Legacy: Gloo Mesh Enterprise

Review Helm values for the Gloo Mesh Enterprise Helm chart.

warning

The gloo-mesh-enterprise, gloo-mesh-agent, gloo-mesh-managed-installations, and other included Helm charts are considered legacy as of Gloo version 2.3, and are unsupported in Gloo version 2.5 and later. If you installed Gloo Mesh Enterprise by using these legacy Helm charts, or if you used meshctl version 2.2 or earlier to install Gloo Mesh Enterprise, you must migrate your legacy installation to the new gloo-platform Helm chart.

Option	Type	Default Value	Description
experimental	struct		Experimental features for Gloo Platform. Disabled by default. Do not use in production.
experimental.ambientEnabled	bool	false	Allow Gloo Mesh to create Istio Ambient Mesh resources.
experimental.asyncStatusWrites	bool	false	Enable asynchronous writing of statuses to Kubernetes objects.
prometheus	map		Helm values for configuring Prometheus. See the Prometheus Helm chart for the complete set of values.
legacyMetricsPipeline	struct		Configuration for the legacy metrics pipeline, which uses Gloo agents to propagate metrics to the management server.
legacyMetricsPipeline.enabled	bool	true	Set to false to disable the legacy telemetry pipeline.
glooNetwork	struct		Gloo Network configuration options.
glooNetwork.enabled	bool	false	Enable translation of network policies to enforce access policies and service isolation.
redis	struct		Redis configuration options.
redis.address	string	gloo-mesh-redis.gloo-mesh:6379	Address to use when connecting to the Redis instance. To use the default Redis deployment, specify ‘redis.gloo-mesh.svc.cluster.local:6379’.
redis.auth	struct		Optional authentication values to use when connecting to the Redis instance
redis.auth.enabled	bool	false	Connect to the Redis instance with a password
redis.auth.secretName	string	redis-auth-secrets	Name of the k8s secret that contains the password
redis.auth.usernameKey	string	username	The secret key containing the username to use for authentication
redis.auth.passwordKey	string	password	The secret key containing the password to use for authentication
redis.db	int	0	DB to connect to
redis.certs	struct		Configuration for TLS verification when connecting to the Redis instance
redis.certs.enabled	bool	false	Enable a secure network connection to the Redis instance via TLS
redis.certs.caCertKey	string		The secret key containing the ca cert
redis.certs.secretName	string	redis-certs	Name of the k8s secret that contains the certs
redis.connection	struct		Optional connection parameters
redis.connection.maxRetries	int	3	Maximum number of retries before giving up. Default is 3. -1 disables retries.
redis.connection.minRetryBackoff	string	8ms	Minimum backoff between each retry. Default is 8 milliseconds. -1 disables backoff.
redis.connection.maxRetryBackoff	string	512ms	Maximum backoff between each retry. Default is 512 milliseconds. -1 disables backoff.
redis.connection.dialTimeout	string	5s	Dial timeout for establishing new connections. Default is 5 seconds.
redis.connection.readTimeout	string	3s	Timeout for socket reads. if reached, commands will fail with a timeout instead of blocking. Default is 3 seconds. -1 disables timeout. 0 uses the default value.
redis.connection.writeTimeout	string		Timeout for socket writes. If reached, commands will fail with a timeout instead of blocking. Default is ReadTimeout.
redis.connection.poolFifo	bool	false	Type of connection pool. true for FIFO pool. false for LIFO pool. Note that FIFO has higher overhead compared to LIFO.
redis.connection.poolSize	int	0	Maximum number of socket connections. Default is 10 connections per every available CPU as reported by runtime.GOMAXPROCS.
redis.connection.minIdleConns	int	0	Minimum number of idle connections which is useful when establishing new connection is slow.
redis.connection.maxConnAge	string		Connection age at which client retires (closes) the connection. Default is to not close aged connections.
redis.connection.poolTimeout	string		Amount of time client waits for connection if all connections are busy before returning an error. Default is ReadTimeout + 1 second.
redis.connection.idleTimeout	string	5m0s	Amount of time after which client closes idle connections. Should be less than server’s timeout. Default is 5 minutes. -1 disables idle timeout check.
redis.connection.idleCheckFrequency	string	1m0s	Frequency of idle checks made by idle connections reaper. Default is 1 minute. -1 disables idle connections reaper, but idle connections are still discarded by the client if IdleTimeout is set.
licenseKey	string		Deprecated: Legacy Gloo Mesh Enterprise license key. Use individual product license fields, the trial license field, or a license secret instead.
glooGatewayLicenseKey	string		Gloo Gateway license key.
glooMeshLicenseKey	string		Gloo Mesh Enterprise license key.
glooNetworkLicenseKey	string		Gloo Network license key.
glooTrialLicenseKey	string		Gloo trial license key, for a trial installation of all products.
licenseSecretName	string	license-keys	Provide license keys in a secret in the adminNamespace of the management cluster, instead of in the license key fields.
leaderElection	bool	true	Enable leader election for the high-availability deployment.
verbose	bool	false	Enable verbose/debug logging.
devMode	bool	false	Set to true to enable development mode for the logger, which can cause panics. Do not use in production.
insecure	bool	false	Permit unencrypted and unauthenticated communication between Gloo control and data planes. Do not use in production.
prometheusUrl	string	http://prometheus-server	Prometheus server address.
adminNamespace	string		Namespace to install control plane components into. The admin namespace also contains global configuration, such as Workspace, global overrides WorkspaceSettings, and KubernetesCluster resources.
readOnlyGeneratedResources	bool	false	If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI.
mgmtClusterName	string		DEPRECATED: Use global.cluster.
global	struct		Global values shared by the Gloo Mesh Enterprise chart and its subcharts.
global.cluster	string	mgmt-cluster	Name of the management cluster. Be sure to modify this value to match your cluster’s name.
registerMgmtPlane	struct		Set up the management cluster with the Gloo management server, register a Gloo agent, and create a simple workspace that selects all registered clusters and namespaces by default. This way, you can get started quickly for single cluster or testing setups. For multicluster or production setups, use your own fine-grained workspaces instead.
registerMgmtPlane.enabled	bool	false	enable installation of the agent when installing the management server
registerMgmtPlane.GlooAgentValues	struct		See the gloo-mesh-agent helm chart docs for more
telemetryGateway	struct		Configuration for the Gloo Platform Telemetry Gateway. See the OpenTelemetry Helm chart for the complete set of values.
telemetryGateway.nameOverride	string
telemetryGateway.fullnameOverride	string	gloo-telemetry-gateway
telemetryGateway.enabled	bool	false
telemetryGateway.mode	string	deployment
telemetryGateway.replicaCount	int	1
telemetryGateway.command	map[string, interface]	{“extraArgs”:["–config=/conf/relay.yaml"],“name”:“gloo-otel-collector”}
telemetryGateway.command.<MAP_KEY>	interface
telemetryGateway.command.extraArgs	interface
telemetryGateway.command.name	interface
telemetryGateway.image	struct
telemetryGateway.image.pullPolicy	string	IfNotPresent
telemetryGateway.image.repository	string	gcr.io/gloo-mesh/gloo-otel-collector
telemetryGateway.image.tag	string
telemetryGateway.extraVolumes[]	[]map	[{“name”:“tls-keys”,“secret”:{“defaultMode”:420,“secretName”:“gloo-telemetry-gateway-tls-secret”}},{“configMap”:{“items”:[{“key”:“relay”,“path”:“relay.yaml”}],“name”:“gloo-telemetry-gateway-config”},“name”:“telemetry-configmap”}]
telemetryGateway.extraVolumes[]	map[string, interface]
telemetryGateway.extraVolumes[].<MAP_KEY>	interface
telemetryGateway.extraVolumeMounts[]	[]map	[{“mountPath”:"/etc/otel-certs",“name”:“tls-keys”,“readOnly”:true},{“mountPath”:"/conf",“name”:“telemetry-configmap”}]
telemetryGateway.extraVolumeMounts[]	map[string, interface]
telemetryGateway.extraVolumeMounts[].<MAP_KEY>	interface
telemetryGateway.resources	map[string, interface]	{“requests”:{“cpu”:“200m”,“memory”:“300Mi”}}
telemetryGateway.resources.<MAP_KEY>	interface
telemetryGateway.resources.requests	interface
telemetryGateway.extraEnvs[]	[]map	null
telemetryGateway.extraEnvs[]	map[string, interface]
telemetryGateway.extraEnvs[].<MAP_KEY>	interface
telemetryGateway.presets	map[string, interface]	{“clusterMetrics”:{“enabled”:false},“hostMetrics”:{“enabled”:false},“kubeletMetrics”:{“enabled”:false},“kubernetesAttributes”:{“enabled”:false},“logsCollection”:{“enabled”:false,“includeCollectorLogs”:false}}
telemetryGateway.presets.<MAP_KEY>	interface
telemetryGateway.presets.clusterMetrics	interface
telemetryGateway.presets.hostMetrics	interface
telemetryGateway.presets.kubeletMetrics	interface
telemetryGateway.presets.kubernetesAttributes	interface
telemetryGateway.presets.logsCollection	interface
telemetryGateway.configMap	map[string, interface]	{“create”:false}
telemetryGateway.configMap.<MAP_KEY>	interface
telemetryGateway.configMap.create	interface
telemetryGateway.clusterRole	map[string, interface]	{“create”:true,“rules”:[{“apiGroups”:[""],“resources”:[“nodes”,“nodes/proxy”,“nodes/metrics”,“services”,“endpoints”,“pods”,“ingresses”,“configmaps”],“verbs”:[“get”,“list”,“watch”]},{“apiGroups”:[“extensions”,“networking.k8s.io”],“resources”:[“ingresses/status”,“ingresses”],“verbs”:[“get”,“list”,“watch”]},{“nonResourceURLs”:["/metrics"],“verbs”:[“get”]}]}
telemetryGateway.clusterRole.<MAP_KEY>	interface
telemetryGateway.clusterRole.create	interface
telemetryGateway.clusterRole.rules	interface
telemetryGateway.service	map[string, interface]	{“type”:“LoadBalancer”}
telemetryGateway.service.<MAP_KEY>	interface
telemetryGateway.service.type	interface
telemetryGateway.podAnnotations	map[string, interface]	{“prometheus.io/path”:"/metrics",“prometheus.io/port”:“9091”,“prometheus.io/scrape”:“true”}
telemetryGateway.podAnnotations.<MAP_KEY>	interface
telemetryGateway.podAnnotations.prometheus.io/path	interface
telemetryGateway.podAnnotations.prometheus.io/port	interface
telemetryGateway.podAnnotations.prometheus.io/scrape	interface
telemetryGateway.ports	map[string, interface]	{“jaeger-compact”:{“enabled”:false},“jaeger-grpc”:{“enabled”:false},“jaeger-thrift”:{“enabled”:false},“otlp”:{“containerPort”:4317,“enabled”:true,“hostPort”:0,“protocol”:“TCP”,“servicePort”:4317},“otlp-http”:{“enabled”:false},“zipkin”:{“enabled”:false}}
telemetryGateway.ports.<MAP_KEY>	interface
telemetryGateway.ports.jaeger-compact	interface
telemetryGateway.ports.jaeger-grpc	interface
telemetryGateway.ports.jaeger-thrift	interface
telemetryGateway.ports.otlp	interface
telemetryGateway.ports.otlp-http	interface
telemetryGateway.ports.zipkin	interface
telemetryGateway.tolerations[]	[]interface	null
telemetryGateway.tolerations[]	interface
telemetryGatewayCustomization	struct		Customization for the Gloo Platform Telemetry Gateway.
telemetryGatewayCustomization.serverName	string	gloo-telemetry-gateway.gloo-mesh	SNI and certificate subject alternative name used in the telemetry gateway certificate.
telemetryGatewayCustomization.extraReceivers	map[string, interface]	null	Configuration for extra receivers, such as to scrape extra Prometheus targets. Receivers listen on a network port to receive telemetry data.
telemetryGatewayCustomization.extraReceivers.<MAP_KEY>	interface		Configuration for extra receivers, such as to scrape extra Prometheus targets. Receivers listen on a network port to receive telemetry data.
telemetryGatewayCustomization.extraProcessors	map[string, interface]	{“batch”:{“send_batch_max_size”:3000,“send_batch_size”:2000,“timeout”:“600ms”},“memory_limiter”:{“check_interval”:“1s”,“limit_percentage”:85,“spike_limit_percentage”:10}}	Configuration for extra processors to drop and generate new data. Processors can transform the data before it is forwarded to another processor and an exporter.
telemetryGatewayCustomization.extraProcessors.<MAP_KEY>	interface		Configuration for extra processors to drop and generate new data. Processors can transform the data before it is forwarded to another processor and an exporter.
telemetryGatewayCustomization.extraProcessors.batch	interface		Configuration for extra processors to drop and generate new data. Processors can transform the data before it is forwarded to another processor and an exporter.
telemetryGatewayCustomization.extraProcessors.memory_limiter	interface		Configuration for extra processors to drop and generate new data. Processors can transform the data before it is forwarded to another processor and an exporter.
telemetryGatewayCustomization.extraExporters	map[string, interface]	null	Configuration for extra exporters, such as to forward your data to a third-party provider. Exporters forward the data they get to a destination on the local or remote network.
telemetryGatewayCustomization.extraExporters.<MAP_KEY>	interface		Configuration for extra exporters, such as to forward your data to a third-party provider. Exporters forward the data they get to a destination on the local or remote network.
telemetryGatewayCustomization.extraPipelines	map[string, interface]	null	Specify any added receivers, processors, or exporters in an extra pipeline.
telemetryGatewayCustomization.extraPipelines.<MAP_KEY>	interface		Specify any added receivers, processors, or exporters in an extra pipeline.
telemetryGatewayCustomization.telemetry	map[string, interface]	{“metrics”:{“address”:“0.0.0.0:8888”}}	Configure the service telemetry (logs and metrics) as described in the otel-collector docs.
telemetryGatewayCustomization.telemetry.<MAP_KEY>	interface		Configure the service telemetry (logs and metrics) as described in the otel-collector docs.
telemetryGatewayCustomization.telemetry.metrics	interface		Configure the service telemetry (logs and metrics) as described in the otel-collector docs.
telemetryGatewayCustomization.reloadTlsCertificate	struct		Interval of time between reloading the TLS certificate of the telemetry gateway.
telemetryGatewayCustomization.reloadTlsCertificate.seconds	int64	0
telemetryGatewayCustomization.reloadTlsCertificate.nanos	int32	0
telemetryGatewayCustomization.disableCertGeneration	bool	false	Disable cert generation for the Gloo Platform Telemetry Gateway.
telemetryGatewayCustomization.disableDefaultPipeline	bool	false	Disables the default pipeline. Useful if you want to create a custom pipeline using ’extraPipelines’ and to disable the default pipeline.
glooMeshMgmtServer	struct		Configuration for the glooMeshMgmtServer deployment.
glooMeshMgmtServer	struct
glooMeshMgmtServer.leaderElection	bool	false	Enable leader election for the high-availability deployment.
glooMeshMgmtServer	struct
glooMeshMgmtServer.verbose	bool	false	Enable verbose/debug logging.
glooMeshMgmtServer	struct
glooMeshMgmtServer.devMode	bool	false	Set to true to enable development mode for the logger, which can cause panics. Do not use in production.
glooMeshMgmtServer	struct
glooMeshMgmtServer.insecure	bool	false	Permit unencrypted and unauthenticated communication between Gloo control and data planes. Do not use in production.
glooMeshMgmtServer	struct
glooMeshMgmtServer.readOnlyGeneratedResources	bool	false	If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI.
glooMeshMgmtServer.relay	struct		Configuration for certificates to secure server-agent relay communication. Required only for multicluster setups.
glooMeshMgmtServer.relay.tlsSecret	struct		Secret containing client TLS certs used to secure the management server.
glooMeshMgmtServer.relay.tlsSecret.name	string	relay-server-tls-secret
glooMeshMgmtServer.relay.tlsSecret.namespace	string
glooMeshMgmtServer.relay.signingTlsSecret	struct		Secret containing TLS certs used to sign CSRs created by workload agents.
glooMeshMgmtServer.relay.signingTlsSecret.name	string	relay-tls-signing-secret
glooMeshMgmtServer.relay.signingTlsSecret.namespace	string
glooMeshMgmtServer.relay.tokenSecret	struct		Secret containing a shared token for authenticating Gloo agents when they first communicate with the management server.
glooMeshMgmtServer.relay.tokenSecret.name	string	relay-identity-token-secret	Name of the Kubernetes secret.
glooMeshMgmtServer.relay.tokenSecret.namespace	string		Namespace of the Kubernetes secret.
glooMeshMgmtServer.relay.tokenSecret.key	string	token	Key value of the data within the Kubernetes secret.
glooMeshMgmtServer.relay.disableCa	bool	false	To disable relay CA functionality, set to true. Set to true only when you supply your custom client certs to the agents for relay mTLS. The gloo-mesh-mgmt-server pod will not require a token secret or the signing cert secret. The agent pod will not require the token secret, but will fail without a client cert.
glooMeshMgmtServer.relay.disableTokenGeneration	bool	false	Do not create the relay token Kubernetes secret. Set to true only when you supply own.
glooMeshMgmtServer.relay.disableCaCertGeneration	bool	false	Do not auto-generate self-signed CA certificates. Set to true only when you supply own.
glooMeshMgmtServer.relay.pushRbac	bool	true	Push RBAC resources to the management server. Required for multicluster RBAC in the Gloo UI.
glooMeshMgmtServer.enabled	bool	true	Deploy the gloo-mesh-mgmt-server.
glooMeshMgmtServer.maxGrpcMessageSize	string	4294967295	Maximum message size for gRPC messages sent and received by the management server.
glooMeshMgmtServer.concurrency	uint16	10	Concurrency to use for translation operations.
glooMeshMgmtServer.enableClusterLoadBalancing	bool	false	Experimental: Enable cluster load balancing. The management server replicas attempt to auto-balance the number of registered workload clusters, based on the number of replicas and the number of total clusters. For example, the server might disconnect a workload cluster if the number of connected clusters is greater than the allotted number.
glooMeshMgmtServer.statsPort	uint32	9091	Port on the management server deployment to pull stats from.
glooMeshMgmtServer.serviceAccount	struct		Service account configuration to use for the management server deployment.
glooMeshMgmtServer.serviceAccount.extraAnnotations	map[string, string]	null	Extra annotations to add to the service account.
glooMeshMgmtServer.serviceAccount.extraAnnotations.<MAP_KEY>	string		Extra annotations to add to the service account.
glooMeshMgmtServer.cloudResourcesDiscovery	struct		Configuration for automatic discovery of CloudResources.
glooMeshMgmtServer.cloudResourcesDiscovery.enabled	bool	true	Enable automated discovery of CloudResources, such as AWS Lambda functions, based on CloudProvider configuration.
glooMeshMgmtServer.cloudResourcesDiscovery.pollingInterval	uint16	10	Polling interval (in seconds) for calling AWS when attempting to discover CloudResources.
glooMeshMgmtServer.namespacedRbac[]	[]struct	[{“resources”:[],“namespaces”:[]}]	Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource.
glooMeshMgmtServer.namespacedRbac[]	struct		Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource.
glooMeshMgmtServer.namespacedRbac[].resources[]	[]string
glooMeshMgmtServer.namespacedRbac[].resources[]	string
glooMeshMgmtServer.namespacedRbac[].namespaces[]	[]string
glooMeshMgmtServer.namespacedRbac[].namespaces[]	string
glooMeshMgmtServer	struct		Configuration for the glooMeshMgmtServer deployment.
glooMeshMgmtServer	struct
glooMeshMgmtServer.image	struct		Container image.
glooMeshMgmtServer.image.tag	string		Version tag for the container image.
glooMeshMgmtServer.image.repository	string	gloo-mesh-mgmt-server	Image name (repository).
glooMeshMgmtServer.image.registry	string	gcr.io/gloo-mesh	Image registry.
glooMeshMgmtServer.image.pullPolicy	string	IfNotPresent	Image pull policy.
glooMeshMgmtServer.image.pullSecret	string		Image pull secret.
glooMeshMgmtServer.env[]	slice	[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}},{“name”:“POD_UID”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.uid”}}},{“name”:“K8S_MEM_LIMIT”,“valueFrom”:{“resourceFieldRef”:{“resource”:“limits.memory”,“divisor”:“1”}}},{“name”:“LICENSE_KEY”,“valueFrom”:{“secretKeyRef”:{“name”:“gloo-mesh-enterprise-license”,“key”:“key”,“optional”:true}}},{“name”:“REDIS_USERNAME”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“username”,“optional”:true}}},{“name”:“REDIS_PASSWORD”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“password”,“optional”:true}}}]	Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.extraEnvs	struct		Extra environment variables for the container
glooMeshMgmtServer.resources	struct	{“requests”:{“cpu”:“125m”,“memory”:“1Gi”}}	Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.sidecars	map[string, struct]	{}	Optional configuration for the deployed containers.
glooMeshMgmtServer.sidecars.<MAP_KEY>	struct		Optional configuration for the deployed containers.
glooMeshMgmtServer.sidecars.<MAP_KEY>.image	struct		Container image.
glooMeshMgmtServer.sidecars.<MAP_KEY>.image.tag	string		Version tag for the container image.
glooMeshMgmtServer.sidecars.<MAP_KEY>.image.repository	string		Image name (repository).
glooMeshMgmtServer.sidecars.<MAP_KEY>.image.registry	string		Image registry.
glooMeshMgmtServer.sidecars.<MAP_KEY>.image.pullPolicy	string		Image pull policy.
glooMeshMgmtServer.sidecars.<MAP_KEY>.image.pullSecret	string		Image pull secret.
glooMeshMgmtServer.sidecars.<MAP_KEY>.env[]	slice		Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.sidecars.<MAP_KEY>.extraEnvs	struct		Extra environment variables for the container
glooMeshMgmtServer.sidecars.<MAP_KEY>.resources	struct		Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.sidecars.<MAP_KEY>.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshMgmtServer.floatingUserId	bool	false	Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations.
glooMeshMgmtServer.runAsUser	uint32	10101	Static user ID to run the containers as. Unused if floatingUserId is ’true’.
glooMeshMgmtServer.serviceType	string	LoadBalancer	Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”.
glooMeshMgmtServer.ports	map[string, uint32]	{“grpc”:9900,“healthcheck”:8090}	Service ports as a map from port name to port number.
glooMeshMgmtServer.ports.<MAP_KEY>	uint32		Service ports as a map from port name to port number.
glooMeshMgmtServer.ports.grpc	uint32	9900	Service ports as a map from port name to port number.
glooMeshMgmtServer.ports.healthcheck	uint32	8090	Service ports as a map from port name to port number.
glooMeshMgmtServer.deploymentOverrides	struct		Arbitrary overrides for the component’s deployment template
glooMeshMgmtServer.serviceOverrides	struct		Arbitrary overrides for the component’s service template.
glooMeshMgmtServer.enabled	bool	true	Enable creation of the deployment/service.
glooMeshUi	struct		Configuration for the glooMeshUi deployment.
glooMeshUi	struct
glooMeshUi.prometheusUrl	string		Prometheus server address.
glooMeshUi	struct
glooMeshUi.verbose	bool	false	Enable verbose/debug logging.
glooMeshUi	struct
glooMeshUi.readOnlyGeneratedResources	bool	false	If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI.
glooMeshUi.enabled	bool	true	Deploy the gloo-mesh-ui.
glooMeshUi.settingsName	string	settings	Name of the UI settings object to use.
glooMeshUi.auth	struct		Configure authentication for the UI.
glooMeshUi.auth.enabled	bool	false	Require authentication to access the UI.
glooMeshUi.auth.backend	string		Authentication backend to use. ‘oidc’ is supported.
glooMeshUi.auth.oidc	struct		Settings for the OpenID Connect (OIDC) backend.
glooMeshUi.auth.oidc.clientId	string		OIDC client ID
glooMeshUi.auth.oidc.clientSecret	string		Plaintext OIDC client secret, which will be encoded in base64 and stored in a secret named the value of ‘clientSecretName’.
glooMeshUi.auth.oidc.clientSecretName	string		Name for the secret that will contain the client secret.
glooMeshUi.auth.oidc.issuerUrl	string		Issuer URL from the OIDC provider, such as ‘https://.<provider_url>/’.
glooMeshUi.auth.oidc.appUrl	string		URL that the UI for OIDC app is available at, from the DNS and other ingress settings that expose OIDC app UI service.
glooMeshUi.auth.oidc.session	struct		Session storage configuration. If omitted, a cookie is used.
glooMeshUi.auth.oidc.session.backend	string		Backend to use for auth session storage. ‘cookie’ and ‘redis’ are supported.
glooMeshUi.auth.oidc.session.redis	struct		Redis instance configuration.
glooMeshUi.auth.oidc.session.redis.host	string		Host at which the Redis instance is accessible. To use the default Redis deployment, specify ‘redis.gloo-mesh.svc.cluster.local:6379’.
glooMeshUi.licenseSecretName	string		Provide license keys in a secret in the adminNamespace of the management cluster, instead of in the license key fields.
glooMeshUi.ipVersion	string	dualStack	Configure IP version to ipv4, ipv6 or dualStack. Defaults to dualStack.
glooMeshUi.namespacedRbac[]	[]struct	[{“resources”:[],“namespaces”:[]}]	Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource.
glooMeshUi.namespacedRbac[]	struct		Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource.
glooMeshUi.namespacedRbac[].resources[]	[]string
glooMeshUi.namespacedRbac[].resources[]	string
glooMeshUi.namespacedRbac[].namespaces[]	[]string
glooMeshUi.namespacedRbac[].namespaces[]	string
glooMeshUi	struct		Configuration for the glooMeshUi deployment.
glooMeshUi	struct
glooMeshUi.image	struct		Container image.
glooMeshUi.image.tag	string		Version tag for the container image.
glooMeshUi.image.repository	string	gloo-mesh-apiserver	Image name (repository).
glooMeshUi.image.registry	string	gcr.io/gloo-mesh	Image registry.
glooMeshUi.image.pullPolicy	string	IfNotPresent	Image pull policy.
glooMeshUi.image.pullSecret	string		Image pull secret.
glooMeshUi.env[]	slice	[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}},{“name”:“LICENSE_KEY”,“valueFrom”:{“secretKeyRef”:{“name”:“gloo-mesh-enterprise-license”,“key”:“key”,“optional”:true}}},{“name”:“REDIS_USERNAME”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“username”,“optional”:true}}},{“name”:“REDIS_PASSWORD”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“password”,“optional”:true}}},{“name”:“K8S_MEM_LIMIT”,“valueFrom”:{“resourceFieldRef”:{“resource”:“limits.memory”,“divisor”:“1”}}}]	Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshUi.extraEnvs	struct		Extra environment variables for the container
glooMeshUi.resources	struct	{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}}	Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshUi.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars	map[string, struct]	{“console”:{“image”:{“repository”:“gloo-mesh-ui”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:null,“extraEnvs”:{},“resources”:{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}}},“envoy”:{“image”:{“repository”:“gloo-mesh-envoy”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:[{“name”:“ENVOY_UID”,“value”:“0”}],“extraEnvs”:{},“resources”:{“requests”:{“cpu”:“500m”,“memory”:“256Mi”}}}}	Optional configuration for the deployed containers.
glooMeshUi.sidecars.<MAP_KEY>	struct		Optional configuration for the deployed containers.
glooMeshUi.sidecars.<MAP_KEY>.image	struct		Container image.
glooMeshUi.sidecars.<MAP_KEY>.image.tag	string		Version tag for the container image.
glooMeshUi.sidecars.<MAP_KEY>.image.repository	string		Image name (repository).
glooMeshUi.sidecars.<MAP_KEY>.image.registry	string		Image registry.
glooMeshUi.sidecars.<MAP_KEY>.image.pullPolicy	string		Image pull policy.
glooMeshUi.sidecars.<MAP_KEY>.image.pullSecret	string		Image pull secret.
glooMeshUi.sidecars.<MAP_KEY>.env[]	slice		Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.<MAP_KEY>.extraEnvs	struct		Extra environment variables for the container
glooMeshUi.sidecars.<MAP_KEY>.resources	struct		Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.<MAP_KEY>.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.console	struct		Optional configuration for the deployed containers.
glooMeshUi.sidecars.console.image	struct		Container image.
glooMeshUi.sidecars.console.image.tag	string		Version tag for the container image.
glooMeshUi.sidecars.console.image.repository	string	gloo-mesh-ui	Image name (repository).
glooMeshUi.sidecars.console.image.registry	string	gcr.io/gloo-mesh	Image registry.
glooMeshUi.sidecars.console.image.pullPolicy	string	IfNotPresent	Image pull policy.
glooMeshUi.sidecars.console.image.pullSecret	string		Image pull secret.
glooMeshUi.sidecars.console.env[]	slice	null	Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.console.extraEnvs	struct		Extra environment variables for the container
glooMeshUi.sidecars.console.resources	struct	{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}}	Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.console.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.envoy	struct		Optional configuration for the deployed containers.
glooMeshUi.sidecars.envoy.image	struct		Container image.
glooMeshUi.sidecars.envoy.image.tag	string		Version tag for the container image.
glooMeshUi.sidecars.envoy.image.repository	string	gloo-mesh-envoy	Image name (repository).
glooMeshUi.sidecars.envoy.image.registry	string	gcr.io/gloo-mesh	Image registry.
glooMeshUi.sidecars.envoy.image.pullPolicy	string	IfNotPresent	Image pull policy.
glooMeshUi.sidecars.envoy.image.pullSecret	string		Image pull secret.
glooMeshUi.sidecars.envoy.env[]	slice	[{“name”:“ENVOY_UID”,“value”:“0”}]	Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.envoy.extraEnvs	struct		Extra environment variables for the container
glooMeshUi.sidecars.envoy.resources	struct	{“requests”:{“cpu”:“500m”,“memory”:“256Mi”}}	Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshUi.sidecars.envoy.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshUi.floatingUserId	bool	false	Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations.
glooMeshUi.runAsUser	uint32	10101	Static user ID to run the containers as. Unused if floatingUserId is ’true’.
glooMeshUi.serviceType	string	ClusterIP	Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”.
glooMeshUi.ports	map[string, uint32]	{“console”:8090,“grpc”:10101,“healthcheck”:8081}	Service ports as a map from port name to port number.
glooMeshUi.ports.<MAP_KEY>	uint32		Service ports as a map from port name to port number.
glooMeshUi.ports.console	uint32	8090	Service ports as a map from port name to port number.
glooMeshUi.ports.grpc	uint32	10101	Service ports as a map from port name to port number.
glooMeshUi.ports.healthcheck	uint32	8081	Service ports as a map from port name to port number.
glooMeshUi.deploymentOverrides	struct		Arbitrary overrides for the component’s deployment template
glooMeshUi.serviceOverrides	struct		Arbitrary overrides for the component’s service template.
glooMeshUi.enabled	bool	true	Enable creation of the deployment/service.
glooMeshRedis	struct		Configuration for the glooMeshRedis deployment.
glooMeshRedis.enabled	bool	true	Deploy the default Redis instance.
glooMeshRedis.addr	string		Deprecated: Use ‘redis.address’ instead.
glooMeshRedis	struct		Configuration for the glooMeshRedis deployment.
glooMeshRedis	struct
glooMeshRedis.image	struct		Container image.
glooMeshRedis.image.tag	string		Version tag for the container image.
glooMeshRedis.image.repository	string	redis	Image name (repository).
glooMeshRedis.image.registry	string	docker.io	Image registry.
glooMeshRedis.image.pullPolicy	string	IfNotPresent	Image pull policy.
glooMeshRedis.image.pullSecret	string		Image pull secret.
glooMeshRedis.env[]	slice	[{“name”:“MASTER”,“value”:“true”}]	Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshRedis.extraEnvs	struct		Extra environment variables for the container
glooMeshRedis.resources	struct	{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}}	Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshRedis.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshRedis.sidecars	map[string, struct]	{}	Optional configuration for the deployed containers.
glooMeshRedis.sidecars.<MAP_KEY>	struct		Optional configuration for the deployed containers.
glooMeshRedis.sidecars.<MAP_KEY>.image	struct		Container image.
glooMeshRedis.sidecars.<MAP_KEY>.image.tag	string		Version tag for the container image.
glooMeshRedis.sidecars.<MAP_KEY>.image.repository	string		Image name (repository).
glooMeshRedis.sidecars.<MAP_KEY>.image.registry	string		Image registry.
glooMeshRedis.sidecars.<MAP_KEY>.image.pullPolicy	string		Image pull policy.
glooMeshRedis.sidecars.<MAP_KEY>.image.pullSecret	string		Image pull secret.
glooMeshRedis.sidecars.<MAP_KEY>.env[]	slice		Environment variables for the container. For more info, see the Kubernetes documentation.
glooMeshRedis.sidecars.<MAP_KEY>.extraEnvs	struct		Extra environment variables for the container
glooMeshRedis.sidecars.<MAP_KEY>.resources	struct		Container resource requirements. For more info, see the Kubernetes documentation.
glooMeshRedis.sidecars.<MAP_KEY>.securityContext	struct		Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation.
glooMeshRedis.floatingUserId	bool	false	Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations.
glooMeshRedis.runAsUser	uint32	10101	Static user ID to run the containers as. Unused if floatingUserId is ’true’.
glooMeshRedis.serviceType	string	ClusterIP	Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”.
glooMeshRedis.ports	map[string, uint32]	{“redis”:6379}	Service ports as a map from port name to port number.
glooMeshRedis.ports.<MAP_KEY>	uint32		Service ports as a map from port name to port number.
glooMeshRedis.ports.redis	uint32	6379	Service ports as a map from port name to port number.
glooMeshRedis.deploymentOverrides	struct		Arbitrary overrides for the component’s deployment template
glooMeshRedis.serviceOverrides	struct		Arbitrary overrides for the component’s service template.
glooMeshRedis.enabled	bool	true	Enable creation of the deployment/service.