mirror of https://git.rancher.io/rke2-charts
118 lines
4.3 KiB
Diff
118 lines
4.3 KiB
Diff
--- charts-original/values.yaml
|
|
+++ charts/values.yaml
|
|
@@ -10,13 +10,11 @@
|
|
controller:
|
|
name: controller
|
|
image:
|
|
- registry: k8s.gcr.io
|
|
- image: ingress-nginx/controller
|
|
+ repository: rancher/nginx-ingress-controller
|
|
# for backwards compatibility consider setting the full image url via the repository value below
|
|
# use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
|
# repository:
|
|
- tag: "v1.0.2"
|
|
- digest: sha256:85b53b493d6d658d8c013449223b0ffd739c76d76dc9bf9000786669ec04e049
|
|
+ tag: "nginx-1.0.2-hardened1"
|
|
pullPolicy: IfNotPresent
|
|
# www-data -> uid 101
|
|
runAsUser: 101
|
|
@@ -26,7 +24,7 @@
|
|
existingPsp: ""
|
|
|
|
# Configures the controller container name
|
|
- containerName: controller
|
|
+ containerName: rke2-ingress-nginx-controller
|
|
|
|
# Configures the ports the nginx-controller listens on
|
|
containerPort:
|
|
@@ -55,7 +53,7 @@
|
|
# Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'.
|
|
# By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller
|
|
# to keep resolving names inside the k8s network, use ClusterFirstWithHostNet.
|
|
- dnsPolicy: ClusterFirst
|
|
+ dnsPolicy: ClusterFirstWithHostNet
|
|
|
|
# Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network
|
|
# Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply
|
|
@@ -78,13 +76,13 @@
|
|
# Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
|
|
# since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
|
|
# is merged
|
|
- hostNetwork: false
|
|
+ hostNetwork: true
|
|
|
|
## Use host ports 80 and 443
|
|
## Disabled by default
|
|
##
|
|
hostPort:
|
|
- enabled: false
|
|
+ enabled: true
|
|
ports:
|
|
http: 80
|
|
https: 443
|
|
@@ -126,7 +124,7 @@
|
|
## by the service. If disable, the status field reports the IP address of the
|
|
## node or nodes where an ingress controller pod is running.
|
|
publishService:
|
|
- enabled: true
|
|
+ enabled: false
|
|
## Allows overriding of the publish service to bind to
|
|
## Must be <namespace>/<service_name>
|
|
##
|
|
@@ -177,7 +175,7 @@
|
|
|
|
## DaemonSet or Deployment
|
|
##
|
|
- kind: Deployment
|
|
+ kind: DaemonSet
|
|
|
|
## Annotations to be added to the controller Deployment or DaemonSet
|
|
##
|
|
@@ -427,7 +425,7 @@
|
|
configMapKey: ""
|
|
|
|
service:
|
|
- enabled: true
|
|
+ enabled: false
|
|
|
|
annotations: {}
|
|
labels: {}
|
|
@@ -574,13 +572,12 @@
|
|
patch:
|
|
enabled: true
|
|
image:
|
|
- registry: k8s.gcr.io
|
|
- image: ingress-nginx/kube-webhook-certgen
|
|
+ repository: rancher/mirrored-ingress-nginx-kube-webhook-certgen
|
|
# for backwards compatibility consider setting the full image url via the repository value below
|
|
# use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
|
# repository:
|
|
tag: v1.0
|
|
- digest: sha256:f3b6b39a6062328c095337b4cadcefd1612348fdd5190b1dcbcb9b9e90bd8068
|
|
+ digest: sha256:6b91d0434942504defa54cd50b15cddda0df58b4cc99cf5ec365762f295306ea
|
|
pullPolicy: IfNotPresent
|
|
## Provide a priority class name to the webhook patching job
|
|
##
|
|
@@ -697,12 +694,11 @@
|
|
|
|
name: defaultbackend
|
|
image:
|
|
- registry: k8s.gcr.io
|
|
- image: defaultbackend-amd64
|
|
+ repository: rancher/nginx-ingress-controller-defaultbackend
|
|
# for backwards compatibility consider setting the full image url via the repository value below
|
|
# use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
|
# repository:
|
|
- tag: "1.5"
|
|
+ tag: "1.5-rancher1"
|
|
pullPolicy: IfNotPresent
|
|
# nobody user -> uid 65534
|
|
runAsUser: 65534
|
|
@@ -854,3 +850,6 @@
|
|
# This can be generated with: openssl dhparam 4096 2> /dev/null | base64
|
|
# Ref: https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/ssl-dh-param
|
|
dhParam:
|
|
+
|
|
+global:
|
|
+ systemDefaultRegistry: ""
|