apiVersion: install.istio.io/v1alpha1 kind: IstioOperator spec: components: base: enabled: true cni: enabled: false egressGateways: - enabled: true k8s: resources: requests: cpu: 10m memory: 40Mi name: istio-egressgateway ingressGateways: - enabled: true k8s: resources: requests: cpu: 10m memory: 40Mi service: ports: - name: status-port port: 15021 targetPort: 15021 - name: http2 port: 80 targetPort: 8080 - name: https port: 443 targetPort: 8443 - name: tcp port: 31400 targetPort: 31400 - name: tls port: 15443 targetPort: 15443 name: istio-ingressgateway istiodRemote: enabled: false pilot: enabled: true k8s: env: - name: PILOT_TRACE_SAMPLING value: "100" resources: requests: cpu: 10m memory: 100Mi hub: docker.io/istio meshConfig: accessLogFile: /dev/stdout defaultConfig: proxyMetadata: {} enablePrometheusMerge: true profile: demo tag: 1.9.6 values: base: enableCRDTemplates: false validationURL: "" gateways: istio-egressgateway: autoscaleEnabled: false env: {} name: istio-egressgateway secretVolumes: - mountPath: /etc/istio/egressgateway-certs name: egressgateway-certs secretName: istio-egressgateway-certs - mountPath: /etc/istio/egressgateway-ca-certs name: egressgateway-ca-certs secretName: istio-egressgateway-ca-certs type: ClusterIP zvpn: {} istio-ingressgateway: autoscaleEnabled: false env: {} name: istio-ingressgateway secretVolumes: - mountPath: /etc/istio/ingressgateway-certs name: ingressgateway-certs secretName: istio-ingressgateway-certs - mountPath: /etc/istio/ingressgateway-ca-certs name: ingressgateway-ca-certs secretName: istio-ingressgateway-ca-certs type: LoadBalancer zvpn: {} global: arch: amd64: 2 ppc64le: 2 s390x: 2 configValidation: true defaultNodeSelector: {} defaultPodDisruptionBudget: enabled: true defaultResources: requests: cpu: 10m imagePullPolicy: "" imagePullSecrets: [] istioNamespace: istio-system istiod: enableAnalysis: false jwtPolicy: third-party-jwt logAsJson: false logging: level: default:info meshNetworks: {} mountMtlsCerts: false multiCluster: clusterName: "" enabled: false network: "" omitSidecarInjectorConfigMap: false oneNamespace: false operatorManageWebhooks: false pilotCertProvider: istiod priorityClassName: "" proxy: autoInject: enabled clusterDomain: cluster.local componentLogLevel: misc:error enableCoreDump: false excludeIPRanges: "" excludeInboundPorts: "" excludeOutboundPorts: "" image: proxyv2 includeIPRanges: '*' logLevel: warning privileged: false readinessFailureThreshold: 30 readinessInitialDelaySeconds: 1 readinessPeriodSeconds: 2 resources: limits: cpu: 2000m memory: 1024Mi requests: cpu: 10m memory: 40Mi statusPort: 15020 tracer: zipkin proxy_init: image: proxyv2 resources: limits: cpu: 2000m memory: 1024Mi requests: cpu: 10m memory: 10Mi sds: token: aud: istio-ca sts: servicePort: 0 tracer: datadog: {} lightstep: {} stackdriver: {} zipkin: {} useMCP: false istiodRemote: injectionURL: "" pilot: autoscaleEnabled: false autoscaleMax: 5 autoscaleMin: 1 configMap: true cpu: targetAverageUtilization: 80 enableProtocolSniffingForInbound: true enableProtocolSniffingForOutbound: true env: {} image: pilot keepaliveMaxServerConnectionAge: 30m nodeSelector: {} replicaCount: 1 traceSampling: 1 telemetry: enabled: true v2: enabled: true metadataExchange: wasmEnabled: false prometheus: enabled: true wasmEnabled: false stackdriver: configOverride: {} enabled: false logging: false monitoring: false topology: false