apiVersion: install.istio.io/v1alpha1 kind: IstioOperator metadata: name: istiocontrolplane namespace: {{ .Release.Namespace }} spec: profile: {{ .Values.profile }} hub: {{ .Values.hub }} tag: {{ .Values.tag }} components: pilot: k8s: {{- if and .Values.istiod.hpaSpec.maxReplicas .Values.istiod.hpaSpec.minReplicas }} hpaSpec: maxReplicas: {{ .Values.istiod.hpaSpec.maxReplicas }} minReplicas: {{ .Values.istiod.hpaSpec.minReplicas }} scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: istiod metrics: {{- toYaml .Values.istiod.hpaSpec.metrics | nindent 12 }} {{- end }} replicaCount: {{ .Values.istiod.replicaCount }} resources: {{- toYaml .Values.istiod.resources | nindent 10 }} strategy: {{- toYaml .Values.istiod.strategy | nindent 10 }} serviceAnnotations: {{- .Values.istiod.serviceAnnotations | default (dict) | toYaml | nindent 10 }} podAnnotations: {{- .Values.istiod.podAnnotations | default (dict) | toYaml | nindent 10 }} nodeSelector: {{- .Values.istiod.nodeSelector | default (dict) | toYaml | nindent 10 }} affinity: {{- .Values.istiod.affinity | default (dict) | toYaml | nindent 10 }} tolerations: {{- .Values.istiod.tolerations | default (list) | toYaml | nindent 10 }} {{- if .Values.openshift }} {{- with .Values.cni }} cni: enabled: true namespace: kube-system k8s: podAnnotations: {{- .podAnnotations | default (dict) | toYaml | nindent 10 }} nodeSelector: {{- .nodeSelector | default (dict) | toYaml | nindent 10 }} tolerations: {{- .tolerations | default (list) | toYaml | nindent 10 }} affinity: {{- .affinity | default (dict) | toYaml | nindent 10 }} {{- end }} {{- end }} ingressGateways: {{- if .Values.ingressgateway }} {{- required "`ingressgateway` value has been deprecated. Please use the new format in the `ingressGateways` value." "" }} {{- end }} {{- range $name, $values := .Values.ingressGateways }} - name: {{ $name }} namespace: {{ $.Release.Namespace }} enabled: {{ if eq (toString $values.enabled) "" }}true{{ else }}{{ $values.enabled }}{{ end }} label: app: {{ $name }} istio: ingressgateway {{- if $values.extraLabels }} {{- toYaml $values.extraLabels | nindent 8 }} {{- end }} k8s: {{- toYaml $values.k8s | nindent 8 }} {{- end }} meshConfig: accessLogFile: /dev/stdout enableTracing: {{ .Values.tracing.enabled }} defaultConfig: tracing: sampling: {{ .Values.tracing.sampling }} zipkinAddress: {{ .Values.tracing.address }}:{{.Values.tracing.port}} holdApplicationUntilProxyStarts: true {{- if .Values.meshConfig }} {{- toYaml .Values.meshConfig | nindent 4 }} {{- end }} values: {{- if .Values.openshift }} cni: repair: enabled: false image: {{ .Values.cni.image.name }} hub: {{ .Values.cni.image.hub }} tag: {{ .Values.cni.image.tag }} cniBinDir: {{ .Values.cni.binDir | default "/var/lib/cni/bin" }} cniConfDir: {{ .Values.cni.confDir | default "/etc/cni/multus/net.d" }} chained: false cniConfFileName: {{ .Values.cni.confFileName | default "istio-cni.conf" }} excludeNamespaces: - istio-system - kube-system logLevel: {{ .Values.cni.logLevel | default "info" }} {{- end }} global: {{- if .Values.imagePullPolicy }} imagePullPolicy: {{ .Values.imagePullPolicy }} {{- end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.tracing.enabled }} tracer: zipkin: address: {{ .Values.tracing.address }}:{{.Values.tracing.port}} {{ end }} {{- if .Values.values.global }} {{- toYaml .Values.values.global | nindent 6 }} {{- end }} sidecarInjectorWebhook: rewriteAppHTTPProbe: true {{- if .Values.openshift }} injectedAnnotations: k8s.v1.cni.cncf.io/networks: istio-cni {{- end }} neverInjectSelector: - matchExpressions: - key: app.kubernetes.io/component operator: In values: [fluentd-configcheck]