--- autoDirectNodeRoutes: true bandwidthManager: enabled: true bbr: true bpf: masquerade: true tproxy: true cgroup: automount: enabled: false hostRoot: /sys/fs/cgroup cluster: id: 1 name: theshire cni: exclusive: false containerRuntime: integration: containerd # devices: eno+|enp+ enableRuntimeDeviceDetection: true endpointRoutes: enabled: true hubble: enable: false envoy: enable: false ipam: mode: kubernetes ipv4NativeRoutingCIDR: 10.244.0.0/16 k8sServiceHost: 127.0.0.1 k8sServicePort: 7445 kubeProxyReplacement: true kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256 l2announcements: enabled: true loadBalancer: algorithm: maglev mode: dsr localRedirectPolicy: true operator: rollOutPods: true rollOutCiliumPods: true routingMode: native securityContext: capabilities: ciliumAgent: - CHOWN - KILL - NET_ADMIN - NET_RAW - IPC_LOCK - SYS_ADMIN - SYS_RESOURCE - DAC_OVERRIDE - FOWNER - SETGID - SETUID cleanCiliumState: - NET_ADMIN - SYS_ADMIN - SYS_RESOURCE