2021-08-02 22:34:28 +00:00
questions :
#image configurations
- variable : registry
2022-05-11 22:49:55 +00:00
default : "docker.io"
2021-08-02 22:34:28 +00:00
description : image registry
type : string
label : Image Registry
group : "Container Images"
- variable : tag
2022-11-02 01:59:34 +00:00
default : "5.0.4"
2021-08-02 22:34:28 +00:00
description : image tag for controller enforcer manager
type : string
label : Image Tag
group : "Container Images"
- variable : controller.image.repository
default : "neuvector/controller"
description : controller image repository
type : string
label : Controller image path
group : "Container Images"
- variable : manager.image.repository
default : "neuvector/manager"
description : manager image repository
type : string
label : Manager image path
group : "Container Images"
- variable : enforcer.image.repository
default : "neuvector/enforcer"
description : enforcer image repository
type : string
label : Enforcer image path
group : "Container Images"
- variable : cve.scanner.image.repository
default : "neuvector/scanner"
description : scanner image repository
type : string
label : Scanner image path
group : "Container Images"
- variable : cve.updater.image.repository
default : "neuvector/updater"
description : cve updater image repository
type : string
label : CVE Updater image path
group : "Container Images"
2021-12-28 01:11:35 +00:00
#Container Runtime configurations
- variable : docker.enabled
default : true
description : Docker runtime. Enable only one runtime.
type : boolean
label : Docker Runtime
show_subquestion_if : true
group : "Container Runtime"
subquestions :
- variable : docker.path
default : "/var/run/docker.sock"
description : "Docker Runtime Path"
type : string
label : Runtime Path
- variable : containerd.enabled
default : "false"
description : Containerd runtime. Enable only one runtime.
type : boolean
label : Containerd Runtime
show_subquestion_if : true
group : "Container Runtime"
subquestions :
- variable : containerd.path
default : " /var/run/containerd/containerd.sock"
description : "Containerd Runtime Path"
type : string
label : Runtime Path
- variable : crio.enabled
default : "false"
2022-02-24 00:15:44 +00:00
description : CRI-O runtime. Enable only one runtime.
2021-12-28 01:11:35 +00:00
type : boolean
2022-02-24 00:15:44 +00:00
label : CRI-O Runtime
2021-12-28 01:11:35 +00:00
show_subquestion_if : true
group : "Container Runtime"
subquestions :
- variable : crio.path
default : "/var/run/crio/crio.sock"
2022-02-24 00:15:44 +00:00
description : "CRI-O Runtime Path"
type : string
label : Runtime Path
- variable : k3s.enabled
default : "false"
2022-11-02 01:59:34 +00:00
description : k3s containerd runtime. Enable only one runtime.
2022-02-24 00:15:44 +00:00
type : boolean
2022-11-02 01:59:34 +00:00
label : k3s Containerd Runtime
2022-02-24 00:15:44 +00:00
show_subquestion_if : true
group : "Container Runtime"
subquestions :
- variable : k3s.runtimePath
default : " /run/k3s/containerd/containerd.sock"
2022-11-02 01:59:34 +00:00
description : "k3s Containerd Runtime Path"
2021-12-28 01:11:35 +00:00
type : string
label : Runtime Path
2021-08-02 22:34:28 +00:00
#storage configurations
- variable : controller.pvc.enabled
default : false
description : If true, enable persistence for controller using PVC
type : boolean
label : PVC status
group : "PVC Configuration"
- variable : controller.pvc.storageClass
default : ""
description : Storage Class to be used
type : string
label : Storage Class Name
group : "PVC Configuration"
#ingress configurations
- variable : manager.ingress.enabled
default : false
description : If true, create ingress, must also set ingress host value
type : boolean
2022-08-09 02:36:12 +00:00
label : Manager Ingress Status
2021-08-02 22:34:28 +00:00
group : "Ingress Configuration"
2022-08-09 02:36:12 +00:00
show_subquestion_if : true
subquestions :
- variable : manager.ingress.host
default : ""
description : Must set this host value if ingress is enabled
type : string
label : Manager Ingress Host
group : "Ingress Configuration"
- variable : manager.ingress.path
default : "/"
description : Set ingress path
type : string
label : Manager Ingress Path
group : "Ingress Configuration"
- variable : manager.ingress.annotations
default : "{}"
description : Add annotations to ingress to influence behavior. Please use the 'Edit as YAML' feature in the Rancher UI to add single or multiple lines of annotation
type : string
label : Manager Ingress Annotations
group : "Ingress Configuration"
2021-08-02 22:34:28 +00:00
- variable : controller.ingress.enabled
default : false
description : If true, create ingress for rest api, must also set ingress host value
type : boolean
2022-08-09 02:36:12 +00:00
label : Controller Ingress Status
2021-08-02 22:34:28 +00:00
group : "Ingress Configuration"
2022-08-09 02:36:12 +00:00
show_subquestion_if : true
subquestions :
- variable : controller.ingress.host
default : ""
description : Must set this host value if ingress is enabled
type : string
label : Controller Ingress Host
group : "Ingress Configuration"
- variable : controller.ingress.path
default : "/"
description : Set ingress path
type : string
label : Controller Ingress Path
group : "Ingress Configuration"
- variable : controller.ingress.annotations
default : "{}"
description : Add annotations to ingress to influence behavior. Please use the 'Edit as YAML' feature in the Rancher UI to add single or multiple lines of annotation
type : string
label : Controller Ingress Annotations
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.enabled
default : false
description : If true, create ingress for rest api, must also set ingress host value
type : boolean
label : Controller Federation Master Service Ingress Status
2021-08-02 22:34:28 +00:00
group : "Ingress Configuration"
2022-08-09 02:36:12 +00:00
show_subquestion_if : true
subquestions :
- variable : controller.federation.mastersvc.ingress.tls
default : false
description : If true, TLS is enabled for controller federation master ingress service
type : boolean
label : Controller Federation Master Service Ingress TLS Status
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.host
default : ""
description : Must set this host value if ingress is enabled
type : string
label : Controller Federation Master Service Ingress Host
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.path
default : "/"
description : Set ingress path
type : string
label : Controller Federation Master Service Ingress Path
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.ingressClassName
default : ""
description : To be used instead of the ingress.class annotation if an IngressClass is provisioned
type : string
label : Controller Federation Master Service Ingress IngressClassName
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.secretName
default : ""
description : Name of the secret to be used for TLS-encryption
type : string
label : Controller Federation Master Service Ingress SecretName
group : "Ingress Configuration"
- variable : controller.federation.mastersvc.ingress.annotations
default : "{}"
description : Add annotations to ingress to influence behavior. Please use the 'Edit as YAML' feature in the Rancher UI to add single or multiple lines of annotation
type : string
label : Controller Federation Master Service Ingress Annotations
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.enabled
default : false
description : If true, create ingress for rest api, must also set ingress host value
type : boolean
label : Controller Federation Managed Service Ingress Status
2021-08-02 22:34:28 +00:00
group : "Ingress Configuration"
2022-08-09 02:36:12 +00:00
show_subquestion_if : true
subquestions :
- variable : controller.federation.managedsvc.ingress.tls
default : false
description : If true, TLS is enabled for controller federation managed ingress service
type : boolean
label : Controller Federation Managed Service Ingress TLS Status
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.host
default : ""
description : Must set this host value if ingress is enabled
type : string
label : Controller Federation Managed Service Ingress Host
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.path
default : "/"
description : Set ingress path
type : string
label : Controller Federation Managed Service Ingress Path
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.ingressClassName
default : ""
description : To be used instead of the ingress.class annotation if an IngressClass is provisioned
type : string
label : Controller Federation Managed Service Ingress IngressClassName
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.secretName
default : ""
description : Name of the secret to be used for TLS-encryption
type : string
label : Controller Federation Managed Service Ingress SecretName
group : "Ingress Configuration"
- variable : controller.federation.managedsvc.ingress.annotations
default : "{}"
description : Add annotations to ingress to influence behavior. Please use the 'Edit as YAML' feature in the Rancher UI to add single or multiple lines of annotation
type : string
label : Controller Federation Managed Service Ingress Annotations
group : "Ingress Configuration"
2021-08-02 22:34:28 +00:00
#service configurations
- variable : manager.svc.type
default : "NodePort"
description : Set manager service type for native Kubernetes
type : enum
label : Manager service type
group : "Service Configuration"
options :
- "NodePort"
- "ClusterIP"
- "LoadBalancer"
- variable : controller.federation.mastersvc.type
default : ""
2022-08-09 02:36:12 +00:00
description : Multi-cluster master cluster service type. If specified, the deployment will be used to manage other clusters. Possible values include NodePort, LoadBalancer and ClusterIP
2021-08-02 22:34:28 +00:00
type : enum
label : Fed Master Service Type
group : "Service Configuration"
options :
- "NodePort"
2022-08-09 02:36:12 +00:00
- "ClusterIP"
2021-08-02 22:34:28 +00:00
- "LoadBalancer"
- variable : controller.federation.managedsvc.type
default : ""
2022-08-09 02:36:12 +00:00
description : Multi-cluster managed cluster service type. If specified, the deployment will be managed by the master clsuter. Possible values include NodePort, LoadBalancer and ClusterIP
2021-08-02 22:34:28 +00:00
type : enum
label : Fed Managed service type
group : "Service Configuration"
options :
- "NodePort"
2022-08-09 02:36:12 +00:00
- "ClusterIP"
2021-08-02 22:34:28 +00:00
- "LoadBalancer"
- variable : controller.apisvc.type
default : "NodePort"
description : Controller REST API service type
type : enum
label : Controller REST API Service Type
group : "Service Configuration"
options :
- "NodePort"
- "ClusterIP"
- "LoadBalancer"
2022-08-09 02:36:12 +00:00
#Other Configuration
- variable : psp
default : "false"
description : NeuVector Pod Security Policy when psp policy is enabled
type : boolean
label : Pod Security Policy
group : "Other Configuration"
- variable : manager.runAsUser
default : ""
description : Specify the run as User ID
type : int
label : Manager runAsUser ID
group : "Other Configuration"
- variable : cve.scanner.runAsUser
default : ""
description : Specify the run as User ID
type : int
label : Scanner runAsUser ID
group : "Other Configuration"
- variable : cve.updater.runAsUser
default : ""
description : Specify the run as User ID
type : int
label : Updater runAsUser ID
group : "Other Configuration"
