talos #61

Merged
jahanson merged 5 commits from talos into main 2024-02-15 17:26:33 -06:00
Showing only changes of commit d769b327a3 - Show all commits

View file

@ -50,9 +50,13 @@ spec:
extraConfig: extraConfig:
allow-localhost: policy # enable policies for localhost allow-localhost: policy # enable policies for localhost
kubeProxyReplacement: true kubeProxyReplacement: true
k8sServiceHost: ${K8S_SERVICE_ENDPOINT} k8sServiceHost: 127.0.0.1
k8sServicePort: 6443 k8sServicePort: 7445
rollOutCiliumPods: true rollOutCiliumPods: true
cgroup:
automount:
enabled: false
hostRoot: /sys/fs/cgroup
bgp: bgp:
enabled: false enabled: false
announce: announce:
@ -60,3 +64,21 @@ spec:
podCIDR: false podCIDR: false
bgpControlPlane: bgpControlPlane:
enabled: true enabled: true
securityContext:
capabilities:
ciliumAgent:
- CHOWN
- KILL
- NET_ADMIN
- NET_RAW
- IPC_LOCK
- SYS_ADMIN
- SYS_RESOURCE
- DAC_OVERRIDE
- FOWNER
- SETGID
- SETUID
cleanCiliumState:
- NET_ADMIN
- SYS_ADMIN
- SYS_RESOURCE