—binaryPath <string> | Path to the proxy binary (default /usr/local/bin/envoy) |
—concurrency <int> | number of worker threads to run (default 0) |
—configPath <string> | Path to the generated configuration file directory (default /etc/istio/proxy) |
—connectTimeout <duration> | Connection timeout used by Envoy for supporting services (default 1s) |
—controlPlaneAuthPolicy <string> | Control Plane Authentication Policy (default NONE) |
—controlPlaneBootstrap | Process bootstrap provided via templateFile to be used by control plane components. |
—customConfigFile <string> | Path to the custom configuration file (default )</td></tr><tr><td><code>--datadogAgentAddress <string></code></td><td>Address of the Datadog Agent (default) |
—disableInternalTelemetry | Disable internal telemetry |
—discoveryAddress <string> | Address of the discovery service exposing xDS (e.g. istio-pilot:8080) (default istio-pilot:15010) |
—dnsRefreshRate <string> | The dns_refresh_rate for bootstrap STRICT_DNS clusters (default 300s) |
—domain <string> | DNS domain suffix. If not provided uses ${POD_NAMESPACE}.svc.cluster.local (default )</td></tr><tr><td><code>--drainDuration <duration></code></td><td>The time in seconds that Envoy will drain connections during a hot restart (default `45s`)</td></tr><tr><td><code>--envoyAccessLogService <string></code></td><td>Settings of an Envoy gRPC Access Log Service API implementation (default) |
—envoyMetricsService <string> | Settings of an Envoy gRPC Metrics Service API implementation (default )</td></tr><tr><td><code>--id <string></code></td><td>Proxy unique ID. If not provided uses ${POD_NAME}.${POD_NAMESPACE} from environment variables (default) |
—ip <string> | Proxy IP address. If not provided uses ${INSTANCE_IP} environment variable. (default )</td></tr><tr><td><code>--lightstepAccessToken <string></code></td><td>Access Token for LightStep Satellite pool (default) |
—lightstepAddress <string> | Address of the LightStep Satellite pool (default )</td></tr><tr><td><code>--lightstepCacertPath <string></code></td><td>Path to the trusted cacert used to authenticate the pool (default) |
—lightstepSecure | Should connection to the LightStep Satellite pool be secure |
—log_as_json | Whether to format output as JSON or in plain console-friendly format |
—log_caller <string> | Comma-separated list of scopes for which to include caller information, scopes can be any of [all, cacheLog, citadelClientLog, configMapController, default, googleCAClientLog, model, rbac, sdsServiceLog, secretFetcherLog, stsClientLog, validation, vaultClientLog] (default )</td></tr><tr><td><code>--log_output_level <string></code></td><td>Comma-separated minimum per-scope logging level of messages to output, in the form of <scope>:<level>,<scope>:<level>,... where scope can be one of [all, cacheLog, citadelClientLog, configMapController, default, googleCAClientLog, model, rbac, sdsServiceLog, secretFetcherLog, stsClientLog, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default `default:info`)</td></tr><tr><td><code>--log_rotate <string></code></td><td>The path for the optional rotating log file (default) |
—log_rotate_max_age <int> | The maximum age in days of a log file beyond which the file is rotated (0 indicates no limit) (default 30) |
—log_rotate_max_backups <int> | The maximum number of log file backups to keep before older files are deleted (0 indicates no limit) (default 1000) |
—log_rotate_max_size <int> | The maximum size in megabytes of a log file beyond which the file is rotated (default 104857600) |
—log_stacktrace_level <string> | Comma-separated minimum per-scope logging level at which stack traces are captured, in the form of <scope>:<level>,<scope:level>,… where scope can be one of [all, cacheLog, citadelClientLog, configMapController, default, googleCAClientLog, model, rbac, sdsServiceLog, secretFetcherLog, stsClientLog, validation, vaultClientLog] and level can be one of [debug, info, warn, error, fatal, none] (default default:none) |
—log_target <stringArray> | The set of paths where to output the log. This can be any path as well as the special values stdout and stderr (default [stdout]) |
—mixerIdentity <string> | The identity used as the suffix for mixer’s spiffe SAN. This would only be used by pilot all other proxy would get this value from pilot (default )</td></tr><tr><td><code>--outlierLogPath <string></code></td><td>The log path for outlier detection (default) |
—parentShutdownDuration <duration> | The time in seconds that Envoy will wait before shutting down the parent process during a hot restart (default 1m0s) |
—pilotIdentity <string> | The identity used as the suffix for pilot’s spiffe SAN (default )</td></tr><tr><td><code>--proxyAdminPort <uint16></code></td><td>Port on which Envoy should listen for administrative commands (default `15000`)</td></tr><tr><td><code>--proxyComponentLogLevel <string></code></td><td>The component log level used to start the Envoy proxy (default `misc:error`)</td></tr><tr><td><code>--proxyLogLevel <string></code></td><td>The log level used to start the Envoy proxy (choose from {trace, debug, info, warning, error, critical, off}) (default `warning`)</td></tr><tr><td><code>--serviceCluster <string></code></td><td>Service cluster (default `istio-proxy`)</td></tr><tr><td><code>--serviceregistry <string></code></td><td>Select the platform for service registry, options are {Kubernetes, Consul, MCP, Mock} (default `Kubernetes`)</td></tr><tr><td><code>--statsdUdpAddress <string></code></td><td>IP Address and Port of a statsd UDP listener (e.g. 10.75.241.127:9125) (default) |
—statusPort <uint16> | HTTP Port on which to serve pilot agent status. If zero, agent status will not be provided. (default 0) |
—templateFile <string> | Go template bootstrap config (default )</td></tr><tr><td><code>--trust-domain <string></code></td><td>The domain to use for identities (default) |
—zipkinAddress <string> | Address of the Zipkin service (e.g. zipkin:9411) (default ``) |
我的书签
添加书签
移除书签