kiam: server: image: tag: "v3.6-rc1" # kiam.server.assumeRoleArn -- kiam server IAM role to assume, required as we run the agents next to the servers normally assumeRoleArn: arn:aws:iam::123456789012:role/kiam-server-role useHostNetwork: true sslCertHostPath: /etc/ssl/certs tlsSecret: kiam-server-tls tlsCerts: certFileName: tls.crt keyFileName: tls.key caFileName: ca.crt service: port: 6444 targetPort: 6444 deployment: enabled: true replicas: 1 updateStrategy: RollingUpdate tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule nodeSelector: node-role.kubernetes.io/master: "" prometheus: servicemonitor: enabled: false log: level: warn agent: image: tag: "v3.6-rc1" gatewayTimeoutCreation: "5s" updateStrategy: RollingUpdate # IP tables set on each node at boot, see CloudBender host: iptables: false interface: "cali+" whiteListRouteRegexp: '^/latest/(meta-data/instance-id|dynamic)' sslCertHostPath: /etc/ssl/certs tlsSecret: kiam-agent-tls tlsCerts: certFileName: tls.crt keyFileName: tls.key caFileName: ca.crt tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule prometheus: servicemonitor: enabled: false log: level: warn # extraEnv: # - name: GRPC_GO_LOG_SEVERITY_LEVEL # value: "info" # - name: GRPC_GO_LOG_VERBOSITY_LEVEL # value: "8"