2020-09-18 15:18:59 +00:00
annotateKubeSystemNameSpace : false
2020-05-14 17:24:51 +00:00
kiam :
2020-09-14 15:06:53 +00:00
enabled : true
2020-05-14 17:24:51 +00:00
server :
2020-05-19 14:13:41 +00:00
# kiam.server.assumeRoleArn -- kiam server IAM role to assume, required as we run the agents next to the servers normally, eg. arn:aws:iam::123456789012:role/kiam-server-role
assumeRoleArn : ''
2020-05-14 17:24:51 +00:00
useHostNetwork : true
sslCertHostPath : /etc/ssl/certs
tlsSecret : kiam-server-tls
2020-05-15 15:35:33 +00:00
tlsCerts :
certFileName : tls.crt
keyFileName : tls.key
caFileName : ca.crt
2020-05-14 17:24:51 +00:00
service :
port : 6444
targetPort : 6444
deployment :
enabled : true
2020-05-15 15:07:01 +00:00
replicas : 1
2020-05-15 16:23:25 +00:00
updateStrategy : RollingUpdate
2020-09-10 13:22:47 +00:00
resources :
requests :
2021-04-09 11:44:48 +00:00
memory : "64Mi"
2021-03-05 09:22:54 +00:00
cpu : "50m"
2020-09-10 13:22:47 +00:00
limits :
2021-04-09 11:44:48 +00:00
memory : "128Mi"
2021-03-05 09:22:54 +00:00
# cpu: "300m"
2020-05-14 17:24:51 +00:00
tolerations :
- key : node-role.kubernetes.io/master
effect : NoSchedule
nodeSelector :
node-role.kubernetes.io/master : ""
2020-11-21 12:24:57 +00:00
priorityClassName : system-cluster-critical
2020-05-14 17:24:51 +00:00
prometheus :
servicemonitor :
enabled : false
2020-08-14 21:31:34 +00:00
interval : 30s
2020-08-14 16:39:05 +00:00
labels :
release : metrics
2020-05-15 15:07:01 +00:00
log :
2020-11-21 12:24:57 +00:00
level : info
2020-05-15 15:07:01 +00:00
2020-05-14 17:24:51 +00:00
agent :
2020-05-15 16:23:25 +00:00
gatewayTimeoutCreation : "5s"
updateStrategy : RollingUpdate
# IP tables set on each node at boot, see CloudBender
2020-05-14 17:24:51 +00:00
host :
2020-05-15 16:23:25 +00:00
iptables : false
interface : "cali+"
2021-01-21 13:35:20 +00:00
allowRouteRegexp : '^/latest/(meta-data/instance-id|dynamic)'
2020-05-14 17:24:51 +00:00
sslCertHostPath : /etc/ssl/certs
tlsSecret : kiam-agent-tls
2020-05-15 15:35:33 +00:00
tlsCerts :
certFileName : tls.crt
keyFileName : tls.key
caFileName : ca.crt
2020-09-10 13:22:47 +00:00
resources :
requests :
2021-04-09 11:44:48 +00:00
memory : "16Mi"
2020-09-10 13:22:47 +00:00
cpu : "50m"
limits :
2021-04-09 11:44:48 +00:00
memory : "64Mi"
2021-03-05 09:22:54 +00:00
# cpu: "50m"
2020-05-14 17:24:51 +00:00
tolerations :
- key : node-role.kubernetes.io/master
effect : NoSchedule
2021-07-19 14:21:20 +00:00
- key : kubezero-workergroup
effect : NoSchedule
2021-07-19 14:36:07 +00:00
operator : Exists
2020-11-21 12:24:57 +00:00
priorityClassName : system-node-critical
2020-05-14 17:24:51 +00:00
prometheus :
servicemonitor :
enabled : false
2020-08-14 21:31:34 +00:00
interval : 30s
2020-08-14 16:39:05 +00:00
labels :
release : metrics
2020-05-15 15:07:01 +00:00
log :
2020-11-21 12:24:57 +00:00
level : info
2020-05-14 17:24:51 +00:00
# extraEnv:
# - name: GRPC_GO_LOG_SEVERITY_LEVEL
# value: "info"
# - name: GRPC_GO_LOG_VERBOSITY_LEVEL
# value: "8"