rancher-charts/charts/rancher-gatekeeper/100.1.0+up3.7.1/values.yaml

109 lines
2.4 KiB
YAML
Raw Normal View History

2022-04-20 04:13:18 +00:00
replicas: 3
auditInterval: 300
auditMatchKindOnly: false
constraintViolationsLimit: 20
auditFromCache: false
disableMutation: false
disableValidatingWebhook: false
validatingWebhookTimeoutSeconds: 3
validatingWebhookFailurePolicy: Ignore
validatingWebhookCheckIgnoreFailurePolicy: Fail
enableDeleteOperations: false
enableExternalData: false
mutatingWebhookFailurePolicy: Ignore
mutatingWebhookTimeoutSeconds: 3
auditChunkSize: 500
logLevel: INFO
logDenies: false
emitAdmissionEvents: false
emitAuditEvents: false
resourceQuota: true
postInstall:
labelNamespace:
enabled: true
image:
repository: rancher/kubectl
tag: v1.20.2
pullPolicy: IfNotPresent
pullSecrets: []
images:
gatekeeper:
repository: rancher/mirrored-openpolicyagent-gatekeeper
tag: v3.7.1
gatekeepercrd:
repository: rancher/mirrored-openpolicyagent-gatekeeper-crds
tag: v3.7.1
pullPolicy: IfNotPresent
pullSecrets: []
podAnnotations:
{ container.seccomp.security.alpha.kubernetes.io/manager: runtime/default }
podLabels: {}
podCountLimit: 100
secretAnnotations: {}
controllerManager:
exemptNamespaces: []
exemptNamespacePrefixes: []
hostNetwork: false
dnsPolicy: ClusterFirst
port: 8443
metricsPort: 8888
healthPort: 9090
priorityClassName: system-cluster-critical
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: gatekeeper.sh/operation
operator: In
values:
- webhook
topologyKey: kubernetes.io/hostname
weight: 100
tolerations: []
nodeSelector: { kubernetes.io/os: linux }
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
audit:
hostNetwork: false
dnsPolicy: ClusterFirst
metricsPort: 8888
healthPort: 9090
priorityClassName: system-cluster-critical
affinity: {}
tolerations: []
nodeSelector: { kubernetes.io/os: linux }
writeToRAMDisk: false
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
crds:
resources: {}
pdb:
controllerManager:
minAvailable: 1
global:
cattle:
systemDefaultRegistry: ""
kubectl:
repository: rancher/kubectl
tag: v1.20.2
service: {}
disabledBuiltins:
psp:
enabled: true
upgradeCRDs:
enabled: true
rbac:
create: true