| adminNamespace |
string |
Namespace to install control plane components into. The admin namespace also contains global configuration, such as Workspace, global overrides WorkspaceSettings, and KubernetesCluster resources. |
|
| clickhouse |
struct |
Configuration for the Clickhouse storage, used to demo API Analytics. See the Bitnami Clickhouse Helm chart for the complete set of values |
|
| clickhouse.auth |
struct |
Authentication configuration |
|
| clickhouse.auth.existingSecret |
string |
Name of existing secret to use for authentication |
clickhouse-auth |
| clickhouse.auth.existingSecretKey |
string |
Key in existing secret to use for authentication |
password |
| clickhouse.enabled |
bool |
Set to false to disable the clickhouse dependency. |
false |
| clickhouse.fullnameOverride |
string |
Override the full name, used for the service and the statefulset |
clickhouse |
| clickhouse.keeper |
struct |
Keeper configuration |
|
| clickhouse.keeper.enabled |
bool |
Set to false to disable the zookeeper dependency. |
false |
| clickhouse.replicaCount |
int |
Number of replicas |
1 |
| clickhouse.shards |
int |
Number of shards to create |
1 |
| clickhouse.zookeeper |
struct |
Zookeeper configuration |
|
| clickhouse.zookeeper.enabled |
bool |
Set to false to disable the zookeeper dependency. |
false |
| devMode |
bool |
Set to true to enable development mode for the logger, which can cause panics. Do not use in production. |
false |
| experimental |
struct |
Experimental features for Gloo Platform. Disabled by default. Do not use in production. |
|
| experimental.ambientEnabled |
bool |
Allow Gloo Mesh to create Istio Ambient Mesh resources. |
false |
| experimental.asyncStatusWrites |
bool |
Enable asynchronous writing of statuses to Kubernetes objects. |
false |
| global |
struct |
Global values shared by the Gloo Mesh Enterprise chart and its subcharts. |
|
| global.cluster |
string |
Name of the management cluster. Be sure to modify this value to match your cluster's name. |
mgmt-cluster |
| glooGatewayLicenseKey |
string |
Gloo Gateway license key. |
|
| glooMeshLicenseKey |
string |
Gloo Mesh Enterprise license key. |
|
| glooMeshMgmtServer |
struct |
|
|
| glooMeshMgmtServer |
struct |
Configuration for the glooMeshMgmtServer deployment. |
|
| glooMeshMgmtServer.cloudResourcesDiscovery |
struct |
Configuration for automatic discovery of CloudResources. |
|
| glooMeshMgmtServer.cloudResourcesDiscovery.enabled |
bool |
Enable automated discovery of CloudResources, such as AWS Lambda functions, based on CloudProvider configuration. |
true |
| glooMeshMgmtServer.cloudResourcesDiscovery.pollingInterval |
uint16 |
Polling interval (in seconds) for calling AWS when attempting to discover CloudResources. |
10 |
| glooMeshMgmtServer.concurrency |
uint16 |
Concurrency to use for translation operations. |
10 |
| glooMeshMgmtServer.deploymentOverrides |
struct |
Arbitrary overrides for the component's deployment template. |
|
| glooMeshMgmtServer.devMode |
bool |
Set to true to enable development mode for the logger, which can cause panics. Do not use in production. |
false |
| glooMeshMgmtServer.enableClusterLoadBalancing |
bool |
Experimental: Enable cluster load balancing. The management server replicas attempt to auto-balance the number of registered workload clusters, based on the number of replicas and the number of total clusters. For example, the server might disconnect a workload cluster if the number of connected clusters is greater than the allotted number. |
false |
| glooMeshMgmtServer.enabled |
bool |
Deploy the gloo-mesh-mgmt-server. |
true |
| glooMeshMgmtServer.enabled |
bool |
Enable creation of the deployment/service. |
true |
| glooMeshMgmtServer.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}},{“name”:“POD_UID”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.uid”}}},{“name”:“K8S_MEM_LIMIT”,“valueFrom”:{“resourceFieldRef”:{“resource”:“limits.memory”,“divisor”:“1”}}},{“name”:“LICENSE_KEY”,“valueFrom”:{“secretKeyRef”:{“name”:“gloo-mesh-enterprise-license”,“key”:“key”,“optional”:true}}},{“name”:“REDIS_USERNAME”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“username”,“optional”:true}}},{“name”:“REDIS_PASSWORD”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“password”,“optional”:true}}}] |
| glooMeshMgmtServer.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshMgmtServer.floatingUserId |
bool |
Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations. |
false |
| glooMeshMgmtServer.image |
struct |
Container image. |
|
| glooMeshMgmtServer.image.pullPolicy |
string |
Image pull policy. |
IfNotPresent |
| glooMeshMgmtServer.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshMgmtServer.image.registry |
string |
Image registry. |
gcr.io/gloo-mesh |
| glooMeshMgmtServer.image.repository |
string |
Image name (repository). |
gloo-mesh-mgmt-server |
| glooMeshMgmtServer.image.tag |
string |
Version tag for the container image. |
|
| glooMeshMgmtServer.insecure |
bool |
Permit unencrypted and unauthenticated communication between Gloo control and data planes. Do not use in production. |
false |
| glooMeshMgmtServer.leaderElection |
bool |
Enable leader election for the high-availability deployment. |
false |
| glooMeshMgmtServer.maxGrpcMessageSize |
string |
Maximum message size for gRPC messages sent and received by the management server. |
4294967295 |
| glooMeshMgmtServer.namespacedRbac[] |
[]struct |
Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource. |
[{“resources”:[],“namespaces”:[]}] |
| glooMeshMgmtServer.namespacedRbac[].namespaces[] |
[]string |
|
|
| glooMeshMgmtServer.namespacedRbac[].resources[] |
[]string |
|
|
| glooMeshMgmtServer.ports |
map[string, uint32] |
Service ports as a map from port name to port number. |
{“grpc”:9900,“healthcheck”:8090} |
| glooMeshMgmtServer.ports.<MAP_KEY> |
uint32 |
Service ports as a map from port name to port number. |
|
| glooMeshMgmtServer.ports.grpc |
uint32 |
Service ports as a map from port name to port number. |
9900 |
| glooMeshMgmtServer.ports.healthcheck |
uint32 |
Service ports as a map from port name to port number. |
8090 |
| glooMeshMgmtServer.readOnlyGeneratedResources |
bool |
If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI. |
false |
| glooMeshMgmtServer.relay |
struct |
Configuration for certificates to secure server-agent relay communication. Required only for multicluster setups. |
|
| glooMeshMgmtServer.relay.disableCa |
bool |
To disable relay CA functionality, set to true. Set to true only when you supply your custom client certs to the agents for relay mTLS. The gloo-mesh-mgmt-server pod will not require a token secret or the signing cert secret. The agent pod will not require the token secret, but will fail without a client cert. |
false |
| glooMeshMgmtServer.relay.disableCaCertGeneration |
bool |
Do not auto-generate self-signed CA certificates. Set to true only when you supply own. |
false |
| glooMeshMgmtServer.relay.disableTokenGeneration |
bool |
Do not create the relay token Kubernetes secret. Set to true only when you supply own. |
false |
| glooMeshMgmtServer.relay.pushRbac |
bool |
Push RBAC resources to the management server. Required for multicluster RBAC in the Gloo UI. |
true |
| glooMeshMgmtServer.relay.signingTlsSecret |
struct |
Secret containing TLS certs used to sign CSRs created by workload agents. |
|
| glooMeshMgmtServer.relay.signingTlsSecret.name |
string |
|
relay-tls-signing-secret |
| glooMeshMgmtServer.relay.signingTlsSecret.namespace |
string |
|
|
| glooMeshMgmtServer.relay.tlsSecret |
struct |
Secret containing client TLS certs used to secure the management server. |
|
| glooMeshMgmtServer.relay.tlsSecret.name |
string |
|
relay-server-tls-secret |
| glooMeshMgmtServer.relay.tlsSecret.namespace |
string |
|
|
| glooMeshMgmtServer.relay.tokenSecret |
struct |
Secret containing a shared token for authenticating Gloo agents when they first communicate with the management server. |
|
| glooMeshMgmtServer.relay.tokenSecret.key |
string |
Key value of the data within the Kubernetes secret. |
token |
| glooMeshMgmtServer.relay.tokenSecret.name |
string |
Name of the Kubernetes secret. |
relay-identity-token-secret |
| glooMeshMgmtServer.relay.tokenSecret.namespace |
string |
Namespace of the Kubernetes secret. |
|
| glooMeshMgmtServer.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
{“requests”:{“cpu”:“125m”,“memory”:“1Gi”}} |
| glooMeshMgmtServer.runAsUser |
uint32 |
Static user ID to run the containers as. Unused if floatingUserId is ‘true’. |
10101 |
| glooMeshMgmtServer.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshMgmtServer.serviceAccount |
struct |
Service account configuration to use for the management server deployment. |
|
| glooMeshMgmtServer.serviceAccount.extraAnnotations |
map[string, string] |
Extra annotations to add to the service account. |
null |
| glooMeshMgmtServer.serviceAccount.extraAnnotations.<MAP_KEY> |
string |
Extra annotations to add to the service account. |
|
| glooMeshMgmtServer.serviceOverrides |
struct |
Arbitrary overrides for the component's service template. |
|
| glooMeshMgmtServer.serviceType |
string |
Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”. |
LoadBalancer |
| glooMeshMgmtServer.sidecars |
map[string, struct] |
Optional configuration for the deployed containers. |
{} |
| glooMeshMgmtServer.sidecars.<MAP_KEY> |
struct |
Optional configuration for the deployed containers. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image |
struct |
Container image. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image.pullPolicy |
string |
Image pull policy. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image.registry |
string |
Image registry. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image.repository |
string |
Image name (repository). |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.image.tag |
string |
Version tag for the container image. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
|
| glooMeshMgmtServer.sidecars.<MAP_KEY>.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshMgmtServer.statsPort |
uint32 |
Port on the management server deployment to pull stats from. |
9091 |
| glooMeshMgmtServer.verbose |
bool |
Enable verbose/debug logging. |
false |
| glooMeshRedis |
struct |
|
|
| glooMeshRedis |
struct |
Configuration for the glooMeshRedis deployment. |
|
| glooMeshRedis.addr |
string |
Deprecated: Use ‘redis.address’ instead. |
|
| glooMeshRedis.deploymentOverrides |
struct |
Arbitrary overrides for the component's deployment template. |
|
| glooMeshRedis.enabled |
bool |
Deploy the default Redis instance. |
true |
| glooMeshRedis.enabled |
bool |
Enable creation of the deployment/service. |
true |
| glooMeshRedis.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
[{“name”:“MASTER”,“value”:“true”}] |
| glooMeshRedis.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshRedis.floatingUserId |
bool |
Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations. |
false |
| glooMeshRedis.floatingUserId |
bool |
Set to true to use a floating user ID. |
false |
| glooMeshRedis.image |
struct |
Container image. |
|
| glooMeshRedis.image.pullPolicy |
string |
Image pull policy. |
IfNotPresent |
| glooMeshRedis.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshRedis.image.registry |
string |
Image registry. |
docker.io |
| glooMeshRedis.image.repository |
string |
Image name (repository). |
redis |
| glooMeshRedis.image.tag |
string |
Version tag for the container image. |
|
| glooMeshRedis.ports |
map[string, uint32] |
Service ports as a map from port name to port number. |
{“redis”:6379} |
| glooMeshRedis.ports.<MAP_KEY> |
uint32 |
Service ports as a map from port name to port number. |
|
| glooMeshRedis.ports.redis |
uint32 |
Service ports as a map from port name to port number. |
6379 |
| glooMeshRedis.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}} |
| glooMeshRedis.runAsUser |
uint32 |
Static user ID to run the containers as. Unused if floatingUserId is ‘true’. |
10101 |
| glooMeshRedis.runAsUser |
int |
User ID to run Redis as. |
999 |
| glooMeshRedis.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
{“capabilities”:{“drop”:[“ALL”]},“runAsUser”:999,“runAsNonRoot”:true,“readOnlyRootFilesystem”:true,“allowPrivilegeEscalation”:false} |
| glooMeshRedis.serviceOverrides |
struct |
Arbitrary overrides for the component's service template. |
|
| glooMeshRedis.serviceType |
string |
Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”. |
ClusterIP |
| glooMeshRedis.sidecars |
map[string, struct] |
Optional configuration for the deployed containers. |
{} |
| glooMeshRedis.sidecars.<MAP_KEY> |
struct |
Optional configuration for the deployed containers. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image |
struct |
Container image. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image.pullPolicy |
string |
Image pull policy. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image.registry |
string |
Image registry. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image.repository |
string |
Image name (repository). |
|
| glooMeshRedis.sidecars.<MAP_KEY>.image.tag |
string |
Version tag for the container image. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
|
| glooMeshRedis.sidecars.<MAP_KEY>.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshUi |
struct |
|
|
| glooMeshUi |
struct |
Configuration for the glooMeshUi deployment. |
|
| glooMeshUi.auth |
struct |
Configure authentication for the UI. |
|
| glooMeshUi.auth.backend |
string |
Authentication backend to use. ‘oidc’ is supported. |
|
| glooMeshUi.auth.enabled |
bool |
Require authentication to access the UI. |
false |
| glooMeshUi.auth.oidc |
struct |
Settings for the OpenID Connect (OIDC) backend. |
|
| glooMeshUi.auth.oidc.appUrl |
string |
URL that the UI for OIDC app is available at, from the DNS and other ingress settings that expose OIDC app UI service. |
|
| glooMeshUi.auth.oidc.clientId |
string |
OIDC client ID |
|
| glooMeshUi.auth.oidc.clientSecret |
string |
Plaintext OIDC client secret, which will be encoded in base64 and stored in a secret named the value of ‘clientSecretName’. |
|
| glooMeshUi.auth.oidc.clientSecretName |
string |
Name for the secret that will contain the client secret. |
|
| glooMeshUi.auth.oidc.issuerUrl |
string |
Issuer URL from the OIDC provider, such as ‘https://.<provider_url>/'. |
|
| glooMeshUi.auth.oidc.session |
struct |
Session storage configuration. If omitted, a cookie is used. |
|
| glooMeshUi.auth.oidc.session.backend |
string |
Backend to use for auth session storage. ‘cookie’ and ‘redis’ are supported. |
|
| glooMeshUi.auth.oidc.session.redis |
struct |
Redis instance configuration. |
|
| glooMeshUi.auth.oidc.session.redis.host |
string |
Host at which the Redis instance is accessible. To use the default Redis deployment, specify ‘redis.gloo-mesh.svc.cluster.local:6379’. |
|
| glooMeshUi.deploymentOverrides |
struct |
Arbitrary overrides for the component's deployment template. |
|
| glooMeshUi.enabled |
bool |
Deploy the gloo-mesh-ui. |
true |
| glooMeshUi.enabled |
bool |
Enable creation of the deployment/service. |
true |
| glooMeshUi.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
[{“name”:“POD_NAMESPACE”,“valueFrom”:{“fieldRef”:{“fieldPath”:“metadata.namespace”}}},{“name”:“LICENSE_KEY”,“valueFrom”:{“secretKeyRef”:{“name”:“gloo-mesh-enterprise-license”,“key”:“key”,“optional”:true}}},{“name”:“REDIS_USERNAME”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“username”,“optional”:true}}},{“name”:“REDIS_PASSWORD”,“valueFrom”:{“secretKeyRef”:{“name”:“redis-auth-secrets”,“key”:“password”,“optional”:true}}},{“name”:“K8S_MEM_LIMIT”,“valueFrom”:{“resourceFieldRef”:{“resource”:“limits.memory”,“divisor”:“1”}}}] |
| glooMeshUi.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshUi.floatingUserId |
bool |
Allow the pod to be assigned a dynamic user ID. Required for OpenShift installations. |
false |
| glooMeshUi.image |
struct |
Container image. |
|
| glooMeshUi.image.pullPolicy |
string |
Image pull policy. |
IfNotPresent |
| glooMeshUi.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshUi.image.registry |
string |
Image registry. |
gcr.io/gloo-mesh |
| glooMeshUi.image.repository |
string |
Image name (repository). |
gloo-mesh-apiserver |
| glooMeshUi.image.tag |
string |
Version tag for the container image. |
|
| glooMeshUi.ipVersion |
string |
Configure IP version to ipv4, ipv6 or dualStack. Defaults to dualStack. |
dualStack |
| glooMeshUi.licenseSecretName |
string |
Provide license keys in a secret in the adminNamespace of the management cluster, instead of in the license key fields. |
|
| glooMeshUi.namespacedRbac[] |
[]struct |
Scopes watches and RBAC policies for the given set of GVKs to the given set of namespaces. Currently, ‘secrets’ are the only supported resource. |
[{“resources”:[],“namespaces”:[]}] |
| glooMeshUi.namespacedRbac[].namespaces[] |
[]string |
|
|
| glooMeshUi.namespacedRbac[].resources[] |
[]string |
|
|
| glooMeshUi.ports |
map[string, uint32] |
Service ports as a map from port name to port number. |
{“console”:8090,“grpc”:10101,“healthcheck”:8081} |
| glooMeshUi.ports.<MAP_KEY> |
uint32 |
Service ports as a map from port name to port number. |
|
| glooMeshUi.ports.console |
uint32 |
Service ports as a map from port name to port number. |
8090 |
| glooMeshUi.ports.grpc |
uint32 |
Service ports as a map from port name to port number. |
10101 |
| glooMeshUi.ports.healthcheck |
uint32 |
Service ports as a map from port name to port number. |
8081 |
| glooMeshUi.prometheusUrl |
string |
Prometheus server address. |
|
| glooMeshUi.readOnlyGeneratedResources |
bool |
If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI. |
false |
| glooMeshUi.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}} |
| glooMeshUi.runAsUser |
uint32 |
Static user ID to run the containers as. Unused if floatingUserId is ‘true’. |
10101 |
| glooMeshUi.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.serviceOverrides |
struct |
Arbitrary overrides for the component's service template. |
|
| glooMeshUi.serviceType |
string |
Kubernetes service type. Can be either “ClusterIP”, “NodePort”, “LoadBalancer”, or “ExternalName”. |
ClusterIP |
| glooMeshUi.settingsName |
string |
Name of the UI settings object to use. |
settings |
| glooMeshUi.sidecars |
map[string, struct] |
Optional configuration for the deployed containers. |
{“console”:{“image”:{“repository”:“gloo-mesh-ui”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:null,“extraEnvs”:{},“resources”:{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}}},“envoy”:{“image”:{“repository”:“gloo-mesh-envoy”,“registry”:“gcr.io/gloo-mesh”,“pullPolicy”:“IfNotPresent”},“env”:[{“name”:“ENVOY_UID”,“value”:“0”}],“extraEnvs”:{},“resources”:{“requests”:{“cpu”:“500m”,“memory”:“256Mi”}}}} |
| glooMeshUi.sidecars.<MAP_KEY> |
struct |
Optional configuration for the deployed containers. |
|
| glooMeshUi.sidecars.<MAP_KEY>.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.sidecars.<MAP_KEY>.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshUi.sidecars.<MAP_KEY>.image |
struct |
Container image. |
|
| glooMeshUi.sidecars.<MAP_KEY>.image.pullPolicy |
string |
Image pull policy. |
|
| glooMeshUi.sidecars.<MAP_KEY>.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshUi.sidecars.<MAP_KEY>.image.registry |
string |
Image registry. |
|
| glooMeshUi.sidecars.<MAP_KEY>.image.repository |
string |
Image name (repository). |
|
| glooMeshUi.sidecars.<MAP_KEY>.image.tag |
string |
Version tag for the container image. |
|
| glooMeshUi.sidecars.<MAP_KEY>.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.sidecars.<MAP_KEY>.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.sidecars.console |
struct |
Optional configuration for the deployed containers. |
|
| glooMeshUi.sidecars.console.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
null |
| glooMeshUi.sidecars.console.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshUi.sidecars.console.image |
struct |
Container image. |
|
| glooMeshUi.sidecars.console.image.pullPolicy |
string |
Image pull policy. |
IfNotPresent |
| glooMeshUi.sidecars.console.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshUi.sidecars.console.image.registry |
string |
Image registry. |
gcr.io/gloo-mesh |
| glooMeshUi.sidecars.console.image.repository |
string |
Image name (repository). |
gloo-mesh-ui |
| glooMeshUi.sidecars.console.image.tag |
string |
Version tag for the container image. |
|
| glooMeshUi.sidecars.console.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
{“requests”:{“cpu”:“125m”,“memory”:“256Mi”}} |
| glooMeshUi.sidecars.console.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.sidecars.envoy |
struct |
Optional configuration for the deployed containers. |
|
| glooMeshUi.sidecars.envoy.env[] |
slice |
Environment variables for the container. For more info, see the Kubernetes documentation. |
[{“name”:“ENVOY_UID”,“value”:“0”}] |
| glooMeshUi.sidecars.envoy.extraEnvs |
struct |
Extra environment variables for the container |
|
| glooMeshUi.sidecars.envoy.image |
struct |
Container image. |
|
| glooMeshUi.sidecars.envoy.image.pullPolicy |
string |
Image pull policy. |
IfNotPresent |
| glooMeshUi.sidecars.envoy.image.pullSecret |
string |
Image pull secret. |
|
| glooMeshUi.sidecars.envoy.image.registry |
string |
Image registry. |
gcr.io/gloo-mesh |
| glooMeshUi.sidecars.envoy.image.repository |
string |
Image name (repository). |
gloo-mesh-envoy |
| glooMeshUi.sidecars.envoy.image.tag |
string |
Version tag for the container image. |
|
| glooMeshUi.sidecars.envoy.resources |
struct |
Container resource requirements. For more info, see the Kubernetes documentation. |
{“requests”:{“cpu”:“500m”,“memory”:“256Mi”}} |
| glooMeshUi.sidecars.envoy.securityContext |
struct |
Container security context. Set to ‘false’ to omit the security context entirely. For more info, see the Kubernetes documentation. |
|
| glooMeshUi.tracing |
struct |
Configure the tracing page for the UI. Tracing page is disabled if not configured. |
|
| glooMeshUi.tracing.basePath |
string |
Base path the tracing UI expects to be rendered on. |
|
| glooMeshUi.tracing.endpoint |
string |
Endpoint of the tracing UI that will be embedded on the tracing page. |
|
| glooMeshUi.tracing.port |
int32 |
Port of the tracing UI that will be embedded on the tracing page. |
0 |
| glooMeshUi.verbose |
bool |
Enable verbose/debug logging. |
false |
| glooNetwork |
struct |
Gloo Network configuration options. |
|
| glooNetwork.enabled |
bool |
Enable translation of network policies to enforce access policies and service isolation. |
false |
| glooNetworkLicenseKey |
string |
Gloo Network license key. |
|
| glooTrialLicenseKey |
string |
Gloo trial license key, for a trial installation of all products. |
|
| insecure |
bool |
Permit unencrypted and unauthenticated communication between Gloo control and data planes. Do not use in production. |
false |
| leaderElection |
bool |
Enable leader election for the high-availability deployment. |
true |
| legacyMetricsPipeline |
struct |
Configuration for the legacy metrics pipeline, which is unsupported in Gloo Platform version 2.4 and later. |
|
| legacyMetricsPipeline.enabled |
bool |
Set to false to disable the legacy telemetry pipeline. |
true |
| licenseKey |
string |
Deprecated: Legacy Gloo Mesh Enterprise license key. Use individual product license fields, the trial license field, or a license secret instead. |
|
| licenseSecretName |
string |
Provide license keys in a secret in the adminNamespace of the management cluster, instead of in the license key fields. |
license-keys |
| mgmtClusterName |
string |
DEPRECATED: Use global.cluster. |
|
| prometheus |
map |
Helm values for configuring Prometheus. See the Prometheus Helm chart for the complete set of values. |
|
| prometheusUrl |
string |
Prometheus server address. |
http://prometheus-server |
| readOnlyGeneratedResources |
bool |
If true, the deployment only reads Istio resource outputs that are created by Gloo Platform, and filters out Istio resource fields that Gloo Mesh cannot properly unmarshal. These other resource outputs are not visible in the Gloo UI. |
false |
| redis |
struct |
Redis configuration options. |
|
| redis.address |
string |
Address to use when connecting to the Redis instance. To use the default Redis deployment, specify ‘redis.gloo-mesh.svc.cluster.local:6379’. |
gloo-mesh-redis.gloo-mesh:6379 |
| redis.auth |
struct |
Optional authentication values to use when connecting to the Redis instance |
|
| redis.auth.enabled |
bool |
Connect to the Redis instance with a password |
false |
| redis.auth.passwordKey |
string |
The secret key containing the password to use for authentication |
password |
| redis.auth.secretName |
string |
Name of the k8s secret that contains the password |
redis-auth-secrets |
| redis.auth.usernameKey |
string |
The secret key containing the username to use for authentication |
username |
| redis.certs |
struct |
Configuration for TLS verification when connecting to the Redis instance |
|
| redis.certs.caCertKey |
string |
The secret key containing the ca cert |
|
| redis.certs.enabled |
bool |
Enable a secure network connection to the Redis instance via TLS |
false |
| redis.certs.secretName |
string |
Name of the k8s secret that contains the certs |
redis-certs |
| redis.connection |
struct |
Optional connection parameters |
|
| redis.connection.connMaxIdleTime |
string |
The maximum amount of time a connection may be idle. Should be less than server's timeout. Default is 30 minutes. -1 disables idle timeout check. |
5m0s |
| redis.connection.connMaxLifetime |
string |
The maximum amount of time a connection may be reused. If <= 0, connections are not closed due to a connection's age. |
0 |
| redis.connection.contextTimeoutEnabled |
bool |
ContextTimeoutEnabled controls whether the client respects context timeouts and deadlines. |
false |
| redis.connection.dialTimeout |
string |
Dial timeout for establishing new connections. Default is 5 seconds. |
5s |
| redis.connection.idleTimeout |
string |
Deprecated: in favor of ‘connMaxIdleTime’. Amount of time after which client closes idle connections. Should be less than server's timeout. Default is 30 minutes. -1 disables idle timeout check. |
5m0s |
| redis.connection.masterName |
string |
The master name. Only needed for sentinel mode. |
|
| redis.connection.maxConnAge |
string |
Deprecated: in favor of using ‘connMaxLifetime’. Connection age at which client retires (closes) the connection. Default is to not close aged connections. |
0 |
| redis.connection.maxIdleConns |
int |
Maximum number of idle connections. |
0 |
| redis.connection.maxRedirects |
int |
The maximum number of retries before giving up. Command is retried on network errors and MOVED/ASK redirects. Default is 3 retries. |
3 |
| redis.connection.maxRetries |
int |
Maximum number of retries before giving up. Default is 3. -1 disables retries. |
3 |
| redis.connection.maxRetryBackoff |
string |
Maximum backoff between each retry. Default is 512 milliseconds. -1 disables backoff. |
512ms |
| redis.connection.minIdleConns |
int |
Minimum number of idle connections which is useful when establishing new connection is slow. |
0 |
| redis.connection.minRetryBackoff |
string |
Minimum backoff between each retry. Default is 8 milliseconds. -1 disables backoff. |
8ms |
| redis.connection.poolFifo |
bool |
Type of connection pool. true for FIFO pool. false for LIFO pool. Note that FIFO has higher overhead compared to LIFO. |
false |
| redis.connection.poolSize |
int |
Maximum number of socket connections. Default is 10 connections per every available CPU as reported by runtime.GOMAXPROCS. |
0 |
| redis.connection.poolTimeout |
string |
Amount of time client waits for connection if all connections are busy before returning an error. Default is ReadTimeout + 1 second. |
|
| redis.connection.readOnly |
bool |
Enables read-only commands on slave nodes. Default is false. |
false |
| redis.connection.readTimeout |
string |
Timeout for socket reads. if reached, commands will fail with a timeout instead of blocking. Default is 3 seconds. -1 disables timeout. 0 uses the default value. |
3s |
| redis.connection.routeByLatency |
bool |
Allows routing read-only commands to the closest master or slave node. It automatically enables ReadOnly. |
false |
| redis.connection.routeRandomly |
bool |
Allows routing read-only commands to the random master or slave node. It automatically enables ReadOnly. |
false |
| redis.connection.writeTimeout |
string |
Timeout for socket writes. If reached, commands will fail with a timeout instead of blocking. Default is ReadTimeout. |
3s |
| redis.db |
int |
DB to connect to |
0 |
| registerMgmtPlane |
struct |
Set up the management cluster with the Gloo management server, register a Gloo agent, and create a simple workspace that selects all registered clusters and namespaces by default. This way, you can get started quickly for single cluster or testing setups. For multicluster or production setups, use your own fine-grained workspaces instead. |
|
| registerMgmtPlane.GlooAgentValues |
struct |
See the gloo-mesh-agent helm chart docs for more |
|
| registerMgmtPlane.enabled |
bool |
enable installation of the agent when installing the management server |
false |
| telemetryGateway |
struct |
Configuration for the Gloo Platform Telemetry Gateway. See the OpenTelemetry Helm chart for the complete set of values. |
|
| telemetryGateway.clusterRole |
map[string, interface] |
|
{“create”:true,“rules”:[{“apiGroups”:[""],“resources”:[“nodes”,“nodes/proxy”,“nodes/metrics”,“services”,“endpoints”,“pods”,“ingresses”,“configmaps”],“verbs”:[“get”,“list”,“watch”]},{“apiGroups”:[“extensions”,“networking.k8s.io”],“resources”:[“ingresses/status”,“ingresses”],“verbs”:[“get”,“list”,“watch”]},{“nonResourceURLs”:["/metrics”],“verbs”:[“get”]}]} |
| telemetryGateway.clusterRole.<MAP_KEY> |
interface |
|
|
| telemetryGateway.clusterRole.create |
interface |
|
|
| telemetryGateway.clusterRole.rules |
interface |
|
|
| telemetryGateway.command |
map[string, interface] |
|
{“extraArgs”:["–config=/conf/relay.yaml”],“name”:“gloo-otel-collector”} |
| telemetryGateway.command.<MAP_KEY> |
interface |
|
|
| telemetryGateway.command.extraArgs |
interface |
|
|
| telemetryGateway.command.name |
interface |
|
|
| telemetryGateway.config |
map[string, interface] |
|
null |
| telemetryGateway.config.<MAP_KEY> |
interface |
|
|
| telemetryGateway.configMap |
map[string, interface] |
|
{“create”:false} |
| telemetryGateway.configMap.<MAP_KEY> |
interface |
|
|
| telemetryGateway.configMap.create |
interface |
|
|
| telemetryGateway.enabled |
bool |
|
false |
| telemetryGateway.extraEnvs[] |
[]map |
|
null |
| telemetryGateway.extraVolumeMounts[] |
[]map |
|
[{“mountPath”:"/etc/otel-certs”,“name”:“tls-keys”,“readOnly”:true},{“mountPath”:"/conf”,“name”:“telemetry-configmap”}] |
| telemetryGateway.extraVolumes[] |
[]map |
|
[{“name”:“tls-keys”,“secret”:{“defaultMode”:420,“secretName”:“gloo-telemetry-gateway-tls-secret”}},{“configMap”:{“items”:[{“key”:“relay”,“path”:“relay.yaml”}],“name”:“gloo-telemetry-gateway-config”},“name”:“telemetry-configmap”}] |
| telemetryGateway.fullnameOverride |
string |
|
gloo-telemetry-gateway |
| telemetryGateway.image |
struct |
|
|
| telemetryGateway.image.pullPolicy |
string |
|
IfNotPresent |
| telemetryGateway.image.repository |
string |
|
gcr.io/gloo-mesh/gloo-otel-collector |
| telemetryGateway.image.tag |
string |
|
|
| telemetryGateway.mode |
string |
|
deployment |
| telemetryGateway.nameOverride |
string |
|
|
| telemetryGateway.namespaceOverride |
string |
|
|
| telemetryGateway.podAnnotations |
map[string, interface] |
|
{“prometheus.io/path”:"/metrics”,“prometheus.io/port”:“9091”,“prometheus.io/scrape”:“true”} |
| telemetryGateway.podAnnotations.<MAP_KEY> |
interface |
|
|
| telemetryGateway.podAnnotations.prometheus.io/path |
interface |
|
|
| telemetryGateway.podAnnotations.prometheus.io/port |
interface |
|
|
| telemetryGateway.podAnnotations.prometheus.io/scrape |
interface |
|
|
| telemetryGateway.ports |
map[string, interface] |
|
{“jaeger-compact”:{“enabled”:false},“jaeger-grpc”:{“enabled”:false},“jaeger-thrift”:{“enabled”:false},“otlp”:{“containerPort”:4317,“enabled”:true,“hostPort”:0,“protocol”:“TCP”,“servicePort”:4317},“otlp-http”:{“enabled”:false},“zipkin”:{“enabled”:false}} |
| telemetryGateway.ports.<MAP_KEY> |
interface |
|
|
| telemetryGateway.ports.jaeger-compact |
interface |
|
|
| telemetryGateway.ports.jaeger-grpc |
interface |
|
|
| telemetryGateway.ports.jaeger-thrift |
interface |
|
|
| telemetryGateway.ports.otlp |
interface |
|
|
| telemetryGateway.ports.otlp-http |
interface |
|
|
| telemetryGateway.ports.zipkin |
interface |
|
|
| telemetryGateway.presets |
map[string, interface] |
|
{“clusterMetrics”:{“enabled”:false},“hostMetrics”:{“enabled”:false},“kubeletMetrics”:{“enabled”:false},“kubernetesAttributes”:{“enabled”:false},“logsCollection”:{“enabled”:false,“includeCollectorLogs”:false}} |
| telemetryGateway.presets.<MAP_KEY> |
interface |
|
|
| telemetryGateway.presets.clusterMetrics |
interface |
|
|
| telemetryGateway.presets.hostMetrics |
interface |
|
|
| telemetryGateway.presets.kubeletMetrics |
interface |
|
|
| telemetryGateway.presets.kubernetesAttributes |
interface |
|
|
| telemetryGateway.presets.logsCollection |
interface |
|
|
| telemetryGateway.replicaCount |
int |
|
1 |
| telemetryGateway.resources |
map[string, interface] |
|
{“requests”:{“cpu”:“200m”,“memory”:“300Mi”}} |
| telemetryGateway.resources.<MAP_KEY> |
interface |
|
|
| telemetryGateway.resources.requests |
interface |
|
|
| telemetryGateway.service |
map[string, interface] |
|
{“type”:“LoadBalancer”} |
| telemetryGateway.service.<MAP_KEY> |
interface |
|
|
| telemetryGateway.service.type |
interface |
|
|
| telemetryGateway.tolerations[] |
[]interface |
|
null |
| telemetryGatewayCustomization |
struct |
Customization for the Gloo Platform Telemetry Gateway. |
|
| telemetryGatewayCustomization.compatibleService |
bool |
OTel Collector service excluding the field internalTrafficPolicy, compatible with k8s < 1.26 |
false |
| telemetryGatewayCustomization.disableCertGeneration |
bool |
Disable cert generation for the Gloo Platform Telemetry Gateway. |
false |
| telemetryGatewayCustomization.disableDefaultPipeline |
bool |
Deprecated in favor of the pipelines field, which allows selectively enabling or customizing pipelines. Disables the default metrics/prometheus pipeline. |
false |
| telemetryGatewayCustomization.extraExporters |
struct |
Configuration for extra exporters, such as to forward your data to a third-party provider. Exporters can forward the data to a destination on the local or remote network. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse |
map[string, interface] |
An exporter to forward data to Clickhouse. |
{“database”:“default”,“endpoint”:“tcp://clickhouse.gloo-mesh.svc:9000?dial_timeout=10s\u0026compress=lz4”,“logs_table_name”:“gloo_api_logs”,“password”:“default”,“retry_on_failure”:{“enabled”:true,“initial_interval”:“1s”,“max_elapsed_time”:“5m”,“max_interval”:“30s”},“timeout”:“5s”,“ttl_days”:3,“username”:“default”} |
| telemetryGatewayCustomization.extraExporters.clickhouse.<MAP_KEY> |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.database |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.endpoint |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.logs_table_name |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.password |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.retry_on_failure |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.timeout |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.ttl_days |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraExporters.clickhouse.username |
interface |
An exporter to forward data to Clickhouse. |
|
| telemetryGatewayCustomization.extraPipelines |
map[string, interface] |
Specify any added receivers, processors, or exporters in an extra pipeline. |
null |
| telemetryGatewayCustomization.extraPipelines.<MAP_KEY> |
interface |
Specify any added receivers, processors, or exporters in an extra pipeline. |
|
| telemetryGatewayCustomization.extraProcessors |
struct |
Configuration for extra processors to drop and generate new data. Processors transform data before it is forwarded to downstream processors and/or exporters. For more information, see the OTel documentation. |
|
| telemetryGatewayCustomization.extraProcessors.batch |
map[string, interface] |
The batch processor accepts spans, metrics, or logs and places them into batches. For more information, see Batch Processor. |
{“send_batch_max_size”:3000,“send_batch_size”:2000,“timeout”:“600ms”} |
| telemetryGatewayCustomization.extraProcessors.batch.<MAP_KEY> |
interface |
The batch processor accepts spans, metrics, or logs and places them into batches. For more information, see Batch Processor. |
|
| telemetryGatewayCustomization.extraProcessors.batch.send_batch_max_size |
interface |
The batch processor accepts spans, metrics, or logs and places them into batches. For more information, see Batch Processor. |
|
| telemetryGatewayCustomization.extraProcessors.batch.send_batch_size |
interface |
The batch processor accepts spans, metrics, or logs and places them into batches. For more information, see Batch Processor. |
|
| telemetryGatewayCustomization.extraProcessors.batch.timeout |
interface |
The batch processor accepts spans, metrics, or logs and places them into batches. For more information, see Batch Processor. |
|
| telemetryGatewayCustomization.extraProcessors.batch/logs |
struct |
The batch log processor accepts logs and places them into batches. For more information, see Batch Processor. |
|
| telemetryGatewayCustomization.extraProcessors.batch/logs.metadata_cardinality_limit |
int |
the maximum number of batcher instances that will be created through a distinct combination of MetadataKeys. |
0 |
| telemetryGatewayCustomization.extraProcessors.batch/logs.metadata_keys[] |
[]string |
List of clients. Metadata keys that will be used to form distinct batchers. If this setting is empty a single batcher instance will be used. When a batcher instance is full, it will be sent and a new batcher instance will be created. |
[] |
| telemetryGatewayCustomization.extraProcessors.batch/logs.send_batch_max_size |
int |
The maximum size of a batch. If the batch size is larger than this value, the batch is sent. |
100 |
| telemetryGatewayCustomization.extraProcessors.batch/logs.send_batch_size |
int |
The maximum number of traces or metrics to include in a batch. |
100 |
| telemetryGatewayCustomization.extraProcessors.batch/logs.timeout |
string |
The maximum amount of time to wait for a batch to be filled before sending it anyway. |
5s |
| telemetryGatewayCustomization.extraProcessors.memory_limiter |
map[string, interface] |
The memory limiter processor is used to prevent out of memory situations on the collector. For more information, see Memory Limiter Processor. |
{“check_interval”:“1s”,“limit_percentage”:85,“spike_limit_percentage”:10} |
| telemetryGatewayCustomization.extraProcessors.memory_limiter.<MAP_KEY> |
interface |
The memory limiter processor is used to prevent out of memory situations on the collector. For more information, see Memory Limiter Processor. |
|
| telemetryGatewayCustomization.extraProcessors.memory_limiter.check_interval |
interface |
The memory limiter processor is used to prevent out of memory situations on the collector. For more information, see Memory Limiter Processor. |
|
| telemetryGatewayCustomization.extraProcessors.memory_limiter.limit_percentage |
interface |
The memory limiter processor is used to prevent out of memory situations on the collector. For more information, see Memory Limiter Processor. |
|
| telemetryGatewayCustomization.extraProcessors.memory_limiter.spike_limit_percentage |
interface |
The memory limiter processor is used to prevent out of memory situations on the collector. For more information, see Memory Limiter Processor. |
|
| telemetryGatewayCustomization.extraReceivers |
map[string, interface] |
Configuration for extra receivers, such as to scrape extra Prometheus targets. Receivers listen on a network port to receive telemetry data. |
null |
| telemetryGatewayCustomization.extraReceivers.<MAP_KEY> |
interface |
Configuration for extra receivers, such as to scrape extra Prometheus targets. Receivers listen on a network port to receive telemetry data. |
|
| telemetryGatewayCustomization.pipelines |
struct |
Selectively enable, disable, or customize any of the default pipelines. |
|
| telemetryGatewayCustomization.pipelines.logs/clickhouse |
struct |
A pre-defined pipeline that forwards Istio access logs that the collector agents receive to Clickhouse. |
|
| telemetryGatewayCustomization.pipelines.logs/clickhouse.enabled |
bool |
Determines whether the Gloo OTel pipeline is enabled or disabled. |
false |
| telemetryGatewayCustomization.pipelines.logs/clickhouse.pipeline |
struct |
The configuration of the Gloo OTel pipeline. |
|
| telemetryGatewayCustomization.pipelines.logs/clickhouse.pipeline.exporters[] |
[]string |
List of exporters to use in the pipeline. |
[“clickhouse”] |
| telemetryGatewayCustomization.pipelines.logs/clickhouse.pipeline.processors[] |
[]string |
List of processors to use in the pipeline. |
[“batch/logs”] |
| telemetryGatewayCustomization.pipelines.logs/clickhouse.pipeline.receivers[] |
[]string |
List of receivers to use in the pipeline. |
[“otlp”] |
| telemetryGatewayCustomization.pipelines.logs/redis_stream |
struct |
Configure the exporting of telemetry into redis streams. |
|
| telemetryGatewayCustomization.pipelines.logs/redis_stream.enabled |
bool |
Determines whether the Gloo OTel pipeline is enabled or disabled. |
false |
| telemetryGatewayCustomization.pipelines.logs/redis_stream.pipeline |
struct |
The configuration of the Gloo OTel pipeline. |
|
| telemetryGatewayCustomization.pipelines.logs/redis_stream.pipeline.exporters[] |
[]string |
List of exporters to use in the pipeline. |
[“redisstream”] |
| telemetryGatewayCustomization.pipelines.logs/redis_stream.pipeline.processors[] |
[]string |
List of processors to use in the pipeline. |
[“batch/logs”] |
| telemetryGatewayCustomization.pipelines.logs/redis_stream.pipeline.receivers[] |
[]string |
List of receivers to use in the pipeline. |
[“otlp”] |
| telemetryGatewayCustomization.pipelines.metrics/prometheus |
struct |
A pre-defined pipeline that collects metrics from various sources, such as the Gloo management server, Gloo Platform, Istio, Cilium, and the Gloo OTel pipeline, and makes this data available to the built-in Prometheus server. |
|
| telemetryGatewayCustomization.pipelines.metrics/prometheus.enabled |
bool |
Determines whether the Gloo OTel pipeline is enabled or disabled. |
true |
| telemetryGatewayCustomization.pipelines.metrics/prometheus.pipeline |
struct |
The configuration of the Gloo OTel pipeline. |
|
| telemetryGatewayCustomization.pipelines.metrics/prometheus.pipeline.exporters[] |
[]string |
List of exporters to use in the pipeline. |
[“prometheus”] |
| telemetryGatewayCustomization.pipelines.metrics/prometheus.pipeline.processors[] |
[]string |
List of processors to use in the pipeline. |
[“memory_limiter”,“batch”] |
| telemetryGatewayCustomization.pipelines.metrics/prometheus.pipeline.receivers[] |
[]string |
List of receivers to use in the pipeline. |
[“otlp”,“prometheus”] |
| telemetryGatewayCustomization.pipelines.traces/jaeger |
struct |
A pre-defined pipeline that collects traces to observe and monitor traffic requests, and makes them available to the built-in Jaeger tracing platform demo. |
|
| telemetryGatewayCustomization.pipelines.traces/jaeger.enabled |
bool |
Determines whether the Gloo OTel pipeline is enabled or disabled. |
false |
| telemetryGatewayCustomization.pipelines.traces/jaeger.pipeline |
struct |
The configuration of the Gloo OTel pipeline. |
|
| telemetryGatewayCustomization.pipelines.traces/jaeger.pipeline.exporters[] |
[]string |
List of exporters to use in the pipeline. |
[“otlp/jaeger”] |
| telemetryGatewayCustomization.pipelines.traces/jaeger.pipeline.processors[] |
[]string |
List of processors to use in the pipeline. |
[“batch”] |
| telemetryGatewayCustomization.pipelines.traces/jaeger.pipeline.receivers[] |
[]string |
List of receivers to use in the pipeline. |
[“otlp”] |
| telemetryGatewayCustomization.reloadTlsCertificate |
struct |
Interval of time between reloading the TLS certificate of the telemetry gateway. |
|
| telemetryGatewayCustomization.reloadTlsCertificate.nanos |
int32 |
|
0 |
| telemetryGatewayCustomization.reloadTlsCertificate.seconds |
int64 |
|
0 |
| telemetryGatewayCustomization.serverName |
string |
SNI and certificate subject alternative name used in the telemetry gateway certificate. |
gloo-telemetry-gateway.gloo-mesh |
| telemetryGatewayCustomization.telemetry |
map[string, interface] |
Configure the service telemetry (logs and metrics) as described in the otel-collector docs. |
{“metrics”:{“address”:“0.0.0.0:8888”}} |
| telemetryGatewayCustomization.telemetry.<MAP_KEY> |
interface |
Configure the service telemetry (logs and metrics) as described in the otel-collector docs. |
|
| telemetryGatewayCustomization.telemetry.metrics |
interface |
Configure the service telemetry (logs and metrics) as described in the otel-collector docs. |
|
| verbose |
bool |
Enable verbose/debug logging. |
false |
