KubeZero/charts/kubezero-istio-ingress/values.yaml

178 lines
4.1 KiB
YAML
Raw Normal View History

2020-11-24 14:44:57 +00:00
# Make sure these values match kuberzero-istio !!!
global:
2021-02-25 23:24:12 +00:00
#hub: docker.io/istio
#tag: 1.9.3
2020-11-24 14:44:57 +00:00
logAsJson: true
jwtPolicy: first-party-jwt
priorityClassName: "system-cluster-critical"
defaultPodDisruptionBudget:
enabled: false
2020-11-28 23:01:20 +00:00
arch:
amd64: 2
2020-11-24 14:44:57 +00:00
istio-ingress:
enabled: false
telemetry:
enabled: false
2020-11-24 14:44:57 +00:00
gateways:
istio-ingressgateway:
autoscaleEnabled: false
replicaCount: 1
rollingMaxSurge: 1
rollingMaxUnavailable: 0
2020-11-24 14:44:57 +00:00
resources:
requests:
cpu: 50m
2020-11-24 14:44:57 +00:00
memory: 64Mi
limits:
# cpu: 100m
memory: 512Mi
2020-11-24 14:44:57 +00:00
externalTrafficPolicy: Local
podAntiAffinityLabelSelector:
- key: app
operator: In
topologyKey: kubernetes.io/hostname
values: istio-ingressgateway
type: NodePort
podAnnotations:
proxy.istio.io/config: '{ "terminationDrainDuration": "20s" }'
# custom hardened bootstrap config
env:
ISTIO_BOOTSTRAP_OVERRIDE: /etc/istio/custom-bootstrap/custom_bootstrap.json
configVolumes:
- name: custom-bootstrap-volume
mountPath: /etc/istio/custom-bootstrap
configMapName: istio-gateway-bootstrap-config
2020-11-24 14:44:57 +00:00
# The node selector is normally the list of nodeports, see CloudBender
nodeSelector:
node.kubernetes.io/ingress.public: "30080_30443"
ports:
2021-02-25 23:24:12 +00:00
- name: status-port
2020-11-24 14:44:57 +00:00
port: 15021
nodePort: 30021
2021-02-25 23:35:21 +00:00
protocol: TCP
2020-11-24 14:44:57 +00:00
- name: http2
port: 80
targetPort: 8080
nodePort: 30080
2021-02-25 23:35:21 +00:00
protocol: TCP
2020-11-24 14:44:57 +00:00
- name: https
port: 443
targetPort: 8443
nodePort: 30443
2021-02-25 23:35:21 +00:00
protocol: TCP
2021-02-25 23:24:12 +00:00
## multi-cluster - disabled on public LBs
#- name: tcp-istiod
# port: 15012
# targetPort: 15012
# nodePort: 30012
# protocol: TCP
## multi-cluster sni east-west
#- name: tls
# port: 15443
# targetPort: 15443
# nodePort: 30044
# protocol: TCP
2020-11-24 14:44:57 +00:00
dnsNames: []
# - '*.example.com'
meshConfig:
defaultConfig:
proxyMetadata:
# ISTIO_META_HTTP10: 1
2020-11-24 14:44:57 +00:00
istio-private-ingress:
enabled: false
telemetry:
enabled: false
2020-11-24 14:44:57 +00:00
gateways:
istio-ingressgateway:
# name and labels make the ingress private
name: istio-private-ingressgateway
labels:
app: istio-private-ingressgateway
istio: private-ingressgateway
autoscaleEnabled: false
replicaCount: 1
rollingMaxSurge: 1
rollingMaxUnavailable: 0
2020-11-24 14:44:57 +00:00
resources:
requests:
cpu: 50m
2020-11-24 14:44:57 +00:00
memory: 64Mi
limits:
# cpu: 100m
memory: 512Mi
2020-11-24 14:44:57 +00:00
externalTrafficPolicy: Local
podAntiAffinityLabelSelector:
- key: app
operator: In
topologyKey: kubernetes.io/hostname
values: istio-private-ingressgateway
type: NodePort
podAnnotations:
# sidecar.istio.io/bootstrapOverride: istio-gateway-bootstrap-config
proxy.istio.io/config: '{ "terminationDrainDuration": "20s" }'
2020-11-24 14:44:57 +00:00
nodeSelector:
node.kubernetes.io/ingress.private: "31080_31443"
#nodeSelector: "31080_31443_31671_31672_31224"
ports:
2021-02-25 23:24:12 +00:00
- name: status-port
2020-11-24 14:44:57 +00:00
port: 15021
nodePort: 31021
2021-02-25 23:35:21 +00:00
protocol: TCP
2020-11-24 14:44:57 +00:00
- name: http2
port: 80
targetPort: 8080
nodePort: 31080
2021-02-25 23:35:21 +00:00
protocol: TCP
2020-11-24 14:44:57 +00:00
- name: https
port: 443
targetPort: 8443
nodePort: 31443
2021-02-25 23:35:21 +00:00
protocol: TCP
2021-02-25 23:24:12 +00:00
# multi-cluster
- name: tcp-istiod
port: 15012
targetPort: 15012
nodePort: 31012
protocol: TCP
# multi-cluster sni east-west
- name: tls
port: 15443
targetPort: 15443
nodePort: 31044
protocol: TCP
2020-11-24 14:44:57 +00:00
#- name: fluentd-forward
# port: 24224
# nodePort: 31224
#- name: amqps
# port: 5671
# nodePort: 31671
#- name: amqp
# port: 5672
# nodePort: 31672
#- name: redis
# port: 6379
# nodePort: 31379
dnsNames: []
# - '*.example.com'
meshConfig:
defaultConfig:
proxyMetadata:
# ISTIO_META_HTTP10: 1