Name: cilium-config Namespace: kube-system Labels: app.kubernetes.io/managed-by=Helm Annotations: meta.helm.sh/release-name: cilium meta.helm.sh/release-namespace: kube-system Data ==== nodes-gc-interval: ---- 5m0s proxy-max-connection-duration-seconds: ---- 0 set-cilium-node-taints: ---- true bpf-map-dynamic-size-ratio: ---- 0.0025 dnsproxy-enable-transparent-mode: ---- true enable-auto-protect-node-port-range: ---- true enable-ipv6-masquerade: ---- true enable-vtep: ---- false synchronize-k8s-nodes: ---- true write-cni-conf-when-ready: ---- /host/etc/cni/net.d/05-cilium.conflist bpf-lb-external-clusterip: ---- false bpf-root: ---- /sys/fs/bpf external-envoy-proxy: ---- false monitor-aggregation-interval: ---- 5s preallocate-bpf-maps: ---- false cluster-id: ---- 0 enable-ipv4-big-tcp: ---- false enable-ipv6: ---- false proxy-connect-timeout: ---- 2 vtep-mac: ---- cluster-pool-ipv4-mask-size: ---- 24 cni-exclusive: ---- true disable-cnp-status-updates: ---- true tunnel-port: ---- 6082 ipam: ---- cluster-pool k8s-client-burst: ---- 10 vtep-endpoint: ---- cni-log-file: ---- /var/run/cilium/cilium-cni.log cnp-node-status-gc-interval: ---- 0s debug-verbose: ---- enable-health-check-nodeport: ---- true enable-policy: ---- default vtep-mask: ---- bpf-policy-map-max: ---- 16384 enable-l2-neigh-discovery: ---- true enable-remote-node-identity: ---- true node-port-bind-protection: ---- true tofqdns-enable-dns-compression: ---- true vtep-cidr: ---- agent-not-ready-taint-key: ---- node.cilium.io/agent-not-ready enable-ipv4: ---- true mesh-auth-enabled: ---- true routing-mode: ---- tunnel sidecar-istio-proxy-image: ---- cilium/istio_proxy proxy-max-requests-per-connection: ---- 0 bpf-lb-map-max: ---- 65536 custom-cni-conf: ---- false enable-bpf-clock-probe: ---- false mesh-auth-rotated-identities-queue-size: ---- 1024 operator-api-serve-addr: ---- 127.0.0.1:9234 monitor-aggregation: ---- medium procfs: ---- /host/proc tofqdns-idle-connection-grace-period: ---- 0s cgroup-root: ---- /run/cilium/cgroupv2 cilium-endpoint-gc-interval: ---- 5m0s enable-ipv4-masquerade: ---- true enable-well-known-identities: ---- false identity-allocation-mode: ---- crd enable-k8s-networkpolicy: ---- true k8s-client-qps: ---- 5 skip-cnp-status-startup-clean: ---- false arping-refresh-period: ---- 30s auto-direct-node-routes: ---- false enable-health-checking: ---- true install-no-conntrack-iptables-rules: ---- false proxy-prometheus-port: ---- 9964 tofqdns-dns-reject-response-code: ---- refused tofqdns-endpoint-max-ip-per-hostname: ---- 50 cluster-name: ---- default enable-svc-source-range-check: ---- true enable-xt-socket-fallback: ---- true identity-gc-interval: ---- 15m0s identity-heartbeat-timeout: ---- 30m0s remove-cilium-node-taints: ---- true tofqdns-proxy-response-max-delay: ---- 100ms tunnel-protocol: ---- geneve cluster-pool-ipv4-cidr: ---- 10.0.0.0/8 enable-ipv6-big-tcp: ---- false enable-k8s-terminating-endpoint: ---- true enable-local-redirect-policy: ---- false mesh-auth-queue-size: ---- 1024 unmanaged-pod-watcher-interval: ---- 15 egress-gateway-reconciliation-trigger-interval: ---- 1s enable-l7-proxy: ---- true enable-sctp: ---- false ipam-cilium-node-update-rate: ---- 15s mesh-auth-gc-interval: ---- 5m0s debug: ---- false enable-bgp-control-plane: ---- false set-cilium-is-up-condition: ---- true tofqdns-max-deferred-connection-deletes: ---- 10000 bpf-lb-sock: ---- false enable-endpoint-health-checking: ---- true kube-proxy-replacement: ---- disabled monitor-aggregation-flags: ---- all BinaryData ==== Events: