alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Packages Projects Releases Wiki Activity
Files
89ee49e9af6e5b79ecfcda3573f6ecb5e5dc7e05
infrastructure/clusters/cl01tl/standalone/cilium/values.yaml
Alex Lebens 89ee49e9af disable node port
2025-03-02 14:25:23 -06:00

114 lines
2.1 KiB
YAML
Raw Blame History

cilium:
debug:
enabled: true
k8sServiceHost: "localhost"
k8sServicePort: "7445"
k8sClientRateLimit:
qps: 50
burst: 100
rollOutCiliumPods: true
securityContext:
capabilities:
ciliumAgent:
- CHOWN
- KILL
- NET_ADMIN
- NET_RAW
- IPC_LOCK
- SYS_ADMIN
- SYS_RESOURCE
- DAC_OVERRIDE
- FOWNER
- SETGID
- SETUID
- PERFMON
- BPF
cleanCiliumState:
- NET_ADMIN
- SYS_ADMIN
- SYS_RESOURCE
l2announcements:
enabled: true
enableK8sEndpointSlice: true
ciliumEndpointSlice:
enabled: true
ingressController:
enabled: false
secretsNamespace:
create: true
name: cilium-secrets
sync: true
gatewayAPI:
enabled: false
enableAlpn: true
enableAppProtocol: true
secretsNamespace:
create: false
name: kube-system
sync: false
externalIPs:
enabled: true
socketLB:
enabled: true
hostNamespaceOnly: true
hubble:
enabled: true
metrics:
serviceMonitor:
enabled: true
relay:
enabled: true
metrics:
serviceMonitor:
enabled: true
ui:
enabled: true
ingress:
enabled: true
className: tailscale
hosts:
- hubble-cl01tl
tls:
- secretName: hubble-cl01tl
hosts:
- hubble-cl01tl
ipam:
mode: "kubernetes"
ipv4:
enabled: true
ipv6:
enabled: false
kubeProxyReplacement: true
l7Proxy: true
nodePort:
enabled: false
prometheus:
enabled: true
serviceMonitor:
enabled: true
envoy:
log:
defaultLevel: debug
securityContext:
capabilities:
envoy:
- NET_ADMIN
- PERFMON
- BPF
keepCapNetBindService: true
prometheus:
enabled: true
serviceMonitor:
enabled: true
operator:
enabled: true
rollOutPods: true
prometheus:
enabled: true
serviceMonitor:
enabled: true
cgroup:
autoMount:
enabled: false
hostRoot: /sys/fs/cgroup
Reference in New Issue View Git Blame Copy Permalink