86 lines
4.2 KiB
YAML
86 lines
4.2 KiB
YAML
# -- Allows overriding the name to use instead of "microgateway-cni".
|
|
nameOverride: ""
|
|
# -- Allows overriding the name to use as full name of resources.
|
|
fullnameOverride: ""
|
|
# -- Labels to add to all resources.
|
|
commonLabels: {}
|
|
# -- Annotations to add to all resources.
|
|
commonAnnotations: {}
|
|
# -- ImagePullSecrets to use when pulling images.
|
|
imagePullSecrets: []
|
|
# - name: myRegistryKeySecretName
|
|
|
|
# Specifies the Airlock Microgateway CNI image.
|
|
image:
|
|
# -- Image repository from which to pull the Airlock Microgateway CNI image.
|
|
repository: "quay.io/airlock/microgateway-cni"
|
|
# -- Image tag to pull.
|
|
tag: "4.4.0"
|
|
# -- SHA256 image digest to pull (in the format "sha256:7144f7bab3d4c2648d7e59409f15ec52a18006a128c733fcff20d3a4a54ba44a").
|
|
# Overrides tag when specified.
|
|
digest: "sha256:e9d711dfe75d515ad8bc5ba5e668e7a26c063bd6a291305aac458c2cbd3945f2"
|
|
# -- Pull policy for this image.
|
|
pullPolicy: IfNotPresent
|
|
# -- Annotations to add to all Pods.
|
|
podAnnotations: {}
|
|
# -- Labels to add to all Pods.
|
|
podLabels: {}
|
|
# -- Resource restrictions to apply to the CNI installer container.
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 100Mi
|
|
# -- NodeSelector to apply to the CNI DaemonSet in order to only deploy the CNI plugin on specific nodes.
|
|
nodeSelector:
|
|
kubernetes.io/os: linux
|
|
# -- Custom affinity for the DaemonSet to only deploy the CNI plugin on specific nodes.
|
|
affinity: {}
|
|
# Configures the generation of RBAC Roles and RoleBindings.
|
|
rbac:
|
|
# -- Whether to create RBAC resources which are required for the CNI plugin to function.
|
|
create: true
|
|
# -- (OpenShift) Whether to create RBAC resources which allow the CNI installer to use the "privileged" security context constraint.
|
|
createSCCRole: false
|
|
# -- Whether the DaemonSet should run in privileged mode. Must be enabled for environments which require it for writing files to the host (e.g. OpenShift).
|
|
privileged: false
|
|
# Configures the generation of the ServiceAccount.
|
|
serviceAccount:
|
|
# -- Whether a ServiceAccount should be created.
|
|
create: true
|
|
# -- Annotations to add to the ServiceAccount.
|
|
annotations: {}
|
|
# -- Name of the ServiceAccount to use.
|
|
# If not set and create is true, a name is generated using the fullname template.
|
|
name: ""
|
|
# Configures the generation of a NetworkAttachmentDefinition for use with Multus CNI (OpenShift)
|
|
multusNetworkAttachmentDefinition:
|
|
# -- Whether a NetworkAttachmentDefinition CR should be created, which can be used for applying the CNI plugin to Pods.
|
|
create: false
|
|
# -- Namespace in which the NetworkAttachmentDefinition is deployed.
|
|
# Note: If namespace is set to a custom value, referencing the created NetworkAttachmentDefinition from other namespaces
|
|
# may not work if Multus namespace isolation is enabled. https://github.com/k8snetworkplumbingwg/multus-cni/blob/v4.0.2/docs/configuration.md#namespace-isolation
|
|
namespace: default
|
|
# Parameters for the CNI installer configuration.
|
|
config:
|
|
# -- Whether to install the CNI plugin as a `chained` plugin (default, required with most interface CNI providers),
|
|
# as a `standalone` plugin (required for use with Multus CNI, e.g. on OpenShift)
|
|
# or in `manual` mode, where no CNI network configuration is written.
|
|
installMode: "chained"
|
|
# -- Log level for the CNI installer and plugin.
|
|
logLevel: info
|
|
# -- Directory where the CNI config files reside on the host.
|
|
# This path can either be found in the documentation of your Kubernetes distribution or CNI provider.
|
|
# It can also be queried by running the command `crictl info -o go-template --template '{{.config.cni.confDir}}'` on your Kubernetes node.
|
|
cniNetDir: "/etc/cni/net.d"
|
|
# -- Directory where the CNI plugin binaries reside on the host.
|
|
# This path can either be found in the documentation of your Kubernetes distribution or CNI provider.
|
|
# It can also be queried by running the command `crictl info -o go-template --template '{{.config.cni.binDir}}'` on your Kubernetes node.
|
|
cniBinDir: "/opt/cni/bin"
|
|
# -- Namespaces for which this CNI plugin should not apply any modifications.
|
|
excludeNamespaces:
|
|
- kube-system
|
|
tests:
|
|
# -- Whether additional resources required for running `helm test` should be created (e.g. Roles and ServiceAccounts).
|
|
# If set to false, `helm test` will not run any tests.
|
|
enabled: false
|