forked from openservicemesh/osm
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.env.example
193 lines (142 loc) · 6.88 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
#!/bin/bash
#---------------------------------------------------------------------------------
# env variables required for running the demo
# mandatory: URL of the container registry to use.
# Default (local Kind registry): localhost:5000
# Azure Container Registry (ACR) example: osmci.azurecr.io/osm
export CTR_REGISTRY=localhost:5000
# mandatory: Password to the container registry to use. Leave blank if no authentication is required.
# For Azure Container Registry (ACR), the following command may be used: az acr credential show -n <your_registry_name> --query "passwords[0].value" | tr -d '"'
# For the local registry stood up with `make kind-up`, this can be left blank.
# USE_PRIVATE_REGISTRY=true must be set in addition for this password to be used when pulling images.
export CTR_REGISTRY_PASSWORD=
#---------------------------------------------------------------------------------
#---------------------------------------------------------------------------------
# env variables required to use helper scripts (logs, port forwarding etc.)
# optional: Kubernetes namespace where OSM will be installed.
# This cannot be the default namespace because it has to be a namespace that can be deleted.
# Default: osm-system
export K8S_NAMESPACE=osm-system
# optional: Kubernetes namespace where bookbuyer app will be installed.
# This cannot be the default namespace because it has to be a namespace that can be deleted.
# Default: bookbuyer
export BOOKBUYER_NAMESPACE=bookbuyer
# optional: Kubernetes namespace where bookthief app will be installed.
# This cannot be the default namespace because it has to be a namespace that can be deleted.
# Default: bookthief
export BOOKTHIEF_NAMESPACE=bookthief
# optional: Kubernetes namespace where bookstore app will be installed.
# This cannot be the default namespace because it has to be a namespace that can be deleted.
# Default: bookstore
export BOOKSTORE_NAMESPACE=bookstore
# optional: Kubernetes namespace where bookwarehouse app will be installed.
# This cannot be the default namespace because it has to be a namespace that can be deleted.
# Default: bookwarehouse
export BOOKWAREHOUSE_NAMESPACE=bookwarehouse
#--------------------------------------------------------------------------------
#--------------------------------------------------------------------------------
# optional environment variables used to change defaults
# optional: Name to be used for the Kubernetes secrets resource to be created from the Docker container registry.
# Default: acr-creds
# export CTR_REGISTRY_CREDS_NAME=acr-creds
# optional: Whether to enable permissive mode, defaults to true.
# Default: true
# export PERMISSIVE_MODE=false
# optional: A tag for the containers used to version the container images in the registry
# Default: latest
# export CTR_TAG=latest
# optional: The image pull policy for OSM images
# Default: Always
# export IMAGE_PULL_POLICY=Always
# optional: Path to your Kubernetes config file present locally.
# export KUBECONFIG=~/.kube/config
# optional: Enable human readable logs on the console
# export OSM_HUMAN_DEBUG_LOG=true
# optional: Enable logging of observed Kubernetes events (must have trace logging level enabled as well)
# export OSM_LOG_KUBERNETES_EVENTS=true
# optional: Retention time for the data scraped by Prometheus service. Default is 15d
# export PROMETHEUS_RETENTION_TIME=5d
# optional: Name of the bookstore service bookbuyer and bookthief make requests to.
# Default: bookstore
# export BOOKSTORE_SVC=bookstore
# optional: Expected response code when bookthief makes reqeusts to bookstore
# Default: 0 (200 with permissive traffic policy mode)
# export BOOKTHIEF_EXPECTED_RESPONSE_CODE=0
# optional: ENABLE_DEBUG_SERVER (true/false)
# Default: true
# export ENABLE_DEBUG_SERVER=true
# optional: ENABLE_EGRESS (true/false)
# Default: true
# export ENABLE_EGRESS=false
# optional: ENABLE_RECONCILER (true/false)
# Default: false
# export ENABLE_RECONCILER=true
# optional: DEPLOY_GRAFANA (true/false)
# Default: false
# export DEPLOY_GRAFANA=true
# optional: DEPLOY_JAEGER (true/false)
# Default: false
# export DEPLOY_JAEGER=true
# optional: ENABLE_FLUENTBIT (true/false)
# Default: false
# export ENABLE_FLUENTBIT=true
# optional: DEPLOY_PROMETHEUS (true/false)
# Default: false
# export DEPLOY_PROMETHEUS=true
# optional: Maximum of iterations to test for expected return codes. 0 means unlimited.
# export CI_MAX_ITERATIONS_THRESHOLD=0
# optional: Time in seconds that a bookbuyer sleeps between requests.
# Default: 1
# export CI_SLEEP_BETWEEN_REQUESTS_SECONDS=1
# optional: Whether to deploy multiple services (currently bookstore) associated the same service account
# Default: false
# export DEPLOY_WITH_SAME_SA=false
# optional: Whether to deploy traffic split policy or not
# Default: true
# export DEPLOY_TRAFFIC_SPLIT=true
# optional: specify the log level for the enovy's
# Default: debug
# export ENVOY_LOG_LEVEL=debug
### The section below configures certificates management
### OSM has 2 ways to manage certificates
### Set CERT_MANAGER to "tresor" to use the internal system (relies on k8s secrets)
### Set CERT_MANAGER to "vault" to use Hashicorp Vault
### Set CERT_MANAGER to "cert-manager" to use cert-manager
# optional: What certificate manager to use. One of: tresor, vault, or cert-manager
# Default: tresor
# export CERT_MANAGER=tresor
# optional: The mesh name for the osm installation
# Default: osm
# Must conform to same guidlines as a valid Kubernetes label value. Must be 63 characters
# or less and must be empty or begin and end with an alphanumeric character ([a-z0-9A-Z])
# with dashes (-), underscores (_), dots (.), and alphanumerics between.
# export MESH_NAME=osm
### When CERT_MANAGER is set to "vault" the following also have to be set:
### Enable Hashicorp Vault integration
# export CERT_MANAGER=vault
### The Hashicorp Vault host/service - where Vault is installed
# export VAULT_HOST="vault.${K8S_NAMESPACE}.svc.cluster.local"
### The protocol to use to connect to Vault
# export VAULT_PROTOCOL=http
### The token that should be used to connect to Vault
# export VAULT_TOKEN=xyz
### optional: Name of the Vault role dedicated to OSM
#export VAULT_ROLE=openservicemesh
### optional: Whether to configure the demo to run on an OpenShift cluster
# Default: false
#export DEPLOY_ON_OPENSHIFT=false
# optional: Timeout for OSM installation and kubectl --wait commands
# Default: 90s
# export TIMEOUT=90s
### optional: Whether the CTR_REGISTRY is a private container registry
# Default: false
#export USE_PRIVATE_REGISTRY=true
### optional: Whether to publish OSM docker images to container registry
# Default: true
#export PUBLISH_IMAGES=true
### optional: The local proxy mode for the control plane
# Default: Localhost
# export LOCAL_PROXY_MODE=Localhost
# See ./demo/deploy-vault.sh script on an example of how to deploy Hashicorp Vault
# to your Kubernetes cluster.
#--------------------------------------------------------------------------------