7.0 KiB
7.0 KiB
kubezero-network
KubeZero umbrella chart for all things network
Homepage: https://kubezero.com
Maintainers
Name | Url | |
---|---|---|
Stefan Reimer | stefan@zero-downtime.net |
Requirements
Kubernetes: >= 1.26.0
Repository | Name | Version |
---|---|---|
https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
https://haproxytech.github.io/helm-charts | haproxy | 1.23.0 |
https://helm.cilium.io/ | cilium | 1.16.2 |
https://metallb.github.io/metallb | metallb | 0.14.8 |
Values
Key | Type | Default | Description |
---|---|---|---|
cilium.cgroup.autoMount.enabled | bool | false |
|
cilium.cgroup.hostRoot | string | "/sys/fs/cgroup" |
|
cilium.cluster.id | int | 240 |
|
cilium.cluster.name | string | "default" |
|
cilium.cni.binPath | string | "/usr/libexec/cni" |
|
cilium.cni.exclusive | bool | false |
|
cilium.cni.logFile | string | "/var/log/cilium-cni.log" |
|
cilium.enabled | bool | false |
|
cilium.envoy.enabled | bool | false |
|
cilium.hubble.enabled | bool | false |
|
cilium.hubble.relay.enabled | bool | false |
|
cilium.hubble.tls.auto.certManagerIssuerRef.group | string | "cert-manager.io" |
|
cilium.hubble.tls.auto.certManagerIssuerRef.kind | string | "ClusterIssuer" |
|
cilium.hubble.tls.auto.certManagerIssuerRef.name | string | "kubezero-local-ca-issuer" |
|
cilium.hubble.tls.auto.method | string | "cert-manager" |
|
cilium.hubble.ui.enabled | bool | false |
|
cilium.image.pullPolicy | string | "Never" |
|
cilium.image.useDigest | bool | false |
|
cilium.ipam.operator.clusterPoolIPv4PodCIDRList[0] | string | "10.240.0.0/16" |
|
cilium.l7Proxy | bool | false |
|
cilium.operator.nodeSelector."node-role.kubernetes.io/control-plane" | string | "" |
|
cilium.operator.prometheus.enabled | bool | false |
|
cilium.operator.prometheus.serviceMonitor.enabled | bool | false |
|
cilium.operator.replicas | int | 1 |
|
cilium.operator.tolerations[0].effect | string | "NoSchedule" |
|
cilium.operator.tolerations[0].key | string | "node-role.kubernetes.io/control-plane" |
|
cilium.operator.tolerations[1].effect | string | "NoSchedule" |
|
cilium.operator.tolerations[1].key | string | "node.cilium.io/agent-not-ready" |
|
cilium.prometheus.enabled | bool | false |
|
cilium.prometheus.port | int | 9091 |
|
cilium.prometheus.serviceMonitor.enabled | bool | false |
|
cilium.resources.limits.memory | string | "1024Mi" |
|
cilium.resources.requests.cpu | string | "10m" |
|
cilium.resources.requests.memory | string | "256Mi" |
|
cilium.routingMode | string | "tunnel" |
|
cilium.sysctlfix.enabled | bool | false |
|
cilium.tunnelProtocol | string | "geneve" |
|
haproxy.PodDisruptionBudget.enable | bool | false |
|
haproxy.PodDisruptionBudget.minAvailable | int | 1 |
|
haproxy.args.defaults[0] | string | "-f" |
|
haproxy.args.defaults[1] | string | "/usr/local/etc/haproxy/includes/global.cfg" |
|
haproxy.args.defaults[2] | string | "-f" |
|
haproxy.args.defaults[3] | string | "/usr/local/etc/haproxy/includes/prometheus.cfg" |
|
haproxy.args.defaults[4] | string | "-f" |
|
haproxy.args.defaults[5] | string | "/usr/local/etc/haproxy/haproxy.cfg" |
|
haproxy.config | string | "frontend fe_main\n bind :8080\n default_backend be_main\n\nbackend be_main\n server web1 10.0.0.1:8080 check\n" |
|
haproxy.containerPorts.http | int | 8080 |
|
haproxy.containerPorts.https | string | nil |
|
haproxy.containerPorts.prometheus | int | 8404 |
|
haproxy.containerPorts.stat | string | nil |
|
haproxy.enabled | bool | false |
|
haproxy.includes."global.cfg" | string | "global\n log stdout format raw local0\n maxconn 2048\n\ndefaults\n log global\n mode tcp\n option http-server-close\n timeout connect 10s\n timeout client 30s\n timeout client-fin 30s\n timeout server 30s\n timeout tunnel 1h\n\nresolvers coredns\n accepted_payload_size 4096\n parse-resolv-conf\n hold valid 10s\n hold other 10s\n hold refused 10s\n hold nx 10s\n hold timeout 10s\n" |
|
haproxy.includes."prometheus.cfg" | string | "frontend prometheus\n bind *:8404\n mode http\n http-request use-service prometheus-exporter if { path /metrics }\n no log\n stats enable\n stats uri /stats\n stats refresh 10s\n stats auth admin:letmein\n" |
|
haproxy.livenessProbe.failureThreshold | int | 3 |
|
haproxy.livenessProbe.initialDelaySeconds | int | 0 |
|
haproxy.livenessProbe.periodSeconds | int | 10 |
|
haproxy.livenessProbe.successThreshold | int | 1 |
|
haproxy.livenessProbe.tcpSocket.port | int | 8404 |
|
haproxy.livenessProbe.timeoutSeconds | int | 1 |
|
haproxy.readinessProbe.failureThreshold | int | 3 |
|
haproxy.readinessProbe.initialDelaySeconds | int | 0 |
|
haproxy.readinessProbe.periodSeconds | int | 10 |
|
haproxy.readinessProbe.successThreshold | int | 1 |
|
haproxy.readinessProbe.tcpSocket.port | int | 8404 |
|
haproxy.readinessProbe.timeoutSeconds | int | 1 |
|
haproxy.replicaCount | int | 1 |
|
haproxy.resources.requests.cpu | string | "10m" |
|
haproxy.resources.requests.memory | string | "48Mi" |
|
haproxy.securityContext.allowPrivilegeEscalation | bool | false |
|
haproxy.securityContext.capabilities.drop[0] | string | "ALL" |
|
haproxy.securityContext.enabled | bool | true |
|
haproxy.securityContext.runAsGroup | int | 1000 |
|
haproxy.securityContext.runAsNonRoot | bool | true |
|
haproxy.securityContext.runAsUser | int | 1000 |
|
haproxy.securityContext.seccompProfile.type | string | "RuntimeDefault" |
|
haproxy.serviceMonitor.enabled | bool | false |
|
haproxy.serviceMonitor.endpoints[0].interval | string | "30s" |
|
haproxy.serviceMonitor.endpoints[0].params.no-maint[0] | string | "empty" |
|
haproxy.serviceMonitor.endpoints[0].path | string | "/metrics" |
|
haproxy.serviceMonitor.endpoints[0].port | string | "prometheus" |
|
haproxy.serviceMonitor.endpoints[0].scheme | string | "http" |
|
metallb.controller.nodeSelector."node-role.kubernetes.io/control-plane" | string | "" |
|
metallb.controller.tolerations[0].effect | string | "NoSchedule" |
|
metallb.controller.tolerations[0].key | string | "node-role.kubernetes.io/control-plane" |
|
metallb.enabled | bool | false |
|
metallb.ipAddressPools | list | [] |
|
multus.clusterNetwork | string | "cilium" |
|
multus.defaultNetworks | list | [] |
|
multus.enabled | bool | false |
|
multus.image.repository | string | "ghcr.io/k8snetworkplumbingwg/multus-cni" |
|
multus.image.tag | string | "v3.9.3" |
|
multus.readinessindicatorfile | string | "/etc/cni/net.d/05-cilium.conflist" |