Name: cilium-config Namespace: kube-system Labels: app.kubernetes.io/managed-by=Helm Annotations: meta.helm.sh/release-name: cilium meta.helm.sh/release-namespace: kube-system Data ==== bpf-policy-map-max: ---- 16384 custom-cni-conf: ---- false enable-health-checking: ---- true enable-ipv4: ---- true k8s-client-qps: ---- 5 synchronize-k8s-nodes: ---- true cilium-endpoint-gc-interval: ---- 5m0s enable-ipv4-big-tcp: ---- false kube-proxy-replacement: ---- disabled monitor-aggregation-flags: ---- all proxy-connect-timeout: ---- 2 proxy-max-connection-duration-seconds: ---- 0 agent-not-ready-taint-key: ---- node.cilium.io/agent-not-ready cni-log-file: ---- /var/run/cilium/cilium-cni.log enable-endpoint-health-checking: ---- true enable-k8s-terminating-endpoint: ---- true node-port-bind-protection: ---- true proxy-prometheus-port: ---- 9964 bpf-map-dynamic-size-ratio: ---- 0.0025 bpf-root: ---- /sys/fs/bpf cluster-id: ---- 0 cnp-node-status-gc-interval: ---- 0s dnsproxy-enable-transparent-mode: ---- true enable-ipv6-big-tcp: ---- false install-no-conntrack-iptables-rules: ---- false tofqdns-max-deferred-connection-deletes: ---- 10000 cluster-pool-ipv4-cidr: ---- 10.0.0.0/8 debug-verbose: ---- enable-bpf-clock-probe: ---- false enable-l2-neigh-discovery: ---- true enable-remote-node-identity: ---- true enable-svc-source-range-check: ---- true remove-cilium-node-taints: ---- true tofqdns-endpoint-max-ip-per-hostname: ---- 50 vtep-mac: ---- write-cni-conf-when-ready: ---- /host/etc/cni/net.d/05-cilium.conflist bpf-lb-map-max: ---- 65536 debug: ---- false enable-sctp: ---- false identity-heartbeat-timeout: ---- 30m0s mesh-auth-rotated-identities-queue-size: ---- 1024 operator-api-serve-addr: ---- 127.0.0.1:9234 bpf-lb-sock: ---- false identity-allocation-mode: ---- crd monitor-aggregation-interval: ---- 5s nodes-gc-interval: ---- 5m0s sidecar-istio-proxy-image: ---- cilium/istio_proxy cgroup-root: ---- /run/cilium/cgroupv2 enable-k8s-networkpolicy: ---- true tofqdns-idle-connection-grace-period: ---- 0s tofqdns-proxy-response-max-delay: ---- 100ms cni-exclusive: ---- true disable-cnp-status-updates: ---- true enable-health-check-nodeport: ---- true enable-ipv6-masquerade: ---- true monitor-aggregation: ---- medium tofqdns-enable-dns-compression: ---- true arping-refresh-period: ---- 30s enable-l7-proxy: ---- true enable-policy: ---- default identity-gc-interval: ---- 15m0s procfs: ---- /host/proc proxy-max-requests-per-connection: ---- 0 skip-cnp-status-startup-clean: ---- false tunnel-protocol: ---- geneve unmanaged-pod-watcher-interval: ---- 15 vtep-endpoint: ---- external-envoy-proxy: ---- false ipam-cilium-node-update-rate: ---- 15s vtep-cidr: ---- cluster-pool-ipv4-mask-size: ---- 24 enable-auto-protect-node-port-range: ---- true mesh-auth-queue-size: ---- 1024 routing-mode: ---- tunnel tofqdns-dns-reject-response-code: ---- refused bpf-lb-external-clusterip: ---- false mesh-auth-enabled: ---- true cluster-name: ---- default egress-gateway-reconciliation-trigger-interval: ---- 1s enable-xt-socket-fallback: ---- true ipam: ---- cluster-pool preallocate-bpf-maps: ---- false set-cilium-node-taints: ---- true tunnel-port: ---- 6082 auto-direct-node-routes: ---- false enable-bgp-control-plane: ---- false enable-local-redirect-policy: ---- false enable-vtep: ---- false enable-well-known-identities: ---- false mesh-auth-gc-interval: ---- 5m0s set-cilium-is-up-condition: ---- true vtep-mask: ---- enable-ipv4-masquerade: ---- true enable-ipv6: ---- false k8s-client-burst: ---- 10 BinaryData ==== Events: