61 lines
1.2 KiB
YAML
61 lines
1.2 KiB
YAML
---
|
|
autoDirectNodeRoutes: true
|
|
bandwidthManager:
|
|
enabled: true
|
|
bbr: true
|
|
bpf:
|
|
masquerade: true
|
|
tproxy: true
|
|
cgroup:
|
|
automount:
|
|
enabled: false
|
|
hostRoot: /sys/fs/cgroup
|
|
cluster:
|
|
id: 1
|
|
name: homelab
|
|
cni:
|
|
exclusive: false
|
|
containerRuntime:
|
|
integration: containerd
|
|
devices: enp+
|
|
socketLB:
|
|
enabled: false # supposed to be default off, but it's enabled anyway, and looks fun lol # TODO: 2024-06-02: temporarily turned off to attempt fixing endpoint creation timeout
|
|
hostNamespaceOnly: true # KubeVirt compatibility
|
|
enableRuntimeDeviceDetection: true
|
|
endpointRoutes:
|
|
enabled: true
|
|
ipam:
|
|
mode: kubernetes
|
|
ipv4NativeRoutingCIDR: 10.244.0.0/16
|
|
k8sServiceHost: 127.0.0.1
|
|
k8sServicePort: 7445
|
|
kubeProxyReplacement: true
|
|
kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
|
|
l2announcements:
|
|
enabled: true
|
|
loadBalancer:
|
|
algorithm: maglev
|
|
mode: dsr
|
|
localRedirectPolicy: true
|
|
operator:
|
|
replicas: 1
|
|
rollOutCiliumPods: true
|
|
routingMode: native
|
|
securityContext:
|
|
capabilities:
|
|
ciliumAgent:
|
|
- CHOWN
|
|
- KILL
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
- IPC_LOCK
|
|
- SYS_ADMIN
|
|
- SYS_RESOURCE
|
|
- DAC_OVERRIDE
|
|
- FOWNER
|
|
- SETGID
|
|
- SETUID
|
|
cleanCiliumState:
|
|
- NET_ADMIN
|
|
- SYS_ADMIN
|
|
- SYS_RESOURCE
|