Enable rollingUpdate support kiam, turn off iptables support

charts/kubezero-kiam/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero-kiam
 description: KubeZero Umbrella Chart for Kiam
 type: application
-version: 0.1.3
+version: 0.2.0
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/logo_small.png
 keywords:

charts/kubezero-kiam/values.yaml

@@ -1,5 +1,7 @@
 kiam:
   server:
+    image:
+      tag: "v3.6-rc1"
     # kiam.server.assumeRoleArn --  kiam server IAM role to assume, required as we run the agents next to the servers normally
     assumeRoleArn: arn:aws:iam::123456789012:role/kiam-server-role
     useHostNetwork: true
@@ -15,6 +17,7 @@ kiam:
     deployment:
       enabled: true
       replicas: 1
+    updateStrategy: RollingUpdate
     tolerations:
     - key: node-role.kubernetes.io/master
       effect: NoSchedule
@@ -27,8 +30,14 @@ kiam:
       level: warn
 
   agent:
+    image:
+      tag: "v3.6-rc1"
+    gatewayTimeoutCreation: "5s"
+    updateStrategy: RollingUpdate
+    # IP tables set on each node at boot, see CloudBender
     host:
-      iptables: true
+      iptables: false
+      interface: "cali+"
     whiteListRouteRegexp: '^/latest/(meta-data/instance-id|dynamic)'
     sslCertHostPath: /etc/ssl/certs
     tlsSecret: kiam-agent-tls