# For additional information on installing the k8-bigip-ctlr please see:
# Kubernetes: https://clouddocs.f5.com/containers/latest/userguide/kubernetes/#cis-installation
# OpenShift: https://clouddocs.f5.com/containers/latest/userguide/openshift/#cis-installation
#
# access / permissions / RBAC
# To create a secret using kubectl see
# https://clouddocs.f5.com/containers/latest/userguide/kubernetes/#installing-cis-manually
bigip_login_secret: f5-bigip-ctlr-login

bigip_secret:
  create: false
  username:
  password:

rbac:
  create: true
serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: f5-bigip-ctlr-serviceaccount
# This namespace is where the Controller lives;
namespace: kube-system

ingressClass:
  create: true
  ingressClassName: f5
  isDefaultIngressController: true
args:
  # See https://clouddocs.f5.com/containers/latest/userguide/config-parameters.html
  # NOTE: helm has difficulty with values using `-`; `_` are used for naming
  # and are replaced with `-` during rendering.
  # REQUIRED Params
  bigip_url: ~
  bigip_partition: f5-bigip-ctlr
  # OPTIONAL PARAMS -- uncomment and provide values for those you wish to use.
  # verify_interval:
  # node-poll_interval:
  # log_level:
  # python_basedir: ~
  # VXLAN
  # openshift_sdn_name:
  # flannel_name:
  # KUBERNETES
  # default_ingress_ip:
  # kubeconfig:
  # namespaces: ["foo", "bar"]
  # namespace_label:
  # node_label_selector:
  # pool_member_type:
  # resolve_ingress_names:
  # running_in_cluster:
  # use_node_internal:
  # use_secrets:
  # insecure: true
  # custom-resource-mode: true
  # log-as3-response: true
  # gtm-bigip-password
  # gtm-bigip-url
  # gtm-bigip-username
  # ipam : true

image:
  # Use the tag to target a specific version of the Controller
  user: f5networks
  repo: k8s-bigip-ctlr
  pullPolicy: Always
version: latest
# affinity:
#   nodeAffinity:
#     requiredDuringSchedulingIgnoredDuringExecution:
#       nodeSelectorTerms:
#       - matchExpressions:
#         - key: kubernetes.io/arch
#           operator: Exists
# securityContext:
#   runAsUser: 1000
#   runAsGroup: 3000
#   fsGroup: 2000
# If you want to specify resources, uncomment the following
# limits_cpu: 100m
# limits_memory: 512Mi
# requests_cpu: 100m
# requests_memory: 512Mi
# Set podSecurityContext for Pod Security Admission and Pod Security Standards
# podSecurityContext:
#   runAsUser: 1000
#   runAsGroup: 1000
#   privileged: true