diff --git a/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.json b/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.json deleted file mode 100644 index ef47695b384b6..0000000000000 --- a/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.json +++ /dev/null @@ -1,471 +0,0 @@ -{ - "node": { - "id": "host~127.0.0.1~no-id~localdomain", - "cluster": "ingress-cluster" - }, - "staticResources": { - "listeners": [ - {{- if .Values.envoy.prometheus.enabled }} - { - "name": "envoy-prometheus-metrics-listener", - "address": { - "socket_address": { - "address": "0.0.0.0", - "port_value": {{ .Values.envoy.prometheus.port }} - } - }, - "filter_chains": [ - { - "filters": [ - { - "name": "envoy.filters.network.http_connection_manager", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", - "stat_prefix": "envoy-prometheus-metrics-listener", - "route_config": { - "virtual_hosts": [ - { - "name": "prometheus_metrics_route", - "domains": [ - "*" - ], - "routes": [ - { - "name": "prometheus_metrics_route", - "match": { - "prefix": "/metrics" - }, - "route": { - "cluster": "/envoy-admin", - "prefix_rewrite": "/stats/prometheus" - } - } - ] - } - ] - }, - "http_filters": [ - { - "name": "envoy.filters.http.router", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" - } - } - ], - "internal_address_config": { - "cidr_ranges": [ - { - "address_prefix": "10.0.0.0", - "prefix_len": 8 - }, - { - "address_prefix": "172.16.0.0", - "prefix_len": 12 - }, - { - "address_prefix": "192.168.0.0", - "prefix_len": 16 - }, - { - "address_prefix": "127.0.0.1", - "prefix_len": 32 - }, - { - "address_prefix": "::1", - "prefix_len": 128 - } - ] - }, - "stream_idle_timeout": "0s" - } - } - ] - } - ] - }, - {{- end }} - {{- if and .Values.envoy.debug.admin.enabled }} - { - "name": "envoy-admin-listener", - "address": { - "socket_address": { - "address": {{ .Values.ipv4.enabled | ternary "127.0.0.1" "::1" | quote }}, - "port_value": {{ .Values.envoy.debug.admin.port }} - } - }, - {{- if and .Values.ipv4.enabled .Values.ipv6.enabled }} - "additional_addresses": [ - { - "address": { - "socket_address": { - "address": "::1", - "port_value": {{ .Values.envoy.debug.admin.port }} - } - } - } - ], - {{- end }} - "filter_chains": [ - { - "filters": [ - { - "name": "envoy.filters.network.http_connection_manager", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", - "stat_prefix": "envoy-admin-listener", - "route_config": { - "virtual_hosts": [ - { - "name": "admin_route", - "domains": [ - "*" - ], - "routes": [ - { - "name": "admin_route", - "match": { - "prefix": "/" - }, - "route": { - "cluster": "/envoy-admin", - "prefix_rewrite": "/" - } - } - ] - } - ] - }, - "http_filters": [ - { - "name": "envoy.filters.http.router", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" - } - } - ], - "internal_address_config": { - "cidr_ranges": [ - { - "address_prefix": "10.0.0.0", - "prefix_len": 8 - }, - { - "address_prefix": "172.16.0.0", - "prefix_len": 12 - }, - { - "address_prefix": "192.168.0.0", - "prefix_len": 16 - }, - { - "address_prefix": "127.0.0.1", - "prefix_len": 32 - }, - { - "address_prefix": "::1", - "prefix_len": 128 - } - ] - }, - "stream_idle_timeout": "0s" - } - } - ] - } - ] - }, - {{- end }} - { - "name": "envoy-health-listener", - "address": { - "socket_address": { - "address": {{ .Values.ipv4.enabled | ternary "127.0.0.1" "::1" | quote }}, - "port_value": {{ .Values.envoy.healthPort }} - } - }, - {{- if and .Values.ipv4.enabled .Values.ipv6.enabled }} - "additional_addresses": [ - { - "address": { - "socket_address": { - "address": "::1", - "port_value": {{ .Values.envoy.healthPort }} - } - } - } - ], - {{- end }} - "filter_chains": [ - { - "filters": [ - { - "name": "envoy.filters.network.http_connection_manager", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", - "stat_prefix": "envoy-health-listener", - "route_config": { - "virtual_hosts": [ - { - "name": "health", - "domains": [ - "*" - ], - "routes": [ - { - "name": "health", - "match": { - "prefix": "/healthz" - }, - "route": { - "cluster": "/envoy-admin", - "prefix_rewrite": "/ready" - } - } - ] - } - ] - }, - "http_filters": [ - { - "name": "envoy.filters.http.router", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" - } - } - ], - "internal_address_config": { - "cidr_ranges": [ - { - "address_prefix": "10.0.0.0", - "prefix_len": 8 - }, - { - "address_prefix": "172.16.0.0", - "prefix_len": 12 - }, - { - "address_prefix": "192.168.0.0", - "prefix_len": 16 - }, - { - "address_prefix": "127.0.0.1", - "prefix_len": 32 - }, - { - "address_prefix": "::1", - "prefix_len": 128 - } - ] - }, - "stream_idle_timeout": "0s" - } - } - ] - } - ] - } - ], - "clusters": [ - { - "name": "ingress-cluster", - "type": "ORIGINAL_DST", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "lbPolicy": "CLUSTER_PROVIDED", - "typedExtensionProtocolOptions": { - "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { - "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", - "commonHttpProtocolOptions": { - "idleTimeout": "{{ .Values.envoy.idleTimeoutDurationSeconds }}s", - "maxConnectionDuration": "{{ .Values.envoy.maxConnectionDurationSeconds }}s", - "maxRequestsPerConnection": {{ .Values.envoy.maxRequestsPerConnection }} - }, - "useDownstreamProtocolConfig": {} - } - }, - "cleanupInterval": "{{ .Values.envoy.connectTimeoutSeconds }}.500s" - }, - { - "name": "egress-cluster-tls", - "type": "ORIGINAL_DST", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "lbPolicy": "CLUSTER_PROVIDED", - "typedExtensionProtocolOptions": { - "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { - "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", - "commonHttpProtocolOptions": { - "idleTimeout": "{{ .Values.envoy.idleTimeoutDurationSeconds }}s", - "maxConnectionDuration": "{{ .Values.envoy.maxConnectionDurationSeconds }}s", - "maxRequestsPerConnection": {{ .Values.envoy.maxRequestsPerConnection }} - }, - "upstreamHttpProtocolOptions": {}, - "useDownstreamProtocolConfig": {} - } - }, - "cleanupInterval": "{{ .Values.envoy.connectTimeoutSeconds }}.500s", - "transportSocket": { - "name": "cilium.tls_wrapper", - "typedConfig": { - "@type": "type.googleapis.com/cilium.UpstreamTlsWrapperContext" - } - } - }, - { - "name": "egress-cluster", - "type": "ORIGINAL_DST", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "lbPolicy": "CLUSTER_PROVIDED", - "typedExtensionProtocolOptions": { - "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { - "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", - "commonHttpProtocolOptions": { - "idleTimeout": "{{ .Values.envoy.idleTimeoutDurationSeconds }}s", - "maxConnectionDuration": "{{ .Values.envoy.maxConnectionDurationSeconds }}s", - "maxRequestsPerConnection": {{ .Values.envoy.maxRequestsPerConnection }} - }, - "useDownstreamProtocolConfig": {} - } - }, - "cleanupInterval": "{{ .Values.envoy.connectTimeoutSeconds }}.500s" - }, - { - "name": "ingress-cluster-tls", - "type": "ORIGINAL_DST", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "lbPolicy": "CLUSTER_PROVIDED", - "typedExtensionProtocolOptions": { - "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { - "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", - "commonHttpProtocolOptions": { - "idleTimeout": "{{ .Values.envoy.idleTimeoutDurationSeconds }}s", - "maxConnectionDuration": "{{ .Values.envoy.maxConnectionDurationSeconds }}s", - "maxRequestsPerConnection": {{ .Values.envoy.maxRequestsPerConnection }} - }, - "upstreamHttpProtocolOptions": {}, - "useDownstreamProtocolConfig": {} - } - }, - "cleanupInterval": "{{ .Values.envoy.connectTimeoutSeconds }}.500s", - "transportSocket": { - "name": "cilium.tls_wrapper", - "typedConfig": { - "@type": "type.googleapis.com/cilium.UpstreamTlsWrapperContext" - } - } - }, - { - "name": "xds-grpc-cilium", - "type": "STATIC", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "loadAssignment": { - "clusterName": "xds-grpc-cilium", - "endpoints": [ - { - "lbEndpoints": [ - { - "endpoint": { - "address": { - "pipe": { - "path": "/var/run/cilium/envoy/sockets/xds.sock" - } - } - } - } - ] - } - ] - }, - "typedExtensionProtocolOptions": { - "envoy.extensions.upstreams.http.v3.HttpProtocolOptions": { - "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions", - "explicitHttpConfig": { - "http2ProtocolOptions": {} - } - } - } - }, - { - "name": "/envoy-admin", - "type": "STATIC", - "connectTimeout": "{{ .Values.envoy.connectTimeoutSeconds }}s", - "loadAssignment": { - "clusterName": "/envoy-admin", - "endpoints": [ - { - "lbEndpoints": [ - { - "endpoint": { - "address": { - "pipe": { - "path": "/var/run/cilium/envoy/sockets/admin.sock" - } - } - } - } - ] - } - ] - } - } - ] - }, - "dynamicResources": { - "ldsConfig": { - "initialFetchTimeout": "{{ .Values.envoy.initialFetchTimeoutSeconds }}s", - "apiConfigSource": { - "apiType": "GRPC", - "transportApiVersion": "V3", - "grpcServices": [ - { - "envoyGrpc": { - "clusterName": "xds-grpc-cilium" - } - } - ], - "setNodeOnFirstMessageOnly": true - }, - "resourceApiVersion": "V3" - }, - "cdsConfig": { - "initialFetchTimeout": "{{ .Values.envoy.initialFetchTimeoutSeconds }}s", - "apiConfigSource": { - "apiType": "GRPC", - "transportApiVersion": "V3", - "grpcServices": [ - { - "envoyGrpc": { - "clusterName": "xds-grpc-cilium" - } - } - ], - "setNodeOnFirstMessageOnly": true - }, - "resourceApiVersion": "V3" - } - }, - "bootstrapExtensions": [ - { - "name": "envoy.bootstrap.internal_listener", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener" - } - } - ], - "overload_manager": { - "resource_monitors": [ - { - "name": "envoy.resource_monitors.global_downstream_max_connections", - "typed_config": { - "@type": "type.googleapis.com/envoy.extensions.resource_monitors.downstream_connections.v3.DownstreamConnectionsConfig", - "max_active_downstream_connections": "50000" - } - } - ] - }, - "admin": { - "address": { - "pipe": { - "path": "/var/run/cilium/envoy/sockets/admin.sock" - } - } - } -} diff --git a/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.yaml b/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.yaml new file mode 100644 index 0000000000000..2200a744c2c7d --- /dev/null +++ b/install/kubernetes/cilium/files/cilium-envoy/configmap/bootstrap-config.yaml @@ -0,0 +1,268 @@ +node: + id: "host~127.0.0.1~no-id~localdomain" + cluster: "ingress-cluster" +staticResources: + listeners: + {{- if .Values.envoy.prometheus.enabled }} + - name: "envoy-prometheus-metrics-listener" + address: + socketAddress: + address: "0.0.0.0" + portValue: {{ .Values.envoy.prometheus.port }} + filterChains: + - filters: + - name: "envoy.filters.network.http_connection_manager" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager" + statPrefix: "envoy-prometheus-metrics-listener" + routeConfig: + virtualHosts: + - name: "prometheus_metrics_route" + domains: + - "*" + routes: + - name: "prometheus_metrics_route" + match: + prefix: "/metrics" + route: + cluster: "/envoy-admin" + prefixRewrite: "/stats/prometheus" + httpFilters: + - name: "envoy.filters.http.router" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" + internalAddressConfig: + cidrRanges: + - addressPrefix: "10.0.0.0" + prefixLen: 8 + - addressPrefix: "172.16.0.0" + prefixLen: 12 + - addressPrefix: "192.168.0.0" + prefixLen: 16 + - addressPrefix: "127.0.0.1" + prefixLen: 32 + - addressPrefix: "::1" + prefixLen: 128 + streamIdleTimeout: "0s" + {{- end }} + {{- if and .Values.envoy.debug.admin.enabled }} + - name: "envoy-admin-listener" + address: + socketAddress: + address: {{ .Values.ipv4.enabled | ternary "127.0.0.1" "::1" | quote }} + portValue: {{ .Values.envoy.debug.admin.port }} + {{- if and .Values.ipv4.enabled .Values.ipv6.enabled }} + additionalAddresses: + - address: + socketAddress: + address: "::1" + portValue: {{ .Values.envoy.debug.admin.port }} + {{- end }} + filterChains: + - filters: + - name: "envoy.filters.network.http_connection_manager" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager" + statPrefix: "envoy-admin-listener" + routeConfig: + virtual_hosts: + - name: "admin_route" + domains: + - "*" + routes: + - name: "admin_route" + match: + prefix: "/" + route: + cluster: "/envoy-admin" + prefixRewrite: "/" + httpFilters: + - name: "envoy.filters.http.router" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" + internalAddressConfig: + cidrRanges: + - addressPrefix: "10.0.0.0" + prefixLen: 8 + - addressPrefix: "172.16.0.0" + prefixLen: 12 + - addressPrefix: "192.168.0.0" + prefixLen: 16 + - addressPrefix: "127.0.0.1" + prefixLen: 32 + - addressPrefix: "::1" + prefixLen: 128 + streamIdleTimeout: "0s" + {{- end }} + - name: "envoy-health-listener" + address: + socketAddress: + address: {{ .Values.ipv4.enabled | ternary "127.0.0.1" "::1" | quote }} + portValue: {{ .Values.envoy.healthPort }} + {{- if and .Values.ipv4.enabled .Values.ipv6.enabled }} + additionalAddresses: + - address: + socketAddress: + address: "::1" + portValue: {{ .Values.envoy.healthPort }} + {{- end }} + filterChains: + - filters: + - name: "envoy.filters.network.http_connection_manager" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager" + statPrefix: "envoy-health-listener" + routeConfig: + virtual_hosts: + - name: "health" + domains: + - "*" + routes: + - name: "health" + match: + prefix: "/healthz" + route: + cluster: "/envoy-admin" + prefixRewrite: "/ready" + httpFilters: + - name: "envoy.filters.http.router" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" + internalAddressConfig: + cidrRanges: + - addressPrefix: "10.0.0.0" + prefixLen: 8 + - addressPrefix: "172.16.0.0" + prefixLen: 12 + - addressPrefix: "192.168.0.0" + prefixLen: 16 + - addressPrefix: "127.0.0.1" + prefixLen: 32 + - addressPrefix: "::1" + prefixLen: 128 + streamIdleTimeout: "0s" + clusters: + - name: "ingress-cluster" + type: "ORIGINAL_DST" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + lbPolicy: "CLUSTER_PROVIDED" + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions" + commonHttpProtocolOptions: + idleTimeout: "{{ .Values.envoy.idleTimeoutDurationSeconds }}s" + maxConnectionDuration: "{{ .Values.envoy.maxConnectionDurationSeconds }}s" + maxRequestsPerConnection: {{ .Values.envoy.maxRequestsPerConnection }} + useDownstreamProtocolConfig: {} + cleanupInterval: "{{ .Values.envoy.connectTimeoutSeconds }}.500s" + - name: "egress-cluster-tls" + type: "ORIGINAL_DST" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + lbPolicy: "CLUSTER_PROVIDED" + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions" + commonHttpProtocolOptions: + idleTimeout: "{{ .Values.envoy.idleTimeoutDurationSeconds }}s" + maxConnectionDuration: "{{ .Values.envoy.maxConnectionDurationSeconds }}s" + maxRequestsPerConnection: {{ .Values.envoy.maxRequestsPerConnection }} + upstreamHttpProtocolOptions: {} + useDownstreamProtocolConfig: {} + cleanupInterval: "{{ .Values.envoy.connectTimeoutSeconds }}.500s" + transportSocket: + name: "cilium.tls_wrapper" + typedConfig: + "@type": "type.googleapis.com/cilium.UpstreamTlsWrapperContext" + - name: "egress-cluster" + type: "ORIGINAL_DST" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + lbPolicy: "CLUSTER_PROVIDED" + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions" + commonHttpProtocolOptions: + idleTimeout: "{{ .Values.envoy.idleTimeoutDurationSeconds }}s" + maxConnectionDuration: "{{ .Values.envoy.maxConnectionDurationSeconds }}s" + maxRequestsPerConnection: {{ .Values.envoy.maxRequestsPerConnection }} + useDownstreamProtocolConfig: {} + cleanupInterval: "{{ .Values.envoy.connectTimeoutSeconds }}.500s" + - name: "ingress-cluster-tls" + type: "ORIGINAL_DST" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + lbPolicy: "CLUSTER_PROVIDED" + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions" + commonHttpProtocolOptions: + idleTimeout: "{{ .Values.envoy.idleTimeoutDurationSeconds }}s" + maxConnectionDuration: "{{ .Values.envoy.maxConnectionDurationSeconds }}s" + maxRequestsPerConnection: {{ .Values.envoy.maxRequestsPerConnection }} + upstreamHttpProtocolOptions: {} + useDownstreamProtocolConfig: {} + cleanupInterval: "{{ .Values.envoy.connectTimeoutSeconds }}.500s" + transportSocket: + name: "cilium.tls_wrapper" + typedConfig: + "@type": "type.googleapis.com/cilium.UpstreamTlsWrapperContext" + - name: "xds-grpc-cilium" + type: "STATIC" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + loadAssignment: + clusterName: "xds-grpc-cilium" + endpoints: + - lbEndpoints: + - endpoint: + address: + pipe: + path: "/var/run/cilium/envoy/sockets/xds.sock" + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions" + explicitHttpConfig: + http2ProtocolOptions: {} + - name: "/envoy-admin" + type: "STATIC" + connectTimeout: "{{ .Values.envoy.connectTimeoutSeconds }}s" + loadAssignment: + clusterName: "/envoy-admin" + endpoints: + - lbEndpoints: + - endpoint: + address: + pipe: + path: "/var/run/cilium/envoy/sockets/admin.sock" +dynamicResources: + ldsConfig: + initialFetchTimeout: "{{ .Values.envoy.initialFetchTimeoutSeconds }}s" + apiConfigSource: + apiType: "GRPC" + transportApiVersion: "V3" + grpcServices: + - envoyGrpc: + clusterName: "xds-grpc-cilium" + setNodeOnFirstMessageOnly: true + resourceApiVersion: "V3" + cdsConfig: + initialFetchTimeout: "{{ .Values.envoy.initialFetchTimeoutSeconds }}s" + apiConfigSource: + apiType: "GRPC" + transportApiVersion: "V3" + grpcServices: + - envoyGrpc: + clusterName: "xds-grpc-cilium" + setNodeOnFirstMessageOnly: true + resourceApiVersion: "V3" +bootstrapExtensions: +- name: "envoy.bootstrap.internal_listener" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener" +overloadManager: + resourceMonitors: + - name: "envoy.resource_monitors.global_downstream_max_connections" + typedConfig: + "@type": "type.googleapis.com/envoy.extensions.resource_monitors.downstream_connections.v3.DownstreamConnectionsConfig" + max_active_downstream_connections: "50000" +admin: + address: + pipe: + path: "/var/run/cilium/envoy/sockets/admin.sock" diff --git a/install/kubernetes/cilium/templates/cilium-envoy/configmap.yaml b/install/kubernetes/cilium/templates/cilium-envoy/configmap.yaml index 33c5a83306696..084077a4bc2f6 100644 --- a/install/kubernetes/cilium/templates/cilium-envoy/configmap.yaml +++ b/install/kubernetes/cilium/templates/cilium-envoy/configmap.yaml @@ -12,6 +12,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} data: -{{- (tpl (.Files.Glob "files/cilium-envoy/configmap/bootstrap-config.json").AsConfig .) | nindent 2 }} - + # Keep the key name as bootstrap-config.json to avoid breaking changes + bootstrap-config.json: | + {{- (tpl (.Files.Get "files/cilium-envoy/configmap/bootstrap-config.yaml") .) | fromYaml | toJson | nindent 4 }} {{- end }}