2020-05-14 17:24:51 +00:00
kiam :
server :
2020-05-15 16:23:25 +00:00
image :
tag : "v3.6-rc1"
2020-05-19 14:13:41 +00:00
# kiam.server.assumeRoleArn -- kiam server IAM role to assume, required as we run the agents next to the servers normally, eg. arn:aws:iam::123456789012:role/kiam-server-role
assumeRoleArn : ''
2020-05-14 17:24:51 +00:00
useHostNetwork : true
sslCertHostPath : /etc/ssl/certs
tlsSecret : kiam-server-tls
2020-05-15 15:35:33 +00:00
tlsCerts :
certFileName : tls.crt
keyFileName : tls.key
caFileName : ca.crt
2020-05-14 17:24:51 +00:00
service :
port : 6444
targetPort : 6444
deployment :
enabled : true
2020-05-15 15:07:01 +00:00
replicas : 1
2020-05-15 16:23:25 +00:00
updateStrategy : RollingUpdate
2020-05-14 17:24:51 +00:00
tolerations :
- key : node-role.kubernetes.io/master
effect : NoSchedule
nodeSelector :
node-role.kubernetes.io/master : ""
prometheus :
servicemonitor :
enabled : false
2020-05-15 15:07:01 +00:00
log :
level : warn
2020-05-14 17:24:51 +00:00
agent :
2020-05-15 16:23:25 +00:00
image :
tag : "v3.6-rc1"
gatewayTimeoutCreation : "5s"
updateStrategy : RollingUpdate
# IP tables set on each node at boot, see CloudBender
2020-05-14 17:24:51 +00:00
host :
2020-05-15 16:23:25 +00:00
iptables : false
interface : "cali+"
2020-05-14 17:24:51 +00:00
whiteListRouteRegexp : '^/latest/(meta-data/instance-id|dynamic)'
sslCertHostPath : /etc/ssl/certs
tlsSecret : kiam-agent-tls
2020-05-15 15:35:33 +00:00
tlsCerts :
certFileName : tls.crt
keyFileName : tls.key
caFileName : ca.crt
2020-05-14 17:24:51 +00:00
tolerations :
- key : node-role.kubernetes.io/master
effect : NoSchedule
prometheus :
servicemonitor :
enabled : false
2020-05-15 15:07:01 +00:00
log :
level : warn
2020-05-14 17:24:51 +00:00
# extraEnv:
# - name: GRPC_GO_LOG_SEVERITY_LEVEL
# value: "info"
# - name: GRPC_GO_LOG_VERBOSITY_LEVEL
# value: "8"