# yaml-language-server: $schema=https://raw.githubusercontent.com/cilium/cilium/refs/heads/main/install/kubernetes/cilium/values.schema.json
---
autoDirectNodeRoutes: true
bandwidthManager:
  enabled: true
  bbr: true
bpf:
  masquerade: true
  tproxy: true
bgpControlPlane:
  enabled: true
cgroup:
  automount:
    enabled: false
  hostRoot: /sys/fs/cgroup
cluster:
  id: 1
  name: theshire
cni:
  exclusive: false
enableRuntimeDeviceDetection: true
endpointRoutes:
  enabled: true
envoy:
  enabled: false
hubble:
  enable: false
ipam:
  mode: kubernetes
ipv4NativeRoutingCIDR: 10.3.0.0/16
k8sServiceHost: 127.0.0.1
k8sServicePort: 7445
kubeProxyReplacement: true
kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
l2announcements:
  enabled: true
loadBalancer:
  algorithm: maglev
  mode: dsr
localRedirectPolicy: true
operator:
  replicas: 2
  rollOutPods: true
rollOutCiliumPods: true
routingMode: native
securityContext:
  capabilities:
    ciliumAgent:
      - CHOWN
      - KILL
      - NET_ADMIN
      - NET_RAW
      - IPC_LOCK
      - SYS_ADMIN
      - SYS_RESOURCE
      - PERFMON
      - BPF
      - DAC_OVERRIDE
      - FOWNER
      - SETGID
      - SETUID
    cleanCiliumState:
      - NET_ADMIN
      - SYS_ADMIN
      - SYS_RESOURCE