2021-12-01 12:35:18 +00:00
|
|
|
clusterBackup:
|
2021-09-02 17:36:11 +00:00
|
|
|
enabled: false
|
2021-12-01 12:35:18 +00:00
|
|
|
|
|
|
|
image:
|
|
|
|
name: public.ecr.aws/zero-downtime/kubezero-admin
|
2022-04-08 20:11:36 +00:00
|
|
|
# tag: v1.22.8
|
2021-12-01 12:35:18 +00:00
|
|
|
|
2022-08-24 15:13:39 +00:00
|
|
|
# -- s3:https://s3.amazonaws.com/${CFN[ConfigBucket]}/k8s/${CLUSTERNAME}/clusterBackup
|
2021-12-01 12:35:18 +00:00
|
|
|
repository: ""
|
2022-08-24 15:13:39 +00:00
|
|
|
# -- /etc/cloudbender/clusterBackup.passphrase
|
2021-12-01 12:35:18 +00:00
|
|
|
password: ""
|
2022-08-24 15:13:39 +00:00
|
|
|
|
2021-12-03 21:16:22 +00:00
|
|
|
extraEnv: []
|
2021-12-01 12:35:18 +00:00
|
|
|
|
2022-01-28 16:22:12 +00:00
|
|
|
forseti:
|
2022-01-24 11:05:54 +00:00
|
|
|
enabled: false
|
|
|
|
|
|
|
|
image:
|
2022-01-28 16:22:12 +00:00
|
|
|
name: public.ecr.aws/zero-downtime/forseti
|
|
|
|
tag: v0.1.2
|
|
|
|
|
|
|
|
aws:
|
|
|
|
region: ""
|
|
|
|
# -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.kubezeroForseti"
|
|
|
|
iamRoleArn: ""
|
2022-01-24 11:05:54 +00:00
|
|
|
|
2021-12-01 12:35:18 +00:00
|
|
|
aws-node-termination-handler:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
fullnameOverride: "aws-node-termination-handler"
|
|
|
|
|
2022-04-08 15:10:17 +00:00
|
|
|
#image:
|
|
|
|
# tag: v1.14.1
|
2022-02-01 10:29:02 +00:00
|
|
|
|
2021-12-03 21:16:22 +00:00
|
|
|
# -- "aws-node-termination-handler/${ClusterName}"
|
|
|
|
managedAsgTag: "aws-node-termination-handler/managed"
|
|
|
|
|
2022-05-16 08:14:02 +00:00
|
|
|
useProviderId: true
|
2021-12-01 12:35:18 +00:00
|
|
|
enableSqsTerminationDraining: true
|
2022-05-16 08:14:02 +00:00
|
|
|
# otherwise pds fails trying to reach IMDS
|
|
|
|
enableSpotInterruptionDraining: false
|
2021-12-21 15:05:08 +00:00
|
|
|
enableProbesServer: true
|
2021-12-03 21:16:22 +00:00
|
|
|
deleteLocalData: true
|
|
|
|
ignoreDaemonSets: true
|
|
|
|
taintNode: true
|
2021-12-21 15:05:08 +00:00
|
|
|
emitKubernetesEvents: true
|
2021-12-01 12:35:18 +00:00
|
|
|
|
2021-12-01 15:43:42 +00:00
|
|
|
# -- https://sqs.${AWS::Region}.amazonaws.com/${AWS::AccountId}/${ClusterName}_Nth
|
2021-12-01 12:35:18 +00:00
|
|
|
queueURL: ""
|
|
|
|
|
2021-12-01 15:43:42 +00:00
|
|
|
metadataTries: 0
|
|
|
|
extraEnv:
|
2022-01-28 16:22:12 +00:00
|
|
|
# -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.awsNth"
|
|
|
|
- name: AWS_ROLE_ARN
|
|
|
|
value: ""
|
|
|
|
- name: AWS_WEB_IDENTITY_TOKEN_FILE
|
|
|
|
value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
|
|
|
|
- name: AWS_STS_REGIONAL_ENDPOINTS
|
|
|
|
value: "regional"
|
2021-12-01 15:43:42 +00:00
|
|
|
|
2021-12-01 12:35:18 +00:00
|
|
|
enablePrometheusServer: false
|
|
|
|
podMonitor:
|
2021-09-02 17:08:08 +00:00
|
|
|
create: false
|
|
|
|
|
2021-12-01 12:35:18 +00:00
|
|
|
jsonLogging: true
|
|
|
|
|
|
|
|
tolerations:
|
|
|
|
- key: node-role.kubernetes.io/master
|
|
|
|
effect: NoSchedule
|
|
|
|
nodeSelector:
|
|
|
|
node-role.kubernetes.io/control-plane: ""
|
|
|
|
|
|
|
|
rbac:
|
|
|
|
pspEnabled: false
|
2021-09-02 17:36:11 +00:00
|
|
|
|
|
|
|
fuseDevicePlugin:
|
|
|
|
enabled: false
|
|
|
|
|
2022-05-04 12:24:14 +00:00
|
|
|
awsNeuron:
|
2021-09-02 17:36:11 +00:00
|
|
|
enabled: false
|
2022-04-08 20:11:36 +00:00
|
|
|
|
2022-05-04 12:24:14 +00:00
|
|
|
image:
|
|
|
|
name: public.ecr.aws/neuron/neuron-device-plugin
|
|
|
|
tag: 1.9.0.0
|
|
|
|
|
2022-04-08 20:11:36 +00:00
|
|
|
external-dns:
|
|
|
|
enabled: false
|
|
|
|
|
|
|
|
interval: 3m
|
|
|
|
triggerLoopOnEvent: true
|
|
|
|
|
|
|
|
tolerations:
|
|
|
|
- key: node-role.kubernetes.io/master
|
|
|
|
effect: NoSchedule
|
|
|
|
nodeSelector:
|
|
|
|
node-role.kubernetes.io/control-plane: ""
|
|
|
|
|
2022-04-12 13:23:33 +00:00
|
|
|
#logLevel: debug
|
2022-04-08 20:11:36 +00:00
|
|
|
sources:
|
|
|
|
- service
|
|
|
|
#- istio-gateway
|
|
|
|
|
|
|
|
provider: inmemory
|
|
|
|
|
|
|
|
extraVolumes:
|
|
|
|
- name: aws-token
|
|
|
|
projected:
|
|
|
|
sources:
|
|
|
|
- serviceAccountToken:
|
|
|
|
path: token
|
|
|
|
expirationSeconds: 86400
|
|
|
|
audience: "sts.amazonaws.com"
|
|
|
|
extraVolumeMounts:
|
|
|
|
- name: aws-token
|
|
|
|
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
|
|
|
readOnly: true
|
|
|
|
env:
|
|
|
|
# -- "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.externalDNS"
|
|
|
|
- name: AWS_ROLE_ARN
|
|
|
|
value: ""
|
|
|
|
- name: AWS_WEB_IDENTITY_TOKEN_FILE
|
|
|
|
value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
|
|
|
|
- name: AWS_STS_REGIONAL_ENDPOINTS
|
|
|
|
value: "regional"
|