UNCLASSIFIED

values.yaml 2.88 KB
Newer Older
Josh Wolf's avatar
Josh Wolf committed
1 2 3 4
# The istio profile to use
profile: default

# The hub to use for the image (note: the image is built as ".Values.hub/<component>:.Values.tag"
5
hub: registry1.dso.mil/ironbank/opensource/istio
Josh Wolf's avatar
Josh Wolf committed
6 7 8 9 10 11 12

# The tag to use for the image
tag: 1.7.3

# The hostname to use for the default gateway
hostname: bigbang.dev

13 14 15 16 17 18 19 20 21 22
ingress:
  kiali:
    service: kiali
    namespace: ""
    port: ""
  jaeger:
    service: tracing
    namespace: ""
    port: ""

23 24 25
monitoring:
  enabled: true

26
imagePullSecrets: [ ]
Josh Wolf's avatar
Josh Wolf committed
27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48

tls:
  credentialName: wildcard-cert
  mode: SIMPLE

extraServers:
  []
# Example below of complete values capable of being set
# NOTE: hosts[] is capable of dynamic templating from the .Values context
#  - port:
#      name: https-other                          # required: must not be equal to "http"
#      protocol: HTTPS
#      number: 443
#    hosts:
#      - "*.sub.{{ .Values.hostname }}"
#    tls:
#      credentialName: "another-credential"       # required
#      mode: SIMPLE

ingressGateway:
  minReplicas: 1
  maxReplicas: 5
49

50
  # Only "LoadBalancer" and "NodePort" are allowed
51
  type: LoadBalancer
52

53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
  ports:
    # NOTE: Below are ripped directly from istio gateway helm chart defaults: https://github.com/istio/istio/blob/master/manifests/charts/gateways/istio-ingress/values.yaml
    ## You can add custom gateway ports in user values overrides, but it must include those ports since helm replaces.
    # Note that AWS ELB will by default perform health checks on the first port
    # on this list. Setting this to the health check port will ensure that health
    # checks always work. https://github.com/istio/istio/issues/12503
    - port: 15021
      targetPort: 15021
      name: status-port
      protocol: TCP
    - port: 80
      targetPort: 8080
      name: http2
      protocol: TCP
    - port: 443
      targetPort: 8443
      name: https
      protocol: TCP
    - port: 15012
      targetPort: 15012
      name: tcp-istiod
      protocol: TCP
    # This is the port where sni routing happens
    - port: 15443
      targetPort: 15443
      name: tls
      protocol: TCP

Josh Wolf's avatar
Josh Wolf committed
81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
  serviceAnnotations:
    {}
#    service.beta.kubernetes.io/aws-load-balancer-internal: "true"
#    service.beta.kubernetes.io/azure-load-balancer-internal: "true"

extraIngressGateways:
  []
# Complete example of an additional ingressgateway defined below
#  - name: private-ingressgateway
#    k8s:
#      hpaSpec:
#        minReplicas: 1
#        maxReplicas: 3
#      serviceAnnotations:
#        service.beta.kubernetes.io/aws-load-balancer-internal: "true"

kiali:
  enabled: true

  image:
    name: kiali
102
    hub: registry1.dso.mil/ironbank/opensource/kiali
Josh Wolf's avatar
Josh Wolf committed
103 104 105 106 107 108 109 110 111 112 113
    tag: v1.23.0

  dashboard:
    auth:
      strategy: ""

tracing:
  enabled: true

  image:
    name: all-in-one
114
    hub: registry1.dso.mil/ironbank/opensource/jaegertracing
115 116 117 118 119 120 121 122 123
    tag: 1.19.2

sso:
  enabled: false

  namespace: istio-addons-sso
  selector:
    key: protect
    value: keycloak