kubezero: global: # kubezero.global.defaultDestination -- Destination cluster defaultDestination: server: https://kubernetes.default.svc # This repoURL is used a base for all the repoURLs applications # Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be # integrated into any repository as a git subtree if for example public internet access is unavailable defaultSource: # kubezero.global.defaultSource.repoURL -- default repository for argocd applications repoURL: https://github.com/zero-down-time/kubezero # kubezero.global.defaultSource.targetRevision -- default tracking of repoURL targetRevision: HEAD # kubezero.global.defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees pathPrefix: '' # syncPolicy, details see: https://argoproj.github.io/argo-cd/user-guide/auto_sync #syncPolicy: # automated: # prune: true argo-cd: installCRDs: false #configs: # secret: # `htpasswd -nbBC 10 "" $ARGO_PWD | tr -d ':\n' | sed 's/$2y/$2a/'` # argocdServerAdminPassword: "$2a$10$ivKzaXVxMqdeDSfS3nqi1Od3iDbnL7oXrixzDfZFRHlXHnAG6LydG" # argocdServerAdminPasswordMtime: "2020-04-24T15:33:09BST" global: image: tag: v1.7.5 controller: args: statusProcessors: "4" operationProcessors: "2" appResyncPeriod: "300" metrics: enabled: false serviceMonitor: enabled: true namespace: monitoring additionalLabels: release: metrics # controller to masters nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule resources: limits: # cpu: 500m memory: 1536Mi requests: cpu: 100m memory: 256Mi repoServer: metrics: enabled: false serviceMonitor: enabled: true namespace: monitoring additionalLabels: release: metrics nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule server: config: # argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio url: argocd.example.com resource.customizations: | cert-manager.io/Certificate: # Lua script for customizing the health status assessment health.lua: | hs = {} if obj.status ~= nil then if obj.status.conditions ~= nil then for i, condition in ipairs(obj.status.conditions) do if condition.type == "Ready" and condition.status == "False" then hs.status = "Degraded" hs.message = condition.message return hs end if condition.type == "Ready" and condition.status == "True" then hs.status = "Healthy" hs.message = condition.message return hs end end end end hs.status = "Progressing" hs.message = "Waiting for certificate" return hs # Rename former https port to grpc, works with istio + insecure service: servicePortHttpsName: grpc metrics: enabled: false serviceMonitor: enabled: true namespace: monitoring additionalLabels: release: metrics extraArgs: - --insecure nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule redis: nodeSelector: node-role.kubernetes.io/master: "" tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule dex: enabled: false istio: # argo-cd.istio.enabled -- Deploy Istio VirtualService to expose ArgoCD enabled: false # argo-cd.istio.gateway -- Name of the Istio gateway to add the VirtualService to gateway: istio-system/ingressgateway ipBlocks: []