--- charts-original/values.yaml +++ charts/values.yaml @@ -104,12 +104,10 @@ # -- Agent container image. image: override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" tag: "v1.13.0" pullPolicy: "IfNotPresent" - # cilium-digest - digest: "sha256:6544a3441b086a2e09005d3e21d1a4afb216fae19c5a60b35793c8a9438f8f68" - useDigest: true + useDigest: false # -- Affinity for cilium-agent. affinity: @@ -450,7 +448,9 @@ # - flannel # - generic-veth # - portmap - chainingMode: none + + # Otherwise rke2 hostPort does not work! Used for nginx + chainingMode: portmap # -- Make Cilium take ownership over the `/etc/cni/net.d` directory on the # node, renaming all non-Cilium CNI configurations to `*.cilium_bak`. @@ -797,8 +797,8 @@ certgen: image: override: ~ - repository: "quay.io/cilium/certgen" - tag: "v0.1.8@sha256:4a456552a5f192992a6edcec2febb1c54870d665173a33dc7d876129b199ddbd" + repository: "rancher/mirrored-cilium-certgen" + tag: "v0.1.8" pullPolicy: "IfNotPresent" # -- Seconds after which the completed job pod will be deleted ttlSecondsAfterFinished: 1800 @@ -810,7 +810,7 @@ hubble: # -- Enable Hubble (true by default). - enabled: true + enabled: false # -- Buffer size of the channel Hubble uses to receive monitor events. If this # value is not set, the queue size is set to the default monitor queue size. @@ -973,11 +973,9 @@ # -- Hubble-relay container image. image: override: ~ - repository: "quay.io/cilium/hubble-relay" + repository: "rancher/mirrored-cilium-hubble-relay" tag: "v1.13.0" - # hubble-relay-digest - digest: "sha256:bc00f086285d2d287dd662a319d3dbe90e57179515ce8649425916aecaa9ac3c" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" # -- Specifies the resources for the hubble-relay pods @@ -1175,8 +1173,8 @@ # -- Hubble-ui backend image. image: override: ~ - repository: "quay.io/cilium/hubble-ui-backend" - tag: "v0.10.0@sha256:cc5e2730b3be6f117b22176e25875f2308834ced7c3aa34fb598aa87a2c0a6a4" + repository: "rancher/mirrored-cilium-hubble-ui-backend" + tag: "v0.10.0" pullPolicy: "IfNotPresent" # -- Additional hubble-ui backend environment variables. @@ -1195,8 +1193,8 @@ # -- Hubble-ui frontend image. image: override: ~ - repository: "quay.io/cilium/hubble-ui" - tag: "v0.10.0@sha256:118ad2fcfd07fabcae4dde35ec88d33564c9ca7abe520aa45b1eb13ba36c6e0a" + repository: "rancher/mirrored-cilium-hubble-ui" + tag: "v0.10.0" pullPolicy: "IfNotPresent" # -- Additional hubble-ui frontend environment variables. @@ -1315,7 +1313,7 @@ ipam: # -- Configure IP Address Management mode. # ref: https://docs.cilium.io/en/stable/concepts/networking/ipam/ - mode: "cluster-pool" + mode: "kubernetes" operator: # -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList. # IPv4 CIDR range to delegate to individual nodes for IPAM. @@ -1578,7 +1576,7 @@ # -- Configure prometheus metrics on the configured port at /metrics prometheus: - enabled: false + enabled: true port: 9962 serviceMonitor: # -- Enable service monitors. @@ -1703,8 +1701,8 @@ # -- cilium-etcd-operator image. image: override: ~ - repository: "quay.io/cilium/cilium-etcd-operator" - tag: "v2.0.7@sha256:04b8327f7f992693c2cb483b999041ed8f92efc8e14f2a5f3ab95574a65ea2dc" + repository: "rancher/mirrored-cilium-cilium-etcd-operator" + tag: "v2.0.7" pullPolicy: "IfNotPresent" # -- The priority class to use for cilium-etcd-operator @@ -1797,17 +1795,9 @@ # -- cilium-operator image. image: override: ~ - repository: "quay.io/cilium/operator" + repository: "rancher/mirrored-cilium-operator" tag: "v1.13.0" - # operator-generic-digest - genericDigest: "sha256:4b58d5b33e53378355f6e8ceb525ccf938b7b6f5384b35373f1f46787467ebf5" - # operator-azure-digest - azureDigest: "sha256:ec1246bbbf7125998e2f547fc518ae56ae364dbd3f46812fa325c068cc406bd7" - # operator-aws-digest - awsDigest: "sha256:3cc9ff5bcc57f536427e7059abc916831b368654dfddcbad8a412731984a95e4" - # operator-alibabacloud-digest - alibabacloudDigest: "sha256:0332376a4a6f92ff7936d3b52614f8219a10d6fd46aa14fead8426d0e140f79a" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" suffix: "" @@ -1936,7 +1926,7 @@ # -- Enable prometheus metrics for cilium-operator on the configured port at # /metrics prometheus: - enabled: false + enabled: true port: 9963 serviceMonitor: # -- Enable service monitors. @@ -2053,11 +2043,9 @@ # -- Cilium pre-flight image. image: override: ~ - repository: "quay.io/cilium/cilium" + repository: "rancher/mirrored-cilium-cilium" tag: "v1.13.0" - # cilium-digest - digest: "sha256:6544a3441b086a2e09005d3e21d1a4afb216fae19c5a60b35793c8a9438f8f68" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" # -- The priority class to use for the preflight pod. @@ -2192,19 +2180,17 @@ # -- Clustermesh API server image. image: override: ~ - repository: "quay.io/cilium/clustermesh-apiserver" + repository: "rancher/mirrored-cilium-clustermesh-apiserver" tag: "v1.13.0" - # clustermesh-apiserver-digest - digest: "sha256:f7273ddb4c223e54827d1185d0c8f3b87966b05229358a224cdc3fe11a25fc72" - useDigest: true + useDigest: false pullPolicy: "IfNotPresent" etcd: # -- Clustermesh API server etcd image. image: override: ~ - repository: "quay.io/coreos/etcd" - tag: "v3.5.4@sha256:795d8660c48c439a7c3764c2330ed9222ab5db5bb524d8d0607cac76f7ba82a3" + repository: "rancher/mirrored-coreos-etcd" + tag: "v3.5.4" pullPolicy: "IfNotPresent" # -- Specifies the resources for etcd container in the apiserver @@ -2447,3 +2433,11 @@ sctp: # -- Enable SCTP support. NOTE: Currently, SCTP support does not support rewriting ports or multihoming. enabled: false + +portmapPlugin: + image: + repository: "rancher/hardened-cni-plugins" + tag: "v1.0.1-build20221011" + +global: + systemDefaultRegistry: ""