pilot-discovery

Flags	Shorthand	Description
`—appNamespace <string>`	`-a`	Restrict the applications namespace the controller manages; if not set, controller watches all namespaces (default `)</td></tr><tr><td><code>--clusterRegistriesNamespace <string></code></td><td></td><td>Namespace for ConfigMap which stores clusters configs (default`)
`—configDir <string>`		Directory to watch for updates to config yaml files. If specified, the files will be used as the source of config, rather than a CRD client. (default `)</td></tr><tr><td><code>--consulserverURL <string></code></td><td></td><td>URL for the Consul server (default`)
`—ctrlz_address <string>`		The IP Address to listen on for the ControlZ introspection facility. Use ‘*’ to indicate all addresses. (default `localhost`)
`—ctrlz_port <uint16>`		The IP port to use for the ControlZ introspection facility (default `9876`)
`—disable-install-crds`		Disable discovery service from verifying the existence of CRDs at startup and then installing if not detected. It is recommended to be disable for highly available setups.
`—domain <string>`		DNS domain suffix (default `cluster.local`)
`—grpcAddr <string>`		Discovery service grpc address (default `:15010`)
`—httpAddr <string>`		Discovery service HTTP address (default `:8080`)
`—keepaliveInterval <duration>`		The time interval if no activity on the connection it pings the peer to see if the transport is alive (default `30s`)
`—keepaliveMaxServerConnectionAge <duration>`		Maximum duration a connection will be kept open on the server before a graceful close. (default `2562047h47m16.854775807s`)
`—keepaliveTimeout <duration>`		After having pinged for keepalive check, the client/server waits for a duration of keepaliveTimeout and if no activity is seen even after that the connection is closed. (default `10s`)
`—kubeconfig <string>`		Use a Kubernetes configuration file instead of in-cluster configuration (default )</td></tr><tr><td><code>--log_as_json</code></td><td></td><td>Whether to format output as JSON or in plain console-friendly format</td></tr><tr><td><code>--log_caller <string></code></td><td></td><td>Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] (default)
`—log_output_level <string>`		Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,… where scope can be one of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)
`—log_rotate <string>`		The path for the optional rotating log file (default )</td></tr><tr><td><code>--log_rotate_max_age <int></code></td><td></td><td>The maximum age in days of a log file beyond which the file is rotated (0 indicates no limit) (default `30`)</td></tr><tr><td><code>--log_rotate_max_backups <int></code></td><td></td><td>The maximum number of log file backups to keep before older files are deleted (0 indicates no limit) (default `1000`)</td></tr><tr><td><code>--log_rotate_max_size <int></code></td><td></td><td>The maximum size in megabytes of a log file beyond which the file is rotated (default `104857600`)</td></tr><tr><td><code>--log_stacktrace_level <string></code></td><td></td><td>Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,... where scope can be one of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)</td></tr><tr><td><code>--log_target <stringArray></code></td><td></td><td>The set of paths where to output the log. This can be any path as well as the special values stdout and stderr (default `[stdout]`)</td></tr><tr><td><code>--mcpInitialConnWindowSize <int></code></td><td></td><td>Initial connection window size for MCP's gRPC connection (default `1048576`)</td></tr><tr><td><code>--mcpInitialWindowSize <int></code></td><td></td><td>Initial window size for MCP's gRPC connection (default `1048576`)</td></tr><tr><td><code>--mcpMaxMsgSize <int></code></td><td></td><td>Max message size received by MCP's grpc client (default `4194304`)</td></tr><tr><td><code>--meshConfig <string></code></td><td></td><td>File name for Istio mesh configuration. If not specified, a default mesh will be used. (default `/etc/istio/config/mesh`)</td></tr><tr><td><code>--monitoringAddr <string></code></td><td></td><td>HTTP address to use for pilot's self-monitoring information (default `:15014`)</td></tr><tr><td><code>--namespace <string></code></td><td><code>-n</code></td><td>Select a namespace where the controller resides. If not set, uses ${POD_NAMESPACE} environment variable (default)
`—networksConfig <string>`		File name for Istio mesh networks configuration. If not specified, a default mesh networks will be used. (default `/etc/istio/config/meshNetworks`)
`—plugins <stringSlice>`		comma separated list of networking plugins to enable (default `[authn,authz,health,mixer]`)
`—profile`		Enable profiling via web interface host:port/debug/pprof
`—registries <stringSlice>`		Comma separated list of platform service registries to read from (choose one or more from {Kubernetes, Consul, MCP, Mock}) (default `[Kubernetes]`)
`—resync <duration>`		Controller resync interval (default `1m0s`)
`—secureGrpcAddr <string>`		Discovery service grpc address, with https (default `:15012`)
`—trust-domain <string>`		The domain serves to identify the system with spiffe (default ``)

Flags	Shorthand	Description
`—ctrlz_address <string>`		The IP Address to listen on for the ControlZ introspection facility. Use ‘*’ to indicate all addresses. (default `localhost`)
`—ctrlz_port <uint16>`		The IP port to use for the ControlZ introspection facility (default `9876`)
`—keepaliveInterval <duration>`		The time interval if no activity on the connection it pings the peer to see if the transport is alive (default `30s`)
`—keepaliveMaxServerConnectionAge <duration>`		Maximum duration a connection will be kept open on the server before a graceful close. (default `2562047h47m16.854775807s`)
`—keepaliveTimeout <duration>`		After having pinged for keepalive check, the client/server waits for a duration of keepaliveTimeout and if no activity is seen even after that the connection is closed. (default `10s`)
`—log_as_json`		Whether to format output as JSON or in plain console-friendly format
`—log_caller <string>`		Comma-separated list of scopes for which to include caller information, scopes can be any of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] (default )</td></tr><tr><td><code>--log_output_level <string></code></td><td></td><td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td></tr><tr><td><code>--log_rotate <string></code></td><td></td><td>The path for the optional rotating log file (default)
`—log_rotate_max_age <int>`		The maximum age in days of a log file beyond which the file is rotated (0 indicates no limit) (default `30`)
`—log_rotate_max_backups <int>`		The maximum number of log file backups to keep before older files are deleted (0 indicates no limit) (default `1000`)
`—log_rotate_max_size <int>`		The maximum size in megabytes of a log file beyond which the file is rotated (default `104857600`)
`—log_stacktrace_level <string>`		Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,… where scope can be one of [ads, all, analysis, attributes, authn, caSecretController, configMapController, conversions, default, grpcAdapter, k8sController, kube, kube-converter, mcp, meshconfig, model, pkiCaLog, processing, rbac, resource, rootCertRotator, runtime, server, serverCaLog, source, validation] and level can be one of [debug, info, warn, error, fatal, none] (default `default:none`)
`—log_target <stringArray>`		The set of paths where to output the log. This can be any path as well as the special values stdout and stderr (default `[stdout]`)
`—output <string>`	`-o`	One of ‘yaml’ or ‘json’. (default ``)
`—short`	`-s`	Use —short=false to generate full version information

Metric Name	Type	Description
`citadel_secret_controller_csr_err_count`	`Sum`	The number of errors occurred when creating the CSR.
`citadel_secret_controller_csr_sign_err_count`	`Sum`	The number of errors occurred when signing the CSR.
`citadel_secret_controller_secret_deleted_cert_count`	`Sum`	The number of certificates recreated due to secret deletion (service account still exists).
`citadel_secret_controller_svc_acc_created_cert_count`	`Sum`	The number of certificates created due to service account creation.
`citadel_secret_controller_svc_acc_deleted_cert_count`	`Sum`	The number of certificates deleted due to service account deletion.
`citadel_server_authentication_failure_count`	`Sum`	The number of authentication failures.
`citadel_server_csr_count`	`Sum`	The number of CSRs received by Citadel server.
`citadel_server_csr_parsing_err_count`	`Sum`	The number of errors occurred when parsing the CSR.
`citadel_server_csr_sign_err_count`	`Sum`	The number of errors occurred when signing the CSR.
`citadel_server_id_extraction_err_count`	`Sum`	The number of errors occurred when extracting the ID from CSR.
`citadel_server_root_cert_expiry_timestamp`	`LastValue`	The unix timestamp, in seconds, when Citadel root cert will expire. We set it to negative in case of internal error.
`citadel_server_success_cert_issuance_count`	`Sum`	The number of certificates issuances that have succeeded.
`endpoint_no_pod`	`LastValue`	Endpoints without an associated pod.
`galley_runtime_processor_event_span_duration_milliseconds`	`Distribution`	The duration between each incoming event
`galley_runtime_processor_events_processed_total`	`Count`	The number of events that have been processed
`galley_runtime_processor_snapshot_events_total`	`Distribution`	The number of events per snapshot
`galley_runtime_processor_snapshot_lifetime_duration_milliseconds`	`Distribution`	The duration of each snapshot
`galley_runtime_processor_snapshots_published_total`	`Count`	The number of snapshots that have been published
`galley_runtime_state_type_instances_total`	`LastValue`	The number of type instances per type URL
`galley_runtime_strategy_on_change_total`	`Count`	The number of times the strategy’s onChange has been called
`galley_runtime_strategy_timer_max_time_reached_total`	`Count`	The number of times the max time has been reached
`galley_runtime_strategy_timer_quiesce_reached_total`	`Count`	The number of times a quiesce has been reached
`galley_runtime_strategy_timer_resets_total`	`Count`	The number of times the timer has been reset
`galley_source_kube_dynamic_converter_failure_total`	`Count`	The number of times a dynamnic kubernetes source failed converting a resources
`galley_source_kube_dynamic_converter_success_total`	`Count`	The number of times a dynamic kubernetes source successfully converted a resource
`galley_source_kube_event_error_total`	`Count`	The number of times a kubernetes source encountered errored while handling an event
`galley_source_kube_event_success_total`	`Count`	The number of times a kubernetes source successfully handled an event
`galley_validation_cert_key_update_errors`	`Count`	Galley validation webhook certificate updates errors
`galley_validation_cert_key_updates`	`Count`	Galley validation webhook certificate updates
`galley_validation_config_load`	`Count`	k8s webhook configuration (re)loads
`galley_validation_config_load_error`	`Count`	k8s webhook configuration (re)load error
`galley_validation_config_update_error`	`Count`	k8s webhook configuration update error
`galley_validation_config_updates`	`Count`	k8s webhook configuration updates
`galley_validation_failed`	`Count`	Resource validation failed
`galley_validation_http_error`	`Count`	Resource validation http serve errors
`galley_validation_passed`	`Count`	Resource is valid
`istio_build`	`LastValue`	Istio component build info
`istio_mcp_clients_total`	`LastValue`	The number of streams currently connected.
	`Distribution`	Size of messages received from clients.
`istio_mcp_reconnections`	`Sum`	The number of times the sink has reconnected.
`istio_mcp_recv_failures_total`	`Sum`	The number of recv failures in the source.
`istio_mcp_request_acks_total`	`Sum`	The number of request acks received by the source.
`istio_mcp_request_nacks_total`	`Sum`	The number of request nacks received by the source.
`istio_mcp_send_failures_total`	`Sum`	The number of send failures in the source.
`mixer_config_adapter_info_config_errors_total`	`LastValue`	The number of errors encountered during processing of the adapter info configuration.
`mixer_config_adapter_info_configs_total`	`LastValue`	The number of known adapters in the current config.
`mixer_config_attributes_total`	`LastValue`	The number of known attributes in the current config.
`mixer_config_handler_configs_total`	`LastValue`	The number of known handlers in the current config.
`mixer_config_handler_validation_error_total`	`LastValue`	The number of errors encountered because handler validation returned error.
`mixer_config_instance_config_errors_total`	`LastValue`	The number of errors encountered during processing of the instance configuration.
`mixer_config_instance_configs_total`	`LastValue`	The number of known instances in the current config.
`mixer_config_rule_config_errors_total`	`LastValue`	The number of errors encountered during processing of the rule configuration.
`mixer_config_rule_config_match_error_total`	`LastValue`	The number of rule conditions that was not parseable.
`mixer_config_rule_configs_total`	`LastValue`	The number of known rules in the current config.
`mixer_config_template_config_errors_total`	`LastValue`	The number of errors encountered during processing of the template configuration.
`mixer_config_template_configs_total`	`LastValue`	The number of known templates in the current config.
`mixer_config_unsatisfied_action_handler_total`	`LastValue`	The number of actions that failed due to handlers being unavailable.
`mixer_dispatcher_destinations_per_request`	`Distribution`	Number of handlers dispatched per request by Mixer
`mixer_dispatcher_destinations_per_variety_total`	`LastValue`	Number of Mixer adapter destinations by template variety type
`mixer_dispatcher_instances_per_request`	`Distribution`	Number of instances created per request by Mixer
`mixer_handler_closed_handlers_total`	`LastValue`	The number of handlers that were closed during config transition.
`mixer_handler_daemons_total`	`LastValue`	The current number of active daemon routines in a given adapter environment.
`mixer_handler_handler_build_failures_total`	`LastValue`	The number of handlers that failed creation during config transition.
`mixer_handler_handler_close_failures_total`	`LastValue`	The number of errors encountered while closing handlers during config transition.
`mixer_handler_new_handlers_total`	`LastValue`	The number of handlers that were newly created during config transition.
`mixer_handler_reused_handlers_total`	`LastValue`	The number of handlers that were re-used during config transition.
`mixer_handler_workers_total`	`LastValue`	The current number of active worker routines in a given adapter environment.
`mixer_runtime_dispatch_duration_seconds`	`Distribution`	Duration in seconds for adapter dispatches handled by Mixer.
`mixer_runtime_dispatches_total`	`Count`	Total number of adapter dispatches handled by Mixer.
`pilot_conflict_inbound_listener`	`LastValue`	Number of conflicting inbound listeners.
`pilot_conflict_outbound_listener_http_over_current_tcp`	`LastValue`	Number of conflicting wildcard http listeners with current wildcard tcp listener.
`pilot_conflict_outbound_listener_http_over_https`	`LastValue`	Number of conflicting HTTP listeners with well known HTTPS ports
`pilot_conflict_outbound_listener_tcp_over_current_http`	`LastValue`	Number of conflicting wildcard tcp listeners with current wildcard http listener.
`pilot_conflict_outbound_listener_tcp_over_current_tcp`	`LastValue`	Number of conflicting tcp listeners with current tcp listener.
`pilot_destrule_subsets`	`LastValue`	Duplicate subsets across destination rules for same host
`pilot_duplicate_envoy_clusters`	`LastValue`	Duplicate envoy clusters caused by service entries with same hostname
`pilot_eds_no_instances`	`LastValue`	Number of clusters without instances.
`pilot_endpoint_not_ready`	`LastValue`	Endpoint found in unready state.
`pilot_inbound_updates`	`Sum`	Total number of updates received by pilot.
`pilot_invalid_out_listeners`	`LastValue`	Number of invalid outbound listeners.
`pilot_jwks_resolver_network_fetch_fail_total`	`Sum`	Total number of failed network fetch by pilot jwks resolver
`pilot_jwks_resolver_network_fetch_success_total`	`Sum`	Total number of successfully network fetch by pilot jwks resolver
`pilot_k8s_cfg_events`	`Sum`	Events from k8s config.
`pilot_k8s_endpoints_with_no_pods`	`Sum`	Endpoints that does not have any corresponding pods.
`pilot_k8s_object_errors`	`LastValue`	Errors converting k8s CRDs
`pilot_k8s_reg_events`	`Sum`	Events from k8s registry.
`pilot_no_ip`	`LastValue`	Pods not found in the endpoint table, possibly invalid.
`pilot_proxy_convergence_time`	`Distribution`	Delay in seconds between config change and a proxy receiving all required configuration.
`pilot_proxy_queue_time`	`Distribution`	Time in seconds, a proxy is in the push queue before being dequeued.
`pilot_rds_expired_nonce`	`Sum`	Total number of RDS messages with an expired nonce.
`pilot_services`	`LastValue`	Total services known to pilot.
`pilot_total_rejected_configs`	`Sum`	Total number of configs that Pilot had to reject or ignore.
`pilot_total_xds_internal_errors`	`Sum`	Total number of internal XDS errors in pilot.
`pilot_total_xds_rejects`	`Sum`	Total number of XDS responses from pilot rejected by proxy.
`pilot_virt_services`	`LastValue`	Total virtual services known to pilot.
`pilot_vservice_dup_domain`	`LastValue`	Virtual services with dup domains.
`pilot_xds`	`LastValue`	Number of endpoints connected to this pilot using XDS.
`pilot_xds_cds_reject`	`LastValue`	Pilot rejected CDS configs.
`pilot_xds_eds_all_locality_endpoints`	`LastValue`	Network endpoints for each cluster(across all localities), as of last push. Zero endpoints is an error.
`pilot_xds_eds_instances`	`LastValue`	Instances for each cluster(grouped by locality), as of last push. Zero instances is an error.
`pilot_xds_eds_reject`	`LastValue`	Pilot rejected EDS.
`pilot_xds_lds_reject`	`LastValue`	Pilot rejected LDS.
`pilot_xds_push_context_errors`	`Sum`	Number of errors (timeouts) initiating push context.
`pilot_xds_push_time`	`Distribution`	Total time in seconds Pilot takes to push lds, rds, cds and eds.
`pilot_xds_pushes`	`Sum`	Pilot build and send errors for lds, rds, cds and eds.
`pilot_xds_rds_reject`	`LastValue`	Pilot rejected RDS.
`pilot_xds_write_timeout`	`Sum`	Pilot XDS response write timeouts.
`sidecar_injection_failure_total`	`Sum`	Total number of failed Side car injection requests.
`sidecar_injection_requests_total`	`Sum`	Total number of Side car injection requests.
`sidecar_injection_skip_total`	`Sum`	Total number of skipped injection requests.
`sidecar_injection_success_total`	`Sum`	Total number of successful Side car injection requests.