Package :



Table of Contents


Settings for Gloo Mesh discovery.

Field Type Label Description
istio Istio-specific discovery settings


Istio-specific discovery settings

Field Type Label Description
ingressGatewayDetectors [] repeated DEPRECATED: all externally addressable destinations are captured in the Destination CRD, and the VirtualMesh and VirtualGateway enables selecting specific Destinations to act as ingress gateways.
Configure discovery of ingress gateways per cluster. The key to the map is either a Gloo Mesh cluster name or * denoting all clusters. If an entry is found for a given cluster, it will be used. Otherwise, the wildcard entry will be used if it exists. Lastly, we will fall back to a set of default values.


Configure discovery of ingress gateways.

Field Type Label Description
gatewayWorkloadLabels [] repeated Workload labels used to detect ingress gateways for an Istio deployment. If not specified, will default to {"istio": "ingressgateway"}.
gatewayTlsPortName string The name of the TLS port used to detect ingress gateways. Kubernetes services must have a port with this name in order to be recognized as an ingress gateway. If not specified, will default to tls.


Field Type Label Description
key string
value string


Field Type Label Description
key string


Options for connecting to an external gRPC server.

Field Type Label Description
address string TCP address of the gRPC Server (including port).
insecure bool If true communicate over HTTP rather than HTTPS.
reconnectOnNetworkFailures bool If true Gloo Mesh will automatically attempt to reconnect to the server after encountering network failures.


RelaySettings contains options for configuring Gloo Mesh to use Relay for cluster management. Relay provides a way for connecting Gloo Mesh to remote Kubernetes Clusters without the need to share credentials and access to remote Kube API Servers from the management cluster (the Gloo Mesh controllers).
Relay instead uses a streaming gRPC API to pass discovery data from remote clusters to the management cluster, and push configuration from the management cluster to the remote clusters.
Architecturally, it includes a Relay-agent which is installed to remote Kube clusters at registration time, which then connects directly to the Relay Server in the management cluster. to push its discovery data and pull its mesh configuration.
To configure Gloo Mesh to use Relay, make sure to read the relay installation guide and relay cluster registration guide.

Field Type Label Description
enabled bool Enable the use of Relay for cluster management. If relay is enabled, make sure to follow the relay cluster registration guide for registering your clusters.
server Connection info for the Relay Server. Gloo Mesh will fetch discovery resources from this server and push translated outputs to this server. Note: currently this field has no effect as the relay server runs in-process of the networking Pod.


Configure system-wide settings and defaults. Settings specified in networking policies take precedence over those specified here.

Field Type Label Description
mtls Configure default mTLS settings for Destinations.
networkingExtensionServers [] repeated Configure Gloo Mesh networking to communicate with one or more external gRPC NetworkingExtensions servers. Updates will be applied by the servers in the order they are listed (servers towards the end of the list take precedence). Note: Extension Servers have full write access to the output objects written by Gloo Mesh.
discovery Settings for Gloo Mesh discovery.
relay Enable and configure use of Relay mode to communicate with remote clusters. This is an enterprise-only feature.


Field Type Label Description
observedGeneration int64 The most recent generation observed in the the Settings metadata. If the observedGeneration does not match metadata.generation, Gloo Mesh has not processed the most recent version of this resource.
state The state of the overall resource. It will only show accepted if no processing errors encountered.
errors []string repeated Any errors encountered while processing Settings object.