IngressIstioController
Scope: Cluster
Version: v1alpha1
- string
Required value
Ingress gateway class is used by application Gateway resources for identifying the right Ingress gateway setup.
The identification is organized by setting the spec.selector:
istio.deckhouse.io/ingress-gateway-class: <ingressGatewayClass value>
.Pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Example:
ingressGatewayClass: istio
- string
Required value
The way traffic goes to cluster from the outer network.
LoadBalancer
— Ingress controller is deployed and the service ofLoadBalancer
type is provisioned.NodePort
— Ingress controller is deployed and available through nodes’ ports vianodePort
.-
HostPort
— Ingress controller is deployed and available through nodes’ ports viahostPort
.Caution! There can be only one controller with this inlet type on a host.
Allowed values:
LoadBalancer
,HostPort
,NodePort
- object
The same as in the pods’
spec.nodeSelector
parameter in Kubernetes.If the parameter is omitted or
false
, it will be determined automatically.Format: the standard
nodeSelector
list. Instance pods inherit this field as is. - object
Max amounts of CPU and memory resources that the pod can request when selecting a node (if the VPA is disabled, then these values become the default ones).
- array of objects
The same as in the pods’
spec.tolerations
parameter in Kubernetes;If the parameter is omitted or
false
, it will be determined automatically.Format: the standard toleration list. Instance pods inherit this field as is.
IstioFederation
Scope: Cluster
Version: v1alpha1
Custom resource for setting remote cluster as trusted one.
- string
Required value
The TrustDomain of the remote cluster.
A mandatory parameter, but it is not currently utilized, as Istio does not yet support mapping TrustDomain to a root Certificate Authority (CA).
This feature is available in enterprise edition only.
Pattern:
^[0-9a-zA-Z._-]+$
Example:
trustDomain: cluster.local