Update docs for kiam chart
This commit is contained in:
parent
040f7eedeb
commit
f962e7cb4c
@ -2,7 +2,7 @@ kubezero-kiam
|
|||||||
=============
|
=============
|
||||||
KubeZero Umbrella Chart for Kiam
|
KubeZero Umbrella Chart for Kiam
|
||||||
|
|
||||||
Current chart version is `0.1.1`
|
Current chart version is `0.2.0`
|
||||||
|
|
||||||
Source code can be found [here](https://kubezero.com)
|
Source code can be found [here](https://kubezero.com)
|
||||||
|
|
||||||
@ -33,26 +33,38 @@ Required for the *csi ebs plugin* and most likely various others assuming basic
|
|||||||
|
|
||||||
| Key | Type | Default | Description |
|
| Key | Type | Default | Description |
|
||||||
|-----|------|---------|-------------|
|
|-----|------|---------|-------------|
|
||||||
| kiam.agent.host.iptables | bool | `true` | |
|
| kiam.agent.gatewayTimeoutCreation | string | `"5s"` | |
|
||||||
|
| kiam.agent.host.interface | string | `"cali+"` | |
|
||||||
|
| kiam.agent.host.iptables | bool | `false` | |
|
||||||
|
| kiam.agent.image.tag | string | `"v3.6-rc1"` | |
|
||||||
| kiam.agent.log.level | string | `"warn"` | |
|
| kiam.agent.log.level | string | `"warn"` | |
|
||||||
| kiam.agent.prometheus.servicemonitor.enabled | bool | `false` | |
|
| kiam.agent.prometheus.servicemonitor.enabled | bool | `false` | |
|
||||||
| kiam.agent.sslCertHostPath | string | `"/etc/ssl/certs"` | |
|
| kiam.agent.sslCertHostPath | string | `"/etc/ssl/certs"` | |
|
||||||
|
| kiam.agent.tlsCerts.caFileName | string | `"ca.crt"` | |
|
||||||
|
| kiam.agent.tlsCerts.certFileName | string | `"tls.crt"` | |
|
||||||
|
| kiam.agent.tlsCerts.keyFileName | string | `"tls.key"` | |
|
||||||
| kiam.agent.tlsSecret | string | `"kiam-agent-tls"` | |
|
| kiam.agent.tlsSecret | string | `"kiam-agent-tls"` | |
|
||||||
| kiam.agent.tolerations[0].effect | string | `"NoSchedule"` | |
|
| kiam.agent.tolerations[0].effect | string | `"NoSchedule"` | |
|
||||||
| kiam.agent.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
| kiam.agent.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
||||||
|
| kiam.agent.updateStrategy | string | `"RollingUpdate"` | |
|
||||||
| kiam.agent.whiteListRouteRegexp | string | `"^/latest/(meta-data/instance-id|dynamic)"` | |
|
| kiam.agent.whiteListRouteRegexp | string | `"^/latest/(meta-data/instance-id|dynamic)"` | |
|
||||||
| kiam.server.assumeRoleArn | string | `"arn:aws:iam::123456789012:role/kiam-server-role"` | kiam server IAM role to assume, required as we run the agents next to the servers normally |
|
| kiam.server.assumeRoleArn | string | `"arn:aws:iam::123456789012:role/kiam-server-role"` | kiam server IAM role to assume, required as we run the agents next to the servers normally |
|
||||||
| kiam.server.deployment.enabled | bool | `true` | |
|
| kiam.server.deployment.enabled | bool | `true` | |
|
||||||
| kiam.server.deployment.replicas | int | `1` | |
|
| kiam.server.deployment.replicas | int | `1` | |
|
||||||
|
| kiam.server.image.tag | string | `"v3.6-rc1"` | |
|
||||||
| kiam.server.log.level | string | `"warn"` | |
|
| kiam.server.log.level | string | `"warn"` | |
|
||||||
| kiam.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
|
| kiam.server.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
|
||||||
| kiam.server.prometheus.servicemonitor.enabled | bool | `false` | |
|
| kiam.server.prometheus.servicemonitor.enabled | bool | `false` | |
|
||||||
| kiam.server.service.port | int | `6444` | |
|
| kiam.server.service.port | int | `6444` | |
|
||||||
| kiam.server.service.targetPort | int | `6444` | |
|
| kiam.server.service.targetPort | int | `6444` | |
|
||||||
| kiam.server.sslCertHostPath | string | `"/etc/ssl/certs"` | |
|
| kiam.server.sslCertHostPath | string | `"/etc/ssl/certs"` | |
|
||||||
|
| kiam.server.tlsCerts.caFileName | string | `"ca.crt"` | |
|
||||||
|
| kiam.server.tlsCerts.certFileName | string | `"tls.crt"` | |
|
||||||
|
| kiam.server.tlsCerts.keyFileName | string | `"tls.key"` | |
|
||||||
| kiam.server.tlsSecret | string | `"kiam-server-tls"` | |
|
| kiam.server.tlsSecret | string | `"kiam-server-tls"` | |
|
||||||
| kiam.server.tolerations[0].effect | string | `"NoSchedule"` | |
|
| kiam.server.tolerations[0].effect | string | `"NoSchedule"` | |
|
||||||
| kiam.server.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
| kiam.server.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
||||||
|
| kiam.server.updateStrategy | string | `"RollingUpdate"` | |
|
||||||
| kiam.server.useHostNetwork | bool | `true` | |
|
| kiam.server.useHostNetwork | bool | `true` | |
|
||||||
|
|
||||||
## Debugging
|
## Debugging
|
||||||
@ -63,7 +75,3 @@ Required for the *csi ebs plugin* and most likely various others assuming basic
|
|||||||
## Resources
|
## Resources
|
||||||
- https://github.com/uswitch/kiam
|
- https://github.com/uswitch/kiam
|
||||||
- https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam
|
- https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam
|
||||||
|
|
||||||
---
|
|
||||||
![Architecture](kiam_architecure.png)
|
|
||||||
Image Credits: Blue Matador, Inc.
|
|
||||||
|
@ -34,7 +34,3 @@ Required for the *csi ebs plugin* and most likely various others assuming basic
|
|||||||
## Resources
|
## Resources
|
||||||
- https://github.com/uswitch/kiam
|
- https://github.com/uswitch/kiam
|
||||||
- https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam
|
- https://www.bluematador.com/blog/iam-access-in-kubernetes-kube2iam-vs-kiam
|
||||||
|
|
||||||
---
|
|
||||||
![Architecture](kiam_architecure.png)
|
|
||||||
Image Credits: Blue Matador, Inc.
|
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:0a37511a23d3180d5c7d236c004a56c4b69afda33315920570e99e391ee1e732
|
|
||||||
size 43992
|
|
Loading…
Reference in New Issue
Block a user