`31380`
`gateways.istio-ingressgateway.ports.name`	`https`
`gateways.istio-ingressgateway.ports.nodePort`	`31390`
`gateways.istio-ingressgateway.ports.name`	`tcp`
`gateways.istio-ingressgateway.ports.nodePort`	`31400`
`gateways.istio-ingressgateway.ports.targetPort`	`15011`
`gateways.istio-ingressgateway.ports.name`	`tcp-pilot-grpc-tls`
`gateways.istio-ingressgateway.ports.targetPort`	`8060`
`gateways.istio-ingressgateway.ports.name`	`tcp-citadel-grpc-tls`
`gateways.istio-ingressgateway.ports.targetPort`	`15030`
`gateways.istio-ingressgateway.ports.name`	`http2-prometheus`
`gateways.istio-ingressgateway.ports.targetPort`	`15031`
`gateways.istio-ingressgateway.ports.name`	`http2-grafana`
`gateways.istio-ingressgateway.secretVolumes.secretName`	`istio-ingressgateway-certs`
`gateways.istio-ingressgateway.secretVolumes.mountPath`	`/etc/istio/ingressgateway-certs`
`gateways.istio-ingressgateway.secretVolumes.secretName`	`istio-ingressgateway-ca-certs`
`gateways.istio-ingressgateway.secretVolumes.mountPath`	`/etc/istio/ingressgateway-ca-certs`
`gateways.istio-egressgateway.enabled`	`true`
`gateways.istio-egressgateway.labels.app`	`istio-egressgateway`
`gateways.istio-egressgateway.labels.istio`	`egressgateway`
`gateways.istio-egressgateway.replicaCount`	`1`
`gateways.istio-egressgateway.autoscaleMin`	`1`
`gateways.istio-egressgateway.autoscaleMax`	`5`
`gateways.istio-egressgateway.serviceAnnotations`	`{}`
`gateways.istio-egressgateway.type`	`ClusterIP #change to NodePort or LoadBalancer if need be`
`gateways.istio-egressgateway.ports.name`	`http2`
`gateways.istio-egressgateway.ports.name.name`	`https`
`gateways.istio-egressgateway.secretVolumes.secretName`	`istio-egressgateway-certs`
`gateways.istio-egressgateway.secretVolumes.secretName.mountPath`	`/etc/istio/egressgateway-certs`
`gateways.istio-egressgateway.secretVolumes.secretName.secretName`	`istio-egressgateway-ca-certs`
`gateways.istio-egressgateway.secretVolumes.secretName.mountPath`	`/etc/istio/egressgateway-ca-certs`
`gateways.istio-ilbgateway.enabled`	`false`
`gateways.istio-ilbgateway.enabled.labels.app`	`istio-ilbgateway`
`gateways.istio-ilbgateway.enabled.labels.istio`	`ilbgateway`
`gateways.istio-ilbgateway.enabled.replicaCount`	`1`
`gateways.istio-ilbgateway.enabled.autoscaleMin`	`1`
`gateways.istio-ilbgateway.enabled.autoscaleMax`	`5`
`gateways.istio-ilbgateway.enabled.resources.requests.cpu`	`800m`
`gateways.istio-ilbgateway.enabled.resources.requests.memory`	`512Mi`
`gateways.istio-ilbgateway.enabled.loadBalancerIP`	`""`
`gateways.istio-ilbgateway.enabled.serviceAnnotations.cloud.google.com/load-balancer-type`	`"internal"`
`gateways.istio-ilbgateway.enabled.type`	`LoadBalancer`
`gateways.istio-ilbgateway.enabled.ports.name`	`grpc-pilot-mtls`
`gateways.istio-ilbgateway.enabled.ports.name`	`grpc-pilot`
`gateways.istio-ilbgateway.enabled.ports.targetPort`	`8060`
`gateways.istio-ilbgateway.enabled.ports.name`	`tcp-citadel-grpc-tls`
`gateways.istio-ilbgateway.enabled.ports.name`	`tcp-dns`
`gateways.istio-ilbgateway.enabled.secretVolumes.secretName`	`istio-ilbgateway-certs`
`gateways.istio-ilbgateway.enabled.secretVolumes.mountPath`	`/etc/istio/ilbgateway-certs`
`gateways.istio-ilbgateway.enabled.secretVolumes.secretName`	`istio-ilbgateway-ca-certs`
`gateways.istio-ilbgateway.enabled.secretVolumes.mountPath`	`/etc/istio/ilbgateway-ca-certs`

`global` options

Key	Default Value	Description
`global.hub`	`docker.io/istio`
`global.tag`	`1.0.0`
`global.k8sIngressSelector`	`ingress`
`global.k8sIngressHttps`	`false`
`global.proxy.image`	`proxyv2`
`global.proxy.resources.requests.cpu`	`10m`
`global.proxy.accessLogFile`	`"/dev/stdout"`
`global.proxy.enableCoreDump`	`false`
`global.proxy.includeIPRanges`	`"*"`
`global.proxy.excludeIPRanges`	`""`
`global.proxy.includeInboundPorts`	`"*"`
`global.proxy.excludeInboundPorts`	`""`
`global.proxy.autoInject`	`enabled`
`global.proxy.envoyStatsd.enabled`	`true`
`global.proxy.envoyStatsd.host`	`istio-statsd-prom-bridge`
`global.proxy.envoyStatsd.port`	`9125`
`global.proxy_init.image`	`proxy_init`
`global.imagePullPolicy`	`IfNotPresent`
`global.controlPlaneSecurityEnabled`	`true`
`global.disablePolicyChecks`	`false`
`global.enableTracing`	`true`
`global.mtls.enabled`	`true`
`global.arch.amd64`	`2`
`global.arch.s390x`	`2`
`global.arch.ppc64le`	`2`
`global.oneNamespace`	`false`
`global.configValidation`	`true`
`global.meshExpansion`	`false`
`global.meshExpansionILB`	`false`
`global.defaultResources.requests.cpu`	`10m`
`global.hyperkube.hub`	`quay.io/coreos`
`global.hyperkube.tag`	`v1.7.6_coreos.0`
`global.priorityClassName`	`""`
`global.crds`	`true`

`grafana` options

Key	Default Value	Description
`grafana.enabled`	`true`
`grafana.replicaCount`	`1`
`grafana.image`	`grafana`
`grafana.security.enabled`	`true`
`grafana.security.adminUser`	`admin`
`grafana.security.adminPassword`	`admin`
`grafana.service.annotations`	`{}`
`grafana.service.name`	`http`
`grafana.service.type`	`ClusterIP`
`grafana.service.externalPort`	`3000`
`grafana.service.internalPort`	`3000`

`ingress` options

Key	Default Value	Description
`ingress.enabled`	`true`
`ingress.replicaCount`	`1`
`ingress.autoscaleMin`	`1`
`ingress.autoscaleMax`	`5`
`ingress.service.annotations`	`{}`
`ingress.service.loadBalancerIP`	`""`
`ingress.service.type`	`LoadBalancer #change to NodePort, ClusterIP or LoadBalancer if need be`
`ingress.service.ports.name`	`http`
`ingress.service.ports.nodePort`	`32000`
`ingress.service.ports.name`	`https`
`ingress.service.selector.istio`	`ingress`

`kiali` options

Key	Default Value	Description
`kiali.enabled`	`true`
`kiali.replicaCount`	`1`
`kiali.hub`	`docker.io/kiali`
`kiali.tag`	`istio-release-1.0`
`kiali.ingress.enabled`	`true`
`kiali.dashboard.username`	`admin`
`kiali.dashboard.passphrase`	`admin`

`mixer` options

Key	Default Value	Description
`mixer.enabled`	`true`
`mixer.replicaCount`	`1`
`mixer.autoscaleMin`	`1`
`mixer.autoscaleMax`	`5`
`mixer.image`	`mixer`
`mixer.istio-policy.autoscaleEnabled`	`true`
`mixer.istio-policy.autoscaleMin`	`1`
`mixer.istio-policy.autoscaleMax`	`5`
`mixer.istio-policy.cpu.targetAverageUtilization`	`80`
`mixer.istio-telemetry.autoscaleEnabled`	`true`
`mixer.istio-telemetry.autoscaleMin`	`1`
`mixer.istio-telemetry.autoscaleMax`	`5`
`mixer.istio-telemetry.cpu.targetAverageUtilization`	`80`
`mixer.prometheusStatsdExporter.hub`	`docker.io/prom`
`mixer.prometheusStatsdExporter.tag`	`v0.6.0`

`pilot` options

Key	Default Value	Description
`pilot.enabled`	`true`
`pilot.replicaCount`	`1`
`pilot.autoscaleMin`	`1`
`pilot.autoscaleMax`	`1`
`pilot.image`	`pilot`
`pilot.sidecar`	`true`
`pilot.traceSampling`	`100.0`
`pilot.resources.requests.cpu`	`500m`
`pilot.resources.requests.memory`	`2048Mi`

`prometheus` options

Key	Default Value	Description
`prometheus.enabled`	`true`
`prometheus.replicaCount`	`1`
`prometheus.hub`	`docker.io/prom`
`prometheus.tag`	`v2.3.1`
`prometheus.service.annotations`	`{}`
`prometheus.service.nodePort.enabled`	`false`
`prometheus.service.nodePort.port`	`32090`

`security` options

Key	Default Value	Description
`security.replicaCount`	`1`
`security.image`	`citadel`
`security.selfSigned`	`true # indicate if self-signed CA is used.`

`sidecarInjectorWebhook` options

Key	Default Value	Description
`sidecarInjectorWebhook.enabled`	`true`
`sidecarInjectorWebhook.replicaCount`	`1`
`sidecarInjectorWebhook.image`	`sidecar_injector`
`sidecarInjectorWebhook.enableNamespacesByDefault`	`false`

`telemetry-gateway` options

Key	Default Value	Description
`telemetry-gateway.gatewayName`	`ingressgateway`
`telemetry-gateway.grafanaEnabled`	`true`
`telemetry-gateway.prometheusEnabled`	`true`

`tracing` options

Key	Default Value	Description
`tracing.enabled`	`true`
`tracing.provider`	`jaeger`
`tracing.jaeger.hub`	`docker.io/jaegertracing`
`tracing.jaeger.tag`	`1.5`
`tracing.jaeger.memory.max_traces`	`50000`
`tracing.jaeger.ui.port`	`16686`
`tracing.replicaCount`	`1`
`tracing.service.annotations`	`{}`
`tracing.service.name`	`http`
`tracing.service.type`	`ClusterIP`
`tracing.service.externalPort`	`9411`
`tracing.service.internalPort`	`9411`
`tracing.ingress.enabled`	`false`

12 KiB Raw Blame History

certmanager options

galley options

gateways options

global options

grafana options

ingress options

kiali options

mixer options

pilot options

prometheus options

security options

sidecarInjectorWebhook options

telemetry-gateway options

tracing options