labels: io.rancher.certified: partner questions: - variable: xDSAdaptor.image required: true type: string default: "quay.io/citrix/citrix-xds-adaptor:0.9.9" description: "xds-adaptor Image to be used" label: xDSAdaptor Image group: "xDSAdaptor Settings" - variable: xDSAdaptor.imagePullPolicy required: true type: enum default: IfNotPresent description: "Istio-adaptor Image pull policy" label: istioAdaptor imagePullPolicy options: - "Always" - "IfNotPresent" - "Never" group: "xDSAdaptor Settings" - variable: xDSAdaptor.proxyType required: true type: string default: true label: xDSAdaptor proxyType description: "xDSAdaptor proxyType type set to router by default" group: "xDSAdaptor Settings" - variable: xDSAdaptor.secureConnect required: false type: boolean default: true label: xDSAdaptor secureConnect description: "xDSAdaptor establishes secure gRPC channel with Istio Pilot, if value is set to true" group: "xDSAdaptor Settings" - variable: xDSAdaptor.logLevel required: false type: enum default: DEBUG label: xDSAdaptor logLevel description: "xDSAdaptor logLevel" options: - "TRACE" - "DEBUG" - "INFO" - "WARN" - "ERROR" group: "xDSAdaptor Settings" - variable: xDSAdaptor.jsonLog required: false type: string default: "true" label: xDSAdaptor jsonLog description: "Set this argument to true if log messages are required in JSON format" group: "xDSAdaptor Settings" - variable: coe.coeURL required: false type: string label: coe coeURL description: "Name of Citrix Observability Exporter Service" group: "COE Settings" - variable: coe.coeTracing required: false type: boolean label: coe coeTracing description: "Used to send appflow transactions to Zipkin endpoint,if true ADM servicegraph (if configured) can be impacted" group: "COE Settings" - variable: istioPilot.name required: true type: string default: istio-pilot label: istio-pilot name group: "istio-pilot Settings" - variable: istioPilot.namespace required: true type: string default: istio-system label: istio-pilot namespace description: "Name of the Istio Pilot service" group: "istio-pilot Settings" - variable: istioPilot.secureGrpcPort required: true type: int default: 15011 description: "Secure GRPC port where Istio Pilot is listening" label: istio-pilot secureGrpcPort show_if: "xDSAdaptor.secureConnect=true" group: "istio-pilot Settings" - variable: istioPilot.insecureGrpcPort required: true type: int default: 15010 label: istio-pilot insecureGrpcPort description: "Insecure GRPC port where Istio Pilot is listening" show_if: "xDSAdaptor.secureConnect=false" group: "istio-pilot Settings" - variable: istioPilot.SAN required: false type: string default: label: istio-pilot SAN description: "Subject alternative name for Istio Pilot which is (SPIFFE) ID of Istio Pilot" show_if: "xDSAdaptor.secureConnect=true" group: "istio-pilot Settings" - variable: certProvider.caAddr required: true type: string default: "istiod.istio-system.svc" label: certProvider caAddr description: "Certificate Authority (CA) address issuing certificate to application" group: "certProvider Settings" - variable: certProvider.caPort required: true type: int default: 15012 label: certProvider caPort description: "Certificate Authority (CA) port issuing certificate to application" group: "certProvider Settings" - variable: certProvider.trustDomain required: true type: string default: "cluster.local" label: certProvider trustDomain description: "SPIFFE Trust Domain" group: "certProvider Settings" - variable: certProvider.certTTLinHours required: true type: int default: 720 label: certProvider certTTLinHours description: "Validity of certificate generated by xds-adaptor and signed by Istiod (Istio Citadel) in hours." group: "certProvider Settings" - variable: certProvider.clusterId required: true type: string default: "Kubernetes" label: certProvider clusterId description: "clusterId is the ID of the cluster where Istiod CA instance resides (default Kubernetes). It can be different value on some cloud platforms or in m ulticluster environments. For example, in Anthos servicemesh, it might be of the format of `cn--`. In multiCluster environments, it is the val ue of global.multiCluster.clusterName provided during servicemesh control plane installation" group: "certProvider Settings" - variable: certProvider.jwtPolicy required: true type: enum default: "first-party-jwt" label: certProvider jwtPolicy description: "Kubernetes platform supports First party tokens and Third party tokens" options: - "first-party-jwt" - "third-party-jwt" - variable: cpxProxy.netscalerUrl required: true type: string default: "http://127.0.0.1" description: "Citrix ADC CPX image used as sidecar proxy" label: cpxProxy image group: "cpxProxy Settings" - variable: cpxProxy.image required: true type: string default: "quay.io/citrix/citrix-k8s-cpx-ingress:13.0-79.64" description: "Citrix ADC CPX image used as sidecar proxy" label: cpxProxy image group: "cpxProxy Settings" - variable: cpxProxy.imagePullPolicy required: true type: enum default: IfNotPresent description: "cpxProxy Image pull policy" label: cpxProxy imagePullPolicy options: - "Always" - "IfNotPresent" - "Never" group: "cpxProxy Settings" - variable: cpxProxy.EULA required: true type: enum label: cpxProxy EULA license options: - "YES" - "NO" group: "cpxProxy Settings" - variable: cpxProxy.cpxSidecarMode required: true type: string default: "YES" description: "Environment variable for Citrix ADC CPX. It indicates that Citrix ADC CPX is running as sidecar mode or not" label: cpxProxy image options: - "YES" - "NO" group: "cpxProxy Settings" - variable: cpxProxy.mgmtHttpPort required: true type: int default: 10080 label: cpxProxy mgmtHttpPort group: "cpxProxy Settings" - variable: cpxProxy.mgmtHttpsPort required: true type: int default: 10443 label: cpxProxy mgmtHttpsPort group: "cpxProxy Settings" - variable: cpxProxy.cpxDisableProbe required: true type: string default: YES description: "Environment variable for Citrix ADC CPX. It indicates that Citrix ADC CPX will disable probing dynamic services. It should be enabled for multicluster setup." label: cpxProxy cpxDisableProbe options: - "YES" - "NO" group: "cpxProxy Settings" - variable: sidecarWebHook.webhookImage required: true type: string default: "quay.io/citrix/cpx-istio-sidecar-injector:1.0.0" label: sidecarWebHook webhookImage description: "webhookImage image to be used" group: "sidecarWebHook Settings" - variable: sidecarWebHook.imagePullPolicy required: true type: enum default: IfNotPresent label: sidecarWebHook imagePullPolicy options: - "Always" - "IfNotPresent" - "Never" group: "sidecarWebHook Settings" - variable: sidecarCertsGenerator.image required: true type: string default: " quay.io/citrix/cpx-sidecar-injector-certgen:1.1.0" label: sidecarWebHook webhookImage description: "webhookImage image to be used" group: "sidecarCertsGenerator Settings" - variable: sidecarCertsGenerator.imagePullPolicy required: true type: enum default: IfNotPresent label: sidecarWebHook imagePullPolicy options: - "Always" - "IfNotPresent" - "Never" group: "sidecarCertsGenerator Settings" - variable: ADMSettings.ADMIP required: false type: string default: label: ADMSettings ADMIP description: "Citrix Application Delivery Management (ADM) IP address" group: "ADMSettings Settings" - variable: ADMSettings.licenseServerIP required: false type: string default: label: ADMSettings licenseServerIP description: "Citrix License Server IP address" group: "ADMSettings Settings" - variable: ADMSettings.licenseServerPort required: false type: int default: 27000 label: ADMSettings licenseServerPort description: "Citrix ADM port if a non-default port is used" group: "ADMSettings Settings" - variable: ADMSettings.bandWidthLicense required: false type: boolean default: false label: ADMSettings bandWidthLicense description: "To specify bandwidth based licensing" group: "ADMSettings Settings" - variable: ADMSettings.bandWidth required: false type: string default: label: ADMSettings bandWidth description: "Desired bandwidth capacity to be set for Citrix ADC CPX in Mbps" group: "ADMSettings Settings" - variable: webhook.injectionLabelName required: true type: string default: "cpx-injection" label: webhook injectionLabelName description: "Label of namespace, where automatic sidecr injection is required" group: "webhook Settings"