---
# https://docs.k3s.io/helm
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: cilium
  namespace: kube-system
spec:
  # renovate: datasource=helm
  repo: https://helm.cilium.io/
  chart: cilium
  version: 1.14.2
  targetNamespace: kube-system
  bootstrap: true
  valuesContent: |-
    autoDirectNodeRoutes: true
    bpf:
      masquerade: true
    bgp:
      enabled: false
    cluster:
      name: kubernetes
      id: 1
    containerRuntime:
      integration: containerd
      socketPath: /var/run/k3s/containerd/containerd.sock
    endpointRoutes:
      enabled: true
    hubble:
      enabled: false
    ipam:
      mode: kubernetes
    ipv4NativeRoutingCIDR: "{{ k3s_server['cluster-cidr'] }}"
    k8sServiceHost: "{{ k3s_registration_address }}"
    k8sServicePort: 6443
    kubeProxyReplacement: true
    kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
    l2announcements:
      enabled: true
      leaseDuration: 120s
      leaseRenewDeadline: 60s
      leaseRetryPeriod: 1s
    loadBalancer:
      algorithm: maglev
      mode: dsr
    localRedirectPolicy: true
    operator:
      rollOutPods: true
    rollOutCiliumPods: true
    securityContext:
      privileged: true
    tunnel: disabled