Skip to content

istiod values.yaml📜

networkPolicies.enabled📜

Type: bool

Default value
false

networkPolicies.additionalPolicies📜

Type: list

Default value
[]

monitoring.enabled📜

Type: bool

Default value
true

mtls.mode📜

Type: string

Default value
"STRICT"

defaultSecurityHeaders.enabled📜

Type: bool

Default value
true

upstream.autoscaleEnabled📜

Type: bool

Default value
true

upstream.autoscaleMin📜

Type: int

Default value
1

upstream.autoscaleMax📜

Type: int

Default value
5

upstream.autoscaleBehavior📜

Type: object

Default value
{}

upstream.replicaCount📜

Type: int

Default value
1

upstream.rollingMaxSurge📜

Type: string

Default value
"100%"

upstream.rollingMaxUnavailable📜

Type: string

Default value
"25%"

upstream.hub📜

Type: string

Default value
""

upstream.tag📜

Type: string

Default value
""

upstream.variant📜

Type: string

Default value
""

upstream.image📜

Type: string

Default value
"pilot"

upstream.traceSampling📜

Type: float

Default value
1

upstream.resources.requests.cpu📜

Type: string

Default value
"500m"

upstream.resources.requests.memory📜

Type: string

Default value
"2048Mi"

upstream.seccompProfile📜

Type: object

Default value
{}

upstream.cni.enabled📜

Type: bool

Default value
false

upstream.cni.provider📜

Type: string

Default value
"default"

upstream.extraContainerArgs📜

Type: list

Default value
[]

upstream.env.ENABLE_NATIVE_SIDECARS📜

Type: string

Default value
"true"

upstream.taint.enabled📜

Type: bool

Default value
false

upstream.taint.namespace📜

Type: string

Default value
""

upstream.affinity📜

Type: object

Default value
{}

upstream.tolerations📜

Type: list

Default value
[]

upstream.cpu.targetAverageUtilization📜

Type: int

Default value
80

upstream.memory📜

Type: object

Default value
{}

upstream.volumeMounts📜

Type: list

Default value
[]

upstream.volumes📜

Type: list

Default value
[]

upstream.initContainers📜

Type: list

Default value
[]

upstream.nodeSelector📜

Type: object

Default value
{}

upstream.podAnnotations📜

Type: object

Default value
{}

upstream.serviceAnnotations📜

Type: object

Default value
{}

upstream.serviceAccountAnnotations📜

Type: object

Default value
{}

upstream.sidecarInjectorWebhookAnnotations📜

Type: object

Default value
{}

upstream.topologySpreadConstraints📜

Type: list

Default value
[]

upstream.jwksResolverExtraRootCA📜

Type: string

Default value
""

upstream.keepaliveMaxServerConnectionAge📜

Type: string

Default value
"30m"

upstream.deploymentLabels📜

Type: object

Default value
{}

upstream.configMap📜

Type: bool

Default value
true

upstream.podLabels📜

Type: object

Default value
{}

upstream.ipFamilyPolicy📜

Type: string

Default value
""

upstream.ipFamilies📜

Type: list

Default value
[]

upstream.trustedZtunnelNamespace📜

Type: string

Default value
""

upstream.sidecarInjectorWebhook.neverInjectSelector📜

Type: list

Default value
[]

upstream.sidecarInjectorWebhook.alwaysInjectSelector📜

Type: list

Default value
[]

upstream.sidecarInjectorWebhook.injectedAnnotations📜

Type: object

Default value
{}

upstream.sidecarInjectorWebhook.enableNamespacesByDefault📜

Type: bool

Default value
false

upstream.sidecarInjectorWebhook.reinvocationPolicy📜

Type: string

Default value
"Never"

upstream.sidecarInjectorWebhook.rewriteAppHTTPProbe📜

Type: bool

Default value
true

upstream.sidecarInjectorWebhook.templates📜

Type: object

Default value
{}

upstream.sidecarInjectorWebhook.defaultTemplates📜

Type: list

Default value
[]

upstream.istiodRemote.enabled📜

Type: bool

Default value
false

upstream.istiodRemote.injectionURL📜

Type: string

Default value
""

upstream.istiodRemote.injectionPath📜

Type: string

Default value
"/inject"

upstream.istiodRemote.injectionCABundle📜

Type: string

Default value
""

upstream.telemetry.enabled📜

Type: bool

Default value
true

upstream.telemetry.v2.enabled📜

Type: bool

Default value
true

upstream.telemetry.v2.prometheus.enabled📜

Type: bool

Default value
true

upstream.telemetry.v2.stackdriver.enabled📜

Type: bool

Default value
false

upstream.revision📜

Type: string

Default value
""

upstream.revisionTags📜

Type: list

Default value
[]

upstream.ownerName📜

Type: string

Default value
""

upstream.meshConfig.enablePrometheusMerge📜

Type: bool

Default value
true

upstream.meshConfig.accessLogFile📜

Type: string

Default value
"/dev/stdout"

upstream.meshConfig.meshMTLS.minProtocolVersion📜

Type: string

Default value
"TLSV1_2"

upstream.experimental.stableValidationPolicy📜

Type: bool

Default value
false

upstream.global.istioNamespace📜

Type: string

Default value
"istio-system"

upstream.global.certSigners📜

Type: list

Default value
[]

upstream.global.defaultPodDisruptionBudget.enabled📜

Type: bool

Default value
true

upstream.global.defaultResources.requests.cpu📜

Type: string

Default value
"10m"

upstream.global.hub📜

Type: string

Default value
"registry1.dso.mil/ironbank/opensource/istio"

upstream.global.tag📜

Type: string

Default value
"1.25.1"

upstream.global.variant📜

Type: string

Default value
""

upstream.global.imagePullPolicy📜

Type: string

Default value
""

upstream.global.imagePullSecrets📜

Type: list

Default value
[]

upstream.global.istiod.enableAnalysis📜

Type: bool

Default value
false

upstream.global.logAsJson📜

Type: bool

Default value
false

upstream.global.logging.level📜

Type: string

Default value
"default:info"

upstream.global.omitSidecarInjectorConfigMap📜

Type: bool

Default value
false

upstream.global.operatorManageWebhooks📜

Type: bool

Default value
false

upstream.global.priorityClassName📜

Type: string

Default value
""

upstream.global.proxy.image📜

Type: string

Default value
"proxyv2"

upstream.global.proxy.autoInject📜

Type: string

Default value
"enabled"

upstream.global.proxy.clusterDomain📜

Type: string

Default value
"cluster.local"

upstream.global.proxy.componentLogLevel📜

Type: string

Default value
"misc:error"

upstream.global.proxy.excludeInboundPorts📜

Type: string

Default value
""

upstream.global.proxy.includeInboundPorts📜

Type: string

Default value
"*"

upstream.global.proxy.includeIPRanges📜

Type: string

Default value
"*"

upstream.global.proxy.excludeIPRanges📜

Type: string

Default value
""

upstream.global.proxy.includeOutboundPorts📜

Type: string

Default value
""

upstream.global.proxy.excludeOutboundPorts📜

Type: string

Default value
""

upstream.global.proxy.logLevel📜

Type: string

Default value
"warning"

upstream.global.proxy.outlierLogPath📜

Type: string

Default value
""

upstream.global.proxy.privileged📜

Type: bool

Default value
false

upstream.global.proxy.readinessFailureThreshold📜

Type: int

Default value
4

upstream.global.proxy.readinessInitialDelaySeconds📜

Type: int

Default value
0

upstream.global.proxy.readinessPeriodSeconds📜

Type: int

Default value
15

upstream.global.proxy.startupProbe.enabled📜

Type: bool

Default value
true

upstream.global.proxy.startupProbe.failureThreshold📜

Type: int

Default value
600

upstream.global.proxy.resources.requests.cpu📜

Type: string

Default value
"100m"

upstream.global.proxy.resources.requests.memory📜

Type: string

Default value
"128Mi"

upstream.global.proxy.resources.limits.memory📜

Type: string

Default value
"512Mi"

upstream.global.proxy.statusPort📜

Type: int

Default value
15020

upstream.global.proxy.tracer📜

Type: string

Default value
"none"

upstream.global.proxy_init.image📜

Type: string

Default value
"proxyv2"

upstream.global.proxy_init.forceApplyIptables📜

Type: bool

Default value
false

upstream.global.remotePilotAddress📜

Type: string

Default value
""

upstream.global.caAddress📜

Type: string

Default value
""

upstream.global.externalIstiod📜

Type: bool

Default value
false

upstream.global.configCluster📜

Type: bool

Default value
false

upstream.global.configValidation📜

Type: bool

Default value
true

upstream.global.meshID📜

Type: string

Default value
""

upstream.global.meshNetworks📜

Type: object

Default value
{}

upstream.global.mountMtlsCerts📜

Type: bool

Default value
false

upstream.global.multiCluster.enabled📜

Type: bool

Default value
false

upstream.global.multiCluster.clusterName📜

Type: string

Default value
""

upstream.global.network📜

Type: string

Default value
""

upstream.global.pilotCertProvider📜

Type: string

Default value
"istiod"

upstream.global.sds.token.aud📜

Type: string

Default value
"istio-ca"

upstream.global.sts.servicePort📜

Type: int

Default value
0

upstream.global.caName📜

Type: string

Default value
""

upstream.global.waypoint.resources.requests.cpu📜

Type: string

Default value
"100m"

upstream.global.waypoint.resources.requests.memory📜

Type: string

Default value
"128Mi"

upstream.global.waypoint.resources.limits.memory📜

Type: string

Default value
"256Mi"

upstream.global.waypoint.affinity📜

Type: object

Default value
{}

upstream.global.waypoint.topologySpreadConstraints📜

Type: list

Default value
[]

upstream.global.waypoint.nodeSelector📜

Type: object

Default value
{}

upstream.global.waypoint.tolerations📜

Type: list

Default value
[]

upstream.base.enableIstioConfigCRDs📜

Type: bool

Default value
true

upstream.gateways.securityContext📜

Type: object

Default value
{}

upstream.gateways.seccompProfile📜

Type: object

Default value
{}