mirror of https://git.rancher.io/rke2-charts
207 lines
7.0 KiB
Diff
207 lines
7.0 KiB
Diff
--- charts-original/values.yaml
|
|
+++ charts/values.yaml
|
|
@@ -152,12 +152,10 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/cilium"
|
|
+ repository: "rancher/mirrored-cilium-cilium"
|
|
tag: "v1.16.3"
|
|
pullPolicy: "IfNotPresent"
|
|
- # cilium-digest
|
|
- digest: "sha256:62d2a09bbef840a46099ac4c69421c90f84f28d018d479749049011329aa7f28"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
# -- Affinity for cilium-agent.
|
|
affinity:
|
|
podAntiAffinity:
|
|
@@ -581,7 +579,10 @@
|
|
# - flannel
|
|
# - generic-veth
|
|
# - portmap
|
|
- chainingMode: ~
|
|
+
|
|
+ # Otherwise rke2 hostPort does not work! Used for nginx
|
|
+ chainingMode: portmap
|
|
+
|
|
# @schema
|
|
# type: [null, string]
|
|
# @schema
|
|
@@ -1011,10 +1012,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/certgen"
|
|
+ repository: "rancher/mirrored-cilium-certgen"
|
|
tag: "v0.2.0"
|
|
- digest: "sha256:169d93fd8f2f9009db3b9d5ccd37c2b753d0989e1e7cd8fe79f9160c459eef4f"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- Seconds after which the completed job pod will be deleted
|
|
ttlSecondsAfterFinished: 1800
|
|
@@ -1035,7 +1035,7 @@
|
|
affinity: {}
|
|
hubble:
|
|
# -- Enable Hubble (true by default).
|
|
- enabled: true
|
|
+ enabled: false
|
|
# -- Annotations to be added to all top-level hubble objects (resources under templates/hubble)
|
|
annotations: {}
|
|
# -- Buffer size of the channel Hubble uses to receive monitor events. If this
|
|
@@ -1312,11 +1312,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/hubble-relay"
|
|
+ repository: "rancher/mirrored-cilium-hubble-relay"
|
|
tag: "v1.16.3"
|
|
- # hubble-relay-digest
|
|
- digest: "sha256:feb60efd767e0e7863a94689f4a8db56a0acc7c1d2b307dee66422e3dc25a089"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- Specifies the resources for the hubble-relay pods
|
|
resources: {}
|
|
@@ -1561,10 +1559,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/hubble-ui-backend"
|
|
+ repository: "rancher/mirrored-cilium-hubble-ui-backend"
|
|
tag: "v0.13.1"
|
|
- digest: "sha256:0e0eed917653441fded4e7cdb096b7be6a3bddded5a2dd10812a27b1fc6ed95b"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- Hubble-ui backend security context.
|
|
securityContext: {}
|
|
@@ -1595,10 +1592,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/hubble-ui"
|
|
+ repository: "rancher/mirrored-cilium-hubble-ui"
|
|
tag: "v0.13.1"
|
|
- digest: "sha256:e2e9313eb7caf64b0061d9da0efbdad59c6c461f6ca1752768942bfeda0796c6"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- Hubble-ui frontend security context.
|
|
securityContext: {}
|
|
@@ -1772,7 +1768,7 @@
|
|
ipam:
|
|
# -- Configure IP Address Management mode.
|
|
# ref: https://docs.cilium.io/en/stable/network/concepts/ipam/
|
|
- mode: "cluster-pool"
|
|
+ mode: "kubernetes"
|
|
# -- Maximum rate at which the CiliumNode custom resource is updated.
|
|
ciliumNodeUpdateRate: "15s"
|
|
operator:
|
|
@@ -2066,7 +2062,7 @@
|
|
port: 6060
|
|
# -- Configure prometheus metrics on the configured port at /metrics
|
|
prometheus:
|
|
- enabled: false
|
|
+ enabled: true
|
|
port: 9962
|
|
serviceMonitor:
|
|
# -- Enable service monitors.
|
|
@@ -2130,9 +2126,9 @@
|
|
# type: [null, boolean]
|
|
# @schema
|
|
# -- Enable Envoy Proxy in standalone DaemonSet.
|
|
- # This field is enabled by default for new installation.
|
|
- # @default -- `true` for new installation
|
|
- enabled: ~
|
|
+ # This field is disabled by default.
|
|
+ # @default -- `false`
|
|
+ enabled: false
|
|
# -- (int)
|
|
# Set Envoy'--base-id' to use when allocating shared memory regions.
|
|
# Only needs to be changed if multiple Envoy instances will run on the same node and may have conflicts. Supported values: 0 - 4294967295. Defaults to '0'
|
|
@@ -2161,11 +2157,10 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/cilium-envoy"
|
|
+ repository: "rancher/mirrored-cilium-cilium-envoy"
|
|
tag: "v1.29.9-1728346947-0d05e48bfbb8c4737ec40d5781d970a550ed2bbd"
|
|
pullPolicy: "IfNotPresent"
|
|
- digest: "sha256:42614a44e508f70d03a04470df5f61e3cffd22462471a0be0544cf116f2c50ba"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
# -- Additional containers added to the cilium Envoy DaemonSet.
|
|
extraContainers: []
|
|
# -- Additional envoy container arguments.
|
|
@@ -2477,17 +2472,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/operator"
|
|
+ repository: "rancher/mirrored-cilium-operator"
|
|
tag: "v1.16.3"
|
|
- # operator-generic-digest
|
|
- genericDigest: "sha256:6e2925ef47a1c76e183c48f95d4ce0d34a1e5e848252f910476c3e11ce1ec94b"
|
|
- # operator-azure-digest
|
|
- azureDigest: "sha256:2882aaf03c32525a99181b7c065b2bb19c03eba6626fc736aebe368d90791542"
|
|
- # operator-aws-digest
|
|
- awsDigest: "sha256:47f5abc5fa528472d3509c3199d7aab1e120833fb68df455e3b4476916385916"
|
|
- # operator-alibabacloud-digest
|
|
- alibabacloudDigest: "sha256:d80a785c0e807fc708264a3fcb19be404114f619fd756dd5214f4cad5a281898"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
suffix: ""
|
|
# -- Number of replicas to run for the cilium-operator deployment
|
|
@@ -2656,8 +2643,7 @@
|
|
# @schema
|
|
# -- Taint nodes where Cilium is scheduled but not running. This prevents pods
|
|
# from being scheduled to nodes where Cilium is not the default CNI provider.
|
|
- # @default -- same as removeNodeTaints
|
|
- setNodeTaints: ~
|
|
+ setNodeTaints: false
|
|
# -- Set Node condition NetworkUnavailable to 'false' with the reason
|
|
# 'CiliumIsUp' for nodes that have a healthy Cilium pod.
|
|
setNodeNetworkStatus: true
|
|
@@ -2761,11 +2747,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/cilium"
|
|
+ repository: "rancher/mirrored-cilium-cilium"
|
|
tag: "v1.16.3"
|
|
- # cilium-digest
|
|
- digest: "sha256:62d2a09bbef840a46099ac4c69421c90f84f28d018d479749049011329aa7f28"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- The priority class to use for the preflight pod.
|
|
priorityClassName: ""
|
|
@@ -2910,11 +2894,9 @@
|
|
# type: [null, string]
|
|
# @schema
|
|
override: ~
|
|
- repository: "quay.io/cilium/clustermesh-apiserver"
|
|
+ repository: "rancher/mirrored-cilium-clustermesh-apiserver"
|
|
tag: "v1.16.3"
|
|
- # clustermesh-apiserver-digest
|
|
- digest: "sha256:598cb4fd30b47bf2bc229cd6a011e451cf14753e56a80bb9ef01a09a519f52fb"
|
|
- useDigest: true
|
|
+ useDigest: false
|
|
pullPolicy: "IfNotPresent"
|
|
# -- TCP port for the clustermesh-apiserver health API.
|
|
healthPort: 9880
|
|
@@ -3555,3 +3537,11 @@
|
|
agentSocketPath: /run/spire/sockets/agent/agent.sock
|
|
# -- SPIRE connection timeout
|
|
connectionTimeout: 30s
|
|
+
|
|
+portmapPlugin:
|
|
+ image:
|
|
+ repository: "rancher/hardened-cni-plugins"
|
|
+ tag: "v1.5.1-build20241009"
|
|
+
|
|
+global:
|
|
+ systemDefaultRegistry: ""
|