-
Notifications
You must be signed in to change notification settings - Fork 37
/
Copy pathvalues.yaml
92 lines (78 loc) · 2.09 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# Default values for raven-agent.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
repository: openyurt/raven-agent
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: 0.4.3
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
healthyBindAddr: ":10275"
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: "raven-agent-account"
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
privileged: true
nodeSelector:
kubernetes.io/os: linux
tolerations: [{"operator": "Exists"}]
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: type
operator: NotIn
values:
- virtual-kubelet
containerEnv:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: NODE_IP
valueFrom:
fieldRef:
fieldPath: status.hostIP
- name: VPN_CONNECTION_PSK
valueFrom:
secretKeyRef:
key: vpn-connection-psk
name: raven-agent-secret
sync:
syncRule: true
syncPeriod: 30m
vpn:
driver: libreswan
forwardNodeIP: false
natTraversal: false
keepAliveInterval: 15
keepAliveTimeout: 30
# raven-agent requires a unique vpn psk
# You can generate one with the command:
# 'openssl rand -hex 64'
# Pass it to helm with '--set vpn.psk=`openssl rand -hex 64`'
# IMPORTANT: You should NOT use the example psk for a production deployment!
psk: OPENYURT-RAVEN-AGENT-VPN-PSK
metricBindAddr: ":10265"
tunnelAddr: ":4500"
controller:
enableProxy: true
enableTunnel: true
proxy:
externalAddr: ":10262"
internalInsecureAddr: ":10264"
internalSecureAddr: ":10263"
metricsBindAddr: ":10266"
rollingUpdate:
maxUnavailable: 20%