Update cilium settings and enable kubeprism.
This commit is contained in:
parent
66ed521d0c
commit
3dd36d25bc
1 changed files with 23 additions and 2 deletions
|
|
@ -13,6 +13,10 @@ containerRuntime:
|
|||
integration: containerd
|
||||
endpointRoutes:
|
||||
enabled: true
|
||||
cgroup:
|
||||
autoMount:
|
||||
enabled: false
|
||||
hostRoot: /sys/fs/cgroup
|
||||
hubble:
|
||||
enabled: true
|
||||
metrics:
|
||||
|
|
@ -50,8 +54,8 @@ hubble:
|
|||
ipam:
|
||||
mode: kubernetes
|
||||
ipv4NativeRoutingCIDR: 10.32.0.0/16
|
||||
k8sServiceHost: 10.2.0.6
|
||||
k8sServicePort: 6443
|
||||
k8sServiceHost: localhost
|
||||
k8sServicePort: 7445
|
||||
kubeProxyReplacement: true
|
||||
kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
|
||||
l2announcements:
|
||||
|
|
@ -85,4 +89,21 @@ dashboards:
|
|||
rollOutCiliumPods: true
|
||||
securityContext:
|
||||
privileged: true
|
||||
capabilities:
|
||||
ciliumAgent:
|
||||
- CHOWN
|
||||
- KILL
|
||||
- NET_ADMIN
|
||||
- NET_RAW
|
||||
- IPC_LOCK
|
||||
- SYS_ADMIN
|
||||
- SYS_RESOURCE
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- SETGID
|
||||
- SETUID
|
||||
cleanCiliumState:
|
||||
- NET_ADMIN
|
||||
- SYS_ADMIN
|
||||
- SYS_RESOURCE
|
||||
tunnel: disabled
|
||||
|
|
|
|||
Reference in a new issue