116 lines
2.2 KiB
YAML
116 lines
2.2 KiB
YAML
metallb:
|
|
enabled: false
|
|
|
|
controller:
|
|
tolerations:
|
|
- key: node-role.kubernetes.io/control-plane
|
|
effect: NoSchedule
|
|
nodeSelector:
|
|
node-role.kubernetes.io/control-plane: ""
|
|
|
|
ipAddressPools: []
|
|
#- name: my-ip-space
|
|
# protocol: layer2
|
|
# addresses:
|
|
# - 192.168.42.0/24
|
|
|
|
multus:
|
|
enabled: false
|
|
image:
|
|
repository: ghcr.io/k8snetworkplumbingwg/multus-cni
|
|
tag: v3.9.3
|
|
|
|
clusterNetwork: "cilium"
|
|
defaultNetworks: []
|
|
readinessindicatorfile: "/etc/cni/net.d/05-cilium.conflist"
|
|
|
|
cilium:
|
|
enabled: false
|
|
|
|
# breaks preloaded images otherwise
|
|
image:
|
|
useDigest: false
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 256Mi
|
|
limits:
|
|
memory: 1024Mi
|
|
# cpu: 4000m
|
|
|
|
cni:
|
|
binPath: "/usr/libexec/cni"
|
|
logFile: /var/log/cilium-cni.log
|
|
#-- Ensure this is false if multus is enabled
|
|
exclusive: false
|
|
|
|
# bpf:
|
|
# autoMount:
|
|
# enabled: false
|
|
|
|
cluster:
|
|
# This should match the second octet of clusterPoolIPv4PodCIDRList
|
|
# to prevent IP space overlap and easy tracking
|
|
# use 240 as default, less likely to clash with 1
|
|
id: 240
|
|
name: default
|
|
|
|
ipam:
|
|
operator:
|
|
clusterPoolIPv4PodCIDRList:
|
|
- 10.240.0.0/16
|
|
|
|
# Keep it simple for now
|
|
l7Proxy: false
|
|
|
|
#rollOutCiliumPods: true
|
|
|
|
cgroup:
|
|
autoMount:
|
|
enabled: false
|
|
hostRoot: "/sys/fs/cgroup"
|
|
|
|
routingMode: tunnel
|
|
tunnelProtocol: geneve
|
|
|
|
prometheus:
|
|
enabled: false
|
|
serviceMonitor:
|
|
enabled: false
|
|
port: 9091
|
|
|
|
operator:
|
|
replicas: 1
|
|
tolerations:
|
|
- key: node-role.kubernetes.io/control-plane
|
|
effect: NoSchedule
|
|
# the operator removes the taints,
|
|
# so we need to break chicken egg on single controller
|
|
- key: node.cilium.io/agent-not-ready
|
|
effect: NoSchedule
|
|
|
|
nodeSelector:
|
|
node-role.kubernetes.io/control-plane: ""
|
|
prometheus:
|
|
enabled: false
|
|
serviceMonitor:
|
|
enabled: false
|
|
|
|
hubble:
|
|
enabled: false
|
|
relay:
|
|
enabled: false
|
|
ui:
|
|
enabled: false
|
|
tls:
|
|
auto:
|
|
method: cert-manager
|
|
certManagerIssuerRef:
|
|
group: cert-manager.io
|
|
kind: ClusterIssuer
|
|
name: kubezero-local-ca-issuer
|
|
|
|
haproxy:
|
|
enabled: false
|