2024-05-03 13:00:24 +00:00
--- charts-original/values.yaml
+++ charts/values.yaml
2024-07-25 16:44:30 +00:00
@@ -152,12 +152,10 @@
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/cilium"
+ repository: "rancher/mirrored-cilium-cilium"
tag: "CILIUM_IMAGE_VERSION"
pullPolicy: "IfNotPresent"
- # cilium-digest
- digest: "CILIUM_IMAGE_DIGEST"
- useDigest: true
+ useDigest: false
# -- Affinity for cilium-agent.
affinity:
2024-07-25 16:44:30 +00:00
podAntiAffinity:
@@ -581,7 +579,10 @@
2024-05-03 13:00:24 +00:00
# - flannel
# - generic-veth
# - portmap
- chainingMode: ~
2024-07-25 16:44:30 +00:00
+
2024-05-03 13:00:24 +00:00
+ # Otherwise rke2 hostPort does not work! Used for nginx
+ chainingMode: portmap
+
2024-07-25 16:44:30 +00:00
# @schema
# type: [null, string]
# @schema
@@ -1011,10 +1012,9 @@
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/certgen"
+ repository: "rancher/mirrored-cilium-certgen"
tag: "CILIUM_CERTGEN_VERSION"
- digest: "CILIUM_CERTGEN_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Seconds after which the completed job pod will be deleted
ttlSecondsAfterFinished: 1800
2024-07-25 16:44:30 +00:00
@@ -1035,7 +1035,7 @@
affinity: {}
2024-05-03 13:00:24 +00:00
hubble:
# -- Enable Hubble (true by default).
- enabled: true
+ enabled: false
# -- Annotations to be added to all top-level hubble objects (resources under templates/hubble)
annotations: {}
2024-07-25 16:44:30 +00:00
# -- Buffer size of the channel Hubble uses to receive monitor events. If this
2024-08-19 13:57:33 +00:00
@@ -1312,11 +1312,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/hubble-relay"
+ repository: "rancher/mirrored-cilium-hubble-relay"
tag: "CILIUM_HUBBLE_RELAY_VERSION"
2024-07-25 16:44:30 +00:00
- # hubble-relay-digest
2024-05-03 13:00:24 +00:00
- digest: "CILIUM_HUBBLE_RELAY_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Specifies the resources for the hubble-relay pods
2024-07-25 16:44:30 +00:00
resources: {}
2024-08-19 13:57:33 +00:00
@@ -1561,10 +1559,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/hubble-ui-backend"
+ repository: "rancher/mirrored-cilium-hubble-ui-backend"
tag: "CILIUM_HUBBLE_UI_BACKEND_VERSION"
- digest: "CILIUM_HUBBLE_UI_BACKEND_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Hubble-ui backend security context.
2024-07-25 16:44:30 +00:00
securityContext: {}
2024-08-19 13:57:33 +00:00
@@ -1595,10 +1592,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/hubble-ui"
+ repository: "rancher/mirrored-cilium-hubble-ui"
tag: "CILIUM_HUBBLE_UI_VERSION"
- digest: "CILIUM_HUBBLE_UI_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- Hubble-ui frontend security context.
2024-07-25 16:44:30 +00:00
securityContext: {}
2024-08-19 13:57:33 +00:00
@@ -1772,7 +1768,7 @@
2024-05-03 13:00:24 +00:00
ipam:
# -- Configure IP Address Management mode.
# ref: https://docs.cilium.io/en/stable/network/concepts/ipam/
- mode: "cluster-pool"
+ mode: "kubernetes"
# -- Maximum rate at which the CiliumNode custom resource is updated.
ciliumNodeUpdateRate: "15s"
operator:
2024-08-19 13:57:33 +00:00
@@ -2066,7 +2062,7 @@
2024-07-25 16:44:30 +00:00
port: 6060
2024-05-03 13:00:24 +00:00
# -- Configure prometheus metrics on the configured port at /metrics
prometheus:
- enabled: false
+ enabled: true
port: 9962
serviceMonitor:
# -- Enable service monitors.
2024-09-03 22:00:53 +00:00
@@ -2130,9 +2126,9 @@
# type: [null, boolean]
# @schema
# -- Enable Envoy Proxy in standalone DaemonSet.
- # This field is enabled by default for new installation.
- # @default -- `true` for new installation
- enabled: ~
+ # This field is disabled by default.
+ # @default -- `false`
+ enabled: false
# -- (int)
# Set Envoy'--base-id' to use when allocating shared memory regions.
# Only needs to be changed if multiple Envoy instances will run on the same node and may have conflicts. Supported values: 0 - 4294967295. Defaults to '0'
2024-08-19 13:57:33 +00:00
@@ -2161,11 +2157,10 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/cilium-envoy"
+ repository: "rancher/mirrored-cilium-cilium-envoy"
tag: "CILIUM_ENVOY_VERSION"
pullPolicy: "IfNotPresent"
- digest: "CILIUM_ENVOY_DIGEST"
- useDigest: true
+ useDigest: false
# -- Additional containers added to the cilium Envoy DaemonSet.
extraContainers: []
2024-07-25 16:44:30 +00:00
# -- Additional envoy container arguments.
2024-08-19 13:57:33 +00:00
@@ -2477,17 +2472,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/operator"
+ repository: "rancher/mirrored-cilium-operator"
tag: "CILIUM_OPERATOR_VERSION"
- # operator-generic-digest
- genericDigest: "CILIUM_OPERATOR_DIGEST"
- # operator-azure-digest
- azureDigest: "CILIUM_AZURE_OPERATOR_DIGEST"
- # operator-aws-digest
- awsDigest: "CILIUM_AWS_OPERATOR_DIGEST"
- # operator-alibabacloud-digest
- alibabacloudDigest: "CILIUM_ALIBA_OPERATOR_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
suffix: ""
2024-07-25 16:44:30 +00:00
# -- Number of replicas to run for the cilium-operator deployment
2024-08-19 13:57:33 +00:00
@@ -2656,8 +2643,7 @@
2024-07-25 16:44:30 +00:00
# @schema
2024-05-03 13:00:24 +00:00
# -- Taint nodes where Cilium is scheduled but not running. This prevents pods
# from being scheduled to nodes where Cilium is not the default CNI provider.
- # @default -- same as removeNodeTaints
- setNodeTaints: ~
+ setNodeTaints: false
# -- Set Node condition NetworkUnavailable to 'false' with the reason
# 'CiliumIsUp' for nodes that have a healthy Cilium pod.
2024-07-25 16:44:30 +00:00
setNodeNetworkStatus: true
2024-08-19 13:57:33 +00:00
@@ -2761,11 +2747,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/cilium"
+ repository: "rancher/mirrored-cilium-cilium"
tag: "CILIUM_IMAGE_VERSION"
- # cilium-digest
- digest: "CILIUM_IMAGE_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
# -- The priority class to use for the preflight pod.
2024-07-25 16:44:30 +00:00
priorityClassName: ""
2024-08-19 13:57:33 +00:00
@@ -2910,11 +2894,9 @@
2024-07-25 16:44:30 +00:00
# type: [null, string]
# @schema
2024-05-03 13:00:24 +00:00
override: ~
- repository: "quay.io/cilium/clustermesh-apiserver"
+ repository: "rancher/mirrored-cilium-clustermesh-apiserver"
tag: "CILIUM_CLUSTERMESH_VERSION"
- # clustermesh-apiserver-digest
- digest: "CILIUM_CLUSTERMESH_DIGEST"
- useDigest: true
+ useDigest: false
pullPolicy: "IfNotPresent"
2024-07-25 16:44:30 +00:00
# -- TCP port for the clustermesh-apiserver health API.
healthPort: 9880
2024-08-19 13:57:33 +00:00
@@ -3555,3 +3537,11 @@
2024-05-03 13:00:24 +00:00
agentSocketPath: /run/spire/sockets/agent/agent.sock
# -- SPIRE connection timeout
connectionTimeout: 30s
+
+portmapPlugin:
+ image:
+ repository: "rancher/hardened-cni-plugins"
2024-09-02 10:07:26 +00:00
+ tag: "v1.5.1-build20240830"
2024-05-03 13:00:24 +00:00
+
+global:
+ systemDefaultRegistry: ""
