Oracle Cloud Infrastructure Documentation

Skip to main content

Istio

When you enable the Istio cluster add-on, you can pass the following key/value pairs as arguments.

Configuration Arguments Common to all Cluster Add-ons


Key (API and CLI)	Key's Display Name (Console)	Description	Required/Optional	Default Value	Example Value
`affinity`	affinity	A group of affinity scheduling rules. JSON format in plain text or Base64 encoded.	Optional	null	null
`nodeSelectors`	node selectors	You can use node selectors and node labels to control the worker nodes on which add-on pods run. For a pod to run on a node, the pod's node selector must have the same key/value as the node's label. Set `nodeSelectors` to a key/value pair that matches both the pod's node selector, and the worker node's label. JSON format in plain text or Base64 encoded.	Optional	null	`{"foo":"bar", "foo2": "bar2"}` The pod will only run on nodes that have the `foo=bar` or `foo2=bar2` label.
`numOfReplicas`	numOfReplicas	The number of replicas of the add-on deployment. (For CoreDNS, use `nodesPerReplica` instead.)	Required	`1` Creates one replica of the add-on deployment per cluster.	`2` Creates two replicas of the add-on deployment per cluster.
`rollingUpdate`	rollingUpdate	Controls the desired behavior of rolling update by maxSurge and maxUnavailable. JSON format in plain text or Base64 encoded.	Optional	null	null
`tolerations`	tolerations	You can use taints and tolerations to control the worker nodes on which add-on pods run. For a pod to run on a node that has a taint, the pod must have a corresponding toleration. Set `tolerations` to a key/value pair that matches both the pod's toleration, and the worker node's taint. JSON format in plain text or Base64 encoded.	Optional	null	`[{"key":"tolerationKeyFoo", "value":"tolerationValBar", "effect":"noSchedule", "operator":"exists"}]` Only pods that have this toleration can run on worker nodes that have the `tolerationKeyFoo=tolerationValBar:noSchedule` taint.
`topologySpreadConstraints`	topologySpreadConstraints	How to spread matching pods among the given topology. JSON format in plain text or Base64 encoded.	Optional	null	null

Configuration Arguments Specific to this Cluster Add-on


Key (API and CLI)	Key's Display Name (Console)	Description	Required/Optional	Default Value	Example Value
`customizeConfigMap`	customizeConfigMap	If you want Oracle to manage Istio for you automatically, set `customizeConfigMap` to `false` (the default). If you want to customize Istio using istioctl (or another tool supported by Istio) and you want to retain the customizations when Oracle updates the add-on, set `customizeConfigMap` to `true`.	Required	`false`	`true`
`discovery.ContainerResources`	discovery.ContainerResources	You can specify the resource quantities that the add-on containers request, and set resource usage limits that the add-on containers cannot exceed. JSON format in plain text or Base64 encoded.	Optional	null	`{"limits": {"cpu": "500m", "memory": "200Mi" }, "requests": {"cpu": "100m", "memory": "100Mi"}}` Create add-on containers that request 100 milllicores of CPU, and 100 mebibytes of memory. Limit add-on containers to 500 milllicores of CPU, and 200 mebibytes of memory.
`discovery.EnvVariables`	discovery.EnvVariables	List of Istio control plane discovery container environment variables, in JSON format.	Optional	null	`[{"name":"ISTIO_GPRC_MAXRECVMSGSIZE","value":"8388608"},{"name":"ISTIO_GPRC_MAXSTREAMS","value":"150000"}]`
`enableIngressGateway`	enableIngressGateway	Enable Istio ingress gateway	Required	`false`	`true`
`istio-ingressgateway.Annotations`	istio-ingressgateway.Annotations	Annotations to pass to the Istio deployment. For example, to specify the load balancer shape, or whether to create the load balancer as a network load balancer. For more annotations, see Summary of Annotations for Load Balancers and Network Load Balancers. JSON format in plain text or Base64 encoded.	Optional	`""`	`{"service.beta.kubernetes.io/oci-load-balancer-shape":"400Mbps"}` `{"oci.oraclecloud.com/load-balancer-type": "nlb"}`
`istio-ingressgateway.HorizontalPodAutoscalerMinReplicas`	istio-ingressgateway.HorizontalPodAutoscalerMinReplicas	Minimum number of replicas of the Istio ingress gateway horizontal pod autoscaler. Must be an integer, with a value greater than zero.	Optional	null	`1`
`istio-ingressgateway.HorizontalPodAutoscalerMaxReplicas`	istio-ingressgateway.HorizontalPodAutoscalerMaxReplicas	Maximum number of replicas of the Istio ingress gateway horizontal pod autoscaler. Must be an integer, with a value greater than zero.	Optional	null	`3`
`istio-ingressgateway.PodDisruptionBudgetMinAvailable`	istio-ingressgateway.PodDisruptionBudgetMinAvailable	Minimum number or percentage of Istio ingress gateway pods available.	Optional	null	`1` `10%`
`istiod.HorizontalPodAutoscalerMinReplicas`	istiod.HorizontalPodAutoscalerMinReplicas	Minimum number of replicas of the Istio controller. Must be an integer, with a value greater than zero.	Optional	null	`1`
`istiod.HorizontalPodAutoscalerMaxReplicas`	istiod.HorizontalPodAutoscalerMaxReplicas	Maximum number of replicas of the Istio controller. Must be an integer, with a value greater than zero.	Optional	null	`3`
`istiod.PodDisruptionBudgetMinAvailable`	istiod.PodDisruptionBudgetMinAvailable	Minimum number or percentage of Istio controller pods available.	Optional	null	`1` `10%`
`profile`	profile	Istio installation profile	Required	`"oke-default"`	`"oke-default"`