Update cilium settings and enable kubeprism.
This commit is contained in:
parent
66ed521d0c
commit
3dd36d25bc
1 changed files with 23 additions and 2 deletions
|
|
@ -13,6 +13,10 @@ containerRuntime:
|
||||||
integration: containerd
|
integration: containerd
|
||||||
endpointRoutes:
|
endpointRoutes:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
cgroup:
|
||||||
|
autoMount:
|
||||||
|
enabled: false
|
||||||
|
hostRoot: /sys/fs/cgroup
|
||||||
hubble:
|
hubble:
|
||||||
enabled: true
|
enabled: true
|
||||||
metrics:
|
metrics:
|
||||||
|
|
@ -50,8 +54,8 @@ hubble:
|
||||||
ipam:
|
ipam:
|
||||||
mode: kubernetes
|
mode: kubernetes
|
||||||
ipv4NativeRoutingCIDR: 10.32.0.0/16
|
ipv4NativeRoutingCIDR: 10.32.0.0/16
|
||||||
k8sServiceHost: 10.2.0.6
|
k8sServiceHost: localhost
|
||||||
k8sServicePort: 6443
|
k8sServicePort: 7445
|
||||||
kubeProxyReplacement: true
|
kubeProxyReplacement: true
|
||||||
kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
|
kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
|
||||||
l2announcements:
|
l2announcements:
|
||||||
|
|
@ -85,4 +89,21 @@ dashboards:
|
||||||
rollOutCiliumPods: true
|
rollOutCiliumPods: true
|
||||||
securityContext:
|
securityContext:
|
||||||
privileged: true
|
privileged: true
|
||||||
|
capabilities:
|
||||||
|
ciliumAgent:
|
||||||
|
- CHOWN
|
||||||
|
- KILL
|
||||||
|
- NET_ADMIN
|
||||||
|
- NET_RAW
|
||||||
|
- IPC_LOCK
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
|
- DAC_OVERRIDE
|
||||||
|
- FOWNER
|
||||||
|
- SETGID
|
||||||
|
- SETUID
|
||||||
|
cleanCiliumState:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
tunnel: disabled
|
tunnel: disabled
|
||||||
|
|
|
||||||
Reference in a new issue