labels: io.rancher.certified: partner questions: - variable: citrixCPX required: true type: boolean default: true description: "Set true to use Citrix ADC CPX as ingress device. Set false to use VPX/MPX as ingress device" label: citrixCPX group: "Deployment Settings" - variable: secrets.name required: true type: string default: "nslogin" description: "Ensure to create nslogin secret in same namespace" show_if: "citrixCPX=false" group: "nslogin Settings" - variable: xDSAdaptor.image required: true type: string default: "quay.io/citrix/citrix-xds-adaptor:0.9.9" label: xDSAdaptor Image description: "xDSAdaptor Image to be used with version" group: "xDSAdaptor Settings" - variable: xDSAdaptor.imagePullPolicy required: true type: enum default: IfNotPresent label: xDSAdaptor imagePullPolicy description: "xDSAdaptor Image pull policy" options: - "Always" - "IfNotPresent" - "Never" group: "xDSAdaptor Settings" - variable: xDSAdaptor.proxyType required: false type: string default: "router" label: xDSAdaptor proxyType description: "xDSAdaptor proxyType type set to router by default" group: "xDSAdaptor Settings" - variable: xDSAdaptor.secureConnect required: true type: boolean default: true label: xDSAdaptor secureConnect description: "If this value is set to true, xDSAdaptor establishes secure gRPC channel with Istio Pilot" group: "xDSAdaptor Settings" - variable: xDSAdaptor.logLevel required: false type: enum default: DEBUG label: xDSAdaptor logLevel description: "xDSAdaptor logLevel" options: - "TRACE" - "DEBUG" - "INFO" - "WARN" - "ERROR" group: "xDSAdaptor Settings" - variable: xDSAdaptor.jsonLog required: false type: string default: "true" label: xDSAdaptor jsonLog description: "Set this argument to true if log messages are required in JSON format" group: "xDSAdaptor Settings" - variable: coe.coeURL required: false type: string label: coe coeURL description: "Name of Citrix Observability Exporter Service" group: "COE Settings" - variable: coe.coeTracing required: false type: boolean label: coe coeTracing description: "Used to send appflow transactions to Zipkin endpoint,if true ADM servicegraph (if configured) can be impacted" group: "COE Settings" - variable: istioPilot.name required: true type: string default: istiod label: istio-pilot name group: "istio-pilot Settings" description: "Name of the Istio Pilot service" - variable: istioPilot.namespace required: true type: string default: istio-system label: istio-pilot namespace description: "Namespace where Istio Pilot is running" group: "istio-pilot Settings" - variable: istioPilot.secureGrpcPort required: true type: int default: 15012 label: istio-pilot secureGrpcPort show_if: "xDSAdaptor.secureConnect=true" description: "Secure GRPC port where Istio Pilot is listening" group: "istio-pilot Settings" - variable: istioPilot.insecureGrpcPort required: true type: int default: 15010 show_if: "xDSAdaptor.secureConnect=false" label: istio-pilot insecureGrpcPort description: "Insecure GRPC port where Istio Pilot is listening" group: "istio-pilot Settings" - variable: istioPilot.SAN required: false type: string default: label: istio-pilot SAN description: "Subject alternative name for Istio Pilot which is (SPIFFE) ID of Istio Pilot" show_if: "xDSAdaptor.secureConnect=true" group: "istio-pilot Settings" - variable: ingressGateway.netscalerUrl required: true type: string default: label: ingressGateway netscalerUrl description: "URL or IP address of the Citrix ADC which Istio-adaptor configures (Mandatory if citrixCPX=false)" show_if: "citrixCPX=false" group: "ingressGateway Settings" - variable: ingressGateway.image required: true type: string default: "quay.io/citrix/citrix-k8s-cpx-ingress:13.0-79.64" label: ingressGateway Image description: "ingressGateway image to be used" group: "ingressGateway Settings" - variable: ingressGateway.imagePullPolicy required: true type: enum default: IfNotPresent label: ingressGateway imagePullPolicy description: Ingress-gateway Image pull policy group: "ingressGateway Settings" options: - "Always" - "IfNotPresent" - "Never" - variable: ingressGateway.EULA required: true type: enum description: "End user license agreement (read EULA before accepting it yes)" label: ingressGateway EULA options: - "YES" - "NO" group: "ingressGateway Settings" - variable: ingressGateway.mgmtHttpPort required: true type: int default: 10080 label: ingressGateway mgmtHttpPort description: "Management port of the Citrix ADC CPX" show_if: "citrixCPX=true" group: "ingressGateway Settings" - variable: ingressGateway.mgmtHttpsPort required: true type: int default: 10443 show_if: "citrixCPX=true" label: ingressGateway mgmtHttpsPort description: "Secure management port of Citrix ADC CPX" group: "ingressGateway Settings" - variable: ingressGateway.httpNodePort required: true type: int default: 30180 show_if: "citrixCPX=true" label: ingressGateway httpNodePort description: "Port on host machine which is used to expose HTTP port of Citrix ADC CPX" group: "ingressGateway Settings" - variable: ingressGateway.httpsNodePort required: true type: int default: 31443 show_if: "citrixCPX=true" label: ingressGateway httpsNodePort description: "Port on host machine which is used to expose HTTPS port of Citrix ADC CPX" group: "ingressGateway Settings" - variable: ingressGateway.nodePortRequired required: true type: boolean default: true label: ingressGateway nodePortRequired description: "Set this argument if servicetype to be NodePort of Citrix ADC CPX, else it will be loadbalancer type" group: "ingressGateway Settings" - variable: ingressGateway.lightWeightCPX required: false type: int default: 1 show_if: "citrixCPX=true" label: ingressGateway lightWeightCPX description: "Set this argument if lighter version of Citrix ADC CPX used" group: "ingressGateway Settings" - variable: ingressGateway.label required: true type: string default: "citrix-ingressgateway" label: ingressGateway label description: "Custom label for the Ingress Gateway service" group: "ingressGateway Settings" - variable: ingressGateway.vserverIP required: true type: string default: "nsip" show_if: "citrixCPX=false" label: ingressGateway vserverIP description: "Virtual server IP address on Citrix ADC" group: "ingressGateway Settings" - variable: ingressGateway.adcServerName required: false type: string default: label: ingressGateway adcServerName description: "Citrix ADC ServerName used in the Citrix ADC certificate" group: "ingressGateway Settings" - variable: ingressGateway.netProfile required: false type: string default: label: ingressGateway netProfile description: "Network profile name used to configure Citrix ADC VPX or MPX which is deployed as Ingress Gateway" show_if: "citrixCPX=false" group: "ingressGateway Settings" - variable: ingressGateway.multiClusterIngress required: false type: boolean default: false label: ingressGateway multiClusterIngress description: "Flag indicating if Citrix ADC is acting as Ingress gateway to multi cluster Istio mesh installation" group: "ingressGateway Settings" - variable: ingressGateway.multiClusterListenerPort required: true type: int default: 15443 label: ingressGateway multiClusterListenerPort description: "Port opened on Citrix ADC to enable inter-cluster service to service (E-W) communication" show_if: "ingressGateway.multiClusterIngress=true" group: "ingressGateway Settings" - variable: ingressGateway.multiClusterListenerNodePort required: true type: int default: 15443 label: ingressGateway multiClusterListenerNodePort description: "Nodeport for multiClusterListenerPort in case of Citrix ADC CPX acting as Ingress gateway" show_if: "ingressGateway.multiClusterIngress=true" group: "ingressGateway Settings" - variable: ingressGateway.multiClusterSvcDomain required: true type: string default: global label: ingressGateway multiClusterSvcDomain description: "Domain suffix of remote service (deployed in other cluster) used in E-W communication" show_if: "ingressGateway.multiClusterIngress=true" group: "ingressGateway Settings" - variable: metricExporter.required required: false type: boolean default: true label: Exporter required description: "Metrics exporter for Citrix ADC" group: "metricExporter Settings" - variable: metricExporter.image required: true type: string default: "quay.io/citrix/citrix-adc-metrics-exporter:1.4.8" label: Exporter Image description: "Exporter Image to be used with version" show_if: "metricExporter.required=true" group: "metricExporter Settings" - variable: metricExporter.port required: true type: int default: 8888 label: metricExporter Port show_if: "metricExporter.required=true" group: "metricExporter Settings" - variable: metricExporter.logLevel required: true type: enum default: ERROR label: metricExporter logLevel show_if: "metricExporter.required=true" group: "metricExporter Settings" options: - "DEBUG" - "INFO" - "WARNING" - "ERROR" - "TRACE" - variable: metricExporter.imagePullPolicy required: true type: enum default: IfNotPresent label: metricExporter imagePullPolicy description: "Exporter Image pull policy" show_if: "metricExporter.required=true" group: "metricExporter Settings" options: - "Always" - "IfNotPresent" - "Never" - variable: certProvider.caAddr required: true type: string default: "istiod.istio-system.svc" label: certProvider caAddr description: "Certificate Authority (CA) address issuing certificate to application" group: "certProvider Settings" - variable: certProvider.caPort required: true type: int default: 15012 label: certProvider caPort description: "Certificate Authority (CA) port issuing certificate to application" group: "certProvider Settings" - variable: certProvider.trustDomain required: true type: string default: "cluster.local" label: certProvider trustDomain description: "SPIFFE Trust Domain" group: "certProvider Settings" - variable: certProvider.certTTLinHours required: true type: int default: 720 label: certProvider certTTLinHours description: "Validity of certificate generated by xds-adaptor and signed by Istiod (Istio Citadel) in hours." group: "certProvider Settings" - variable: certProvider.clusterId required: true type: string default: "Kubernetes" label: certProvider clusterId description: "clusterId is the ID of the cluster where Istiod CA instance resides (default Kubernetes). It can be different value on some cloud platforms or in m ulticluster environments. For example, in Anthos servicemesh, it might be of the format of `cn--`. In multiCluster environments, it is the val ue of global.multiCluster.clusterName provided during servicemesh control plane installation" group: "certProvider Settings" - variable: certProvider.jwtPolicy required: true type: enum default: "first-party-jwt" label: certProvider jwtPolicy description: "Kubernetes platform supports First party tokens and Third party tokens" options: - "first-party-jwt" - "third-party-jwt" group: "certProvider Settings" - variable: ADMSettings.ADMIP required: false type: string default: label: ADMSettings ADMIP description: "Citrix Application Delivery Management (ADM) IP address" group: "ADMSettings Settings" - variable: ADMSettings.licenseServerIP required: false type: string default: label: ADMSettings licenseServerIP description: "Citrix License Server IP address" group: "ADMSettings Settings" - variable: ADMSettings.licenseServerPort required: false type: int default: 27000 label: ADMSettings licenseServerPort description: "Citrix ADM port if a non-default port is used" group: "ADMSettings Settings" - variable: ADMSettings.bandWidthLicense required: false type: boolean default: false label: ADMSettings bandWidthLicense description: "To specify bandwidth based licensing" group: "ADMSettings Settings" - variable: ADMSettings.bandWidth required: false type: string default: label: ADMSettings bandWidth description: "Desired bandwidth capacity to be set for Citrix ADC CPX in Mbps" group: "ADMSettings Settings" - variable: ADMSettings.vCPULicense required: false type: boolean default: "false" label: ADMSettings vCPULicense description: "To specify vCPULicense based licensing" group: "ADMSettings Settings" - variable: ADMSettings.cpxCores required: false type: string default: label: ADMSettings cpxCores description: "To specify cpxCores in licensing" group: "ADMSettings Settings"