IstioOperator Options

Configuration affecting Istio control plane installation version and shape. Note: unlike other Istio protos, field names must use camelCase. This is asserted in tests. Without camelCase, the json tag on the Go struct will not match the user’s JSON representation. This leads to Kubernetes merge libraries, which rely on this tag, to fail. All other usages use jsonpb which does not use the json tag.

IstioOperatorSpec

IstioOperatorSpec defines the desired installed state of Istio components. The spec is a used to define a customization of the default profile values that are supplied with each Istio release. Because the spec is a customization API, specifying an empty IstioOperatorSpec results in a default Istio component values.

  1. apiVersion: install.istio.io/v1alpha1
  2. kind: IstioOperator
  3. spec:
  4. profile: default
  5. hub: gcr.io/istio-testing
  6. tag: latest
  7. revision: 1-8-0
  8. meshConfig:
  9. accessLogFile: /dev/stdout
  10. enableTracing: true
  11. components:
  12. egressGateways:
  13. - name: istio-egressgateway
  14. enabled: true
FieldTypeDescriptionRequired
profilestring

Path or name for the profile e.g.

  • minimal (looks in profiles dir for a file called minimal.yaml)
  • /tmp/istio/install/values/custom/custom-install.yaml (local file path)

default profile is used if this field is unset.

No
installPackagePathstring

Path for the install package. e.g.

  • /tmp/istio-installer/nightly (local file path)
No
hubstring

Root for docker image paths e.g. docker.io/istio

No
tagValue

Version tag for docker images e.g. 1.7.2

No
namespacestring

Namespace to install control plane resources into. If unset, Istio will be installed into the same namespace as the IstioOperator CR. You must also set values.global.istioNamespace if you wish to install Istio in a custom namespace. If you have enabled CNI, you must exclude this namespace by adding it to the list values.cni.excludeNamespaces.

No
revisionstring

Identify the revision this installation is associated with. This option is currently experimental.

No
defaultRevisionbool

Identify whether this revision is the default revision for the cluster This option is currently experimental.

No
meshConfigStruct

Config used by control plane components internally.

No
componentsIstioComponentSetSpec

Kubernetes resource settings, enablement and component-specific settings that are not internal to the component.

No
valuesStruct

Overrides for default values.yaml. This is a validated pass-through to Helm templates. See the Helm installation options for schema details. Anything that is available in IstioOperatorSpec should be set above rather than using the passthrough. This includes Kubernetes resource settings for components in KubernetesResourcesSpec.

No
unvalidatedValuesStruct

Unvalidated overrides for default values.yaml. Used for custom templates where new parameters are added.

No
addonComponentsmap<string, ExternalComponentSpec>

Deprecated. Users should manage the installation of addon components on their own. Refer to samples/addons for demo installation of addon components.

No

InstallStatus

Observed state of IstioOperator

FieldTypeDescriptionRequired
statusStatus

Overall status of all components controlled by the operator.

  • If all components have status NONE, overall status is NONE.
  • If all components are HEALTHY, overall status is HEALTHY.
  • If one or more components are RECONCILING and others are HEALTHY, overall status is RECONCILING.
  • If one or more components are UPDATING and others are HEALTHY, overall status is UPDATING.
  • If components are a mix of RECONCILING, UPDATING and HEALTHY, overall status is UPDATING.
  • If any component is in ERROR state, overall status is ERROR.
  • If further action is needed for reconciliation to proceed, overall status is ACTION_REQUIRED.
No
messagestring

Optional message providing additional information about the existing overall status.

No
componentStatusmap<string, VersionStatus>

Individual status of each component controlled by the operator. The map key is the name of the component.

No

IstioComponentSetSpec

IstioComponentSpec defines the desired installed state of Istio components.

FieldTypeDescriptionRequired
baseBaseComponentSpecNo
pilotComponentSpecNo
cniComponentSpecNo
ztunnelComponentSpecNo
istiodRemoteComponentSpec

Remote cluster using an external control plane.

No
ingressGatewaysGatewaySpec[]No
egressGatewaysGatewaySpec[]No

BaseComponentSpec

Configuration for base component.

FieldTypeDescriptionRequired
enabledBoolValue

Selects whether this component is installed.

No
k8sKubernetesResourcesSpec

Kubernetes resource spec.

No

ComponentSpec

Configuration for internal components.

FieldTypeDescriptionRequired
enabledBoolValue

Selects whether this component is installed.

No
namespacestring

Namespace for the component.

No
hubstring

Hub for the component (overrides top level hub setting).

No
tagValue

Tag for the component (overrides top level tag setting).

No
specStruct

Arbitrary install time configuration for the component.

No
k8sKubernetesResourcesSpec

Kubernetes resource spec.

No

ExternalComponentSpec

Configuration for external components.

FieldTypeDescriptionRequired
enabledBoolValue

Selects whether this component is installed.

No
namespacestring

Namespace for the component.

No
specStruct

Arbitrary install time configuration for the component.

No
chartPathstring

Chart path for addon components.

No
schemaAny

Optional schema to validate spec against.

No
k8sKubernetesResourcesSpec

Kubernetes resource spec.

No

GatewaySpec

Configuration for gateways.

FieldTypeDescriptionRequired
enabledBoolValue

Selects whether this gateway is installed.

No
namespacestring

Namespace for the gateway.

No
namestring

Name for the gateway.

No
labelmap<string, string>

Labels for the gateway.

No
hubstring

Hub for the component (overrides top level hub setting).

No
tagValue

Tag for the component (overrides top level tag setting).

No
k8sKubernetesResourcesSpec

Kubernetes resource spec.

No

KubernetesResourcesSpec

KubernetesResourcesConfig is a common set of k8s resource configs for components.

FieldTypeDescriptionRequired
affinityAffinity

k8s affinity. https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity

No
envEnvVar[]

Deployment environment variables. https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/

No
hpaSpecHorizontalPodAutoscalerSpec

k8s HorizontalPodAutoscaler settings. https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/

No
imagePullPolicystring

k8s imagePullPolicy. https://kubernetes.io/docs/concepts/containers/images/

No
nodeSelectormap<string, string>

k8s nodeSelector. https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector

No
podDisruptionBudgetPodDisruptionBudgetSpec

k8s PodDisruptionBudget settings. https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#how-disruption-budgets-work

No
podAnnotationsmap<string, string>

k8s pod annotations. https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

No
priorityClassNamestring

k8s priority_class_name. Default for all resources unless overridden. https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass

No
readinessProbeReadinessProbe

k8s readinessProbe settings. https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ k8s.io.api.core.v1.Probe readiness_probe = 9;

No
replicaCountuint32

k8s Deployment replicas setting. https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

No
resourcesResources

k8s resources settings. https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/#resource-requests-and-limits-of-pod-and-container

No
serviceServiceSpec

k8s Service settings. https://kubernetes.io/docs/concepts/services-networking/service/

No
strategyDeploymentStrategy

k8s deployment strategy. https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

No
tolerationsToleration[]

k8s toleration https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/

No
serviceAnnotationsmap<string, string>

k8s service annotations. https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

No
securityContextPodSecurityContext

k8s pod security context https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod

No
volumesVolume[]

k8s volume https://kubernetes.io/docs/concepts/storage/volumes/ Volumes defines the collection of Volume to inject into the pod.

No
volumeMountsVolumeMount[]

k8s volumeMounts VolumeMounts defines the collection of VolumeMount to inject into containers.

No
overlaysK8sObjectOverlay[]

Overlays for k8s resources in rendered manifests.

No

K8sObjectOverlay

Patch for an existing k8s resource.

FieldTypeDescriptionRequired
apiVersionstring

Resource API version.

No
kindstring

Resource kind.

No
namestring

Name of resource. Namespace is always the component namespace.

No
patchesPathValue[]

List of patches to apply to resource.

No

Affinity

See k8s.io.api.core.v1.Affinity.

FieldTypeDescriptionRequired
nodeAffinityNodeAffinityNo
podAffinityPodAffinityNo
podAntiAffinityPodAntiAffinityNo

ConfigMapKeySelector

See k8s.io.api.core.v1.ConfigMapKeySelector.

FieldTypeDescriptionRequired
localObjectReferenceLocalObjectReferenceNo
keystringNo
optionalboolNo

ContainerResourceMetricSource

See k8s.io.api.autoscaling.v2beta2.ContainerResourceMetricSource.

FieldTypeDescriptionRequired
namestringNo
targetMetricTargetNo
containerstringNo

ContainerResourceMetricStatus

See k8s.io.api.autoscaling.v2beta2.ContainerResourceMetricStatus.

FieldTypeDescriptionRequired
namestringNo
currentMetricValueStatusNo
containerstringNo

ClientIPConfig

See k8s.io.api.core.v1.ClientIPConfig.

FieldTypeDescriptionRequired
timeoutSecondsint32No

CrossVersionObjectReference

See k8s.io.api.autoscaling.v2beta2.CrossVersionObjectReference.

FieldTypeDescriptionRequired
kindstringNo
namestringNo
apiVersionstringNo

DeploymentStrategy

See k8s.io.api.apps.v1.DeploymentStrategy.

FieldTypeDescriptionRequired
typestringNo
rollingUpdateRollingUpdateDeploymentNo

EnvVar

See k8s.io.api.core.v1.EnvVar.

FieldTypeDescriptionRequired
namestringNo
valuestringNo
valueFromEnvVarSourceNo

EnvVarSource

See k8s.io.api.core.v1.EnvVarSource.

FieldTypeDescriptionRequired
fieldRefObjectFieldSelectorNo
resourceFieldRefResourceFieldSelectorNo
configMapKeyRefConfigMapKeySelectorNo
secretKeyRefSecretKeySelectorNo

ExecAction

See k8s.io.api.core.v1.ExecAction.

FieldTypeDescriptionRequired
commandstring[]No

ExternalMetricSource

See k8s.io.api.autoscaling.v2beta2.ExternalMetricSource.

FieldTypeDescriptionRequired
metricMetricIdentifierNo
targetMetricTargetNo
metricNamestringNo
metricSelectorLabelSelectorNo
targetValueIntOrStringNo
targetAverageValueIntOrStringNo

ExternalMetricStatus

See k8s.io.autoscaling.v2beta2.ExternalMetricStatus.

FieldTypeDescriptionRequired
metricMetricIdentifierNo
currentMetricValueStatusNo

HTTPGetAction

See k8s.io.api.core.v1.HTTPGetAction.

FieldTypeDescriptionRequired
pathstringNo
portIntOrStringNo
hoststringNo
schemestringNo
httpHeadersHTTPHeader[]No

HTTPHeader

See k8s.io.api.core.v1.HTTPHeader.

FieldTypeDescriptionRequired
namestringNo
valuestringNo

HorizontalPodAutoscalerSpec

See k8s.io.api.autoscaling.v2beta1.HorizontalPodAutoscalerSpec.

FieldTypeDescriptionRequired
scaleTargetRefCrossVersionObjectReferenceNo
minReplicasint32No
maxReplicasint32No
metricsMetricSpec[]No
behaviorHorizontalPodAutoScalerBehaviorNo

HorizontalPodAutoScalerBehavior

See k8s.io.autoscaling.v2beta2.HorizontalPodAutoScalerBehavior.

FieldTypeDescriptionRequired
scaleUpHPAScalingRulesNo
scaleDownHPAScalingRulesNo

HPAScalingRules

See k8s.io.autoscaling.v2beta2.HPAScalingRules.

FieldTypeDescriptionRequired
stabilizationWindowSecondsint32No
selectPolicystringNo
policiesHPAScalingPolicy[]No

HPAScalingPolicy

See k8s.io.autoscaling.v2beta2.HPAScalingPolicy.

FieldTypeDescriptionRequired
typestringNo
valueint32No
periodSecondsint32No

LocalObjectReference

See k8s.io.api.core.v1.LocalObjectReference.

FieldTypeDescriptionRequired
namestringNo

MetricIdentifier

See k8s.io.autoscaling.v2beta2.MetricIdentifier.

FieldTypeDescriptionRequired
namestring (oneof)No
selectorLabelSelectorNo

MetricSpec

See k8s.io.autoscaling.v2beta2.MetricSpec.

FieldTypeDescriptionRequired
typestringNo
objectObjectMetricSourceNo
podsPodsMetricSourceNo
resourceResourceMetricSourceNo
containerResourceContainerResourceMetricSourceNo
externalExternalMetricSourceNo

MetricStatus

See k8s.io.autoscaling.v2beta2.MetricStatus.

FieldTypeDescriptionRequired
typestringNo
objectObjectMetricStatusNo
podsPodsMetricStatusNo
resourceResourceMetricStatusNo
containerResourceContainerResourceMetricStatusNo
externalExternalMetricStatusNo

MetricTarget

See k8s.io.autoscaling.v2beta2.MetricTarget.

FieldTypeDescriptionRequired
typestringNo
valueIntOrStringNo
averageValueIntOrStringNo
averageUtilizationint32No

MetricValueStatus

See k8s.io.autoscaling.v2beta2.MetricValueStatus.

FieldTypeDescriptionRequired
valueIntOrStringNo
averageValueIntOrStringNo
averageUtilizationint32No

NodeAffinity

See k8s.io.api.core.v1.NodeAffinity.

FieldTypeDescriptionRequired
requiredDuringSchedulingIgnoredDuringExecutionNodeSelectorNo
preferredDuringSchedulingIgnoredDuringExecutionPreferredSchedulingTerm[]No

NodeSelector

See k8s.io.api.core.v1.NodeSelector.

FieldTypeDescriptionRequired
nodeSelectorTermsNodeSelectorTerm[]No

NodeSelectorTerm

See k8s.io.api.core.v1.NodeSelectorTerm.

FieldTypeDescriptionRequired
matchExpressionsNodeSelectorRequirement[]No
matchFieldsNodeSelectorRequirement[]No

NodeSelectorRequirement

See k8s.io.api.core.v1.NodeSelectorRequirement.

FieldTypeDescriptionRequired
keystringNo
operatorstringNo
valuesstring[]No

ObjectFieldSelector

See k8s.io.api.core.v1.ObjectFieldSelector.

FieldTypeDescriptionRequired
apiVersionstringNo
fieldPathstringNo

ObjectMeta

From k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta.

FieldTypeDescriptionRequired
namestringNo
namespacestringNo

ObjectMetricSource

See k8s.io.autoscaling.v2beta2.ObjectMetricSource.

FieldTypeDescriptionRequired
targetValue

Type changes from CrossVersionObjectReference to ResourceMetricTarget in autoscaling v2beta2/v2 compared with v2beta1 Change it to dynamic type to keep backward compatible

No
describedObjectCrossVersionObjectReferenceNo
metricMetricIdentifierNo
metricNamestringNo
targetValueIntOrStringNo
selectorLabelSelectorNo
averageValueIntOrStringNo

ObjectMetricStatus

See k8s.io.autoscaling.v2beta2.ObjectMetricStatus.

FieldTypeDescriptionRequired
metricMetricIdentifierNo
currentMetricValueStatusNo
describedObjectCrossVersionObjectReferenceNo

PodAffinity

See k8s.io.api.core.v1.PodAffinity.

FieldTypeDescriptionRequired
requiredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm[]No
preferredDuringSchedulingIgnoredDuringExecutionWeightedPodAffinityTerm[]No

PodAntiAffinity

See k8s.io.api.core.v1.PodAntiAffinity.

FieldTypeDescriptionRequired
requiredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm[]No
preferredDuringSchedulingIgnoredDuringExecutionWeightedPodAffinityTerm[]No

PodAffinityTerm

See k8s.io.api.core.v1.PodAntiAffinity.

FieldTypeDescriptionRequired
labelSelectorLabelSelectorNo
namespacesstring[]No
topologyKeystringNo

PodDisruptionBudgetSpec

See k8s.io.api.policy.v1beta1.PodDisruptionBudget.

FieldTypeDescriptionRequired
minAvailableIntOrStringNo
selectorLabelSelectorNo
maxUnavailableIntOrStringNo

PodsMetricSource

See k8s.io.autoscaling.v2beta2.PodsMetricSource.

FieldTypeDescriptionRequired
metricMetricIdentifier

v2beta2/v2 fields

No
targetMetricTargetNo
metricNamestringNo
targetAverageValueIntOrStringNo
selectorLabelSelectorNo

PodsMetricStatus

See k8s.io.autoscaling.v2beta2.PodsMetricStatus.

FieldTypeDescriptionRequired
metricMetricIdentifierNo
currentMetricValueStatusNo

PreferredSchedulingTerm

See k8s.io.api.core.v1.PreferredSchedulingTerm.

FieldTypeDescriptionRequired
weightint32No
preferenceNodeSelectorTermNo

ReadinessProbe

See k8s.io.api.core.v1.ReadinessProbe.

FieldTypeDescriptionRequired
execExecActionNo
httpGetHTTPGetActionNo
tcpSocketTCPSocketActionNo
initialDelaySecondsint32No
timeoutSecondsint32No
periodSecondsint32No
successThresholdint32No
failureThresholdint32No

ResourceFieldSelector

See k8s.io.api.core.v1..

FieldTypeDescriptionRequired
containerNamestringNo
resourcestringNo
divisorIntOrStringNo

ResourceMetricSource

See k8s.io.autoscaling.v2beta2.ResourceMetricSource.

FieldTypeDescriptionRequired
namestringNo
targetMetricTargetNo
targetAverageUtilizationint32No
targetAverageValueIntOrStringNo

ResourceMetricStatus

See k8s.io.autoscaling.v2beta2.ResourceMetricStatus.

FieldTypeDescriptionRequired
namestringNo
currentMetricValueStatusNo

Resources

See k8s.io.api.core.v1.ResourceRequirements.

FieldTypeDescriptionRequired
limitsmap<string, string>No
requestsmap<string, string>No

RollingUpdateDeployment

See k8s.io.api.apps.v1.RollingUpdateDeployment.

FieldTypeDescriptionRequired
maxUnavailableIntOrStringNo
maxSurgeIntOrStringNo

SecretKeySelector

See k8s.io.api.core.v1.SecretKeySelector.

FieldTypeDescriptionRequired
localObjectReferenceLocalObjectReferenceNo
keystringNo
optionalboolNo

ServiceSpec

See k8s.io.api.core.v1.ServiceSpec.

FieldTypeDescriptionRequired
portsServicePort[]No
selectormap<string, string>No
clusterIPstringNo
typestringNo
externalIPsstring[]No
sessionAffinitystringNo
loadBalancerIPstringNo
loadBalancerSourceRangesstring[]No
externalNamestringNo
externalTrafficPolicystringNo
healthCheckNodePortint32No
publishNotReadyAddressesboolNo
sessionAffinityConfigSessionAffinityConfigNo

ServicePort

See k8s.io.api.core.v1..

FieldTypeDescriptionRequired
namestringNo
protocolstringNo
portint32No
targetPortIntOrStringNo
nodePortint32No
appProtocolstringNo

SessionAffinityConfig

See k8s.io.api.core.v1.SessionAffinityConfig.

FieldTypeDescriptionRequired
clientIPClientIPConfigNo

TCPSocketAction

See k8s.io.api.core.v1.TCPSocketAction.

FieldTypeDescriptionRequired
portIntOrStringNo
hoststringNo

Toleration

See k8s.io.api.core.v1.Toleration.

FieldTypeDescriptionRequired
keystringNo
operatorstringNo
valuestringNo
effectstringNo
tolerationSecondsint64No

WeightedPodAffinityTerm

See k8s.io.api.core.v1.WeightedPodAffinityTerm.

FieldTypeDescriptionRequired
weightint32No
podAffinityTermPodAffinityTermNo

PodSecurityContext

See k8s.io.api.core.v1.PodSecurityContext.

FieldTypeDescriptionRequired
seLinuxOptionsSELinuxOptionsNo
runAsUserint64No
runAsNonRootboolNo
supplementalGroupsint64[]No
fsGroupint64No
runAsGroupint64No
sysctlsSysctl[]No
windowsOptionsWindowsSecurityContextOptionsNo
fsGroupChangePolicystringNo
seccompProfileSeccompProfileNo

SELinuxOptions

See k8s.io.api.core.v1.SELinuxOptions.

FieldTypeDescriptionRequired
userstringNo
rolestringNo
typestringNo
levelstringNo

Sysctl

See k8s.io.api.core.v1.Sysctl.

FieldTypeDescriptionRequired
namestringNo
valuestringNo

WindowsSecurityContextOptions

See k8s.io.api.core.v1.WindowsSecurityContextOptions.

FieldTypeDescriptionRequired
gmsaCredentialSpecNamestringNo
gmsaCredentialSpecstringNo
runAsUserNamestringNo

SeccompProfile

See k8s.io.api.core.v1.SeccompProfile.

FieldTypeDescriptionRequired
typestringNo
localhostProfilestringNo

IntOrString

IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number.

FieldTypeDescriptionRequired
typeint64No
intValInt32ValueNo
strValStringValueNo

InstallStatus.VersionStatus

VersionStatus is the status and version of a component.

FieldTypeDescriptionRequired
versionstringNo
statusStatusNo
errorstringNo

K8sObjectOverlay.PathValue

FieldTypeDescriptionRequired
pathstring

Path of the form a.[key1:value1].b.[:value2] Where [key1:value1] is a selector for a key-value pair to identify a list element and [:value] is a value selector to identify a list element in a leaf list. All path intermediate nodes must exist.

No
valueValue

Value to add, delete or replace. For add, the path should be a new leaf. For delete, value should be unset. For replace, path should reference an existing node. All values are strings but are converted into appropriate type based on schema.

No

google.protobuf.Value

Value represents a dynamically typed value which can be either null, a number, a string, a boolean, a recursive struct value, or a list of values. A producer of value is expected to set one of that variants, absence of any variant indicates an error.

The JSON representation for Value is JSON value.

FieldTypeDescriptionRequired
nullValueNullValue (oneof)

Represents a null value.

No
numberValuedouble (oneof)

Represents a double value.

No
stringValuestring (oneof)

Represents a string value.

No
boolValuebool (oneof)

Represents a boolean value.

No
structValueStruct (oneof)

Represents a structured value.

No
listValueListValue (oneof)

Represents a repeated Value.

No

k8s.io.api.core.v1.Volume

Volume represents a named volume in a pod that may be accessed by any container in the pod.

FieldTypeDescriptionRequired
namestring

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

No
volumeSourceVolumeSource

volumeSource represents the location and type of the mounted volume. If not specified, the Volume is implied to be an EmptyDir. This implied behavior is deprecated and will be removed in a future version.

No

k8s.io.api.core.v1.VolumeMount

VolumeMount describes a mounting of a Volume within a container.

FieldTypeDescriptionRequired
namestring

This must match the Name of a Volume.

No
readOnlybool

Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional

No
mountPathstring

Path within the container at which the volume should be mounted. Must not contain ‘:’.

No
subPathstring

Path within the volume from which the container’s volume should be mounted. Defaults to “” (volume’s root). +optional

No
mountPropagationstring

mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. +optional

No
subPathExprstring

Expanded path within the volume from which the container’s volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container’s environment. Defaults to “” (volume’s root). SubPathExpr and SubPath are mutually exclusive. +optional

No

k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector

A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. +structType=atomic

FieldTypeDescriptionRequired
matchLabelsmap<string, string>

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed. +optional

No
matchExpressionsLabelSelectorRequirement[]

matchExpressions is a list of label selector requirements. The requirements are ANDed. +optional

No

InstallStatus.Status

Status describes the current state of a component.

NameDescription
NONE

Component is not present.

UPDATING

Component is being updated to a different version.

RECONCILING

Controller has started but not yet completed reconciliation loop for the component.

HEALTHY

Component is healthy.

ERROR

Component is in an error state.

ACTION_REQUIRED

Overall status only and would not be set as a component status. Action is needed from the user for reconciliation to proceed e.g. There are proxies still pointing to the control plane revision when try to remove an IstioOperator CR.