Enterprise Agent

Option Type Default Value Description
global struct {“insecure”:false} global chart values which can be set from parent charts
global.insecure bool false Set to true to enable insecure communication between Gloo Mesh components
defaultMetricsPort uint32 9091 The port on which to serve internal Prometheus metrics for the Gloo Mesh application. Set to 0 to disable.
relay struct {“cluster”:"",“serverAddress”:"",“authority”:“enterprise-networking.gloo-mesh”,“insecure”:false,“clientCertSecret”:{“name”:“relay-client-tls-secret”},“rootTlsSecret”:{“name”:“relay-root-tls-secret”},“tokenSecret”:{“name”:“relay-identity-token-secret”,“namespace”:"",“key”:“token”},“maxGrpcMessageSize”:“4294967295”} options for connecting relay
relay.cluster string cluster identifier for the relay agent
relay.serverAddress string address of the relay server
relay.authority string enterprise-networking.gloo-mesh set the authority/host header to this value when dialing the Relay gRPC Server
relay.insecure bool false communicate with relay server over plain HTTP
relay.clientCertSecret struct {“name”:“relay-client-tls-secret”} Reference to a Secret containing the Client TLS Certificates used to identify the Relay Agent to the Server. If the secret does not exist, a Token and Root cert secret are required.
relay.clientCertSecret.name string relay-client-tls-secret
relay.clientCertSecret.namespace string
relay.rootTlsSecret struct {“name”:“relay-root-tls-secret”} Reference to a Secret containing a Root TLS Certificates used to verify the Relay Server Certificate. The secret can also optionally specify a ‘tls.key’ which will be used to generate the Agent Client Certificate.
relay.rootTlsSecret.name string relay-root-tls-secret
relay.rootTlsSecret.namespace string
relay.tokenSecret struct {“name”:“relay-identity-token-secret”,“namespace”:"",“key”:“token”} Reference to a Secret containing a shared Token for authenticating to the Relay Server
relay.tokenSecret.name string relay-identity-token-secret Name of the Kubernetes Secret
relay.tokenSecret.namespace string Namespace of the Kubernetes Secret
relay.tokenSecret.key string token Key value of the data within the Kubernetes Secret
relay.maxGrpcMessageSize string 4294967295 Specify to set a custom maximum message size for grpc messages sent to the Relay server
settingsRef struct {“name”:“settings”,“namespace”:“gloo-mesh”} ref to the settings object that will be received from the networking server.
settingsRef.name string settings
settingsRef.namespace string gloo-mesh
istiodSidecar struct {“createRoleBinding”:false,“istiodServiceAccount”:{“name”:“istiod-service-account”,“namespace”:“istio-system”}} settings pertaining to the istiod sidecar deployment
istiodSidecar.createRoleBinding bool false create cluster role binding needed by istiod sidecar
istiodSidecar.istiodServiceAccount struct {“name”:“istiod-service-account”,“namespace”:“istio-system”} object reference to istiod service account
istiodSidecar.istiodServiceAccount.name string istiod-service-account
istiodSidecar.istiodServiceAccount.namespace string istio-system
verbose bool false enables verbose/debug logging
ext-auth-service struct {“enabled”:false,“extraTemplateAnnotations”:{“proxy.istio.io/config”:"{ "holdApplicationUntilProxyStarts": true }"}} customizations to the ext-auth-service helm chart
ext-auth-service.enabled bool false if true, deploy ExtAuth service (default false)
ext-auth-service.extraTemplateAnnotations map[string, string] extra annotations to add to the extauth service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
ext-auth-service.extraTemplateAnnotations.<MAP_KEY> string extra annotations to add to the extauth service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
ext-auth-service.extraTemplateAnnotations.proxy.istio.io/config string { “holdApplicationUntilProxyStarts”: true } extra annotations to add to the extauth service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
rate-limiter struct {“enabled”:false,“extraTemplateAnnotations”:{“proxy.istio.io/config”:"{ "holdApplicationUntilProxyStarts": true }"}} customizations to the rate-limiter helm chart
rate-limiter.enabled bool false if true, deploy rate limit service (default false)
rate-limiter.extraTemplateAnnotations map[string, string] extra annotations to add to the ratelimit service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
rate-limiter.extraTemplateAnnotations.<MAP_KEY> string extra annotations to add to the ratelimit service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
rate-limiter.extraTemplateAnnotations.proxy.istio.io/config string { “holdApplicationUntilProxyStarts”: true } extra annotations to add to the ratelimit service pods. Defaults to proxy.istio.io/config: ‘{ “holdApplicationUntilProxyStarts”: true }’
enterpriseAgent struct {“image”:{“repository”:“enterprise-agent”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}}],“resources”:{“requests”:{“cpu”:“50m”,“memory”:“128Mi”}},“sidecars”:{},“floatingUserId”:false,“runAsUser”:10101,“serviceType”:“ClusterIP”,“ports”:{“grpc”:9977,“http”:9988},“enabled”:true} Configuration for the enterpriseAgent deployment.
enterpriseAgent struct {“image”:{“repository”:“enterprise-agent”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}}],“resources”:{“requests”:{“cpu”:“50m”,“memory”:“128Mi”}}}
enterpriseAgent.image struct {“repository”:“enterprise-agent”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”} Specify the container image
enterpriseAgent.image.tag string Tag for the container.
enterpriseAgent.image.repository string enterprise-agent Image name (repository).
enterpriseAgent.image.registry string gcr.io/gloo-mesh Image registry.
enterpriseAgent.image.pullPolicy string IfNotPresent Image pull policy.
enterpriseAgent.image.pullSecret string Image pull secret.
enterpriseAgent.Env[] slice [{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}}] Specify environment variables for the container. See the Kubernetes documentation for specification details.
enterpriseAgent.resources struct {“requests”:{“cpu”:“50m”,“memory”:“128Mi”}} Specify container resource requirements. See the Kubernetes documentation for specification details.
enterpriseAgent.resources.limits map[string, struct]
enterpriseAgent.resources.limits.<MAP_KEY> struct
enterpriseAgent.resources.limits.<MAP_KEY> string
enterpriseAgent.resources.requests map[string, struct]
enterpriseAgent.resources.requests.<MAP_KEY> struct
enterpriseAgent.resources.requests.<MAP_KEY> string
enterpriseAgent.resources.requests.cpu struct "50m”
enterpriseAgent.resources.requests.cpu string DecimalSI
enterpriseAgent.resources.requests.memory struct "128Mi”
enterpriseAgent.resources.requests.memory string BinarySI
enterpriseAgent.sidecars map[string, struct] Configuration for the deployed containers.
enterpriseAgent.sidecars.<MAP_KEY> struct Configuration for the deployed containers.
enterpriseAgent.sidecars.<MAP_KEY>.image struct Specify the container image
enterpriseAgent.sidecars.<MAP_KEY>.image.tag string Tag for the container.
enterpriseAgent.sidecars.<MAP_KEY>.image.repository string Image name (repository).
enterpriseAgent.sidecars.<MAP_KEY>.image.registry string Image registry.
enterpriseAgent.sidecars.<MAP_KEY>.image.pullPolicy string Image pull policy.
enterpriseAgent.sidecars.<MAP_KEY>.image.pullSecret string Image pull secret.
enterpriseAgent.sidecars.<MAP_KEY>.Env[] slice Specify environment variables for the container. See the Kubernetes documentation for specification details.
enterpriseAgent.sidecars.<MAP_KEY>.resources struct Specify container resource requirements. See the Kubernetes documentation for specification details.
enterpriseAgent.sidecars.<MAP_KEY>.resources.limits map[string, struct]
enterpriseAgent.sidecars.<MAP_KEY>.resources.limits.<MAP_KEY> struct
enterpriseAgent.sidecars.<MAP_KEY>.resources.limits.<MAP_KEY> string
enterpriseAgent.sidecars.<MAP_KEY>.resources.requests map[string, struct]
enterpriseAgent.sidecars.<MAP_KEY>.resources.requests.<MAP_KEY> struct
enterpriseAgent.sidecars.<MAP_KEY>.resources.requests.<MAP_KEY> string
enterpriseAgent.floatingUserId bool false Allow the pod to be assigned a dynamic user ID.
enterpriseAgent.runAsUser uint32 10101 Static user ID to run the containers as. Unused if floatingUserId is ‘true’.
enterpriseAgent.serviceType string ClusterIP Specify the service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”.
enterpriseAgent.ports map[string, uint32] Specify service ports as a map from port name to port number.
enterpriseAgent.ports.<MAP_KEY> uint32 Specify service ports as a map from port name to port number.
enterpriseAgent.ports.grpc uint32 9977 Specify service ports as a map from port name to port number.
enterpriseAgent.ports.http uint32 9988 Specify service ports as a map from port name to port number.
enterpriseAgent.DeploymentOverrides invalid Provide arbitrary overrides for the component's deployment template
enterpriseAgent.ServiceOverrides invalid Provide arbitrary overrides for the component's service template.
enterpriseAgent.enabled bool true Enables or disables creation of the operator deployment/service