martyn/infra4talos
1
0
Fork 0
Code Issues Pull requests 10 Projects Releases Packages Wiki Activity
infra4talos/everything-app/app-cilium.yaml
Martyn Ranyard 59fdba8af3 cilium chart regens these! 
Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
2025-07-07 12:21:31 +00:00

55 lines
1.5 KiB
YAML
Raw Blame History

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: cilium
namespace: argocd
spec:
ignoreDifferences:
- kind: Secret
namespace: kube-system
name: hubble-server-certs
jsonPointers:
- /data
- kind: Secret
namespace: kube-system
name: hubble-relay-client-certs
jsonPointers:
- /data
- kind: Secret
namespace: kube-system
name: cilium-ca
jsonPointers:
- /data
syncPolicy:
syncOptions:
- RespectIgnoreDifferences=true
destination:
namespace: kube-system
server: https://kubernetes.default.svc
project: infra
source:
chart: cilium
repoURL: https://helm.cilium.io/
targetRevision: 1.14.3
helm:
parameters:
- name: ipam.mode
value: kubernetes
- name: kubeProxyReplacement
value: 'true'
- name: securityContext.capabilities.ciliumAgent
value: '{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}'
- name: securityContext.capabilities.cleanCiliumState
value: '{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}'
- name: cgroup.autoMount.enabled
value: 'false'
- name: cgroup.hostRoot
value: /sys/fs/cgroup
- name: k8sServiceHost
value: localhost
- name: k8sServicePort
value: '7445'
- name: k8sClientRateLimit.qps
value: '50'
- name: k8sClientRateLimit.burst
value: '100'
Reference in a new issue View git blame Copy permalink