talos #61
1 changed files with 24 additions and 2 deletions
|
@ -50,9 +50,13 @@ spec:
|
||||||
extraConfig:
|
extraConfig:
|
||||||
allow-localhost: policy # enable policies for localhost
|
allow-localhost: policy # enable policies for localhost
|
||||||
kubeProxyReplacement: true
|
kubeProxyReplacement: true
|
||||||
k8sServiceHost: ${K8S_SERVICE_ENDPOINT}
|
k8sServiceHost: 127.0.0.1
|
||||||
k8sServicePort: 6443
|
k8sServicePort: 7445
|
||||||
rollOutCiliumPods: true
|
rollOutCiliumPods: true
|
||||||
|
cgroup:
|
||||||
|
automount:
|
||||||
|
enabled: false
|
||||||
|
hostRoot: /sys/fs/cgroup
|
||||||
bgp:
|
bgp:
|
||||||
enabled: false
|
enabled: false
|
||||||
announce:
|
announce:
|
||||||
|
@ -60,3 +64,21 @@ spec:
|
||||||
podCIDR: false
|
podCIDR: false
|
||||||
bgpControlPlane:
|
bgpControlPlane:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
ciliumAgent:
|
||||||
|
- CHOWN
|
||||||
|
- KILL
|
||||||
|
- NET_ADMIN
|
||||||
|
- NET_RAW
|
||||||
|
- IPC_LOCK
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
|
- DAC_OVERRIDE
|
||||||
|
- FOWNER
|
||||||
|
- SETGID
|
||||||
|
- SETUID
|
||||||
|
cleanCiliumState:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
|
|
Loading…
Reference in a new issue