Update Cilium application configuration to ignore differences for hubble-server-certs Secret, add Helm value files for better management, and enhance Argo CD kustomization with resource ordering and sync options.
This commit is contained in:
Nikholas Pcenicni
36
clusters/noble/apps/cilium/helm-values.yaml
Normal file
36
clusters/noble/apps/cilium/helm-values.yaml
Normal file
@@ -0,0 +1,36 @@
|
||||
# Same settings as the Argo CD Application (keep in sync).
|
||||
# Used for manual `helm install` before Argo when Talos uses cni: none.
|
||||
#
|
||||
# operator.replicas: chart default is 2 with required pod anti-affinity. If fewer
|
||||
# than two nodes can schedule (e.g. NotReady / taints), `helm --wait` never finishes.
|
||||
k8sServiceHost: 192.168.50.20
|
||||
k8sServicePort: 6443
|
||||
cgroup:
|
||||
autoMount:
|
||||
enabled: false
|
||||
hostRoot: /sys/fs/cgroup
|
||||
ipam:
|
||||
operator:
|
||||
clusterPoolIPv4PodCIDRList:
|
||||
- 10.244.0.0/16
|
||||
securityContext:
|
||||
capabilities:
|
||||
ciliumAgent:
|
||||
- CHOWN
|
||||
- KILL
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
- IPC_LOCK
|
||||
- SYS_ADMIN
|
||||
- SYS_RESOURCE
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- SETGID
|
||||
- SETUID
|
||||
cleanCiliumState:
|
||||
- NET_ADMIN
|
||||
- SYS_ADMIN
|
||||
- SYS_RESOURCE
|
||||
|
||||
operator:
|
||||
replicas: 1
|
||||
Reference in New Issue
Block a user