Skip to content

DoD-Platform-One/istiod

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

121 Commits
chart
chart
 
 
docs
docs
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODEOWNERS
CODEOWNERS
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
renovate.json
renovate.json
 
 

Repository files navigation

istiod

Version: 1.27.3-bb.0 AppVersion: 1.27.3 Maintenance Track: bb_integrated

Helm chart for istio control plane

Upstream References

Upstream Release Notes

Learn More

Pre-Requisites

  • Kubernetes Cluster deployed
  • Kubernetes config installed in ~/.kube/config
  • Helm installed

Install Helm

https://helm.sh/docs/intro/install/

Deployment

  • Clone down the repository
  • cd into directory
helm install istiod chart/

Values

Key Type Default Description
networkPolicies.enabled bool false Enable or disable the bundled network policies
networkPolicies.controlPlaneCIDRs list [] Configure which CIDRs istiod will be allowed to connect to when accessing the kube-apiserver; if none are specified, the chart will look up the default kubernetes EndpointSlice and use the addresses found there
networkPolicies.egress object {"defaults":{"allowInNamespace":{"enabled":false},"allowIstiod":{"enabled":false}},"from":{"istiod":{"to":{"definition":{"kubeAPI":true}}}}} A list of additional network policies to create in the release namespace
networkPolicies.ingress.defaults.allowInNamespace.enabled bool false
networkPolicies.ingress.to.istiod:15014.from.k8s.kiali/kiali bool true
networkPolicies.ingress.to.istiod:15014.from.k8s.monitoring/prometheus bool true
networkPolicies.ingress.to.istiod:[443,15017].from.cidr."0.0.0.0/0" bool true
networkPolicies.ingress.to.istiod:[15010,15012].from.k8s.* bool true
networkPolicies.additionalPolicies list []
additionalEnvoyFilters list [] A list of additional EnvoyFilters to create in the release namespace
monitoring.enabled bool true Enable or disable the bundled monitoring components and network policies
authservice.enabled bool false
mtls.mode string "STRICT" Set the mTLS mode for the istio-system namespace
defaultSecurityHeaders.enabled bool true Enable or disable the default security headers
hardened.enabled bool false Enable or disable the hardened Istio configuration
hardened.customAuthorizationPolicies list []
upstream object Upstream chart values Values to pass to the upstream istiod chart

Contributing

Please see the contributing guide if you are interested in contributing.

This file is programatically generated using helm-docs and some BigBang-specific templates. The gluon repository has instructions for regenerating package READMEs.

About

This chart installs an Istiod deployment

repo1.dso.mil/big-bang/product/packages/istiod

Resources

Readme

License

Apache-2.0 license

Contributing

Contributing
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 10