rke2-charts/packages/rke2-ingress-nginx/generated-changes/patch/values.yaml.patch

130 lines
5.2 KiB
Diff

--- charts-original/values.yaml
+++ charts/values.yaml
@@ -18,14 +18,11 @@
image:
## Keep false as default for now!
chroot: false
- registry: k8s.gcr.io
- image: ingress-nginx/controller
+ repository: rancher/nginx-ingress-controller
## for backwards compatibility consider setting the full image url via the repository value below
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
## repository:
- tag: "v1.2.0"
- digest: sha256:d8196e3bc1e72547c5dec66d6556c0ff92a23f6d0919b206be170bc90d5f9185
- digestChroot: sha256:fb17f1700b77d4fcc52ca6f83ffc2821861ae887dbb87149cf5cbc52bea425e5
+ tag: "nginx-1.2.1-hardened7"
pullPolicy: IfNotPresent
# www-data -> uid 101
runAsUser: 101
@@ -35,7 +32,7 @@
existingPsp: ""
# -- Configures the controller container name
- containerName: controller
+ containerName: rke2-ingress-nginx-controller
# -- Configures the ports that the nginx-controller listens on
containerPort:
@@ -63,7 +60,7 @@
# -- Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'.
# By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller
# to keep resolving names inside the k8s network, use ClusterFirstWithHostNet.
- dnsPolicy: ClusterFirst
+ dnsPolicy: ClusterFirstWithHostNet
# -- Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network
# Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply
@@ -72,7 +69,7 @@
# -- Process Ingress objects without ingressClass annotation/ingressClassName field
# Overrides value for --watch-ingress-without-class flag of the controller binary
# Defaults to false
- watchIngressWithoutClass: false
+ watchIngressWithoutClass: true
# -- Process IngressClass per name (additionally as per spec.controller).
ingressClassByName: false
@@ -81,7 +78,7 @@
# their own *-snippet annotations, otherwise this is forbidden / dropped
# when users add those annotations.
# Global snippets in ConfigMap are still respected
- allowSnippetAnnotations: true
+ allowSnippetAnnotations: false
# -- Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
# since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
@@ -92,7 +89,7 @@
## Disabled by default
hostPort:
# -- Enable 'hostPort' or not
- enabled: false
+ enabled: true
ports:
# -- 'hostPort' http port
http: 80
@@ -141,7 +138,7 @@
# node or nodes where an ingress controller pod is running.
publishService:
# -- Enable 'publishService' or not
- enabled: true
+ enabled: false
# -- Allows overriding of the publish service to bind to
# Must be <namespace>/<service_name>
pathOverride: ""
@@ -191,7 +188,7 @@
# name: secret-resource
# -- Use a `DaemonSet` or `Deployment`
- kind: Deployment
+ kind: DaemonSet
# -- Annotations to be added to the controller Deployment or DaemonSet
##
@@ -441,7 +438,7 @@
configMapKey: ""
service:
- enabled: true
+ enabled: false
# -- If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were
# using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
@@ -630,13 +627,11 @@
patch:
enabled: true
image:
- registry: k8s.gcr.io
- image: ingress-nginx/kube-webhook-certgen
+ repository: rancher/mirrored-ingress-nginx-kube-webhook-certgen
## for backwards compatibility consider setting the full image url via the repository value below
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
## repository:
tag: v1.1.1
- digest: sha256:64d8c73dca984af206adf9d6d7e46aa550362b1d7a01f3a0a91b20cc67868660
pullPolicy: IfNotPresent
# -- Provide a priority class name to the webhook patching job
##
@@ -757,12 +752,11 @@
name: defaultbackend
image:
- registry: k8s.gcr.io
- image: defaultbackend-amd64
+ repository: rancher/nginx-ingress-controller-defaultbackend
## for backwards compatibility consider setting the full image url via the repository value below
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
## repository:
- tag: "1.5"
+ tag: "1.5-rancher1"
pullPolicy: IfNotPresent
# nobody user -> uid 65534
runAsUser: 65534
@@ -924,3 +918,6 @@
# This can be generated with: `openssl dhparam 4096 2> /dev/null | base64`
## Ref: https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/ssl-dh-param
dhParam:
+
+global:
+ systemDefaultRegistry: ""
\ No newline at end of file