Manage cilium with argo plus enable the ARP mode
Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
This commit is contained in:
parent
e059d9176a
commit
7c5f1f58e7
|
|
@ -0,0 +1,46 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: cilium
|
||||
namespace: argocd
|
||||
spec:
|
||||
destination:
|
||||
namespace: kube-system
|
||||
server: https://kubernetes.default.svc
|
||||
project: infra
|
||||
source:
|
||||
chart: cilium
|
||||
repoURL: https://helm.cilium.io/
|
||||
targetRevision: 1.14.3
|
||||
helm:
|
||||
parameters:
|
||||
- name: ipam.mode
|
||||
value: kubernetes
|
||||
- name: kubeProxyReplacement
|
||||
value: true
|
||||
- name: securityContext.capabilities.ciliumAgent
|
||||
value: {CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}
|
||||
- name: securityContext.capabilities.cleanCiliumState
|
||||
value: {NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}
|
||||
- name: cgroup.autoMount.enabled
|
||||
value: false
|
||||
- name: cgroup.hostRoot
|
||||
value: /sys/fs/cgroup
|
||||
- name: k8sServiceHost
|
||||
value: localhost
|
||||
- name: k8sServicePort
|
||||
value: 7445
|
||||
- name: l2announcements.enabled
|
||||
value: true
|
||||
- name: k8sClientRateLimit.qps
|
||||
value: 30
|
||||
- name: k8sClientRateLimit.burst
|
||||
value: 50
|
||||
syncPolicy:
|
||||
automated:
|
||||
selfHeal: true
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue