Package : istio.operator.v1alpha1

Top

operator.proto

Table of Contents

Affinity

Field Type Label Description
nodeAffinity istio.operator.v1alpha1.NodeAffinity
podAffinity istio.operator.v1alpha1.PodAffinity
podAntiAffinity istio.operator.v1alpha1.PodAntiAffinity

BaseComponentSpec

Field Type Label Description
enabled istio.operator.v1alpha1.TypeBoolValueForPB Selects whether this component is installed.
k8S istio.operator.v1alpha1.KubernetesResourcesSpec Kubernetes resource spec.

ClientIPConfig

Field Type Label Description
timeoutSeconds int32

ComponentSpec

Field Type Label Description
enabled istio.operator.v1alpha1.TypeBoolValueForPB Selects whether this component is installed.
namespace string Namespace for the component.
hub string Hub for the component (overrides top level hub setting).
tag istio.operator.v1alpha1.TypeInterface Tag for the component (overrides top level tag setting).
spec istio.operator.v1alpha1.TypeInterface Arbitrary install time configuration for the component.
k8S istio.operator.v1alpha1.KubernetesResourcesSpec Kubernetes resource spec.

ConfigMapKeySelector

Field Type Label Description
localObjectReference istio.operator.v1alpha1.LocalObjectReference
key string
optional bool

CrossVersionObjectReference

Field Type Label Description
kind string
name string
apiVersion string

DeploymentStrategy

Field Type Label Description
type string
rollingUpdate istio.operator.v1alpha1.RollingUpdateDeployment

EnvVar

Field Type Label Description
name string
value string
valueFrom istio.operator.v1alpha1.EnvVarSource

EnvVarSource

Field Type Label Description
fieldRef istio.operator.v1alpha1.ObjectFieldSelector
resourceFieldRef istio.operator.v1alpha1.ResourceFieldSelector
configMapKeyRef istio.operator.v1alpha1.ConfigMapKeySelector
secretKeyRef istio.operator.v1alpha1.SecretKeySelector

ExecAction

Field Type Label Description
command []string repeated

ExternalComponentSpec

Field Type Label Description
enabled istio.operator.v1alpha1.TypeBoolValueForPB Selects whether this component is installed.
namespace string Namespace for the component.
spec istio.operator.v1alpha1.TypeInterface Arbitrary install time configuration for the component.
chartPath string Chart path for addon components.
schema google.protobuf.Any Optional schema to validate spec against.
k8S istio.operator.v1alpha1.KubernetesResourcesSpec Kubernetes resource spec.

ExternalMetricSource

Field Type Label Description
metricName string
metricSelector k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector
targetValue istio.operator.v1alpha1.TypeIntOrStringForPB
targetAverageValue istio.operator.v1alpha1.TypeIntOrStringForPB

GatewaySpec

Field Type Label Description
enabled istio.operator.v1alpha1.TypeBoolValueForPB Selects whether this gateway is installed.
namespace string Namespace for the gateway.
name string Name for the gateway.
label []istio.operator.v1alpha1.GatewaySpec.LabelEntry repeated Labels for the gateway.
hub string Hub for the component (overrides top level hub setting).
tag istio.operator.v1alpha1.TypeInterface Tag for the component (overrides top level tag setting).
k8S istio.operator.v1alpha1.KubernetesResourcesSpec Kubernetes resource spec.

GatewaySpec.LabelEntry

Field Type Label Description
key string
value string

HTTPGetAction

Field Type Label Description
path string
port istio.operator.v1alpha1.TypeIntOrStringForPB
host string
scheme string
httpHeaders []istio.operator.v1alpha1.HTTPHeader repeated

HTTPHeader

Field Type Label Description
name string
value string

HorizontalPodAutoscalerSpec

Field Type Label Description
scaleTargetRef istio.operator.v1alpha1.CrossVersionObjectReference
minReplicas int32
maxReplicas int32
metrics []istio.operator.v1alpha1.MetricSpec repeated

InstallStatus

Field Type Label Description
status istio.operator.v1alpha1.InstallStatus.Status Overall status of all components controlled by the operator.
* If all components have status NONE, overall status is NONE. * If all components are HEALTHY, overall status is HEALTHY. * If one or more components are RECONCILING and others are HEALTHY, overall status is RECONCILING. * If one or more components are UPDATING and others are HEALTHY, overall status is UPDATING. * If components are a mix of RECONCILING, UPDATING and HEALTHY, overall status is UPDATING. * If any component is in ERROR state, overall status is ERROR. * If further action is needed for reconciliation to proceed, overall status is ACTION_REQUIRED.
message string Optional message providing additional information about the existing overall status.
componentStatus []istio.operator.v1alpha1.InstallStatus.ComponentStatusEntry repeated Individual status of each component controlled by the operator. The map key is the name of the component.

InstallStatus.ComponentStatusEntry

Field Type Label Description
key string
value istio.operator.v1alpha1.InstallStatus.VersionStatus

InstallStatus.VersionStatus

Field Type Label Description
version string
status istio.operator.v1alpha1.InstallStatus.Status
error string

IstioComponentSetSpec

Field Type Label Description
base istio.operator.v1alpha1.BaseComponentSpec
pilot istio.operator.v1alpha1.ComponentSpec
cni istio.operator.v1alpha1.ComponentSpec
istiodRemote istio.operator.v1alpha1.ComponentSpec
ingressGateways []istio.operator.v1alpha1.GatewaySpec repeated
egressGateways []istio.operator.v1alpha1.GatewaySpec repeated

IstioOperatorSpec

Field Type Label Description
profile string Path or name for the profile e.g.
* minimal (looks in profiles dir for a file called minimal.yaml) * /tmp/istio/install/values/custom/custom-install.yaml (local file path)
default profile is used if this field is unset.
installPackagePath string Path for the install package. e.g.
* /tmp/istio-installer/nightly (local file path)
hub string Root for docker image paths e.g. docker.io/istio
tag istio.operator.v1alpha1.TypeInterface Version tag for docker images e.g. 1.7.2
resourceSuffix string $hide_from_docs Resource suffix is appended to all resources installed by each component. Never implemented; replaced by revision.
namespace string Namespace to install control plane resources into. If unset, Istio will be installed into the same namespace as the IstioOperator CR. You must also set values.global.istioNamespace if you wish to install Istio in a custom namespace. If you have enabled CNI, you must exclude this namespace by adding it to the list values.cni.excludeNamespaces.
revision string Identify the revision this installation is associated with. This option is currently experimental.
meshConfig istio.operator.v1alpha1.TypeMapStringInterface Config used by control plane components internally.
components istio.operator.v1alpha1.IstioComponentSetSpec Kubernetes resource settings, enablement and component-specific settings that are not internal to the component.
addonComponents []istio.operator.v1alpha1.IstioOperatorSpec.AddonComponentsEntry repeated Deprecated. Users should manage the installation of addon components on their own. Refer to samples/addons for demo installation of addon components.
values istio.operator.v1alpha1.TypeMapStringInterface Overrides for default values.yaml. This is a validated pass-through to Helm templates. See the Helm installation options for schema details. Anything that is available in IstioOperatorSpec should be set above rather than using the passthrough. This includes Kubernetes resource settings for components in KubernetesResourcesSpec.
unvalidatedValues istio.operator.v1alpha1.TypeMapStringInterface Unvalidated overrides for default values.yaml. Used for custom templates where new parameters are added.

IstioOperatorSpec.AddonComponentsEntry

Field Type Label Description
key string
value istio.operator.v1alpha1.ExternalComponentSpec

K8sObjectOverlay

Field Type Label Description
apiVersion string Resource API version.
kind string Resource kind.
name string Name of resource. Namespace is always the component namespace.
patches []istio.operator.v1alpha1.K8sObjectOverlay.PathValue repeated List of patches to apply to resource.

K8sObjectOverlay.PathValue

Field Type Label Description
path string Path of the form a.[key1:value1].b.[:value2] Where [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value selector to identify a list element in a leaf list. All path intermediate nodes must exist.
value istio.operator.v1alpha1.TypeInterface Value to add, delete or replace. For add, the path should be a new leaf. For delete, value should be unset. For replace, path should reference an existing node. All values are strings but are converted into appropriate type based on schema.

KubernetesResourcesSpec

Field Type Label Description
affinity istio.operator.v1alpha1.Affinity k8s affinity. https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
env []istio.operator.v1alpha1.EnvVar repeated Deployment environment variables. https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/
hpaSpec istio.operator.v1alpha1.HorizontalPodAutoscalerSpec k8s HorizontalPodAutoscaler settings. https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
imagePullPolicy string k8s imagePullPolicy. https://kubernetes.io/docs/concepts/containers/images/
nodeSelector []istio.operator.v1alpha1.KubernetesResourcesSpec.NodeSelectorEntry repeated k8s nodeSelector. https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
podDisruptionBudget istio.operator.v1alpha1.PodDisruptionBudgetSpec k8s PodDisruptionBudget settings. https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#how-disruption-budgets-work
podAnnotations []istio.operator.v1alpha1.KubernetesResourcesSpec.PodAnnotationsEntry repeated k8s pod annotations. https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
priorityClassName string k8s priority_class_name. Default for all resources unless overridden. https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
readinessProbe istio.operator.v1alpha1.ReadinessProbe k8s readinessProbe settings. https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ k8s.io.api.core.v1.Probe readiness_probe = 9;
replicaCount uint32 k8s Deployment replicas setting. https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
resources istio.operator.v1alpha1.Resources k8s resources settings. https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#resource-requests-and-limits-of-pod-and-container
service istio.operator.v1alpha1.ServiceSpec k8s Service settings. https://kubernetes.io/docs/concepts/services-networking/service/
strategy istio.operator.v1alpha1.DeploymentStrategy k8s deployment strategy. https://kubernetes.io/docs/concepts/workloads/controllers/deployment/
tolerations []istio.operator.v1alpha1.Toleration repeated k8s toleration https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
serviceAnnotations []istio.operator.v1alpha1.KubernetesResourcesSpec.ServiceAnnotationsEntry repeated k8s service annotations. https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
securityContext istio.operator.v1alpha1.PodSecurityContext k8s pod security context https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
overlays []istio.operator.v1alpha1.K8sObjectOverlay repeated Overlays for k8s resources in rendered manifests.

KubernetesResourcesSpec.NodeSelectorEntry

Field Type Label Description
key string
value string

KubernetesResourcesSpec.PodAnnotationsEntry

Field Type Label Description
key string
value string

KubernetesResourcesSpec.ServiceAnnotationsEntry

Field Type Label Description
key string
value string

LocalObjectReference

Field Type Label Description
name string

MetricSpec

Field Type Label Description
type string
object istio.operator.v1alpha1.ObjectMetricSource
pods istio.operator.v1alpha1.PodsMetricSource
resource istio.operator.v1alpha1.ResourceMetricSource
external istio.operator.v1alpha1.ExternalMetricSource

NodeAffinity

Field Type Label Description
requiredDuringSchedulingIgnoredDuringExecution istio.operator.v1alpha1.NodeSelector
preferredDuringSchedulingIgnoredDuringExecution []istio.operator.v1alpha1.PreferredSchedulingTerm repeated

NodeSelector

Field Type Label Description
nodeSelectorTerms []istio.operator.v1alpha1.NodeSelectorTerm repeated

NodeSelectorRequirement

Field Type Label Description
key string
operator string
values []string repeated

NodeSelectorTerm

Field Type Label Description
matchExpressions []istio.operator.v1alpha1.NodeSelectorRequirement repeated
matchFields []istio.operator.v1alpha1.NodeSelectorRequirement repeated

ObjectFieldSelector

Field Type Label Description
apiVersion string
fieldPath string

ObjectMeta

Field Type Label Description
name string
namespace string

ObjectMetricSource

Field Type Label Description
target istio.operator.v1alpha1.CrossVersionObjectReference
metricName string
targetValue istio.operator.v1alpha1.TypeIntOrStringForPB
selector k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector
averageValue istio.operator.v1alpha1.TypeIntOrStringForPB

PodAffinity

Field Type Label Description
requiredDuringSchedulingIgnoredDuringExecution []istio.operator.v1alpha1.PodAffinityTerm repeated
preferredDuringSchedulingIgnoredDuringExecution []istio.operator.v1alpha1.WeightedPodAffinityTerm repeated

PodAffinityTerm

Field Type Label Description
labelSelector k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector
namespaces []string repeated
topologyKey string

PodAntiAffinity

Field Type Label Description
requiredDuringSchedulingIgnoredDuringExecution []istio.operator.v1alpha1.PodAffinityTerm repeated
preferredDuringSchedulingIgnoredDuringExecution []istio.operator.v1alpha1.WeightedPodAffinityTerm repeated

PodDisruptionBudgetSpec

Field Type Label Description
minAvailable uint32
selector k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector
maxUnavailable uint32

PodSecurityContext

Field Type Label Description
seLinuxOptions istio.operator.v1alpha1.SELinuxOptions
runAsUser int64
runAsNonRoot bool
supplementalGroups []int64 repeated
fsGroup int64
runAsGroup int64
sysctls []istio.operator.v1alpha1.Sysctl repeated
windowsOptions istio.operator.v1alpha1.WindowsSecurityContextOptions
fsGroupChangePolicy string
seccompProfile istio.operator.v1alpha1.SeccompProfile

PodsMetricSource

Field Type Label Description
metricName string
targetAverageValue istio.operator.v1alpha1.TypeIntOrStringForPB
selector k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector

PreferredSchedulingTerm

Field Type Label Description
weight int32
preference istio.operator.v1alpha1.NodeSelectorTerm

ReadinessProbe

Field Type Label Description
exec istio.operator.v1alpha1.ExecAction
httpGet istio.operator.v1alpha1.HTTPGetAction
tcpSocket istio.operator.v1alpha1.TCPSocketAction
initialDelaySeconds int32
timeoutSeconds int32
periodSeconds int32
successThreshold int32
failureThreshold int32

ResourceFieldSelector

Field Type Label Description
containerName string
resource string
divisor istio.operator.v1alpha1.TypeIntOrStringForPB

ResourceMetricSource

Field Type Label Description
name string
targetAverageUtilization int32
targetAverageValue istio.operator.v1alpha1.TypeIntOrStringForPB

Resources

Field Type Label Description
limits []istio.operator.v1alpha1.Resources.LimitsEntry repeated
requests []istio.operator.v1alpha1.Resources.RequestsEntry repeated

Resources.LimitsEntry

Field Type Label Description
key string
value string

Resources.RequestsEntry

Field Type Label Description
key string
value string

RollingUpdateDeployment

Field Type Label Description
maxUnavailable istio.operator.v1alpha1.TypeIntOrStringForPB
maxSurge istio.operator.v1alpha1.TypeIntOrStringForPB

SELinuxOptions

Field Type Label Description
user string
role string
type string
level string

SeccompProfile

Field Type Label Description
type string
localhostProfile string

SecretKeySelector

Field Type Label Description
localObjectReference istio.operator.v1alpha1.LocalObjectReference
key string
optional bool

ServicePort

Field Type Label Description
name string
protocol string
port int32
targetPort istio.operator.v1alpha1.TypeIntOrStringForPB
nodePort int32

ServiceSpec

Field Type Label Description
ports []istio.operator.v1alpha1.ServicePort repeated
selector []istio.operator.v1alpha1.ServiceSpec.SelectorEntry repeated
clusterIP string
type string
externalIPs []string repeated
sessionAffinity string
loadBalancerIP string
loadBalancerSourceRanges []string repeated
externalName string
externalTrafficPolicy string
healthCheckNodePort int32
publishNotReadyAddresses bool
sessionAffinityConfig istio.operator.v1alpha1.SessionAffinityConfig

ServiceSpec.SelectorEntry

Field Type Label Description
key string
value string

SessionAffinityConfig

Field Type Label Description
clientIP istio.operator.v1alpha1.ClientIPConfig

Sysctl

Field Type Label Description
name string
value string

TCPSocketAction

Field Type Label Description
port istio.operator.v1alpha1.TypeIntOrStringForPB
host string

Toleration

Field Type Label Description
key string
operator string
value string
effect string
tolerationSeconds int64

TypeBoolValueForPB

TypeIntOrStringForPB

TypeInterface

TypeMapStringInterface

WeightedPodAffinityTerm

Field Type Label Description
weight int32
podAffinityTerm istio.operator.v1alpha1.PodAffinityTerm

WindowsSecurityContextOptions

Field Type Label Description
gmsaCredentialSpecName string
gmsaCredentialSpec string
runAsUserName string

InstallStatus.Status

Name Number Description
NONE 0 Component is not present.
UPDATING 1 Component is being updated to a different version.
RECONCILING 2 Controller has started but not yet completed reconciliation loop for the component.
HEALTHY 3 Component is healthy.
ERROR 4 Component is in an error state.
ACTION_REQUIRED 5 Overall status only and would not be set as a component status. Action is needed from the user for reconciliation to proceed e.g. There are proxies still pointing to the control plane revision when try to remove an IstioOperator CR.