--- # Source: cilium/templates/hubble-relay-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: hubble-relay-config namespace: kube-system data: config.yaml: | peer-service: unix:///var/run/cilium/hubble.sock listen-address: :4245 dial-timeout: retry-timeout: sort-buffer-len-max: sort-buffer-drain-timeout: tls-client-cert-file: /var/lib/hubble-relay/tls/client.crt tls-client-key-file: /var/lib/hubble-relay/tls/client.key tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt disable-server-tls: true --- # Source: cilium/templates/hubble-ui-configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: hubble-ui-envoy namespace: kube-system data: envoy.yaml: | static_resources: listeners: - name: listener_hubble_ui address: socket_address: address: 0.0.0.0 port_value: 8081 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager config: codec_type: auto stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ['*'] routes: - match: prefix: '/api/' route: cluster: backend max_grpc_timeout: 0s prefix_rewrite: '/' - match: prefix: '/' route: cluster: frontend cors: allow_origin_string_match: - prefix: '*' allow_methods: GET, PUT, DELETE, POST, OPTIONS allow_headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout max_age: '1728000' expose_headers: grpc-status,grpc-message http_filters: - name: envoy.filters.http.grpc_web - name: envoy.filters.http.cors - name: envoy.filters.http.router clusters: - name: frontend connect_timeout: 0.25s type: strict_dns lb_policy: round_robin hosts: - socket_address: address: 127.0.0.1 port_value: 8080 - name: backend connect_timeout: 0.25s type: logical_dns lb_policy: round_robin http2_protocol_options: {} hosts: - socket_address: address: 127.0.0.1 port_value: 8090