ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 21 Packages Projects Releases Wiki Activity
39ba92132e
KubeZero/charts/kubezero-istio-gateway/values.yaml

88 lines
2.0 KiB
YAML
Raw Blame History

gateway:
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 4
targetCPUUtilizationPercentage: 80
replicaCount: 1
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
# cpu: 100m
memory: 512Mi
service:
type: NodePort
externalTrafficPolicy: Local
# Map port 80/443 to 8080/8443 so we don't need to root
# ports is extended as follows:
# noGateway: true -> this port does NOT get mapped to a Gateway port
# tls: optional gateway port setting
# gatewayProtocol: Loadbalancer protocol which is NOT the same as Container Procotol !
ports:
- name: status-port
port: 15021
nodePort: 30021
noGateway: true
- name: http2
port: 80
targetPort: 8080
nodePort: 30080
gatewayProtocol: HTTP2
tls:
httpsRedirect: true
- name: https
port: 443
targetPort: 8443
nodePort: 30443
gatewayProtocol: HTTPS
tls:
mode: SIMPLE
affinity:
# Only nodes who are fronted with matching NLB
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node.kubernetes.io/ingress.public
operator: Exists
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- istio-ingressgateway
topologyKey: "kubernetes.io/hostname"
podAnnotations:
proxy.istio.io/config: '{ "terminationDrainDuration": "20s" }'
# TODO
# custom hardened bootstrap config
#env:
# ISTIO_BOOTSTRAP_OVERRIDE: /etc/istio/custom-bootstrap/custom_bootstrap.json
#configVolumes:
#- name: custom-bootstrap-volume
# mountPath: /etc/istio/custom-bootstrap
# configMapName: istio-gateway-bootstrap-config
certificates:
- name: ingress-cert
dnsNames: []
# - '*.example.com'
telemetry:
enabled: false
proxyProtocol: true
Reference in New Issue View Git Blame Copy Permalink