Package :



Table of Contents


Field Type Label Description
istio Istio-specific discovery settings


Field Type Label Description
ingressGatewayDetectors [] repeated Ingress gateway detectors for each cluster. The key to the map is either a k8s cluster name or the wildcard * meaning all clusters. If an entry is found for a given cluster, it will be used. Otherwise, the wildcard entry will be used if it exists. Lastly, we will fall back to the default values.


Workload labels and TLS port name used during discovery to detect ingress gateways for a mesh.

Field Type Label Description
gatewayWorkloadLabels [] repeated The workload labels used during discovery to detect ingress gateways for a mesh. If not specified, will default to {"istio": "ingressgateway"}.
gatewayTlsPortName string The name of the TLS port used to detect ingress gateways. Services must have a port with this name in order to be recognized as an ingress gateway during discovery. If not specified, will default to tls.


Field Type Label Description
key string
value string


Field Type Label Description
key string


Options for connecting to an external gRPC server

Field Type Label Description
address string TCP address of the gRPC Server (including port)
insecure bool Communicate over HTTP rather than HTTPS
reconnectOnNetworkFailures bool Instruct Gloo Mesh to automatically reconnect to the server on network failures


Relay provides a way for connecting Gloo Mesh to remote Kubernetes Clusters without the need to share credentials and access to remote Kube API Servers from the management cluster (the Gloo Mesh controllers).
Relay instead uses a streaming gRPC API to pass discovery data from remote clusters to the management cluster, and push configuration from the management cluster to the remote clusters.
Architecturally, it includes a Relay-agent which is installed to remote Kube clusters at registration time, which then connects directly to the Relay Server in the management cluster. to push its discovery data and pull its mesh configuration.
RelaySettings contains options for configuring Gloo Mesh to use Relay for cluster management.
To configure Gloo Mesh to use Relay, make sure to read the Installation guide for use with Relay and Cluster Registration guide for use with Relay.

Field Type Label Description
enabled bool enable the use of Relay for cluster management. If relay is enabled, make sure to follow the Cluster Registration guide for Relay for registering your clusters.
server Connection info for the Relay Server. Gloo Mesh will fetch discovery resources from this server and push translated outputs to this server. Note: currently this field has no effect as the relay server runs in-process of the networking pod.


Configure global settings and defaults.

Field Type Label Description
mtls Configure default mTLS settings for TrafficTargets (MTLS declared in TrafficPolicies take precedence)
networkingExtensionServers [] repeated Configure Gloo Mesh networking to communicate with one or more external gRPC NetworkingExtensions servers. Updates will be applied by the servers in the order they are listed (servers towards the end of the list take precedence). Note: Extension Servers have full write access to the output objects written by Gloo Mesh.
discovery Settings specific to the discovery controller.
relay Enable and configure use of Relay to communicate with remote clusters. This is an Enterprise-only feature.


Field Type Label Description
observedGeneration int64 The most recent generation observed in the the Settings metadata. If the observedGeneration does not match generation, the controller has not processed the most recent version of this resource.
state The state of the overall resource. It will only show accepted if no processing errors encountered.
errors []string repeated Any errors encountered while processing Settings object.