Enterprise Gloo Edge

The table below describes all the values that you can override in your custom values file when working with the Helm chart for Open Source Gloo Edge. More information on using a Helm chart to install the Gloo Edge can be found here.

Option Type Default Value Description
settings.watchNamespaces[] string whitelist of namespaces for Gloo Edge to watch for services and CRDs. Empty list means all namespaces
settings.writeNamespace string namespace where intermediary CRDs will be written to, e.g. Upstreams written by Gloo Edge Discovery.
settings.integrations.knative.enabled bool enabled knative components
settings.integrations.knative.version string the version of knative installed to the cluster. if using version < 0.8.0, Gloo Edge will use Knative’s ClusterIngress API for configuration rather than the namespace-scoped Ingress
settings.integrations.knative.proxy.image.tag string tag for the container
settings.integrations.knative.proxy.image.repository string image name (repository) for the container.
settings.integrations.knative.proxy.image.registry string image prefix/registry e.g. (quay.io/solo-io)
settings.integrations.knative.proxy.image.pullPolicy string image pull policy for the container
settings.integrations.knative.proxy.image.pullSecret string image pull policy for the container
settings.integrations.knative.proxy.image.extended bool if true, deploy an extended version of the container with additional debug tools
settings.integrations.knative.proxy.httpPort int HTTP port for the proxy
settings.integrations.knative.proxy.httpsPort int HTTPS port for the proxy
settings.integrations.knative.proxy.tracing string tracing configuration
settings.integrations.knative.proxy.loopBackAddress string Name on which to bind the loop-back interface for this instance of Envoy. Defaults to 127.0.0.1, but other common values may be localhost or ::1
settings.integrations.knative.proxy.extraClusterIngressProxyLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the cluster ingress proxy deployment.
settings.integrations.knative.proxy.internal.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.proxy.internal.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.proxy.internal.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.proxy.replicas int number of instances to deploy
settings.integrations.knative.proxy.customEnv[].name string
settings.integrations.knative.proxy.customEnv[].value string
settings.integrations.knative.proxy.customEnv[].valueFrom.fieldRef.apiVersion string
settings.integrations.knative.proxy.customEnv[].valueFrom.fieldRef.fieldPath string
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.containerName string
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.resource string
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor int64
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor int32
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor bool
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] string
settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] string
settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.name string
settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.key string
settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.optional bool
settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.name string
settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.key string
settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.optional bool
settings.integrations.knative.proxy.restartPolicy string restart policy to use when the pod exits
settings.integrations.knative.proxy.nodeName string name of node to run on
settings.integrations.knative.proxy.nodeSelector.NAME string label selector for nodes
settings.integrations.knative.proxy.tolerations[].key string
settings.integrations.knative.proxy.tolerations[].operator string
settings.integrations.knative.proxy.tolerations[].value string
settings.integrations.knative.proxy.tolerations[].effect string
settings.integrations.knative.proxy.tolerations[].tolerationSeconds int64
settings.integrations.knative.proxy.affinity[].NAME interface
settings.integrations.knative.proxy.hostAliases[] interface
settings.integrations.knative.proxy.resources.limits.memory string amount of memory
settings.integrations.knative.proxy.resources.limits.cpu string amount of CPUs
settings.integrations.knative.proxy.resources.requests.memory string amount of memory
settings.integrations.knative.proxy.resources.requests.cpu string amount of CPUs
settings.integrations.knative.proxy.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.proxy.service.type string K8s service type
settings.integrations.knative.proxy.service.extraAnnotations.NAME string extra annotations to add to the service
settings.integrations.knative.proxy.service.loadBalancerIP string IP address of the load balancer
settings.integrations.knative.proxy.service.httpPort int HTTP port for the knative/ingress proxy service
settings.integrations.knative.proxy.service.httpsPort int HTTPS port for the knative/ingress proxy service
settings.integrations.knative.proxy.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.proxy.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
settings.integrations.knative.requireIngressClass bool only serve traffic for Knative Ingress objects with the annotation ‘networking.knative.dev/ingress.class: gloo.ingress.networking.knative.dev’.
settings.integrations.knative.extraKnativeInternalLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the knative internal deployment.
settings.integrations.knative.extraKnativeExternalLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the knative external deployment.
settings.integrations.consul.datacenter string Datacenter to use. If not provided, the default agent datacenter is used.
settings.integrations.consul.username string Username to use for HTTP Basic Authentication.
settings.integrations.consul.password string Password to use for HTTP Basic Authentication.
settings.integrations.consul.token string Token is used to provide a per-request ACL token which overrides the agent’s default token.
settings.integrations.consul.caFile string caFile is the optional path to the CA certificate used for Consul communication, defaults to the system bundle if not specified.
settings.integrations.consul.caPath string caPath is the optional path to a directory of CA certificates to use for Consul communication, defaults to the system bundle if not specified.
settings.integrations.consul.certFile string CertFile is the optional path to the certificate for Consul communication. If this is set then you need to also set KeyFile.
settings.integrations.consul.keyFile string KeyFile is the optional path to the private key for Consul communication. If this is set then you need to also set CertFile.
settings.integrations.consul.insecureSkipVerify bool InsecureSkipVerify if set to true will disable TLS host verification.
settings.integrations.consul.waitTime.seconds int32 The value of this duration in seconds.
settings.integrations.consul.waitTime.nanos int32 The value of this duration in nanoseconds.
settings.integrations.consul.serviceDiscovery.dataCenters[] string Use this parameter to restrict the data centers that will be considered when discovering and routing to services. If not provided, Gloo Edge will use all available data centers.
settings.integrations.consul.httpAddress string The address of the Consul HTTP server. Used by service discovery and key-value storage (if-enabled). Defaults to the value of the standard CONSUL_HTTP_ADDR env if set, otherwise to 127.0.0.1:8500.
settings.integrations.consul.dnsAddress string The address of the DNS server used to resolve hostnames in the Consul service address. Used by service discovery (required when Consul service instances are stored as DNS names). Defaults to 127.0.0.1:8600. (the default Consul DNS server)
settings.integrations.consul.dnsPollingInterval.seconds int32 The value of this duration in seconds.
settings.integrations.consul.dnsPollingInterval.nanos int32 The value of this duration in nanoseconds.
settings.integrations.consulUpstreamDiscovery.useTlsDiscovery bool Allow Gloo Edge to automatically apply tls to consul services that are tagged the tlsTagName value. Requires RootCaResourceNamespace and RootCaResourceName to be set if true.
settings.integrations.consulUpstreamDiscovery.tlsTagName string The tag Gloo Edge should use to identify consul services that ought to use TLS. If splitTlsServices is true, then this tag is also used to sort serviceInstances into the tls upstream. Defaults to ‘glooUseTls’.
settings.integrations.consulUpstreamDiscovery.splitTlsServices bool If true, then create two upstreams to be created when a consul service contains the tls tag; one with TLS and one without.
settings.integrations.consulUpstreamDiscovery.discoveryRootCa.namespace string The namespace of this resource.
settings.integrations.consulUpstreamDiscovery.discoveryRootCa.name string The name of this resource.
settings.create bool create a Settings CRD which provides bootstrap configuration to Gloo Edge controllers
settings.extensions interface
settings.singleNamespace bool Enable to use install namespace as WatchNamespace and WriteNamespace
settings.invalidConfigPolicy.replaceInvalidRoutes bool Rather than pausing configuration updates, in the event of an invalid Route defined on a virtual service or route table, Gloo Edge will serve the route with a predefined direct response action. This allows valid routes to be updated when other routes are invalid.
settings.invalidConfigPolicy.invalidRouteResponseCode int64 the response code for the direct response
settings.invalidConfigPolicy.invalidRouteResponseBody string the response body for the direct response
settings.linkerd bool Enable automatic Linkerd integration in Gloo Edge
settings.disableProxyGarbageCollection bool Set this option to determine the state of an Envoy listener when the corresponding Proxy resource has no routes. If false (default), Gloo Edge will propagate the state of the Proxy to Envoy, resetting the listener to a clean slate with no routes. If true, Gloo Edge will keep serving the routes from the last applied valid configuration.
settings.regexMaxProgramSize uint32 Set this field to specify the RE2 default max program size which is a rough estimate of how complex the compiled regex is to evaluate. If not specified, this defaults to 100.
settings.disableKubernetesDestinations bool Gloo Edge allows you to directly reference a Kubernetes service as a routing destination. To enable this feature, Gloo Edge scans the cluster for Kubernetes services and creates a special type of in-memory Upstream to represent them. If the cluster contains a lot of services and you do not restrict the namespaces Gloo Edge is watching, this can result in significant overhead. If you do not plan on using this feature, you can set this flag to true to turn it off.
settings.aws.enableCredentialsDiscovery bool Enable AWS credentials discovery in Envoy for lambda requests. If enableServiceAccountCredentials is also set, it will take precedence as only one may be enabled in Gloo Edge
settings.aws.enableServiceAccountCredentials bool Use ServiceAccount credentials to authenticate lambda requests. If enableCredentialsDiscovery is also set, this will take precedence as only one may be enabled in Gloo Edge
settings.aws.stsCredentialsRegion string Regional endpoint to use for AWS STS requests. If empty will default to global sts endpoint.
settings.rateLimit interface Partial config for Gloo Edge Enterprise’s rate-limiting service, based on Envoy’s rate-limit service; supports Envoy’s rate-limit service API. (reference here: https://github.com/lyft/ratelimit#configuration) Configure rate-limit descriptors here, which define the limits for requests based on their descriptors. Configure rate-limits (composed of actions, which define how request characteristics get translated into descriptors) on the VirtualHost or its routes.
settings.enableRestEds bool Whether or not to use rest xds for all EDS by default. Defaults to false.
settings.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
license_key string
create_license_secret bool true
license_secret_name string license
gloo.namespace.create bool create the installation namespace
gloo.settings.watchNamespaces[] string whitelist of namespaces for Gloo Edge to watch for services and CRDs. Empty list means all namespaces
gloo.settings.writeNamespace string namespace where intermediary CRDs will be written to, e.g. Upstreams written by Gloo Edge Discovery.
gloo.settings.integrations.knative.enabled bool enabled knative components
gloo.settings.integrations.knative.version string the version of knative installed to the cluster. if using version < 0.8.0, Gloo Edge will use Knative’s ClusterIngress API for configuration rather than the namespace-scoped Ingress
gloo.settings.integrations.knative.proxy.image.tag string Version number, ex. 1.8.0 tag for the container
gloo.settings.integrations.knative.proxy.image.repository string gloo-ee-envoy-wrapper image name (repository) for the container.
gloo.settings.integrations.knative.proxy.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.settings.integrations.knative.proxy.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.settings.integrations.knative.proxy.image.pullSecret string image pull policy for the container
gloo.settings.integrations.knative.proxy.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.settings.integrations.knative.proxy.httpPort int HTTP port for the proxy
gloo.settings.integrations.knative.proxy.httpsPort int HTTPS port for the proxy
gloo.settings.integrations.knative.proxy.tracing string tracing configuration
gloo.settings.integrations.knative.proxy.loopBackAddress string Name on which to bind the loop-back interface for this instance of Envoy. Defaults to 127.0.0.1, but other common values may be localhost or ::1
gloo.settings.integrations.knative.proxy.extraClusterIngressProxyLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the cluster ingress proxy deployment.
gloo.settings.integrations.knative.proxy.internal.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.proxy.internal.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.proxy.internal.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.proxy.replicas int number of instances to deploy
gloo.settings.integrations.knative.proxy.customEnv[].name string
gloo.settings.integrations.knative.proxy.customEnv[].value string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.name string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.key string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.name string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.key string
gloo.settings.integrations.knative.proxy.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.settings.integrations.knative.proxy.restartPolicy string restart policy to use when the pod exits
gloo.settings.integrations.knative.proxy.nodeName string name of node to run on
gloo.settings.integrations.knative.proxy.nodeSelector.NAME string label selector for nodes
gloo.settings.integrations.knative.proxy.tolerations[].key string
gloo.settings.integrations.knative.proxy.tolerations[].operator string
gloo.settings.integrations.knative.proxy.tolerations[].value string
gloo.settings.integrations.knative.proxy.tolerations[].effect string
gloo.settings.integrations.knative.proxy.tolerations[].tolerationSeconds int64
gloo.settings.integrations.knative.proxy.affinity[].NAME interface
gloo.settings.integrations.knative.proxy.hostAliases[] interface
gloo.settings.integrations.knative.proxy.resources.limits.memory string amount of memory
gloo.settings.integrations.knative.proxy.resources.limits.cpu string amount of CPUs
gloo.settings.integrations.knative.proxy.resources.requests.memory string amount of memory
gloo.settings.integrations.knative.proxy.resources.requests.cpu string amount of CPUs
gloo.settings.integrations.knative.proxy.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.proxy.service.type string K8s service type
gloo.settings.integrations.knative.proxy.service.extraAnnotations.NAME string extra annotations to add to the service
gloo.settings.integrations.knative.proxy.service.loadBalancerIP string IP address of the load balancer
gloo.settings.integrations.knative.proxy.service.httpPort int HTTP port for the knative/ingress proxy service
gloo.settings.integrations.knative.proxy.service.httpsPort int HTTPS port for the knative/ingress proxy service
gloo.settings.integrations.knative.proxy.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.proxy.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.settings.integrations.knative.requireIngressClass bool only serve traffic for Knative Ingress objects with the annotation ‘networking.knative.dev/ingress.class: gloo.ingress.networking.knative.dev’.
gloo.settings.integrations.knative.extraKnativeInternalLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the knative internal deployment.
gloo.settings.integrations.knative.extraKnativeExternalLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the knative external deployment.
gloo.settings.integrations.consul.datacenter string Datacenter to use. If not provided, the default agent datacenter is used.
gloo.settings.integrations.consul.username string Username to use for HTTP Basic Authentication.
gloo.settings.integrations.consul.password string Password to use for HTTP Basic Authentication.
gloo.settings.integrations.consul.token string Token is used to provide a per-request ACL token which overrides the agent’s default token.
gloo.settings.integrations.consul.caFile string caFile is the optional path to the CA certificate used for Consul communication, defaults to the system bundle if not specified.
gloo.settings.integrations.consul.caPath string caPath is the optional path to a directory of CA certificates to use for Consul communication, defaults to the system bundle if not specified.
gloo.settings.integrations.consul.certFile string CertFile is the optional path to the certificate for Consul communication. If this is set then you need to also set KeyFile.
gloo.settings.integrations.consul.keyFile string KeyFile is the optional path to the private key for Consul communication. If this is set then you need to also set CertFile.
gloo.settings.integrations.consul.insecureSkipVerify bool InsecureSkipVerify if set to true will disable TLS host verification.
gloo.settings.integrations.consul.waitTime.seconds int32 The value of this duration in seconds.
gloo.settings.integrations.consul.waitTime.nanos int32 The value of this duration in nanoseconds.
gloo.settings.integrations.consul.serviceDiscovery.dataCenters[] string Use this parameter to restrict the data centers that will be considered when discovering and routing to services. If not provided, Gloo Edge will use all available data centers.
gloo.settings.integrations.consul.httpAddress string The address of the Consul HTTP server. Used by service discovery and key-value storage (if-enabled). Defaults to the value of the standard CONSUL_HTTP_ADDR env if set, otherwise to 127.0.0.1:8500.
gloo.settings.integrations.consul.dnsAddress string The address of the DNS server used to resolve hostnames in the Consul service address. Used by service discovery (required when Consul service instances are stored as DNS names). Defaults to 127.0.0.1:8600. (the default Consul DNS server)
gloo.settings.integrations.consul.dnsPollingInterval.seconds int32 The value of this duration in seconds.
gloo.settings.integrations.consul.dnsPollingInterval.nanos int32 The value of this duration in nanoseconds.
gloo.settings.integrations.consulUpstreamDiscovery.useTlsDiscovery bool Allow Gloo Edge to automatically apply tls to consul services that are tagged the tlsTagName value. Requires RootCaResourceNamespace and RootCaResourceName to be set if true.
gloo.settings.integrations.consulUpstreamDiscovery.tlsTagName string The tag Gloo Edge should use to identify consul services that ought to use TLS. If splitTlsServices is true, then this tag is also used to sort serviceInstances into the tls upstream. Defaults to ‘glooUseTls’.
gloo.settings.integrations.consulUpstreamDiscovery.splitTlsServices bool If true, then create two upstreams to be created when a consul service contains the tls tag; one with TLS and one without.
gloo.settings.integrations.consulUpstreamDiscovery.discoveryRootCa.namespace string The namespace of this resource.
gloo.settings.integrations.consulUpstreamDiscovery.discoveryRootCa.name string The name of this resource.
gloo.settings.create bool create a Settings CRD which provides bootstrap configuration to Gloo Edge controllers
gloo.settings.extensions interface
gloo.settings.singleNamespace bool Enable to use install namespace as WatchNamespace and WriteNamespace
gloo.settings.invalidConfigPolicy.replaceInvalidRoutes bool Rather than pausing configuration updates, in the event of an invalid Route defined on a virtual service or route table, Gloo Edge will serve the route with a predefined direct response action. This allows valid routes to be updated when other routes are invalid.
gloo.settings.invalidConfigPolicy.invalidRouteResponseCode int64 the response code for the direct response
gloo.settings.invalidConfigPolicy.invalidRouteResponseBody string the response body for the direct response
gloo.settings.linkerd bool Enable automatic Linkerd integration in Gloo Edge
gloo.settings.disableProxyGarbageCollection bool Set this option to determine the state of an Envoy listener when the corresponding Proxy resource has no routes. If false (default), Gloo Edge will propagate the state of the Proxy to Envoy, resetting the listener to a clean slate with no routes. If true, Gloo Edge will keep serving the routes from the last applied valid configuration.
gloo.settings.regexMaxProgramSize uint32 Set this field to specify the RE2 default max program size which is a rough estimate of how complex the compiled regex is to evaluate. If not specified, this defaults to 100.
gloo.settings.disableKubernetesDestinations bool Gloo Edge allows you to directly reference a Kubernetes service as a routing destination. To enable this feature, Gloo Edge scans the cluster for Kubernetes services and creates a special type of in-memory Upstream to represent them. If the cluster contains a lot of services and you do not restrict the namespaces Gloo Edge is watching, this can result in significant overhead. If you do not plan on using this feature, you can set this flag to true to turn it off.
gloo.settings.aws.enableCredentialsDiscovery bool Enable AWS credentials discovery in Envoy for lambda requests. If enableServiceAccountCredentials is also set, it will take precedence as only one may be enabled in Gloo Edge
gloo.settings.aws.enableServiceAccountCredentials bool Use ServiceAccount credentials to authenticate lambda requests. If enableCredentialsDiscovery is also set, this will take precedence as only one may be enabled in Gloo Edge
gloo.settings.aws.stsCredentialsRegion string Regional endpoint to use for AWS STS requests. If empty will default to global sts endpoint.
gloo.settings.rateLimit interface Partial config for Gloo Edge Enterprise’s rate-limiting service, based on Envoy’s rate-limit service; supports Envoy’s rate-limit service API. (reference here: https://github.com/lyft/ratelimit#configuration) Configure rate-limit descriptors here, which define the limits for requests based on their descriptors. Configure rate-limits (composed of actions, which define how request characteristics get translated into descriptors) on the VirtualHost or its routes.
gloo.settings.enableRestEds bool Whether or not to use rest xds for all EDS by default. Defaults to false.
gloo.settings.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gloo.deployment.image.tag string Version number, ex. 1.8.0 tag for the container
gloo.gloo.deployment.image.repository string gloo-ee image name (repository) for the container.
gloo.gloo.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.gloo.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.gloo.deployment.image.pullSecret string image pull policy for the container
gloo.gloo.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.gloo.deployment.xdsPort int port where gloo serves xDS API to Envoy
gloo.gloo.deployment.restXdsPort uint32 port where gloo serves REST xDS API to Envoy
gloo.gloo.deployment.validationPort int port where gloo serves gRPC Proxy Validation to Gateway
gloo.gloo.deployment.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.gloo.deployment.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.gloo.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.gloo.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.gloo.deployment.externalTrafficPolicy string Set the external traffic policy on the gloo service
gloo.gloo.deployment.disableUsageStatistics bool Disable the collection of gloo usage statistics
gloo.gloo.deployment.extraGlooLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the primary gloo deployment.
gloo.gloo.deployment.replicas int number of instances to deploy
gloo.gloo.deployment.customEnv[].name string
gloo.gloo.deployment.customEnv[].value string
gloo.gloo.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.gloo.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gloo.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gloo.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.gloo.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.gloo.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.gloo.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.gloo.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.gloo.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.gloo.deployment.restartPolicy string restart policy to use when the pod exits
gloo.gloo.deployment.nodeName string name of node to run on
gloo.gloo.deployment.nodeSelector.NAME string label selector for nodes
gloo.gloo.deployment.tolerations[].key string
gloo.gloo.deployment.tolerations[].operator string
gloo.gloo.deployment.tolerations[].value string
gloo.gloo.deployment.tolerations[].effect string
gloo.gloo.deployment.tolerations[].tolerationSeconds int64
gloo.gloo.deployment.affinity[].NAME interface
gloo.gloo.deployment.hostAliases[] interface
gloo.gloo.deployment.resources.limits.memory string amount of memory
gloo.gloo.deployment.resources.limits.cpu string amount of CPUs
gloo.gloo.deployment.resources.requests.memory string amount of memory
gloo.gloo.deployment.resources.requests.cpu string amount of CPUs
gloo.gloo.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gloo.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gloo.serviceAccount.extraAnnotations.NAME string extra annotations to add to the service account
gloo.gloo.serviceAccount.disableAutomount bool disable automunting the service account to the gateway proxy. not mounting the token hardens the proxy container, but may interfere with service mesh integrations
gloo.gloo.serviceAccount.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gloo.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
gloo.discovery.deployment.image.tag string 1.8.15 tag for the container
gloo.discovery.deployment.image.repository string image name (repository) for the container.
gloo.discovery.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.discovery.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.discovery.deployment.image.pullSecret string image pull policy for the container
gloo.discovery.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.discovery.deployment.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.discovery.deployment.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.discovery.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.discovery.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.discovery.deployment.fsGroup float64 Explicitly set the group ID for volume ownership. Default is 10101
gloo.discovery.deployment.extraDiscoveryLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the gloo edge discovery deployment.
gloo.discovery.deployment.enablePodSecurityContext bool Whether or not to render the pod security context. Default is true
gloo.discovery.deployment.replicas int number of instances to deploy
gloo.discovery.deployment.customEnv[].name string
gloo.discovery.deployment.customEnv[].value string
gloo.discovery.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.discovery.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.discovery.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.discovery.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.discovery.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.discovery.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.discovery.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.discovery.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.discovery.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.discovery.deployment.restartPolicy string restart policy to use when the pod exits
gloo.discovery.deployment.nodeName string name of node to run on
gloo.discovery.deployment.nodeSelector.NAME string label selector for nodes
gloo.discovery.deployment.tolerations[].key string
gloo.discovery.deployment.tolerations[].operator string
gloo.discovery.deployment.tolerations[].value string
gloo.discovery.deployment.tolerations[].effect string
gloo.discovery.deployment.tolerations[].tolerationSeconds int64
gloo.discovery.deployment.affinity[].NAME interface
gloo.discovery.deployment.hostAliases[] interface
gloo.discovery.deployment.resources.limits.memory string amount of memory
gloo.discovery.deployment.resources.limits.cpu string amount of CPUs
gloo.discovery.deployment.resources.requests.memory string amount of memory
gloo.discovery.deployment.resources.requests.cpu string amount of CPUs
gloo.discovery.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.discovery.fdsMode string mode for function discovery (blacklist or whitelist). See more info in the settings docs
gloo.discovery.enabled bool enable Discovery features
gloo.discovery.serviceAccount.extraAnnotations.NAME string extra annotations to add to the service account
gloo.discovery.serviceAccount.disableAutomount bool disable automunting the service account to the gateway proxy. not mounting the token hardens the proxy container, but may interfere with service mesh integrations
gloo.discovery.serviceAccount.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.discovery.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
gloo.gateway.enabled bool enable Gloo Edge API Gateway features
gloo.gateway.validation.enabled bool enable Gloo Edge API Gateway validation hook (default true)
gloo.gateway.validation.alwaysAcceptResources bool unless this is set this to false in order to ensure validation webhook rejects invalid resources. by default, validation webhook will only log and report metrics for invalid resource admission without rejecting them outright.
gloo.gateway.validation.allowWarnings bool set this to false in order to ensure validation webhook rejects resources that would have warning status or rejected status, rather than just rejected.
gloo.gateway.validation.disableTransformationValidation bool set this to true to disable transformation validation. This may bring signifigant performance benefits if using many transformations, at the cost of possibly incorrect transformations being sent to envoy. When using this value make sure to pre-validate transformations.
gloo.gateway.validation.warnRouteShortCircuiting bool Write a warning to route resources if validation produced a route ordering warning (defaults to false). By setting to true, this means that Gloo Edge will start assigning warnings to resources that would result in route short-circuiting within a virtual host.
gloo.gateway.validation.secretName string Name of the Kubernetes Secret containing TLS certificates used by the validation webhook server. This secret will be created by the certGen Job if the certGen Job is enabled.
gloo.gateway.validation.failurePolicy string failurePolicy defines how unrecognized errors from the Gateway validation endpoint are handled - allowed values are ‘Ignore’ or ‘Fail’. Defaults to Ignore
gloo.gateway.validation.webhook.enabled bool enable validation webhook (default true)
gloo.gateway.validation.webhook.disableHelmHook bool do not create the webhook as helm hook (default false)
gloo.gateway.validation.webhook.extraAnnotations.NAME string extra annotations to add to the webhook
gloo.gateway.validation.webhook.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gateway.validation.validationServerGrpcMaxSizeBytes int gRPC max message size in bytes for the gloo validation server
gloo.gateway.deployment.image.tag string 1.8.15 tag for the container
gloo.gateway.deployment.image.repository string image name (repository) for the container.
gloo.gateway.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.gateway.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.gateway.deployment.image.pullSecret string image pull policy for the container
gloo.gateway.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.gateway.deployment.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.gateway.deployment.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.gateway.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.gateway.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.gateway.deployment.extraGatewayLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the gloo edge gateway deployment.
gloo.gateway.deployment.replicas int number of instances to deploy
gloo.gateway.deployment.customEnv[].name string
gloo.gateway.deployment.customEnv[].value string
gloo.gateway.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.gateway.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gateway.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gateway.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.gateway.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.gateway.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.gateway.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.gateway.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.gateway.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.gateway.deployment.restartPolicy string restart policy to use when the pod exits
gloo.gateway.deployment.nodeName string name of node to run on
gloo.gateway.deployment.nodeSelector.NAME string label selector for nodes
gloo.gateway.deployment.tolerations[].key string
gloo.gateway.deployment.tolerations[].operator string
gloo.gateway.deployment.tolerations[].value string
gloo.gateway.deployment.tolerations[].effect string
gloo.gateway.deployment.tolerations[].tolerationSeconds int64
gloo.gateway.deployment.affinity[].NAME interface
gloo.gateway.deployment.hostAliases[] interface
gloo.gateway.deployment.resources.limits.memory string amount of memory
gloo.gateway.deployment.resources.limits.cpu string amount of CPUs
gloo.gateway.deployment.resources.requests.memory string amount of memory
gloo.gateway.deployment.resources.requests.cpu string amount of CPUs
gloo.gateway.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gateway.certGenJob.image.tag string 1.8.15 tag for the container
gloo.gateway.certGenJob.image.repository string image name (repository) for the container.
gloo.gateway.certGenJob.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.gateway.certGenJob.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.gateway.certGenJob.image.pullSecret string image pull policy for the container
gloo.gateway.certGenJob.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.gateway.certGenJob.restartPolicy string restart policy to use when the pod exits
gloo.gateway.certGenJob.nodeName string name of node to run on
gloo.gateway.certGenJob.nodeSelector.NAME string label selector for nodes
gloo.gateway.certGenJob.tolerations[].key string
gloo.gateway.certGenJob.tolerations[].operator string
gloo.gateway.certGenJob.tolerations[].value string
gloo.gateway.certGenJob.tolerations[].effect string
gloo.gateway.certGenJob.tolerations[].tolerationSeconds int64
gloo.gateway.certGenJob.affinity[].NAME interface
gloo.gateway.certGenJob.hostAliases[] interface
gloo.gateway.certGenJob.kubeResourceOverride.NAME interface override fields in the gateway-certgen job.
gloo.gateway.certGenJob.mtlsKubeResourceOverride.NAME interface override fields in the gloo-mtls-certgen job.
gloo.gateway.certGenJob.enabled bool enable the job that generates the certificates for the validating webhook at install time (default true)
gloo.gateway.certGenJob.setTtlAfterFinished bool Set ttlSecondsAfterFinished (a k8s feature in Alpha) on the job. Defaults to true
gloo.gateway.certGenJob.ttlSecondsAfterFinished int Clean up the finished job after this many seconds. Defaults to 60
gloo.gateway.certGenJob.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.gateway.certGenJob.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.gateway.certGenJob.resources.limits.memory string amount of memory
gloo.gateway.certGenJob.resources.limits.cpu string amount of CPUs
gloo.gateway.certGenJob.resources.requests.memory string amount of memory
gloo.gateway.certGenJob.resources.requests.cpu string amount of CPUs
gloo.gateway.updateValues bool true if true, will use a provided helm helper ‘gloo.updatevalues’ to update values during template render - useful for plugins/extensions
gloo.gateway.proxyServiceAccount.extraAnnotations.NAME string extra annotations to add to the service account
gloo.gateway.proxyServiceAccount.disableAutomount bool disable automunting the service account to the gateway proxy. not mounting the token hardens the proxy container, but may interfere with service mesh integrations
gloo.gateway.proxyServiceAccount.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gateway.serviceAccount.extraAnnotations.NAME string extra annotations to add to the service account
gloo.gateway.serviceAccount.disableAutomount bool disable automunting the service account to the gateway proxy. not mounting the token hardens the proxy container, but may interfere with service mesh integrations
gloo.gateway.serviceAccount.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gateway.readGatewaysFromAllNamespaces bool if true, read Gateway custom resources from all watched namespaces rather than just the namespace of the Gateway controller
gloo.gateway.compressedProxySpec bool if true, enables compression for the Proxy CRD spec
gloo.gateway.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
gloo.gateway.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.kind.deployment.replicas int number of instances to deploy
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].name string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].value string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.gatewayProxies.NAME.kind.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.gatewayProxies.NAME.kind.deployment.restartPolicy string restart policy to use when the pod exits
gloo.gatewayProxies.NAME.kind.deployment.nodeName string name of node to run on
gloo.gatewayProxies.NAME.kind.deployment.nodeSelector.NAME string label selector for nodes
gloo.gatewayProxies.NAME.kind.deployment.tolerations[].key string
gloo.gatewayProxies.NAME.kind.deployment.tolerations[].operator string
gloo.gatewayProxies.NAME.kind.deployment.tolerations[].value string
gloo.gatewayProxies.NAME.kind.deployment.tolerations[].effect string
gloo.gatewayProxies.NAME.kind.deployment.tolerations[].tolerationSeconds int64
gloo.gatewayProxies.NAME.kind.deployment.affinity[].NAME interface
gloo.gatewayProxies.NAME.kind.deployment.hostAliases[] interface
gloo.gatewayProxies.NAME.kind.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.kind.daemonSet.hostPort bool whether or not to enable host networking on the pod. Only relevant when running as a DaemonSet
gloo.gatewayProxies.NAME.kind.daemonSet.hostNetwork bool
gloo.gatewayProxies.NAME.podTemplate.image.tag string tag for the container
gloo.gatewayProxies.NAME.podTemplate.image.repository string image name (repository) for the container.
gloo.gatewayProxies.NAME.podTemplate.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.gatewayProxies.NAME.podTemplate.image.pullPolicy string image pull policy for the container
gloo.gatewayProxies.NAME.podTemplate.image.pullSecret string image pull policy for the container
gloo.gatewayProxies.NAME.podTemplate.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.gatewayProxies.NAME.podTemplate.httpPort int HTTP port for the gateway service target port
gloo.gatewayProxies.NAME.podTemplate.httpsPort int HTTPS port for the gateway service target port
gloo.gatewayProxies.NAME.podTemplate.extraPorts[] interface extra ports for the gateway pod
gloo.gatewayProxies.NAME.podTemplate.extraAnnotations.NAME string extra annotations to add to the pod
gloo.gatewayProxies.NAME.podTemplate.nodeName string name of node to run on
gloo.gatewayProxies.NAME.podTemplate.nodeSelector.NAME string label selector for nodes
gloo.gatewayProxies.NAME.podTemplate.tolerations[].key string
gloo.gatewayProxies.NAME.podTemplate.tolerations[].operator string
gloo.gatewayProxies.NAME.podTemplate.tolerations[].value string
gloo.gatewayProxies.NAME.podTemplate.tolerations[].effect string
gloo.gatewayProxies.NAME.podTemplate.tolerations[].tolerationSeconds int64
gloo.gatewayProxies.NAME.podTemplate.probes bool enable liveness and readiness probes
gloo.gatewayProxies.NAME.podTemplate.resources.limits.memory string amount of memory
gloo.gatewayProxies.NAME.podTemplate.resources.limits.cpu string amount of CPUs
gloo.gatewayProxies.NAME.podTemplate.resources.requests.memory string amount of memory
gloo.gatewayProxies.NAME.podTemplate.resources.requests.cpu string amount of CPUs
gloo.gatewayProxies.NAME.podTemplate.disableNetBind bool don’t add the NET_BIND_SERVICE capability to the pod. This means that the gateway proxy will not be able to bind to ports below 1024
gloo.gatewayProxies.NAME.podTemplate.runUnprivileged bool run envoy as an unprivileged user
gloo.gatewayProxies.NAME.podTemplate.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.gatewayProxies.NAME.podTemplate.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.gatewayProxies.NAME.podTemplate.fsGroup float64 Explicitly set the group ID for volume ownership. Default is 10101
gloo.gatewayProxies.NAME.podTemplate.gracefulShutdown.enabled bool Enable grace period before shutdown to finish current requests while envoy health checks fail to e.g. notify external load balancers. NOTE: This will not have any effect if you have not defined health checks via the health check filter
gloo.gatewayProxies.NAME.podTemplate.gracefulShutdown.sleepTimeSeconds int Time (in seconds) for the preStop hook to wait before allowing envoy to terminate
gloo.gatewayProxies.NAME.podTemplate.terminationGracePeriodSeconds int Time in seconds to wait for the pod to terminate gracefully. See kubernetes docs for more info
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.exec.command[] string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.path string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.port int64
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.port int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.port string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.host string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.scheme string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.httpHeaders[].name string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.httpGet.httpHeaders[].value string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.tcpSocket.port int64
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.tcpSocket.port int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.tcpSocket.port string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.tcpSocket.host string
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.initialDelaySeconds int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.timeoutSeconds int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.periodSeconds int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.successThreshold int32
gloo.gatewayProxies.NAME.podTemplate.customReadinessProbe.failureThreshold int32
gloo.gatewayProxies.NAME.podTemplate.extraGatewayProxyLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the gloo edge gateway-proxy deployment.
gloo.gatewayProxies.NAME.podTemplate.enablePodSecurityContext bool Whether or not to render the pod security context. Default is true
gloo.gatewayProxies.NAME.configMap.data.NAME string
gloo.gatewayProxies.NAME.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.customStaticLayer interface static layer configuration (global overrides for envoy behavior) defined in envoy bootstrap yaml
gloo.gatewayProxies.NAME.globalDownstreamMaxConnections uint32 the number of concurrent connections needed. limit used to protect against exhausting file descriptors on host machine
gloo.gatewayProxies.NAME.healthyPanicThreshold int8 the percentage of healthy hosts required to load balance based on health status of hosts
gloo.gatewayProxies.NAME.service.type string gateway service type. default is LoadBalancer
gloo.gatewayProxies.NAME.service.httpPort int HTTP port for the gateway service
gloo.gatewayProxies.NAME.service.httpsPort int HTTPS port for the gateway service
gloo.gatewayProxies.NAME.service.httpNodePort int HTTP nodeport for the gateway service if using type NodePort
gloo.gatewayProxies.NAME.service.httpsNodePort int HTTPS nodeport for the gateway service if using type NodePort
gloo.gatewayProxies.NAME.service.clusterIP string static clusterIP (or None) when gatewayProxies[].gatewayProxy.service.type is ClusterIP
gloo.gatewayProxies.NAME.service.extraAnnotations.NAME string
gloo.gatewayProxies.NAME.service.externalTrafficPolicy string
gloo.gatewayProxies.NAME.service.name string Custom name override for the service resource of the proxy
gloo.gatewayProxies.NAME.service.httpsFirst bool List HTTPS port before HTTP
gloo.gatewayProxies.NAME.service.loadBalancerIP string IP address of the load balancer
gloo.gatewayProxies.NAME.service.loadBalancerSourceRanges[] string List of IP CIDR ranges that are allowed to access the load balancer
gloo.gatewayProxies.NAME.service.customPorts[] interface List of custom port to expose in the envoy proxy. Each element follows conventional port syntax (port, targetPort, protocol, name)
gloo.gatewayProxies.NAME.service.externalIPs[] string externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service
gloo.gatewayProxies.NAME.service.configDumpService.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.antiAffinity bool configure anti affinity such that pods are preferably not co-located
gloo.gatewayProxies.NAME.affinity[].NAME interface
gloo.gatewayProxies.NAME.tracing.provider string
gloo.gatewayProxies.NAME.tracing.cluster string
gloo.gatewayProxies.NAME.gatewaySettings.disableGeneratedGateways bool set to true to disable the gateway generation for a gateway proxy
gloo.gatewayProxies.NAME.gatewaySettings.disableHttpGateway bool Set to true to disable http gateway generation.
gloo.gatewayProxies.NAME.gatewaySettings.disableHttpsGateway bool Set to true to disable https gateway generation.
gloo.gatewayProxies.NAME.gatewaySettings.ipv4Only bool set to true if your network allows ipv4 addresses only. Sets the Gateway spec’s bindAddress to 0.0.0.0 instead of ::
gloo.gatewayProxies.NAME.gatewaySettings.useProxyProto bool use proxy protocol
gloo.gatewayProxies.NAME.gatewaySettings.customHttpGateway string custom yaml to use for http gateway settings
gloo.gatewayProxies.NAME.gatewaySettings.customHttpsGateway string custom yaml to use for https gateway settings
gloo.gatewayProxies.NAME.gatewaySettings.accessLoggingService.access_log[] interface
gloo.gatewayProxies.NAME.gatewaySettings.options.access_logging_service.access_log[] interface
gloo.gatewayProxies.NAME.gatewaySettings.options.extensions.configs.NAME.fields.NAME interface
gloo.gatewayProxies.NAME.gatewaySettings.options.per_connection_buffer_limit_bytes.value uint32
gloo.gatewayProxies.NAME.gatewaySettings.options.socket_options[].description string
gloo.gatewayProxies.NAME.gatewaySettings.options.socket_options[].level int64
gloo.gatewayProxies.NAME.gatewaySettings.options.socket_options[].name int64
gloo.gatewayProxies.NAME.gatewaySettings.options.socket_options[] interface
gloo.gatewayProxies.NAME.gatewaySettings.options.socket_options[].state int32
gloo.gatewayProxies.NAME.gatewaySettings.httpGatewayKubeOverride.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.gatewaySettings.httpsGatewayKubeOverride.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.gatewaySettings.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.extraEnvoyArgs[] string envoy container args, (e.g. https://www.envoyproxy.io/docs/envoy/latest/operations/cli)
gloo.gatewayProxies.NAME.extraContainersHelper string
gloo.gatewayProxies.NAME.extraInitContainersHelper string
gloo.gatewayProxies.NAME.extraVolumes[].NAME interface
gloo.gatewayProxies.NAME.extraVolumeHelper string
gloo.gatewayProxies.NAME.extraListenersHelper string
gloo.gatewayProxies.NAME.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.gatewayProxies.NAME.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.gatewayProxies.NAME.readConfig bool expose a read-only subset of the envoy admin api
gloo.gatewayProxies.NAME.readConfigMulticluster bool expose a read-only subset of the envoy admin api to gloo-fed
gloo.gatewayProxies.NAME.extraProxyVolumeMounts[].NAME interface
gloo.gatewayProxies.NAME.extraProxyVolumeMountHelper string name of custom made named template allowing for extra volume mounts on the proxy container
gloo.gatewayProxies.NAME.loopBackAddress string Name on which to bind the loop-back interface for this instance of Envoy. Defaults to 127.0.0.1, but other common values may be localhost or ::1
gloo.gatewayProxies.NAME.failover.enabled bool (Enterprise Only): Configure this proxy for failover
gloo.gatewayProxies.NAME.failover.port uint (Enterprise Only): Port to use for failover Gateway Bind port, and service. Default is 15443
gloo.gatewayProxies.NAME.failover.nodePort uint (Enterprise Only): Optional NodePort for failover Service
gloo.gatewayProxies.NAME.failover.secretName string (Enterprise Only): Secret containing downstream Ssl Secrets Default is failover-downstream
gloo.gatewayProxies.NAME.failover.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.disabled bool Skips creation of this gateway proxy. Used to turn off gateway proxies created by preceding configurations
gloo.gatewayProxies.NAME.envoyApiVersion string Version of the envoy API to use for the xDS transport and resources. Default is V3
gloo.gatewayProxies.NAME.envoyBootstrapExtensions[].NAME interface List of bootstrap extensions to add to envoy bootstrap config. Examples include Wasm Service (https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-wasmservice).
gloo.gatewayProxies.NAME.envoyStaticClusters[].NAME interface List of extra static clusters to be added to envoy bootstrap config. https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#envoy-v3-api-msg-config-cluster-v3-cluster
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.apiVersion string accepts autoscaling/v1 or autoscaling/v2beta2.
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.minReplicas int32 minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down.
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.maxReplicas int32 maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.targetCPUUtilizationPercentage int32 target average CPU utilization (represented as a percentage of requested CPU) over all the pods. Used only with apiVersion autoscaling/v1
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.metrics[].NAME interface metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). Used only with apiVersion autoscaling/v2beta2
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.behavior.NAME interface behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). Used only with apiVersion autoscaling/v2beta2
gloo.gatewayProxies.NAME.horizontalPodAutoscaler.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.podDisruptionBudget.minAvailable int32 An eviction is allowed if at least “minAvailable” pods selected by “selector” will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying “100%".
gloo.gatewayProxies.NAME.podDisruptionBudget.maxUnavailable int32 An eviction is allowed if at most “maxUnavailable” pods selected by “selector” are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with “minAvailable”.
gloo.gatewayProxies.NAME.podDisruptionBudget.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.NAME.istioMetaMeshId string ISTIO_META_MESH_ID Environment Variable. Defaults to “cluster.local”
gloo.gatewayProxies.NAME.istioMetaClusterId string ISTIO_META_CLUSTER_ID Environment Variable. Defaults to “Kubernetes”
gloo.gatewayProxies.NAME.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
gloo.gatewayProxies.NAME.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.kind.deployment.replicas int number of instances to deploy
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].name string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].value string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.gatewayProxies.gatewayProxy.kind.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.gatewayProxies.gatewayProxy.kind.deployment.restartPolicy string restart policy to use when the pod exits
gloo.gatewayProxies.gatewayProxy.kind.deployment.nodeName string name of node to run on
gloo.gatewayProxies.gatewayProxy.kind.deployment.nodeSelector.NAME string label selector for nodes
gloo.gatewayProxies.gatewayProxy.kind.deployment.tolerations[].key string
gloo.gatewayProxies.gatewayProxy.kind.deployment.tolerations[].operator string
gloo.gatewayProxies.gatewayProxy.kind.deployment.tolerations[].value string
gloo.gatewayProxies.gatewayProxy.kind.deployment.tolerations[].effect string
gloo.gatewayProxies.gatewayProxy.kind.deployment.tolerations[].tolerationSeconds int64
gloo.gatewayProxies.gatewayProxy.kind.deployment.affinity[].NAME interface
gloo.gatewayProxies.gatewayProxy.kind.deployment.hostAliases[] interface
gloo.gatewayProxies.gatewayProxy.kind.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.kind.daemonSet.hostPort bool whether or not to enable host networking on the pod. Only relevant when running as a DaemonSet
gloo.gatewayProxies.gatewayProxy.kind.daemonSet.hostNetwork bool
gloo.gatewayProxies.gatewayProxy.podTemplate.image.tag string Version number, ex. 1.8.0 tag for the container
gloo.gatewayProxies.gatewayProxy.podTemplate.image.repository string gloo-ee-envoy-wrapper image name (repository) for the container.
gloo.gatewayProxies.gatewayProxy.podTemplate.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.gatewayProxies.gatewayProxy.podTemplate.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.gatewayProxies.gatewayProxy.podTemplate.image.pullSecret string image pull policy for the container
gloo.gatewayProxies.gatewayProxy.podTemplate.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.gatewayProxies.gatewayProxy.podTemplate.httpPort int HTTP port for the gateway service target port
gloo.gatewayProxies.gatewayProxy.podTemplate.httpsPort int HTTPS port for the gateway service target port
gloo.gatewayProxies.gatewayProxy.podTemplate.extraPorts[] interface extra ports for the gateway pod
gloo.gatewayProxies.gatewayProxy.podTemplate.extraAnnotations.NAME string extra annotations to add to the pod
gloo.gatewayProxies.gatewayProxy.podTemplate.nodeName string name of node to run on
gloo.gatewayProxies.gatewayProxy.podTemplate.nodeSelector.NAME string label selector for nodes
gloo.gatewayProxies.gatewayProxy.podTemplate.tolerations[].key string
gloo.gatewayProxies.gatewayProxy.podTemplate.tolerations[].operator string
gloo.gatewayProxies.gatewayProxy.podTemplate.tolerations[].value string
gloo.gatewayProxies.gatewayProxy.podTemplate.tolerations[].effect string
gloo.gatewayProxies.gatewayProxy.podTemplate.tolerations[].tolerationSeconds int64
gloo.gatewayProxies.gatewayProxy.podTemplate.probes bool enable liveness and readiness probes
gloo.gatewayProxies.gatewayProxy.podTemplate.resources.limits.memory string amount of memory
gloo.gatewayProxies.gatewayProxy.podTemplate.resources.limits.cpu string amount of CPUs
gloo.gatewayProxies.gatewayProxy.podTemplate.resources.requests.memory string amount of memory
gloo.gatewayProxies.gatewayProxy.podTemplate.resources.requests.cpu string amount of CPUs
gloo.gatewayProxies.gatewayProxy.podTemplate.disableNetBind bool don’t add the NET_BIND_SERVICE capability to the pod. This means that the gateway proxy will not be able to bind to ports below 1024
gloo.gatewayProxies.gatewayProxy.podTemplate.runUnprivileged bool run envoy as an unprivileged user
gloo.gatewayProxies.gatewayProxy.podTemplate.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.gatewayProxies.gatewayProxy.podTemplate.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.gatewayProxies.gatewayProxy.podTemplate.fsGroup float64 Explicitly set the group ID for volume ownership. Default is 10101
gloo.gatewayProxies.gatewayProxy.podTemplate.gracefulShutdown.enabled bool Enable grace period before shutdown to finish current requests while envoy health checks fail to e.g. notify external load balancers. NOTE: This will not have any effect if you have not defined health checks via the health check filter
gloo.gatewayProxies.gatewayProxy.podTemplate.gracefulShutdown.sleepTimeSeconds int Time (in seconds) for the preStop hook to wait before allowing envoy to terminate
gloo.gatewayProxies.gatewayProxy.podTemplate.terminationGracePeriodSeconds int Time in seconds to wait for the pod to terminate gracefully. See kubernetes docs for more info
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.exec.command[] string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.path string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.port int64
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.port int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.port string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.host string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.scheme string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.httpHeaders[].name string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.httpGet.httpHeaders[].value string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.tcpSocket.port int64
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.tcpSocket.port int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.tcpSocket.port string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.tcpSocket.host string
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.initialDelaySeconds int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.timeoutSeconds int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.periodSeconds int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.successThreshold int32
gloo.gatewayProxies.gatewayProxy.podTemplate.customReadinessProbe.failureThreshold int32
gloo.gatewayProxies.gatewayProxy.podTemplate.extraGatewayProxyLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the gloo edge gateway-proxy deployment.
gloo.gatewayProxies.gatewayProxy.podTemplate.enablePodSecurityContext bool Whether or not to render the pod security context. Default is true
gloo.gatewayProxies.gatewayProxy.configMap.data.NAME string
gloo.gatewayProxies.gatewayProxy.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.customStaticLayer interface static layer configuration (global overrides for envoy behavior) defined in envoy bootstrap yaml
gloo.gatewayProxies.gatewayProxy.globalDownstreamMaxConnections uint32 the number of concurrent connections needed. limit used to protect against exhausting file descriptors on host machine
gloo.gatewayProxies.gatewayProxy.healthyPanicThreshold int8 the percentage of healthy hosts required to load balance based on health status of hosts
gloo.gatewayProxies.gatewayProxy.service.type string gateway service type. default is LoadBalancer
gloo.gatewayProxies.gatewayProxy.service.httpPort int HTTP port for the gateway service
gloo.gatewayProxies.gatewayProxy.service.httpsPort int HTTPS port for the gateway service
gloo.gatewayProxies.gatewayProxy.service.httpNodePort int HTTP nodeport for the gateway service if using type NodePort
gloo.gatewayProxies.gatewayProxy.service.httpsNodePort int HTTPS nodeport for the gateway service if using type NodePort
gloo.gatewayProxies.gatewayProxy.service.clusterIP string static clusterIP (or None) when gatewayProxies[].gatewayProxy.service.type is ClusterIP
gloo.gatewayProxies.gatewayProxy.service.extraAnnotations.NAME string
gloo.gatewayProxies.gatewayProxy.service.extraAnnotations.prometheus.io/path string /metrics
gloo.gatewayProxies.gatewayProxy.service.extraAnnotations.prometheus.io/port string 8081
gloo.gatewayProxies.gatewayProxy.service.extraAnnotations.prometheus.io/scrape string true
gloo.gatewayProxies.gatewayProxy.service.externalTrafficPolicy string
gloo.gatewayProxies.gatewayProxy.service.name string Custom name override for the service resource of the proxy
gloo.gatewayProxies.gatewayProxy.service.httpsFirst bool List HTTPS port before HTTP
gloo.gatewayProxies.gatewayProxy.service.loadBalancerIP string IP address of the load balancer
gloo.gatewayProxies.gatewayProxy.service.loadBalancerSourceRanges[] string List of IP CIDR ranges that are allowed to access the load balancer
gloo.gatewayProxies.gatewayProxy.service.customPorts[] interface List of custom port to expose in the envoy proxy. Each element follows conventional port syntax (port, targetPort, protocol, name)
gloo.gatewayProxies.gatewayProxy.service.externalIPs[] string externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service
gloo.gatewayProxies.gatewayProxy.service.configDumpService.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.antiAffinity bool configure anti affinity such that pods are preferably not co-located
gloo.gatewayProxies.gatewayProxy.affinity[].NAME interface
gloo.gatewayProxies.gatewayProxy.tracing.provider string
gloo.gatewayProxies.gatewayProxy.tracing.cluster string
gloo.gatewayProxies.gatewayProxy.gatewaySettings.disableGeneratedGateways bool set to true to disable the gateway generation for a gateway proxy
gloo.gatewayProxies.gatewayProxy.gatewaySettings.disableHttpGateway bool Set to true to disable http gateway generation.
gloo.gatewayProxies.gatewayProxy.gatewaySettings.disableHttpsGateway bool Set to true to disable https gateway generation.
gloo.gatewayProxies.gatewayProxy.gatewaySettings.ipv4Only bool set to true if your network allows ipv4 addresses only. Sets the Gateway spec’s bindAddress to 0.0.0.0 instead of ::
gloo.gatewayProxies.gatewayProxy.gatewaySettings.useProxyProto bool use proxy protocol
gloo.gatewayProxies.gatewayProxy.gatewaySettings.customHttpGateway string custom yaml to use for http gateway settings
gloo.gatewayProxies.gatewayProxy.gatewaySettings.customHttpsGateway string custom yaml to use for https gateway settings
gloo.gatewayProxies.gatewayProxy.gatewaySettings.accessLoggingService.access_log[] interface
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.access_logging_service.access_log[] interface
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.extensions.configs.NAME.fields.NAME interface
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.per_connection_buffer_limit_bytes.value uint32
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.socket_options[].description string
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.socket_options[].level int64
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.socket_options[].name int64
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.socket_options[] interface
gloo.gatewayProxies.gatewayProxy.gatewaySettings.options.socket_options[].state int32
gloo.gatewayProxies.gatewayProxy.gatewaySettings.httpGatewayKubeOverride.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.gatewaySettings.httpsGatewayKubeOverride.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.gatewaySettings.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.extraEnvoyArgs[] string envoy container args, (e.g. https://www.envoyproxy.io/docs/envoy/latest/operations/cli)
gloo.gatewayProxies.gatewayProxy.extraContainersHelper string
gloo.gatewayProxies.gatewayProxy.extraInitContainersHelper string
gloo.gatewayProxies.gatewayProxy.extraVolumes[].NAME interface
gloo.gatewayProxies.gatewayProxy.extraVolumeHelper string
gloo.gatewayProxies.gatewayProxy.extraListenersHelper string
gloo.gatewayProxies.gatewayProxy.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.gatewayProxies.gatewayProxy.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.gatewayProxies.gatewayProxy.readConfig bool expose a read-only subset of the envoy admin api
gloo.gatewayProxies.gatewayProxy.readConfigMulticluster bool expose a read-only subset of the envoy admin api to gloo-fed
gloo.gatewayProxies.gatewayProxy.extraProxyVolumeMounts[].NAME interface
gloo.gatewayProxies.gatewayProxy.extraProxyVolumeMountHelper string name of custom made named template allowing for extra volume mounts on the proxy container
gloo.gatewayProxies.gatewayProxy.loopBackAddress string Name on which to bind the loop-back interface for this instance of Envoy. Defaults to 127.0.0.1, but other common values may be localhost or ::1
gloo.gatewayProxies.gatewayProxy.failover.enabled bool (Enterprise Only): Configure this proxy for failover
gloo.gatewayProxies.gatewayProxy.failover.port uint (Enterprise Only): Port to use for failover Gateway Bind port, and service. Default is 15443
gloo.gatewayProxies.gatewayProxy.failover.nodePort uint (Enterprise Only): Optional NodePort for failover Service
gloo.gatewayProxies.gatewayProxy.failover.secretName string (Enterprise Only): Secret containing downstream Ssl Secrets Default is failover-downstream
gloo.gatewayProxies.gatewayProxy.failover.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.disabled bool Skips creation of this gateway proxy. Used to turn off gateway proxies created by preceding configurations
gloo.gatewayProxies.gatewayProxy.envoyApiVersion string Version of the envoy API to use for the xDS transport and resources. Default is V3
gloo.gatewayProxies.gatewayProxy.envoyBootstrapExtensions[].NAME interface List of bootstrap extensions to add to envoy bootstrap config. Examples include Wasm Service (https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/wasm/v3/wasm.proto#extensions-wasm-v3-wasmservice).
gloo.gatewayProxies.gatewayProxy.envoyStaticClusters[].NAME interface List of extra static clusters to be added to envoy bootstrap config. https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/cluster/v3/cluster.proto#envoy-v3-api-msg-config-cluster-v3-cluster
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.apiVersion string accepts autoscaling/v1 or autoscaling/v2beta2.
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.minReplicas int32 minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down.
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.maxReplicas int32 maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.targetCPUUtilizationPercentage int32 target average CPU utilization (represented as a percentage of requested CPU) over all the pods. Used only with apiVersion autoscaling/v1
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.metrics[].NAME interface metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). Used only with apiVersion autoscaling/v2beta2
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.behavior.NAME interface behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). Used only with apiVersion autoscaling/v2beta2
gloo.gatewayProxies.gatewayProxy.horizontalPodAutoscaler.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.podDisruptionBudget.minAvailable int32 An eviction is allowed if at least “minAvailable” pods selected by “selector” will still be available after the eviction, i.e. even in the absence of the evicted pod. So for example you can prevent all voluntary evictions by specifying “100%".
gloo.gatewayProxies.gatewayProxy.podDisruptionBudget.maxUnavailable int32 An eviction is allowed if at most “maxUnavailable” pods selected by “selector” are unavailable after the eviction, i.e. even in absence of the evicted pod. For example, one can prevent all voluntary evictions by specifying 0. This is a mutually exclusive setting with “minAvailable”.
gloo.gatewayProxies.gatewayProxy.podDisruptionBudget.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.gatewayProxies.gatewayProxy.istioMetaMeshId string ISTIO_META_MESH_ID Environment Variable. Defaults to “cluster.local”
gloo.gatewayProxies.gatewayProxy.istioMetaClusterId string ISTIO_META_CLUSTER_ID Environment Variable. Defaults to “Kubernetes”
gloo.gatewayProxies.gatewayProxy.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
gloo.gatewayProxies.gatewayProxy.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.ingress.enabled bool
gloo.ingress.deployment.image.tag string tag for the container
gloo.ingress.deployment.image.repository string image name (repository) for the container.
gloo.ingress.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.ingress.deployment.image.pullPolicy string image pull policy for the container
gloo.ingress.deployment.image.pullSecret string image pull policy for the container
gloo.ingress.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.ingress.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.ingress.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.ingress.deployment.extraIngressLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the ingress deployment.
gloo.ingress.deployment.replicas int number of instances to deploy
gloo.ingress.deployment.customEnv[].name string
gloo.ingress.deployment.customEnv[].value string
gloo.ingress.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.ingress.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.ingress.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.ingress.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.ingress.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.ingress.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.ingress.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.ingress.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.ingress.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.ingress.deployment.restartPolicy string restart policy to use when the pod exits
gloo.ingress.deployment.nodeName string name of node to run on
gloo.ingress.deployment.nodeSelector.NAME string label selector for nodes
gloo.ingress.deployment.tolerations[].key string
gloo.ingress.deployment.tolerations[].operator string
gloo.ingress.deployment.tolerations[].value string
gloo.ingress.deployment.tolerations[].effect string
gloo.ingress.deployment.tolerations[].tolerationSeconds int64
gloo.ingress.deployment.affinity[].NAME interface
gloo.ingress.deployment.hostAliases[] interface
gloo.ingress.deployment.resources.limits.memory string amount of memory
gloo.ingress.deployment.resources.limits.cpu string amount of CPUs
gloo.ingress.deployment.resources.requests.memory string amount of memory
gloo.ingress.deployment.resources.requests.cpu string amount of CPUs
gloo.ingress.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.ingress.requireIngressClass bool only serve traffic for Ingress objects with the Ingress Class annotation ‘kubernetes.io/ingress.class’. By default the annotation value must be set to ‘gloo’, however this can be overriden via customIngressClass.
gloo.ingress.customIngressClass bool Only relevant when requireIngressClass is set to true. Setting this value will cause the Gloo Edge Ingress Controller to process only those Ingress objects which have their ingress class set to this value (e.g. ‘kubernetes.io/ingress.class=SOMEVALUE’).
gloo.ingressProxy.deployment.image.tag string Version number, ex. 1.8.0 tag for the container
gloo.ingressProxy.deployment.image.repository string gloo-ee-envoy-wrapper image name (repository) for the container.
gloo.ingressProxy.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.ingressProxy.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
gloo.ingressProxy.deployment.image.pullSecret string image pull policy for the container
gloo.ingressProxy.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.ingressProxy.deployment.httpPort int HTTP port for the ingress container
gloo.ingressProxy.deployment.httpsPort int HTTPS port for the ingress container
gloo.ingressProxy.deployment.extraPorts[] interface
gloo.ingressProxy.deployment.extraAnnotations.NAME string
gloo.ingressProxy.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
gloo.ingressProxy.deployment.runAsUser float64 Explicitly set the user ID for the pod to run as. Default is 10101
gloo.ingressProxy.deployment.extraIngressProxyLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the ingress proxy deployment.
gloo.ingressProxy.deployment.replicas int number of instances to deploy
gloo.ingressProxy.deployment.customEnv[].name string
gloo.ingressProxy.deployment.customEnv[].value string
gloo.ingressProxy.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.ingressProxy.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.ingressProxy.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.ingressProxy.deployment.customEnv[].valueFrom.configMapKeyRef.name string
gloo.ingressProxy.deployment.customEnv[].valueFrom.configMapKeyRef.key string
gloo.ingressProxy.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.ingressProxy.deployment.customEnv[].valueFrom.secretKeyRef.name string
gloo.ingressProxy.deployment.customEnv[].valueFrom.secretKeyRef.key string
gloo.ingressProxy.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.ingressProxy.deployment.restartPolicy string restart policy to use when the pod exits
gloo.ingressProxy.deployment.nodeName string name of node to run on
gloo.ingressProxy.deployment.nodeSelector.NAME string label selector for nodes
gloo.ingressProxy.deployment.tolerations[].key string
gloo.ingressProxy.deployment.tolerations[].operator string
gloo.ingressProxy.deployment.tolerations[].value string
gloo.ingressProxy.deployment.tolerations[].effect string
gloo.ingressProxy.deployment.tolerations[].tolerationSeconds int64
gloo.ingressProxy.deployment.affinity[].NAME interface
gloo.ingressProxy.deployment.hostAliases[] interface
gloo.ingressProxy.deployment.resources.limits.memory string amount of memory
gloo.ingressProxy.deployment.resources.limits.cpu string amount of CPUs
gloo.ingressProxy.deployment.resources.requests.memory string amount of memory
gloo.ingressProxy.deployment.resources.requests.cpu string amount of CPUs
gloo.ingressProxy.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.ingressProxy.configMap.data.NAME string
gloo.ingressProxy.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.ingressProxy.tracing string
gloo.ingressProxy.loopBackAddress string Name on which to bind the loop-back interface for this instance of Envoy. Defaults to 127.0.0.1, but other common values may be localhost or ::1
gloo.ingressProxy.label string Value for label gloo. Use a unique value to use several ingress proxy instances in the same cluster. Default is ingress-proxy
gloo.ingressProxy.service.type string K8s service type
gloo.ingressProxy.service.extraAnnotations.NAME string extra annotations to add to the service
gloo.ingressProxy.service.loadBalancerIP string IP address of the load balancer
gloo.ingressProxy.service.httpPort int HTTP port for the knative/ingress proxy service
gloo.ingressProxy.service.httpsPort int HTTPS port for the knative/ingress proxy service
gloo.ingressProxy.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.k8s.clusterName string cluster name to use when referencing services.
gloo.accessLogger.image.tag string tag for the container
gloo.accessLogger.image.repository string image name (repository) for the container.
gloo.accessLogger.image.registry string image prefix/registry e.g. (quay.io/solo-io)
gloo.accessLogger.image.pullPolicy string image pull policy for the container
gloo.accessLogger.image.pullSecret string image pull policy for the container
gloo.accessLogger.image.extended bool if true, deploy an extended version of the container with additional debug tools
gloo.accessLogger.port uint
gloo.accessLogger.serviceName string
gloo.accessLogger.enabled bool
gloo.accessLogger.stats.enabled bool Controls whether or not envoy stats are enabled
gloo.accessLogger.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
gloo.accessLogger.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
gloo.accessLogger.fsGroup float64 Explicitly set the group ID for volume ownership. Default is 10101
gloo.accessLogger.extraAccessLoggerLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the access logger deployment.
gloo.accessLogger.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
gloo.accessLogger.replicas int number of instances to deploy
gloo.accessLogger.customEnv[].name string
gloo.accessLogger.customEnv[].value string
gloo.accessLogger.customEnv[].valueFrom.fieldRef.apiVersion string
gloo.accessLogger.customEnv[].valueFrom.fieldRef.fieldPath string
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.containerName string
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.resource string
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor int64
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor int32
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor bool
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.accessLogger.customEnv[].valueFrom.resourceFieldRef.divisor[] string
gloo.accessLogger.customEnv[].valueFrom.configMapKeyRef.name string
gloo.accessLogger.customEnv[].valueFrom.configMapKeyRef.key string
gloo.accessLogger.customEnv[].valueFrom.configMapKeyRef.optional bool
gloo.accessLogger.customEnv[].valueFrom.secretKeyRef.name string
gloo.accessLogger.customEnv[].valueFrom.secretKeyRef.key string
gloo.accessLogger.customEnv[].valueFrom.secretKeyRef.optional bool
gloo.accessLogger.restartPolicy string restart policy to use when the pod exits
gloo.accessLogger.nodeName string name of node to run on
gloo.accessLogger.nodeSelector.NAME string label selector for nodes
gloo.accessLogger.tolerations[].key string
gloo.accessLogger.tolerations[].operator string
gloo.accessLogger.tolerations[].value string
gloo.accessLogger.tolerations[].effect string
gloo.accessLogger.tolerations[].tolerationSeconds int64
gloo.accessLogger.affinity[].NAME interface
gloo.accessLogger.hostAliases[] interface
gloo.accessLogger.resources.limits.memory string amount of memory
gloo.accessLogger.resources.limits.cpu string amount of CPUs
gloo.accessLogger.resources.requests.memory string amount of memory
gloo.accessLogger.resources.requests.cpu string amount of CPUs
gloo.accessLogger.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
redis.deployment.image.tag string 5 tag for the container
redis.deployment.image.repository string redis image name (repository) for the container.
redis.deployment.image.registry string docker.io image prefix/registry e.g. (quay.io/solo-io)
redis.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
redis.deployment.image.pullSecret string image pull policy for the container
redis.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
redis.deployment.name string redis
redis.deployment.staticPort uint 6379
redis.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 999
redis.deployment.runAsGroup float64 Explicitly set the group ID for the container to run as. Default is 999
redis.deployment.fsGroup float64 Explicitly set the fsGroup ID for the container to run as. Default is 999
redis.deployment.floatingUserId bool false set to true to allow the cluster to dynamically assign a user ID
redis.deployment.extraRedisLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the redis deployment.
redis.deployment.clientSideShardingEnabled bool false If set to true, Envoy will be used as a Redis proxy and load balance requests between redis instances scaled via replicas. Default is false.
redis.deployment.enablePodSecurityContext bool true Whether or not to render the pod security context. Default is true
redis.deployment.replicas int number of instances to deploy
redis.deployment.customEnv[].name string
redis.deployment.customEnv[].value string
redis.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
redis.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
redis.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
redis.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
redis.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
redis.deployment.customEnv[].valueFrom.configMapKeyRef.name string
redis.deployment.customEnv[].valueFrom.configMapKeyRef.key string
redis.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
redis.deployment.customEnv[].valueFrom.secretKeyRef.name string
redis.deployment.customEnv[].valueFrom.secretKeyRef.key string
redis.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
redis.deployment.restartPolicy string restart policy to use when the pod exits
redis.deployment.nodeName string name of node to run on
redis.deployment.nodeSelector.NAME string label selector for nodes
redis.deployment.tolerations[].key string
redis.deployment.tolerations[].operator string
redis.deployment.tolerations[].value string
redis.deployment.tolerations[].effect string
redis.deployment.tolerations[].tolerationSeconds int64
redis.deployment.affinity[].NAME interface
redis.deployment.hostAliases[] interface
redis.deployment.resources.limits.memory string amount of memory
redis.deployment.resources.limits.cpu string amount of CPUs
redis.deployment.resources.requests.memory string amount of memory
redis.deployment.resources.requests.cpu string amount of CPUs
redis.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
redis.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
redis.service.port uint 6379
redis.service.name string redis
redis.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rateLimit.enabled bool if true, deploy rate limit service (default true)
rateLimit.deployment.name string
rateLimit.deployment.glooAddress string
rateLimit.deployment.dynamodb.region string aws region to run DynamoDB requests in
rateLimit.deployment.dynamodb.secretName string name of the aws secret in gloo’s installation namespace that has aws creds (if provided, uses DynamoDB to back rate-limiting service instead of Redis)
rateLimit.deployment.dynamodb.tableName string DynamoDB table name used to back rate limit service (default rate-limits)
rateLimit.deployment.dynamodb.consistentReads bool if true, reads from DynamoDB will be strongly consistent (default false)
rateLimit.deployment.dynamodb.batchSize uint8 batch size for get requests to DynamoDB (max 100, default 100)
rateLimit.deployment.image.tag string tag for the container
rateLimit.deployment.image.repository string image name (repository) for the container.
rateLimit.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
rateLimit.deployment.image.pullPolicy string image pull policy for the container
rateLimit.deployment.image.pullSecret string image pull policy for the container
rateLimit.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
rateLimit.deployment.stats.enabled bool Controls whether or not envoy stats are enabled
rateLimit.deployment.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
rateLimit.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
rateLimit.deployment.floatingUserId bool set to true to allow the cluster to dynamically assign a user ID
rateLimit.deployment.extraRateLimitLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the rateLimit deployment.
rateLimit.deployment.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
rateLimit.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rateLimit.deployment.replicas int number of instances to deploy
rateLimit.deployment.customEnv[].name string
rateLimit.deployment.customEnv[].value string
rateLimit.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
rateLimit.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
rateLimit.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
rateLimit.deployment.customEnv[].valueFrom.configMapKeyRef.name string
rateLimit.deployment.customEnv[].valueFrom.configMapKeyRef.key string
rateLimit.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
rateLimit.deployment.customEnv[].valueFrom.secretKeyRef.name string
rateLimit.deployment.customEnv[].valueFrom.secretKeyRef.key string
rateLimit.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
rateLimit.deployment.restartPolicy string restart policy to use when the pod exits
rateLimit.deployment.nodeName string name of node to run on
rateLimit.deployment.nodeSelector.NAME string label selector for nodes
rateLimit.deployment.tolerations[].key string
rateLimit.deployment.tolerations[].operator string
rateLimit.deployment.tolerations[].value string
rateLimit.deployment.tolerations[].effect string
rateLimit.deployment.tolerations[].tolerationSeconds int64
rateLimit.deployment.affinity[].NAME interface
rateLimit.deployment.hostAliases[] interface
rateLimit.deployment.resources.limits.memory string amount of memory
rateLimit.deployment.resources.limits.cpu string amount of CPUs
rateLimit.deployment.resources.requests.memory string amount of memory
rateLimit.deployment.resources.requests.cpu string amount of CPUs
rateLimit.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rateLimit.service.port uint
rateLimit.service.name string
rateLimit.service.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rateLimit.upstream.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rateLimit.customRateLimit interface
observability.enabled bool true if true, deploy observability service (default true)
observability.deployment.image.tag string Version number, ex. 1.8.0 tag for the container
observability.deployment.image.repository string observability-ee image name (repository) for the container.
observability.deployment.image.registry string image prefix/registry e.g. (quay.io/solo-io)
observability.deployment.image.pullPolicy string IfNotPresent image pull policy for the container
observability.deployment.image.pullSecret string image pull policy for the container
observability.deployment.image.extended bool if true, deploy an extended version of the container with additional debug tools
observability.deployment.stats.enabled bool Controls whether or not envoy stats are enabled
observability.deployment.stats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
observability.deployment.runAsUser float64 Explicitly set the user ID for the container to run as. Default is 10101
observability.deployment.floatingUserId bool false set to true to allow the cluster to dynamically assign a user ID
observability.deployment.extraObservabilityLabels.NAME string Optional extra key-value pairs to add to the spec.template.metadata.labels data of the Observability deployment.
observability.deployment.logLevel string Level at which the pod should log. Options include “info”, “debug”, “warn”, “error”, “panic” and “fatal”. Default level is info
observability.deployment.replicas int number of instances to deploy
observability.deployment.customEnv[].name string
observability.deployment.customEnv[].value string
observability.deployment.customEnv[].valueFrom.fieldRef.apiVersion string
observability.deployment.customEnv[].valueFrom.fieldRef.fieldPath string
observability.deployment.customEnv[].valueFrom.resourceFieldRef.containerName string
observability.deployment.customEnv[].valueFrom.resourceFieldRef.resource string
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int64
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor int32
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor bool
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] uint
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] int32
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
observability.deployment.customEnv[].valueFrom.resourceFieldRef.divisor[] string
observability.deployment.customEnv[].valueFrom.configMapKeyRef.name string
observability.deployment.customEnv[].valueFrom.configMapKeyRef.key string
observability.deployment.customEnv[].valueFrom.configMapKeyRef.optional bool
observability.deployment.customEnv[].valueFrom.secretKeyRef.name string
observability.deployment.customEnv[].valueFrom.secretKeyRef.key string
observability.deployment.customEnv[].valueFrom.secretKeyRef.optional bool
observability.deployment.restartPolicy string restart policy to use when the pod exits
observability.deployment.nodeName string name of node to run on
observability.deployment.nodeSelector.NAME string label selector for nodes
observability.deployment.tolerations[].key string
observability.deployment.tolerations[].operator string
observability.deployment.tolerations[].value string
observability.deployment.tolerations[].effect string
observability.deployment.tolerations[].tolerationSeconds int64
observability.deployment.affinity[].NAME interface
observability.deployment.hostAliases[] interface
observability.deployment.resources.limits.memory string amount of memory
observability.deployment.resources.limits.cpu string amount of CPUs
observability.deployment.resources.requests.memory string amount of memory
observability.deployment.resources.requests.cpu string amount of CPUs
observability.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.deployment.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.customGrafana.enabled bool false Set to true to indicate that the observability pod should talk to a custom grafana instance
observability.customGrafana.username string Set this and the ‘password’ field to authenticate to the custom grafana instance using basic auth
observability.customGrafana.password string Set this and the ‘username’ field to authenticate to the custom grafana instance using basic auth
observability.customGrafana.apiKey string Authenticate to the custom grafana instance using this api key
observability.customGrafana.url string The URL for the custom grafana instance
observability.customGrafana string The Certificate Authority used to verify the server certificates.’
observability.customGrafana.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.upstreamDashboardTemplate string Provide a custom dashboard template to use when generating per-upstream dashboards. The only variables available for use in this template are: {{.Uid}} and {{.EnvoyClusterName}}. Recommended to use Helm’s –set-file to provide this value.
observability.rbac.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.serviceAccount.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.configMap.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
observability.secret.kubeResourceOverride.NAME interface override fields in the generated resource by specifying the yaml structure to override under the top-level key.
rbac.create bool false
grafana interface
prometheus interface
tags.NAME string
gloo-fed.enabled bool false If true, deploy federation service (default true).
gloo-fed.create_license_secret bool false
global.image.tag string tag for the container
global.image.repository string image name (repository) for the container.
global.image.registry string image prefix/registry e.g. (quay.io/solo-io)
global.image.pullPolicy string IfNotPresent image pull policy for the container
global.image.pullSecret string image pull policy for the container
global.image.extended bool if true, deploy an extended version of the container with additional debug tools
global.extensions interface
global.glooRbac.create bool true create rbac rules for the gloo-system service account
global.glooRbac.namespaced bool use Roles instead of ClusterRoles
global.glooRbac.nameSuffix string When nameSuffix is nonempty, append ‘-$nameSuffix’ to the names of Gloo Edge RBAC resources; e.g. when nameSuffix is ‘foo’, the role ‘gloo-resource-reader’ will become ‘gloo-resource-reader-foo’
global.glooStats.enabled bool Controls whether or not envoy stats are enabled
global.glooStats.routePrefixRewrite string The envoy stats endpoint to which the metrics are written
global.glooMtls.enabled bool Enables internal mtls authentication
global.glooMtls.sds.image.tag string 1.8.15 tag for the container
global.glooMtls.sds.image.repository string image name (repository) for the container.
global.glooMtls.sds.image.registry string image prefix/registry e.g. (quay.io/solo-io)
global.glooMtls.sds.image.pullPolicy string image pull policy for the container
global.glooMtls.sds.image.pullSecret string image pull policy for the container
global.glooMtls.sds.image.extended bool if true, deploy an extended version of the container with additional debug tools
global.glooMtls.envoy.image.tag string Version number, ex. 1.8.0 tag for the container
global.glooMtls.envoy.image.repository string gloo-ee-envoy-wrapper image name (repository) for the container.
global.glooMtls.envoy.image.registry string image prefix/registry e.g. (quay.io/solo-io)
global.glooMtls.envoy.image.pullPolicy string image pull policy for the container
global.glooMtls.envoy.image.pullSecret string image pull policy for the container
global.glooMtls.envoy.image.extended bool if true, deploy an extended version of the container with additional debug tools
global.glooMtls.envoySidecarResources.limits.memory string amount of memory
global.glooMtls.envoySidecarResources.limits.cpu string amount of CPUs
global.glooMtls.envoySidecarResources.requests.memory string amount of memory
global.glooMtls.envoySidecarResources.requests.cpu string amount of CPUs
global.glooMtls.sdsResources.limits.memory string amount of memory
global.glooMtls.sdsResources.limits.cpu string amount of CPUs
global.glooMtls.sdsResources.requests.memory string amount of memory
global.glooMtls.sdsResources.requests.cpu string amount of CPUs
global.istioSDS.enabled bool Enables SDS cert-rotator sidecar for istio mTLS cert rotation
global.istioSDS.customSidecars[] interface Override the default Istio sidecar in gateway-proxy with a custom container. Ignored if IstioSDS.enabled is false
global.istioIntegration.labelInstallNamespace bool If creating a namespace for Gloo, include the ‘istio-injection: enabled’ label to allow Istio sidecar injection for Gloo pods. Be aware that Istio’s default injection behavior will auto-inject a sidecar into all pods in such a marked namespace. Disabling this behavior in Istio’s configs or using gloo’s global.istioIntegration.disableAutoinjection flag is recommended.
global.istioIntegration.whitelistDiscovery bool Annotate the discovery pod for Istio sidecar injection to ensure that it gets a sidecar even when namespace-wide auto-injection is disabled. Generally only needed for FDS is enabled.
global.istioIntegration.disableAutoinjection bool Annotate all pods (excluding those whitelisted by other config values) to with an explicit ‘do not inject’ annotation to prevent Istio from adding sidecars to all pods. It’s recommended that this be set to true if Gloo’s namespace is marked for Istio discovery, as some pods do not immediately work with an Istio sidecar without extra manual configuration.
global.extraSpecs bool true Add additional specs to include in the settings manifest, as defined by a helm partial. Defaults to false in open source, and true in enterprise.
global.extauthCustomYaml bool false Inject whatever yaml exists in .Values.global.extensions.extAuth into settings.spec.extauth, instead of structured yaml (which is enterprise only). Defaults to true in open source, and false in enterprise

Helm Chart KubeResourceOverrides

Most changes that need to be made to the default helm chart are supported by the helm values above. However, there may be a case where the helm values do not cover a necessary change. Helm values which expose the kubernetes API (ie Service, Deployment) now include a KubeResourceOverride field. The following example uses KubeResourceOverride to add labels to a deployment, which is not explicitly implemented in the helm chart:

Gloo deployment:

apiVersion: v1
kind: Deployment
metadata:
  labels:
    gloo: gloo
  name: gloo

We want to add the resource-owner: infra-team label to the Deployment. We can do so by specifying the KubeResourceOverride in the helm values file:

gloo:
  deployment:
    kubeResourceOverride:
      metadata:
        labels:
          resource-owner: infra-team

Yaml under the kubeResourceOverride is merged in to the deployment yaml, to create the resulting kube resource:

apiVersion: v1
kind: Deployment
metadata:
  labels:
    gloo: gloo
    resource-owner: infra-team

kubeResourceOverride does not support merging in lists, and a list in the override will replace the list in the original resource.

KubeResourceOverride vs Kustomize

Kustomize is another solution for patching resources generated by helm. The following table enumerates differences between the offered solutions.

Kustomize Helm KubeResourceOverride
- Finer control over merges, e.g. merging lists
- Requires additional files (overlays)
- Unsupported in older versions of flux helm operator
- Can be done only with helm, does not require CI/CD pipeline changes
- Specified through values.yaml file or command line arguments