cilium-operator

Run cilium-operator

  1. cilium-operator [flags]

Options

  1. --alibaba-cloud-vpc-id string Specific VPC ID for AlibabaCloud ENI. If not set use same VPC as operator
  2. --aws-instance-limit-mapping map Add or overwrite mappings of AWS instance limit in the form of {"AWS instance type": "Maximum Network Interfaces","IPv4 Addresses per Interface","IPv6 Addresses per Interface"}. cli example: --aws-instance-limit-mapping=a1.medium=2,4,4 --aws-instance-limit-mapping=a2.somecustomflavor=4,5,6 configmap example: {"a1.medium": "2,4,4", "a2.somecustomflavor": "4,5,6"} (default map[])
  3. --aws-release-excess-ips Enable releasing excess free IP addresses from AWS ENI.
  4. --azure-cloud-name string Name of the Azure cloud being used (default "AzurePublicCloud")
  5. --azure-resource-group string Resource group to use for Azure IPAM
  6. --azure-subscription-id string Subscription ID to access Azure API
  7. --azure-use-primary-address Use Azure IP address from interface's primary IPConfigurations (default true)
  8. --azure-user-assigned-identity-id string ID of the user assigned identity used to auth with the Azure API
  9. --bgp-announce-lb-ip Announces service IPs of type LoadBalancer via BGP
  10. --bgp-config-path string Path to file containing the BGP configuration (default "/var/lib/cilium/bgp/config.yaml")
  11. --cilium-endpoint-gc-interval duration GC interval for cilium endpoints (default 5m0s)
  12. --cluster-id int Unique identifier of the cluster
  13. --cluster-name string Name of the cluster (default "default")
  14. --cluster-pool-ipv4-cidr string IPv4 CIDR Range for Pods in cluster. Requires 'ipam=cluster-pool' and 'enable-ipv4=true'
  15. --cluster-pool-ipv4-mask-size int Mask size for each IPv4 podCIDR per node. Requires 'ipam=cluster-pool' and 'enable-ipv4=true' (default 24)
  16. --cluster-pool-ipv6-cidr string IPv6 CIDR Range for Pods in cluster. Requires 'ipam=cluster-pool' and 'enable-ipv6=true'
  17. --cluster-pool-ipv6-mask-size int Mask size for each IPv6 podCIDR per node. Requires 'ipam=cluster-pool' and 'enable-ipv6=true' (default 112)
  18. --cnp-node-status-gc-interval duration GC interval for nodes which have been removed from the cluster in CiliumNetworkPolicy Status (default 2m0s)
  19. --cnp-status-update-interval duration Interval between CNP status updates sent to the k8s-apiserver per-CNP (default 1s)
  20. --config string Configuration file (default "$HOME/ciliumd.yaml")
  21. --config-dir string Configuration directory that contains a file for each option
  22. -D, --debug Enable debugging mode
  23. --ec2-api-endpoint string AWS API endpoint for the EC2 service
  24. --enable-ipv4 Enable IPv4 support (default true)
  25. --enable-ipv6 Enable IPv6 support (default true)
  26. --enable-k8s-api-discovery Enable discovery of Kubernetes API groups and resources with the discovery API
  27. --enable-k8s-endpoint-slice Enables k8s EndpointSlice feature into Cilium-Operator if the k8s cluster supports it (default true)
  28. --enable-k8s-event-handover Enable k8s event handover to kvstore for improved scalability
  29. --enable-metrics Enable Prometheus metrics
  30. --enable-wireguard Enable wireguard
  31. --eni-tags map ENI tags in the form of k1=v1 (multiple k/v pairs can be passed by repeating the CLI flag) (default map[])
  32. --gops-port int Port for gops server to listen on (default 9891)
  33. -h, --help help for cilium-operator
  34. --identity-allocation-mode string Method to use for identity allocation (default "kvstore")
  35. --identity-gc-interval duration GC interval for security identities (default 15m0s)
  36. --identity-gc-rate-interval duration Interval used for rate limiting the GC of security identities (default 1m0s)
  37. --identity-gc-rate-limit int Maximum number of security identities that will be deleted within the identity-gc-rate-interval (default 2500)
  38. --identity-heartbeat-timeout duration Timeout after which identity expires on lack of heartbeat (default 30m0s)
  39. --ipam string Backend to use for IPAM (default "cluster-pool")
  40. --k8s-api-server string Kubernetes API server URL
  41. --k8s-client-burst int Burst value allowed for the K8s client
  42. --k8s-client-qps float32 Queries per second limit for the K8s client
  43. --k8s-heartbeat-timeout duration Configures the timeout for api-server heartbeat, set to 0 to disable (default 30s)
  44. --k8s-kubeconfig-path string Absolute path of the kubernetes kubeconfig file
  45. --k8s-namespace string Name of the Kubernetes namespace in which Cilium Operator is deployed in
  46. --k8s-service-proxy-name string Value of K8s service-proxy-name label for which Cilium handles the services (empty = all services without service.kubernetes.io/service-proxy-name label)
  47. --kvstore string Key-value store type
  48. --kvstore-opt map Key-value store options (default map[])
  49. --leader-election-lease-duration duration Duration that non-leader operator candidates will wait before forcing to acquire leadership (default 15s)
  50. --leader-election-renew-deadline duration Duration that current acting master will retry refreshing leadership in before giving up the lock (default 10s)
  51. --leader-election-retry-period duration Duration that LeaderElector clients should wait between retries of the actions (default 2s)
  52. --limit-ipam-api-burst int Upper burst limit when accessing external APIs (default 4)
  53. --limit-ipam-api-qps float Queries per second limit when accessing external IPAM APIs (default 20)
  54. --log-driver strings Logging endpoints to use for example syslog
  55. --log-opt map Log driver options for cilium-operator, configmap example for syslog driver: {"syslog.level":"info","syslog.facility":"local4"} (default map[])
  56. --nodes-gc-interval duration GC interval for nodes store in the kvstore (default 2m0s)
  57. --operator-api-serve-addr string Address to serve API requests (default "localhost:9234")
  58. --operator-prometheus-serve-addr string Address to serve Prometheus metrics (default ":6942")
  59. --parallel-alloc-workers int Maximum number of parallel IPAM workers (default 50)
  60. --pprof Enable pprof debugging endpoint
  61. --pprof-port int Port that the pprof listens on (default 6061)
  62. --skip-crd-creation When true, Kubernetes Custom Resource Definitions will not be created
  63. --subnet-ids-filter strings Subnets IDs (separated by commas)
  64. --subnet-tags-filter stringToString Subnets tags in the form of k1=v1,k2=v2 (multiple k/v pairs can also be passed by repeating the CLI flag (default [])
  65. --synchronize-k8s-nodes Synchronize Kubernetes nodes to kvstore and perform CNP GC (default true)
  66. --synchronize-k8s-services Synchronize Kubernetes services to kvstore (default true)
  67. --unmanaged-pod-watcher-interval int Interval to check for unmanaged kube-dns pods (0 to disable) (default 15)
  68. --update-ec2-adapter-limit-via-api Use the EC2 API to update the instance type to adapter limits
  69. --version Print version information

SEE ALSO