107 lines
No EOL
2.3 KiB
YAML
107 lines
No EOL
2.3 KiB
YAML
|
|
logLevel: 4
|
|
|
|
metricsRelistInterval: 1m
|
|
|
|
listenPort: 6443
|
|
|
|
nodeSelector: {}
|
|
|
|
priorityClassName: ""
|
|
|
|
# Url to access prometheus
|
|
prometheus:
|
|
# Value is templated
|
|
url: http://prometheus.default.svc
|
|
port: 9090
|
|
path: ""
|
|
|
|
replicas: 1
|
|
|
|
# SecurityContext of the container
|
|
# ref. https://kubernetes.io/docs/tasks/configure-pod-container/security-context
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 10001
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
rbac:
|
|
# Specifies whether RBAC resources should be created
|
|
create: true
|
|
# Specifies if a Cluster Role should be used for the Auth Reader
|
|
useAuthReaderClusterRole: false
|
|
externalMetrics:
|
|
resources: ["*"]
|
|
customMetrics:
|
|
resources: ["*"]
|
|
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created
|
|
create: true
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name:
|
|
# ServiceAccount annotations.
|
|
# Use case: AWS EKS IAM roles for service accounts
|
|
# ref: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
|
|
annotations: {}
|
|
|
|
# Configure liveness probe
|
|
# https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#Probe
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 30
|
|
timeoutSeconds: 5
|
|
|
|
# Configure readiness probe
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: https
|
|
scheme: HTTPS
|
|
initialDelaySeconds: 30
|
|
timeoutSeconds: 5
|
|
|
|
rules:
|
|
default: true
|
|
|
|
custom: []
|
|
|
|
# Mounts a configMap with pre-generated rules for use. Overrides the
|
|
# default, custom, external and resource entries
|
|
existing:
|
|
|
|
external: []
|
|
|
|
service:
|
|
annotations: {}
|
|
port: 443
|
|
type: ClusterIP
|
|
# clusterIP: 1.2.3.4
|
|
ipDualStack:
|
|
enabled: false
|
|
ipFamilies: ["IPv6", "IPv4"]
|
|
ipFamilyPolicy: "PreferDualStack"
|
|
|
|
# Set environment variables from secrets, configmaps or by setting them as name/value
|
|
env: []
|
|
|
|
# Deployment strategy type
|
|
strategy:
|
|
type: RollingUpdate
|
|
rollingUpdate:
|
|
maxUnavailable: 25%
|
|
maxSurge: 25%
|
|
|
|
certManager:
|
|
enabled: false
|
|
caCertDuration: 43800h0m0s
|
|
certDuration: 8760h0m0s |