cilium-agent hive
Inspect the hive
cilium-agent hive [flags]
Options
--agent-liveness-update-interval duration Interval at which the agent updates liveness time for the datapath (default 1s)
--api-rate-limit stringToString API rate limiting configuration (example: --api-rate-limit endpoint-create=rate-limit:10/m,rate-burst:2) (default [])
--certificates-directory string Root directory to find certificates specified in L7 TLS policy enforcement (default "/var/run/cilium/certs")
--cluster-id uint32 Unique identifier of the cluster
--cluster-name string Name of the cluster (default "default")
--clustermesh-config string Path to the ClusterMesh configuration directory
--clustermesh-ip-identities-sync-timeout duration Timeout waiting for the initial synchronization of IPs and identities from remote clusters before local endpoints regeneration (default 1m0s)
--cni-chaining-mode string Enable CNI chaining with the specified plugin (default "none")
--cni-chaining-target string CNI network name into which to insert the Cilium chained configuration. Use '*' to select any network.
--cni-exclusive Whether to remove other CNI configurations
--cni-log-file string Path where the CNI plugin should write logs (default "/var/run/cilium/cilium-cni.log")
--controller-group-metrics strings List of controller group names for which to to enable metrics. Accepts 'all' and 'none'. The set of controller group names available is not guaranteed to be stable between Cilium versions.
--egress-gateway-policy-map-max int Maximum number of entries in egress gateway policy map (default 16384)
--egress-gateway-reconciliation-trigger-interval duration Time between triggers of egress gateway state reconciliations (default 1s)
--enable-cilium-api-server-access strings List of cilium API APIs which are administratively enabled. Supports '*'. (default [*])
--enable-cilium-health-api-server-access strings List of cilium health API APIs which are administratively enabled. Supports '*'. (default [*])
--enable-k8s Enable the k8s clientset (default true)
--enable-k8s-api-discovery Enable discovery of Kubernetes API groups and resources with the discovery API
--enable-k8s-endpoint-slice Enables k8s EndpointSlice feature in Cilium if the k8s cluster supports it (default true)
--enable-l2-pod-announcements Enable announcing Pod IPs with Gratuitous ARP
--enable-monitor Enable the monitor unix domain socket server (default true)
--gops-port uint16 Port for gops server to listen on (default 9890)
-h, --help help for hive
--install-egress-gateway-routes Install egress gateway IP rules and routes in order to properly steer egress gateway traffic to the correct ENI interface
--k8s-api-server string Kubernetes API server URL
--k8s-client-burst int Burst value allowed for the K8s client
--k8s-client-qps float32 Queries per second limit for the K8s client
--k8s-heartbeat-timeout duration Configures the timeout for api-server heartbeat, set to 0 to disable (default 30s)
--k8s-kubeconfig-path string Absolute path of the kubernetes kubeconfig file
--k8s-service-proxy-name string Value of K8s service-proxy-name label for which Cilium handles the services (empty = all services without service.kubernetes.io/service-proxy-name label)
--l2-pod-announcements-interface string Interface used for sending gratuitous arp messages
--mesh-auth-enabled Enable authentication processing & garbage collection (beta) (default true)
--mesh-auth-gc-interval duration Interval in which auth entries are attempted to be garbage collected (default 5m0s)
--mesh-auth-mutual-connect-timeout duration Timeout for connecting to the remote node TCP socket (default 5s)
--mesh-auth-mutual-listener-port int Port on which the Cilium Agent will perform mutual authentication handshakes between other Agents
--mesh-auth-queue-size int Queue size for the auth manager (default 1024)
--mesh-auth-rotated-identities-queue-size int The size of the queue for signaling rotated identities. (default 1024)
--mesh-auth-spiffe-trust-domain string The trust domain for the SPIFFE identity. (default "spiffe.cilium")
--mesh-auth-spire-admin-socket string The path for the SPIRE admin agent Unix socket.
--metrics strings Metrics that should be enabled or disabled from the default metric list. (+metric_foo to enable metric_foo, -metric_bar to disable metric_bar)
--monitor-queue-size int Size of the event queue when reading monitor events
--pprof Enable serving pprof debugging API
--pprof-address string Address that pprof listens on (default "localhost")
--pprof-port uint16 Port that pprof listens on (default 6060)
--prometheus-serve-addr string IP:Port on which to serve prometheus metrics (pass ":Port" to bind on all interfaces, "" is off) (default ":9962")
--read-cni-conf string CNI configuration file to use as a source for --write-cni-conf-when-ready. If not supplied, a suitable one will be generated.
--write-cni-conf-when-ready string Write the CNI configuration to the specified path when agent is ready
SEE ALSO
cilium-agent - Run the cilium agent
cilium-agent hive dot-graph - Output the dependencies graph in graphviz dot format