Configuration property reference

You are currently viewing version 1.1 of the Apigee hybrid documentation.This version is end of life. You should upgrade to a newer version. For more information, see Supported versions.

This section lists all of the configuration propertiesthat you can use to customize the runtime plane of your Apigee hybrid deployment.

About configuration properties

You can override many configuration properties, if needed, by adding them tohybrid_root_dir/overrides.yaml.

TIP: Apigee provides a small set of sample configurations that you can use for further guidance. See Sample override configurations.

For example, to change the replica count minimum and maximum for the MART service, you could add this stanza tooverrides.yaml:

mart:    replicaCountMin: 3    replicaCountMax: 6

You can also find these config properties and their default settings inhybrid_root_install/1.0.0/values.yaml

For more information, seeManage runtime plane components.

Additionally, if you are configuring an Anthos-based deployment seeStep 3: Configure the GKE on-prem user cluster for information on setting these properties for Anthos.

Top-level properties

The following table describes the top-level properties in theoverrides.yaml file. These are properties that do not belong to another object, and apply at the org or environment level:

Property	Description
`contractProvider`	Version: 1.0.0 Default value: https://apigee.googleapis.com Defines the API path for all APIs in your installation.
`gcpProjectID`	Version: 1.0.0 Default value:none Required ID of yourGoogle Cloud project. Works with`k8sClusterName` and`gcpRegion` to identify the project and determine where the`apigee-logger` and the`apigee-metrics` push their data.
`gcpRegion`	Version: 1.0.0 Default value:`us-central1` Required The closet GCP region or zone of your Kubernetes cluster. Works with`gcpProjectID` and`k8sClusterName` to identify the project and determine where the`apigee-logger` and the`apigee-metrics` push their data.
`imagePullSecrets.name`	Version: 1.0.0 Default value: none Kubernetes secret name configured as docker-registry type; used to pull images from private repo.
`k8sClusterName`	Type: Version: 1.0.0 Default value: none Name of the Kubernetes (K8S) procluster where your hybrid project is running. Works with`gcpProjectID` and`gcpRegion` to identify the project and determine where the`apigee-logger` and the`apigee-metrics` push their data.
`namespace`	Version: 1.0.0 Default value:`apigee` The namespace of your Kubernetes cluster where the Apigee components will be installed.
`org`	Required Version: 1.0.0 Default value: none Required The hybrid-enabled organization that was provisioned for you by Apigee during the hybrid installation. An organization is the top-level container in Apigee. It contains all your API proxies and related resources. If the value is empty, you must update it wiht your org name once you have created it.
`revision`	Version: 1.0.0 Default value:`1.0.0` Apigee hybrid supports rolling Kubernetes updates, which allow deployment updates to take place with zero downtime by incrementally updating Pod instances with new ones. When updating certain YAML overrides that result in underlying Kubernetes PodTemplateSpec change, the`revision` override property must also be changed in the customer's override.yaml. This is required for the underlying KubernetesApigeeDeployment (AD) controller to conduct a safe rolling update of from the previous version to the new version. You can use any text value, eg: "blue", "a", "1.0.0" When the`revision` property is changed and applied, a rolling update will occur for all components Changes to properties of the following objects require an update to`revision`: nodeSelector envs imagePullSecrets gcpProjectID k8sClusterName contractProvider org For more information, seeRolling updates.
`validateServiceAccounts`	Version: 1.0.0 Default value: true Enables strict validation of service account permissions. This uses Cloud Resource Manager API method "testIamPermissions" to verify that the provided service account has the required permissions. In the case of service accounts for an Apigee Org, the project ID check is the one mapped to the Organization. For Metrics and Logger, the project checked is based on the "gcpProjectID" overrides.yaml configuration. See also`gcpProjectID`

`adah`

The Apigee Deployment Admissionhook (ADAH) is responsible for validating the configuration which the user provides for the apigee-deployment-controller. It runs in a Kubernetes cluster, and is responsible for validating the incoming create/update/delete requests from the Apigee-deployment Controller. See also:

NOTE: This is a new feature in Apigee hybrid.

The following table describes the properties of the Apigee Deployment Controlleradah object:

Property Description

Property	Description
`adah.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`adah.image.tag`	Version: 1.0.0 Default value:`1.0.0` The location of the Docker image for this service.
`adah.image.url`	Version: 1.0.0 Default value:`"us.gcr.io/google.com/edge-ci/release/eda/apigee-deployment-admissionhook/master/admissionhook"` The location of the Docker image for this service.

adah.image.pullPolicy

Version: 1.0.0

Default value:IfNotPresent

Determines when kubelet pulls the pod's Docker image. Possible values include:

IfNotPresent: Do not pull a new image if it already exists.
Always: Always pull the image, regardless of whether it exists already.

For more information, seeUpdating images.

adah.image.tag

Version: 1.0.0

Default value:1.0.0

The location of the Docker image for this service.

adah.image.url

Version: 1.0.0

Default value:"us.gcr.io/google.com/edge-ci/release/eda/apigee-deployment-admissionhook/master/admissionhook"

The location of the Docker image for this service.

`adc`

TheApigee Deployment Controller (ADC) is a process that manages deployment of Apigee in Kubernetes clusters. It is a Kubernetes custom controller that creates and updates low level Kubernetes and Istio resources that are required to deploy and maintain the ApigeeDeployment (AD).

NOTE: This is a new feature in Apigee hybrid.

The following table describes the properties of the apigee-deployment-controlleradc object:

Property	Description
`adc.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`adc.image.tag`	Version: 1.0.0 Default value:`1.0.0` The location of the Docker image for this service.
`adc.image.url`	Version: 1.0.0 Default value:`"us.gcr.io/google.com/edge-ci/release/eda/apigee-deployment-controller/master/controller"` The location of the Docker image for this service.
`adc.resources.limits.cpu`	Version: 1.0.0 Default value:`250m` The CPU limit for the resource in a Kubernetes container, in millicores.
`adc.resources.limits.memory`	Version: 1.0.0 Default value:`256Mi` The memory limit for the resource in a Kubernetes container, in mebibytes.
`adc.resources.requests.cpu`	Version: 1.0.0 Default value:`250m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`adc.resources.requests.memory`	Version: 1.0.0 Default value:`256Mi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.

`authz`

The following table describes the properties of theauthz object:

Property	Description
`authz.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`authz.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`authz.image.url`	Version: 1.0.0 Default value:`"us.gcr.io/google.com/edge-ci/integration/featureplatform/apigee-authn-authz/master"` The location of the Docker image for this service.
`authz.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`authz.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a liveness probe is initiated.
`authz.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`authz.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`authz.readinessProbe.failureThreshold`	Version: Beta2 Default value:`2` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`authz.readinessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a readiness probe is initiated.
`authz.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`authz.readinessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a readiness probe to be considered successful after a failure. The minimum value is 1.
`authz.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`authz.resources.requests.cpu`	Version: 1.0.0 Default value:`50m` The ammount of CPU resources to allocate for authentication requests.
`authz.resources.requests.memory`	Version: 1.0.0 Default value:`128Mi` The ammount of memory resources to allocate for authentication requests.
`authz.serviceAccountPath`	Version: 1.0.0 Default value: none Required Path to Google Service Account key file with "Apigee Read Only Admin" role.

`busyBoxInit`

The following table describes the properties of thebusyBoxInit object:

Property Description

Property	Description
`busyBoxInit.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`busyBoxInit.image.tag`	Version: 1.0.0 Default value:`"1.0.0"` The version label for this service's Docker image.
`busyBoxInit.image.url`	Version: 1.0.0 Default value:`"busybox"` The location of the Docker image for this service.

busyBoxInit.image.pullPolicy

Version: 1.0.0

Default value:IfNotPresent

Determines when kubelet pulls the pod's Docker image. Possible values include:

IfNotPresent: Do not pull a new image if it already exists.
Always: Always pull the image, regardless of whether it exists already.

For more information, seeUpdating images.

busyBoxInit.image.tag

Version: 1.0.0

Default value:"1.0.0"

The version label for this service's Docker image.

busyBoxInit.image.url

Version: 1.0.0

Default value:"busybox"

The location of the Docker image for this service.

`cassandra`

Defines the hybrid service that manages the runtime data repository. This repository storesapplication configurations, distributed quota counters, API keys, and OAuth tokens for applicationsrunning on the gateway.

For more information, see Configure Cassandra.

The following table describes the properties of thecassandra object:

Property	Description
`cassandra.auth.admin.password`	Version: 1.0.0 Default value: "iloveapis123" Required Password for the Cassandra administrator. The admin user is used for any administrative activities performed on the Cassandra cluster.
`cassandra.auth.ddl.password`	Version: 1.0.0 Default value: "iloveapis123" Required Password for the Cassandra Data Definition Language (DDL) user. Used by MART for any of the data definition tasks like keyspace creation, update, and deletion.
`cassandra.auth.default.password`	Version: 1.0.0 Default value:`"iloveapis123"` Required The password for the default Cassandra user created when Authentication is enabled. This password must be reset when configuring Cassandra authentication. SeeConfiguring TLS for Cassandra.
`cassandra.auth.dml.password`	Version: 1.0.0 Default value: "iloveapis123" Required Password for the Cassandra Data Manipulation Language (DML) user. The DML user is used by the client communication to read and write data to Cassandra.
`cassandra.auth.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`cassandra.auth.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`cassandra.auth.image.url`	Version: 1.0.0 Default value:`"google/apigee-cassandra-client"` The location of the Docker image for this service.
`cassandra.backup.cloudProvider`	Version: 1.0.0 Default value:`"GCP"` Required if backup is enabled. Cloud provider for backup storage.
`cassandra.backup.dbStorageBucket`	Version: 1.0.0 Default value: none Required if backup is enabled. Cloud storage bucket for the backup data.
`cassandra.backup.enabled`	Version: 1.0.0 Default value:`false` Data backup is not enabled by default. To enable, set to`true`. SeeCassandra backup and recovery.
`cassandra.backup.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`cassandra.backup.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`cassandra.backup.image.url`	Version: 1.0.0 Default value:`"google/apigee-cassandra-backup-utility"` The location of the Docker image for this service.
`cassandra.backup.schedule`	Version: 1.0.0 Default value:`"0 2 * * *"` The schedule for the chron job. SeeCassandra backup and recovery.
`cassandra.backup.serviceAccountPath`	Version: 1.0.0 Default value: none Required if backup is enabled. Path to Google Service Account key file with "Apigee Read Only Admin" role.
`cassandra.clusterName`	Version: 1.0.0 Default value:`"apigeecluster"` Specifies the name of the Cassandra cluster.
`cassandra.datacenter`	Version: 1.0.0 Default value:`"dc-1"` Specifies the datacenter of the Cassandra node.
`cassandra.dnsPolicy`	Version: 1.1.1 Default value:`ClusterFirstWithHostNet` When cassandra.hostNetwork is set to`true`, this determines which DNS policy Cassandra uses. For Anthos based deployments it should be set to`ClusterFirstWithHostNet`.
`cassandra.externalSeedHost`	Version: 1.0.0 Default value: none Hostname or IP of a Cassandra cluster node. If not set, the Kubernetes local service is used.
`cassandra.heapNewSize`	Version: 1.0.0 Default value:`100M` The amount ofJVM system memory allocated to newer objects, in megabytes.
`cassandra.hostNetwork`	Version: 1.1.1 Default value:`true` Set to true for Anthos based deployments.
`cassandra.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`cassandra.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`cassandra.image.url`	Version: 1.0.0 Default value:`"google/apigee-cassandra"` The location of the Docker image for this service.
`cassandra.maxHeapSize`	Version: 1.0.0 Default value:`512M` The upper limit ofJVM system memory available fo Cassandra operations, in megabytes.
`cassandra.multiRegionSeedHost`	Version: 1.0.0 Default value: none IP address of an existing Cassandra cluster used to expand the existing cluster to a new region. SeeConfigure the multi-region seed host.
`cassandra.nodeSelector.key`	Version: 1.0.0 Default value: none Required Node selector label key used to target dedicated Kubernetes nodes for`cassandra` data services. SeeAdd node selectors.
`cassandra.nodeSelector.value`	Version: 1.0.0 Default value: none Optional ode selector label value used to target dedicated Kubernetes nodes for`cassandra` data services and override the nodeSelector.apigeeData settings. SeenodeSelector.
`cassandra.port`	Version: 1.0.0 Default value:`9042` Port number used to connect to cassandra.
`cassandra.rack`	Version: 1.0.0 Default value:`"ra-1"` Specifies the rack of the Cassandra node.
`cassandra.readinessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`cassandra.readinessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a readiness probe is initiated.
`cassandra.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`10` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`cassandra.readinessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a readiness probe to be considered successful after a failure. The minimum value is 1.
`cassandra.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`5` The number of seconds after which a liveness probe times out. The minimum value is 1.
`cassandra.replicaCount`	Version: 1.0.0 Default value:`3` Cassandra is a replicated database. It is configured to have at least 3 copies of the data in each region or data center. This property specifies the number of Cassandra nodes employed as aStatefulSet.
`cassandra.resources.requests.cpu`	Version: 1.0.0 Default value:`500m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`cassandra.resources.requests.memory`	Version: 1.0.0 Default value:`1Gi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`cassandra.restore.cloudProvider`	Version: 1.0.0 Default value:`"GCP"` Required if restore is enabled. Cloud provider for backup storage.
`cassandra.restore.dbStorageBucket`	Version: 1.0.0 Default value: none Required if restore is enabled. Cloud storage bucket for the backup data to restore.
`cassandra.restore.enabled`	Version: 1.0.0 Default value:`false`
`cassandra.restore.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`cassandra.restore.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`cassandra.restore.image.url`	Version: 1.0.0 Default value:`"google/apigee-cassandra-backup-utility"` The location of the Docker image for this service.
`cassandra.restore.serviceAccountPath`	Version: 1.0.0 Default value: none Required if restore is enabled. Path to Google Service Account key file with "Apigee Read Only Admin" role.
`cassandra.restore.snapshotTimestamp`	Version: 1.0.0 Default value: none Required if restore is enabled. Timestamp of the backup that should be restored.
`cassandra.storage.capacity`	Version: 1.0.0 Default value:`50Gi` Required if storage.storageClass is specified Specifies the disk size required, in mebibytes.
`cassandra.storage.storageClass`	Version: 1.0.0 Default value: none Specifies the class of on-prem storage being used.
`cassandra.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`300` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`defaults`

The Default encryption keys for the Apigee hybrid installation.

NOTE: You need to update these for your installation.

The following table describes the properties of thedefaults object:

Property	Description
`defaults.org.kmsEncryptionKey`	Version: 1.0.0 Default value:`"aWxvdmVhcGlzMTIzNDU2Nw=="` Default encryption key for the org in KMS.
`defaults.org.kvmEncryptionKey`	Version: 1.0.0 Default value:`"aWxvdmVhcGlzMTIzNDU2Nw=="` Default encryption key for the org in KVM.
`defaults.env.kmsEncryptionKey`	Version: 1.0.0 Default value:`"aWxvdmVhcGlzMTIzNDU2Nw=="` Default encryption key for the environment (env) in KMS.
`defaults.env.kvmEncryptionKey`	Version: 1.0.0 Default value:`"aWxvdmVhcGlzMTIzNDU2Nw=="` Default encryption key for the environment (env) in KVM.
`defaults.env.cacheEncryptionKey`	Version: 1.0.0 Default value:`"aWxvdmVhcGlzMTIzNDU2Nw=="` Default cache encryption key for the environment (env).

`envs`

Defines an array of environments to which you can deploy your API proxies. Each environmentprovides an isolated context or "sandbox" for running API proxies.

Your hybrid-enabled organization must have at least one environment.

Useenvs[] to configure base path routing, which allows you to configure and manage how Apigee hybrid routes API proxy calls to the correct environment.

For more information, see:

The following table describes the properties of theenvs object:

Property	Description
`envs[].cacheEncryptionKey`	Version: 1.0.0 Default value: none Required Local file system path for the Apigee cache data's encryption key.
`envs[].hostAlias`	Version: 1.0.0 Default value: none Required The DNS name for your server. For example,`foo-test.mydomain.com`. If you don't have a DNS name, you can use a wildcard (`''`). If you use a wildcard, then youcan use the EXTERNAL IP of the`istio-ingressgateway`, which you can obtain by calling`kubectl get services -n namespace` after you complete the installation. If you have multiple environments, you must use a unique host alias name for each one. For example,`foo-test.mydomain.com` and`foo-prod.mydomain.com`. Note:* You cannot use a wildcard for the host name in a multiple environment configuration. If you do so, traffic will only be routed to one environment.
`envs[].kmsEncryptionKey`	Version: 1.0.0 Default value: none Required Local file system path for the ApigeeKMS data's encryption key.
`envs[].name`	Version: 1.0.0 Default value: none Required Apigee environment name to be synchronized.
`envs[].pollInterval`	Version: 1.0.0 Default value: none Interval used for polling organization and environment synchronization changes, in seconds.
`envs[].paths.uri.prefixes`	Version: 1.0.0 Default value: none A property to support prefix base path routing. Provide those paths as in the pattern: org: hybrid envs: - name: test paths: uri: prefixes: - /foo - /bar
`envs[].port`	Version: 1.0.0 Default value: none TCP port number for HTTPS traffic.
`envs[].serviceAccountPaths.synchronizer`	Version: GA Default value: none Path to file on local system to a Google Service Account key with theApigee Synchronizer Manager role.
`envs[].serviceAccountPaths.udca`	Version: GA Default value: none Path to file on local system to a Google Service Account key with theApigee Analytic Agent role.
`envs[].sslCertPath`	Version: 1.0.0 Default value: none Required The path on your system to a TLS certificate file. Note: For each configured environment, the Common Name (CN) in the cert must match the domain in the`hostAliases[]` property. For example, if the CN is`*.example.com`, the`hostAliases[]` could be`foo.example.com` or`bar.example.com`.
`envs[].sslKeyPath`	Version: 1.0.0 Default value: none Required The path on your system to the TLS private key file.

`httpProxy`

httpProxy provides configuration parameters for an HTTP forward proxy server. When configured in overrides.yaml, all internet communication for the MART, Synchronizer, and UDCA components pass through the proxy server.

NOTE: HTTP forward proxy for the apigee-runtime component is not supported.

Property	Description
`httpProxy.host`	Version: 1.1.1 Default value: none The hostname of the HTTP Proxy.
`httpProxy.port`	Version: 1.1.1 Default value: none The port of the HTTP Proxy.
`httpProxy.scheme`	Version: 1.1.1 Default value:`HTTPS` The scheme used by the proxy. Values can be`HTTP` or`HTTPS`.

`ingress`

ingress is the instantiation of the Istio Ingress Gateway, the Kubernetes Ingress Resource is used to specify services that should be exposed outside the cluster. It defines a containerized app that routes traffic from outside the runtime plane to services within the runtime plane. Apigee installation creates two Istio Ingress objects for:

Runtime
MART

Property	Description
`ingress.enableAccesslog`	Version: 1.0.0 Default value:`false` Enable or disable the Ingress access log. By default, it is disabled.
`ingress.envoyHeaders.headers`	Version: 1.0.0 Default value: none A list of Envoy headers.
`ingress.envoyHeaders.preserved`	Version: 1.0.0 Default value:`false` Determines whether to preserve or not to preserve Envoy's headers. By default, they are not.
`ingress.httpsRedirect`	Version: 1.0.0 Default value:`true` Enable or disable the automatic HTTPS redirection for all incoming traffic.
`ingress.mart.loadBalancerIP`	Version: 1.1.1 Default value:`10.0.10.252` IP address of the MART load balancer. For Kubernetes and Anthos installations, you should reserve and configure the static IP address for the load balancer before setting this property. See Configure static IP addresses.
`ingress.runtime.loadBalancerIP`	Version: 1.1.1 Default value:`10.0.10.251` IP address of the load balancer for the Apigee-runtime object. For Kubernetes and Anthos installations, you should reserve and configure the static IP address for the load balancer before setting this property. See Configure static IP addresses.
`ingress.serviceType`	Version: 1.0.0 Default value:`LoadBalancer` The type of service used for routing external traffic to internal services. Possible values include: `ClusterIP` (not supported) `LoadBalancer` `NodePort`

`istio`

Google Cloud Platform's (GCP's) implemention of Istio is a service mesh that layers onto existing your Apigee instance helping it integrate with the logging platform, telemetry and policy system.

NOTE: The ingress object is an implementation of the Istio ingress gateway.

The following table describes the properties of theistio object:

Property	Description
`istio.ingressgateway.replicaCountMax`	Version: 1.0.0 Default value: 5 Required Maximum number of Istio ingress gateway replicas allowed. See: ingress object Ingress Gateways in the Istio documentation Adding gateways about adding Istio ingress gatewawys in the GCP documentation.
`istio.ingressgateway.replicaCountMin`	Version: 1.0.0 Default value: 1 Required Minimum number of Istio ingress gateway replicas required. See: ingress object Ingress Gateways in the Istio documentation Adding gateways about adding Istio ingress gatewawys in the GCP documentation.
`istio.ingressgateway.resources.requests.cpu`	Version: 1.0.0 Default value: 100m Required CPU resources allocated to the ingress controller, needed for the gateway to operate optimally. See: ingress object Ingress Gateways in the Istio documentation Ingress Controllers in the Kubernetes documentation.
`istio.ingressgateway.resources.requests.memory`	Version: 1.0.0 Default value: 128Mi Memory resources allocated to the ingress controller, needed for the gateway to operate optimally. ingress object Ingress Gateways in the Istio documentation Ingress Controllers in the Kubernetes documentation.
`istio.nodeSelector.key`	Version: 1.0.0 Default value: none Optional node selector label key for targeting Kubernetes nodes for`istio` services. If you do not specify a key for mart.nodeselector, the`istio` services use the node specified in thenodeSelectorobject.
`istio.nodeSelector.value`	Version: 1.0.0 Default value: none Optional node selector label value for targeting Kubernetes nodes for`istio` services. See also thenodeSelectorobject.
`istio.pilot.replicaCountMax`	Version: 1.0.0 Default value: 5 Required The`pilot` core traffic management within the cluster, communicating with the`envoy` sidecar proxy.`replicaCountMax` is the maximium number of Istio pilot replicas allowed. See Pilot: Core traffic management in the Istio documentation
`istio.pilot.replicaCountMin`	Version: 1.0.0 Default value: 1 Required The`pilot` core traffic management within the cluster, communicating with the`envoy` sidecar proxy.`replicaCountMax` is the maximium number of Istio pilot replicas required. See Pilot: Core traffic management in the Istio documentation
`istio.pilot.resources.requests.cpu`	Version: 1.0.0 Default value: 500m Required CPU resources allocated to the pilot process, needed for the gateway to operate optimally. See: Pilot: Core traffic management in the Istio documentation pilot-agent in the Istio documentation.
`istio.pilot.resources.requests.memory`	Version: 1.0.0 Default value: 2048Mi Memory resources allocated to the pilot process, needed for the gateway to operate optimally. See: Pilot: Core traffic management in the Istio documentation pilot-agent in the Istio documentation.

`logger`

Defines the service that manages operational logs. All of the Apigee hybrid servicesthat run in your Kubernetes cluster output this information.

For more information, seeLogging.

The following table describes the properties of thelogger object:

Property	Description
`logger.enabled`	Version: 1.0.0 Default value:`true` Enables or disables logging on the cluster. For non-GKE set to`true`, for Anthos or GKE set to`false`.
`logger.fluentd.buffer_chunk_limit`	Version: 1.0.0 Default value:`512k` The maximum size of a buffer chunk allowed, in kilobytes. Chunks exceeding the limit will be flushed to the output queue automatically.
`logger.fluentd.buffer_queue_limit`	Version: 1.0.0 Default value:`6` The maximum length of the output queue. The default limit is 256 chunks.
`logger.fluentd.flush_interval`	Version: 1.0.0 Default value:`5s` The interval to wait before invoking the next buffer flush, in seconds.
`logger.fluentd.max_retry_wait`	Version: 1.0.0 Default value:`30` The maximum interval between write retries, in seconds.
`logger.fluentd.num_threads`	Version: 1.0.0 Default value:`2` The number of threads used to flush the buffer. The default is 1.
`logger.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`logger.image.tag`	Version: 1.0.0 Default value:`"1.6.8"` The version label for this service's Docker image.
`logger.image.url`	Version: 1.0.0 Default value:`"google/apigee-stackdriver-logging-agent"` The location of the Docker image for this service.
`logger.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`3` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`logger.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a liveness probe is initiated.
`logger.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`60` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`logger.livenessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a liveness probe to be considered successful after a failure. The minimum value is 1.
`logger.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`logger.nodeSelector.key`	Version: 1.0.0 Default value:`"apigee.com/apigee-logger-enabled"` Required Node selector label key used to target dedicated Kubernetes nodes for`logger` runtime services. SeeAdd node selectors.
`logger.nodeSelector.value`	Version: 1.0.0 Default value:`"true"` Required Node selector label value used to target dedicated Kubernetes nodes for`logger` runtime services. SeeAdd node selectors.
`logger.proxyURL`	Version: 1.0.0 Default value: none URL of the customer's proxy server.
`logger.resource.limits.memory`	Version: 1.0.0 Default value:`500Mi` The memory limit for the resource in a Kubernetes container, in mebibytes.
`logger.resource.limits.cpu`	Version: 1.0.0 Default value:`200m` The CPU limit for the resource in a Kubernetes container, in millicores.
`logger.resource.requests.cpu`	Version: 1.0.0 Default value:`100m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`logger.resource.requests.memory`	Version: 1.0.0 Default value:`250Mi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`logger.serviceAccountPath`	Version: 1.0.0 Default value: none Required Path to Google Service Account key file with "Apigee Read Only Admin" role.
`logger.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`30` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`mart`

Defines the MART (Management API for RunTime data) service, which acts as an API provider forpublic Apigee APIs so that you can access and manage runtime data entities such as KMS (API Keys andOAuth tokens), KVM, Quota, and API products.

The following table describes the properties of themart object:

Property	Description
`mart.hostAlias`	Version: 1.0.0 Default value: none The host alias pointing to theMART object. You can set this property to`*` or a fully-qualified domain name.
`mart.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`mart.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`mart.image.url`	Version: 1.0.0 Default value:`"google/apigee-mart-server"` The location of the Docker image for this service. Check the values.yaml file for the specific URL.You can override this.
`mart.initCheckCF.resources.requests.cpu`	Version: 1.0.0 Default value:`10m` The amount of CPU resourced allocated to the initialization check of the Cloud Foundry process.
`mart.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`12` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`mart.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`15` The number of seconds after a container is started before a liveness probe is initiated.
`mart.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`mart.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`mart.metricsURL`	Version: 1.0.0 Default value:`"/v1/server/metrics"`
`mart.nodeSelector.key`	Version: 1.0.0 Default value: none Optional node selector label key for targeting Kubernetes nodes for`mart` runtime services. If you do not specify a key for mart.nodeselector, then your runtime uses the node specified in thenodeSelectorobject. SeeAdd node selectors.
`mart.nodeSelector.value`	Version: 1.0.0 Default value: none Optional node selector label value for targeting Kubernetes nodes for`mart` runtime services. See also thenodeSelectorobject. SeeAdd node selectors.
`mart.readinessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`mart.readinessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`15` The number of seconds after a container is started before a readiness probe is initiated.
`mart.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`mart.readinessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a readiness probe to be considered successful after a failure. The minimum value is 1.
`mart.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`mart.replicaCountMax`	Version: 1.0.0 Default value:`5` Maximum number of replicas available for autoscaling.
`mart.replicaCountMin`	Version: 1.0.0 Default value:`1` Minimum number of replicas available for autoscaling.
`mart.resources.requests.cpu`	Version: 1.0.0 Default value:`500m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`mart.resources.requests.memory`	Version: 1.0.0 Default value:`512Mi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`mart.serviceAccountPath`	Version: 1.1.1 Default value: none Required Path to Google Service Account key file with "Apigee Read Only Admin" role.
`mart.sslCertPath`	Version: 1.0.0 Default value: none Local file system path for loading and encoding the SSL cert to a Secret.
`mart.sslKeyPath`	Version: 1.0.0 Default value: none Local file system path for loading and encoding the SSL key to a Secret.
`mart.targetCPUUtilizationPercentage`	Version: 1.0.0 Default value:`75` Target CPU utilization for the MART process on the pod. The value of this field enables MART to auto-scale when CPU utilization reaches this value, up to`replicaCountMax`.
`mart.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`30` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`metrics`

Defines the service that collects operations metrics. You can use metrics data to monitor thehealth of Hybrid services, to set up alerts, and so on.

For more information, seeMetrics collection overview.

The following table describes the properties of themetrics object:

Property	Description
`metrics.enabled`	Version: 1.0.0 Default value:`false` Enables Apigee metrics. Set to`true` to enable metrics. Set to`false` to disable metrics.
`metrics.nodeSelector.key`	Version: 1.0.0 Default value: none Required Node selector label key used to target dedicated Kubernetes nodes for`metrics` runtime services. SeeAdd node selectors.
`metrics.nodeSelector.value`	Version: 1.0.0 Default value: none Required Node selector label value used to target dedicated Kubernetes nodes for`metrics` runtime services. SeeAdd node selectors.
`metrics.prometheus.args.storage_tsdb_retention`	Version: 1.0.0 Default value:`48h` The amount of time Prometheus waits before removing old data from local storage, in hours.
`metrics.prometheus.containerPort`	Version: 1.0.0 Default value:`9090` The port to connect to the Prometheus metrics service.
`metrics.prometheus.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`metrics.prometheus.image.tag`	Version: 1.0.0 Default value:`"v2.9.2"` The version label for this service's Docker image.
`metrics.prometheus.image.url`	Version: 1.0.0 Default value:`"google/apigee-prom-prometheus"` The location of the Docker image for this service.
`metrics.prometheus.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`6` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`metrics.prometheus.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`metrics.prometheus.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`3` The number of seconds after which a liveness probe times out. The minimum value is 1.
`metrics.prometheus.readinessProbe.failureThreshold`	Version: 1.0.0 Default value:`120` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`metrics.prometheus.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`metrics.prometheus.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`3` The number of seconds after which a liveness probe times out. The minimum value is 1.
`metrics.proxyURL`	Version: 1.0.0 Default value: none URL for the metrics process sidecar proxy in the Kubernetes cluster.
`metrics.resources.limits.cpu`	Version: 1.0.0 Default value:`250m` The CPU limit for the resource in a Kubernetes container, in millicores.
`metrics.resources.limits.memory`	Version: 1.0.0 Default value:`256Mi` The memory limit for the resource in a Kubernetes container, in mebibytes.
`metrics.resources.requests.cpu`	Version: 1.0.0 Default value:`250m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`metrics.resources.requests.memory`	Version: 1.0.0 Default value:`256Mi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`metrics.sdSidecar.containerPort`	Version: 1.0.0 Default value:`9091` The port for connecting to the StackDriver metrics service.
`metrics.sdSidecar.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when Kubelet pulls this service's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists `Always`: Always pull the policy, even if it already exists For more information, see Updating images.
`metrics.sdSidecar.image.tag`	Version: 1.0.0 Default value:`"release-0.4.0"` The version label for this service's Docker image.
`metrics.sdSidecar.image.url`	Version: 1.0.0 Default value:`"google/apigee-stackdriver-prometheus-sidecar"` The location of the Docker image for this service.
`metrics.serviceAccountPath`	Version: 1.0.0 Default value: none Required Path to Google Service Account key file with "Apigee Read Only Admin" role.
`metrics.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`300` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`nodeSelector`

The nodeSelector object defines the node for your Apigee instance. Behind the scenes when apigeectl runs, it is taking care to map the label key/value for apigeeRuntime and apigeeData to the individual Istio and MART components. You can override this for individual objects in theistio:nodeSelector andmart:nodeSelector properties.

The following table describes the properties of thenodeSelector object:

Property	Description
`nodeSelector.apigeeData.key`	Version: 1.0.0 Default value: "cloud.google.com/gke-nodepool" ApigeeData is the node for the Cassandra database. Node selector label key for targeting Kubernetes nodes for working with Apigee services data. SeeAdd node selectors.
`nodeSelector.apigeeData.value`	Version: 1.0.0 Default value: "apigee-data" apigee-data is the node for the Cassandra database. Node selector label value for targeting Kubernetes nodes for working with Apigee services data. SeeAdd node selectors.
`nodeSelector.apigeeRuntime.key`	Version: 1.0.0 Default value: "cloud.google.com/gke-nodepool" Apigee Runtime is the node for the runtime environment for the project. Node selector label key for targeting Kubernetes nodes for Apigee runtime services. SeeAdd node selectors.
`nodeSelector.apigeeRuntime.value`	Version: 1.0.0 Default value: "apigee-runtime" apigee-runtime is the node for the runtime environment for the project. Node selector label value for targeting Kubernetes nodes for Apigee runtime services. SeeAdd node selectors.
`nodeSelector.requiredForScheduling`	Version: 1.0.0 Default value: false The`requiredForScheduling` property defaults to false. If this value is overridden to true, it means that if Kubernetes cannot find nodes with the label key/value that is configured then the underlying Pods will not get scheduled on VM worker nodes. For production,`nodeSelector.requiredForScheduling` should be set to true. SeeAdd node selectors.

`runtime`

The following table describes the properties of theruntime object:

Property	Description
`runtime.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`runtime.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`runtime.image.url`	Version: 1.0.0 Default value:URL to your installation's image resource, like:`"google/apigee-runtime"` The location of the Docker image for this service.
`runtime.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`runtime.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`60` The number of seconds after a container is started before a liveness probe is initiated.
`runtime.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`runtime.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`runtime.nodeSelector.key`	Version: 1.0.0 Default value: none Optional Node selector label key for targeting Kubernetes nodes for`runtime` services. SeenodeSelector property.
`runtime.nodeSelector.value`	Version: 1.0.0 Default value: none Node selector label value for targeting Kubernetes nodes for`runtime` services. SeeAdd node selectors.
`runtime.readinessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`runtime.readinessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`60` The number of seconds after a container is started before a readiness probe is initiated.
`runtime.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`runtime.readinessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a readiness probe to be considered successful after a failure. The minimum value is 1.
`runtime.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`runtime.replicaCountMax`	Version: 1.0.0 Default value:`4` Maximum number of replicas available for autoscaling.
`runtime.replicaCountMin`	Version: 1.0.0 Default value:`1` Minimum number of replicas available for autoscaling.
`runtime.resources.requests.cpu`	Version: 1.0.0 Default value:`500m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`runtime.resources.requests.memory`	Version: 1.0.0 Default value:`1Gi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`runtime.service.type`	Version: 1.0.0 Default value:`ClusterIP` The type of service. You can set this to a service other than ClusterIP; for example,`LoadBalancer`.
`runtime.targetCPUUtilizationPercentage`	Version: 1.0.0 Default value:`75` Target CPU utilization for the runtime process on the pod. The value of this field enables the runtime to auto-scale when CPU utilization reaches this value, up to`replicaCountMax`.
`runtime.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`180` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`synchronizer`

Ensures that the Message Processors are kept up to date with the latest deployed API proxybundles. To do this, the Synchronizer polls the management plane; when a new contract is detected,the Synchronizer sends it to the runtime plane.

For more information, seeSynchronizer.

The following table describes the properties of thesynchronizer object:

Property	Description
`synchronizer.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`synchronizer.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`synchronizer.image.url`	Version: 1.0.0 Default value:`"google/apigee-synchronizer"` The location of the Docker image for this service.
`synchronizer.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`synchronizer.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a liveness probe is initiated.
`synchronizer.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`synchronizer.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`synchronizer.nodeSelector.key`	Version: 1.0.0 Default value: none Required Optional node selector label key for targeting Kubernetes nodes for`synchronizer` runtime services. SeenodeSelector.
`synchronizer.nodeSelector.value`	Version: 1.0.0 Default value: none Optional node selector label value used for targeting Kubernetes nodes for`synchronizer` runtime services. SeenodeSelector.
`synchronizer.pollInterval`	Version: 1.0.0 Default value:`60` The length of time that Synchronizer waits between polling operations. Synchronizer polls Apigee control plane services to detect and pull new runtime contracts.
`synchronizer.readinessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that readiness probes have failed before marking the podunready. The minimum value is 1.
`synchronizer.readinessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a readiness probe is initiated.
`synchronizer.readinessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a readiness probe, in seconds. The minimum value is 1.
`synchronizer.readinessProbe.successThreshold`	Version: 1.0.0 Default value:`1` The minimum consecutive successes needed for a readiness probe to be considered successful after a failure. The minimum value is 1.
`synchronizer.readinessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`synchronizer.replicaCount`	Version: 1.0.0 Default value:`2` Number of replicas for autoscaling.
`synchronizer.resources.requests.cpu`	Version: 1.0.0 Default value:`100m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`synchronizer.resources.requests.memory`	Version: 1.0.0 Default value:`1Gi` The memory needed for normal operation of the resource in a Kubernetes container, in gigabytes.
`synchronizer.serviceAccountPath`	Version: 1.0.0 Default value: none Required Path to Google Service Account key file with "Apigee Read Only Admin" role.
`synchronizer.targetCPUUtilizationPercentage`	Version: 1.0.0 Default value:`75` Target CPU utilization for the Synchronizer process on the pod. The value of this field enables Synchronizer to auto-scale when CPU utilization reaches this value, up to`replicaCountMax`.
`synchronizer.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`30` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

`udca`

(Universal Data Collection Agent) Defines the service that runs within the data collection podin the runtime plane. This service extracts analytics and deployment status data and sends it to theUnified Analytics Platform (UAP).

For more information, seeAnalytics and deployment status datacollection.

The following table describes the properties of theudca object:

Property	Description
`udca.fluentd.image.pullPolicy`	Version: 1.0.0 Default value:`IfNotPresent` Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`udca.fluentd.image.tag`	Version: 1.0.0 Default value:`1.0.0` The version label for this service's Docker image.
`udca.fluentd.image.url`	Version: 1.0.0 Default value:`"google/apigee-stackdriver-logging-agent"` The location of the Docker image for this service.
`udca.fluentd.resource.limits.memory`	Version: 1.0.0 Default value:`500Mi` The memory limit for the resource in a Kubernetes container, in mebibytes.
`udca.fluentd.resource.requests.cpu`	Version: 1.0.0 Default value:`500m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`udca.fluentd.resource.requests.memory`	Version: 1.0.0 Default value:`250Mi` The memory needed for normal operation of the resource in a Kubernetes container, in mebibytes.
`udca.image.pullPolicy`	Version: 1.0.0 Default value: IfNotPresent Determines when kubelet pulls the pod's Docker image. Possible values include: `IfNotPresent`: Do not pull a new image if it already exists. `Always`: Always pull the image, regardless of whether it exists already. For more information, seeUpdating images.
`udca.image.tag`	Version: 1.0.0 Default value:`"1.0.0"` The version label for this service's Docker image.
`udca.image.url`	Version: 1.0.0 Default value:`"google/apigee-udca"` The location of the Docker image for this service.
`udca.jvmXms`	Version: 1.0.0 Default value:`256m` The starting amount of memory for the data collection pod'sJVM.
`udca.jvmXmx`	Version: 1.0.0 Default value:`256m` The maximum allocation of memory for the data collection pod'sJVM.
`udca.livenessProbe.failureThreshold`	Version: 1.0.0 Default value:`2` The number of times Kubernetes will verify that liveness probes have failed before restarting the container. The minimum value is 1.
`udca.livenessProbe.initialDelaySeconds`	Version: 1.0.0 Default value:`0` The number of seconds after a container is started before a liveness probe is initiated.
`udca.livenessProbe.periodSeconds`	Version: 1.0.0 Default value:`5` Determines how often to perform a liveness probe, in seconds. The minimum value is 1.
`udca.livenessProbe.timeoutSeconds`	Version: 1.0.0 Default value:`1` The number of seconds after which a liveness probe times out. The minimum value is 1.
`udca.nodeSelector.key`	Version: 1.0.0 Default value: none Required Node selector label key used to target dedicated Kubernetes nodes for`udca` runtime services. SeeAdd node selectors.
`udca.nodeSelector.value`	Version: 1.0.0 Default value: none Required Node selector label value used to target dedicated Kubernetes nodes for`udca` runtime services. SeeAdd node selectors.
`udca.pollingIntervalInSec`	Version: 1.0.0 Default value:`1` The length of time, in seconds, that UDCA waits between polling operations. UDCA polls the data directory on the data collection pod's file system to detect new files to be uploaded.
`prometheus.sslCertPath`	Version: 1.0.0 Default value: none Required Path to the SSL cert for the Prometheus metrics collection process. Prometheus is a tool Apigee can use for collecting and processing metrics. See: metrics For background information, thePrometheus website
`prometheus.sslKeyPath`	Version: 1.0.0 Default value: none Required Path to the SSL Key for the Prometheus metrics collection process. Prometheus is a tool Apigee can use for collecting and processing metrics. See: metrics For background information, thePrometheus website
`udca.replicaCountMax`	Version: 1.0.0 Default value:`4` The maximum number of pods that hybrid can automatically add for the UDCA deployment. Because UDCA is implemented as a ReplicaSet, the pods are replicas.
`udca.replicaCountMin`	Version: 1.0.0 Default value:`1` The minimum number of pods for the UDCA deployment. Because UDCA is implemented as a ReplicaSet, the pods are replicas. If the CPU usage goes above udca.targetCPUUtilizationPercentage, then hybrid will gradually increase the number of pods, up to`udca.replicaCountMax`.
`udca.resource.requests.cpu`	Version: 1.0.0 Default value:`250m` The CPU needed for normal operation of the resource in a Kubernetes container, in millicores.
`udca.revision`	Version: 1 Default value:`"v1"` A static value that is populated in a label to enable canary deployments.
`udca.targetCPUUtilizationPercentage`	Version: 1.0.0 Default value:`75` The threshold of CPU usage for scaling the number of pods in the ReplicaSet, as a percentage of total available CPU resources. Hybrid uses the combined utilization of all containers in the data collection pod (both fluentd and UDCA) to calculate the current utilization. When CPU usage goes above this value, then hybrid will gradually increase the number of pods in the ReplicaSet, up to`udca.replicaCountMax`.
`udca.terminationGracePeriodSeconds`	Version: 1.0.0 Default value:`600` The time between a request for pod deletion and when the pod is killed, in seconds. During this period, any prestop hooks will be executed and any running process should terminate gracefully.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-18 UTC.

Movatterモバイル変換

Configuration property reference Stay organized with collections Save and categorize content based on your preferences.

About configuration properties

Top-level properties

adah

adc

authz

busyBoxInit

cassandra

defaults

envs

httpProxy

ingress

istio

logger

mart

metrics

nodeSelector

runtime

synchronizer

udca

Configuration property reference

`adah`

`adc`

`authz`

`busyBoxInit`

`cassandra`

`defaults`

`envs`

`httpProxy`

`ingress`

`istio`

`logger`

`mart`

`metrics`

`nodeSelector`

`runtime`

`synchronizer`

`udca`