cilium-operator-aws

Run cilium-operator-aws

  1. cilium-operator-aws [flags]

Options

  1.       --aws-instance-limit-mapping map            Add or overwrite mappings of AWS instance limit in the form of {"AWS instance type": "Maximum Network Interfaces","IPv4 Addresses per Interface","IPv6 Addresses per Interface"}. cli example: --aws-instance-limit-mapping=a1.medium=2,4,4 --aws-instance-limit-mapping=a2.somecustomflavor=4,5,6 configmap example: {"a1.medium": "2,4,4", "a2.somecustomflavor": "4,5,6"}
  2.       --aws-release-excess-ips                    Enable releasing excess free IP addresses from AWS ENI.
  3.       --bgp-announce-lb-ip                        Announces service IPs of type LoadBalancer via BGP
  4.       --bgp-config-path string                    Path to file containing the BGP configuration (default "/var/lib/cilium/bgp/config.yaml")
  5.       --cilium-endpoint-gc-interval duration      GC interval for cilium endpoints (default 5m0s)
  6.       --cilium-pod-labels string                  Cilium Pod's labels. Used to detect if a Cilium pod is running to remove the node taints where its running and set NetworkUnavailable to false (default "k8s-app=cilium")
  7.       --cilium-pod-namespace string               Name of the Kubernetes namespace in which Cilium is deployed in. Defaults to the same namespace defined in k8s-namespace
  8.       --cluster-id int                            Unique identifier of the cluster
  9.       --cluster-name string                       Name of the cluster (default "default")
  10.       --cluster-pool-ipv4-cidr strings            IPv4 CIDR Range for Pods in cluster. Requires 'ipam=cluster-pool' and 'enable-ipv4=true'
  11.       --cluster-pool-ipv4-mask-size int           Mask size for each IPv4 podCIDR per node. Requires 'ipam=cluster-pool' and 'enable-ipv4=true' (default 24)
  12.       --cluster-pool-ipv6-cidr strings            IPv6 CIDR Range for Pods in cluster. Requires 'ipam=cluster-pool' and 'enable-ipv6=true'
  13.       --cluster-pool-ipv6-mask-size int           Mask size for each IPv6 podCIDR per node. Requires 'ipam=cluster-pool' and 'enable-ipv6=true' (default 112)
  14.       --cnp-node-status-gc-interval duration      GC interval for nodes which have been removed from the cluster in CiliumNetworkPolicy Status (default 2m0s)
  15.       --cnp-status-update-interval duration       Interval between CNP status updates sent to the k8s-apiserver per-CNP (default 1s)
  16.       --config string                             Configuration file (default "$HOME/ciliumd.yaml")
  17.       --config-dir string                         Configuration directory that contains a file for each option
  18.   -D, --debug                                     Enable debugging mode
  19.       --ec2-api-endpoint string                   AWS API endpoint for the EC2 service
  20.       --enable-cilium-endpoint-slice              If set to true, the CiliumEndpointSlice feature is enabled. If any CiliumEndpoints resources are created, updated, or deleted in the cluster, all those changes are broadcast as CiliumEndpointSlice updates to all of the Cilium agents.
  21.       --enable-ipv4                               Enable IPv4 support (default true)
  22.       --enable-ipv6                               Enable IPv6 support (default true)
  23.       --enable-k8s-api-discovery                  Enable discovery of Kubernetes API groups and resources with the discovery API
  24.       --enable-k8s-endpoint-slice                 Enables k8s EndpointSlice feature into Cilium-Operator if the k8s cluster supports it (default true)
  25.       --enable-k8s-event-handover                 Enable k8s event handover to kvstore for improved scalability
  26.       --enable-metrics                            Enable Prometheus metrics
  27.       --eni-tags map                              ENI tags in the form of k1=v1 (multiple k/v pairs can be passed by repeating the CLI flag)
  28.       --excess-ip-release-delay int               Number of seconds operator would wait before it releases an IP previously marked as excess (default 180)
  29.       --gops-port int                             Port for gops server to listen on (default 9891)
  30.   -h, --help                                      help for cilium-operator-aws
  31.       --identity-allocation-mode string           Method to use for identity allocation (default "kvstore")
  32.       --identity-gc-interval duration             GC interval for security identities (default 15m0s)
  33.       --identity-gc-rate-interval duration        Interval used for rate limiting the GC of security identities (default 1m0s)
  34.       --identity-gc-rate-limit int                Maximum number of security identities that will be deleted within the identity-gc-rate-interval (default 2500)
  35.       --identity-heartbeat-timeout duration       Timeout after which identity expires on lack of heartbeat (default 30m0s)
  36.       --ipam string                               Backend to use for IPAM (default "eni")
  37.       --k8s-api-server string                     Kubernetes API server URL
  38.       --k8s-client-burst int                      Burst value allowed for the K8s client
  39.       --k8s-client-qps float32                    Queries per second limit for the K8s client
  40.       --k8s-heartbeat-timeout duration            Configures the timeout for api-server heartbeat, set to 0 to disable (default 30s)
  41.       --k8s-kubeconfig-path string                Absolute path of the kubernetes kubeconfig file
  42.       --k8s-namespace string                      Name of the Kubernetes namespace in which Cilium Operator is deployed in
  43.       --k8s-service-proxy-name string             Value of K8s service-proxy-name label for which Cilium handles the services (empty = all services without service.kubernetes.io/service-proxy-name label)
  44.       --kvstore string                            Key-value store type
  45.       --kvstore-opt map                           Key-value store options e.g. etcd.address=127.0.0.1:4001
  46.       --leader-election-lease-duration duration   Duration that non-leader operator candidates will wait before forcing to acquire leadership (default 15s)
  47.       --leader-election-renew-deadline duration   Duration that current acting master will retry refreshing leadership in before giving up the lock (default 10s)
  48.       --leader-election-retry-period duration     Duration that LeaderElector clients should wait between retries of the actions (default 2s)
  49.       --limit-ipam-api-burst int                  Upper burst limit when accessing external APIs (default 4)
  50.       --limit-ipam-api-qps float                  Queries per second limit when accessing external IPAM APIs (default 20)
  51.       --log-driver strings                        Logging endpoints to use for example syslog
  52.       --log-opt map                               Log driver options for cilium-operator, configmap example for syslog driver: {"syslog.level":"info","syslog.facility":"local4"}
  53.       --nodes-gc-interval duration                GC interval for CiliumNodes
  54.       --operator-api-serve-addr string            Address to serve API requests (default "localhost:9234")
  55.       --operator-prometheus-serve-addr string     Address to serve Prometheus metrics (default ":6942")
  56.       --parallel-alloc-workers int                Maximum number of parallel IPAM workers (default 50)
  57.       --pprof                                     Enable pprof debugging endpoint
  58.       --pprof-port int                            Port that the pprof listens on (default 6061)
  59.       --remove-cilium-node-taints                 Remove node taint "node.cilium.io/agent-not-ready" from Kubernetes nodes once Cilium is up and running (default true)
  60.       --set-cilium-is-up-condition                Set CiliumIsUp Node condition to mark a Kubernetes Node that a Cilium pod is up and running in that node (default true)
  61.       --skip-crd-creation                         When true, Kubernetes Custom Resource Definitions will not be created
  62.       --subnet-ids-filter strings                 Subnets IDs (separated by commas)
  63.       --subnet-tags-filter map                    Subnets tags in the form of k1=v1,k2=v2 (multiple k/v pairs can also be passed by repeating the CLI flag
  64.       --synchronize-k8s-nodes                     Synchronize Kubernetes nodes to kvstore and perform CNP GC (default true)
  65.       --synchronize-k8s-services                  Synchronize Kubernetes services to kvstore (default true)
  66.       --unmanaged-pod-watcher-interval int        Interval to check for unmanaged kube-dns pods (0 to disable) (default 15)
  67.       --update-ec2-adapter-limit-via-api          Use the EC2 API to update the instance type to adapter limits
  68.       --version                                   Print version information

SEE ALSO