move to manifest
This commit is contained in:
148
manifest/envoy-gateway/values.yaml
Normal file
148
manifest/envoy-gateway/values.yaml
Normal file
@@ -0,0 +1,148 @@
|
||||
# Global settings
|
||||
global:
|
||||
# If set, these take highest precedence and change both envoyGateway and ratelimit's container registry and pull secrets.
|
||||
# -- Global override for image registry
|
||||
imageRegistry: ""
|
||||
# -- Global override for image pull secrets
|
||||
imagePullSecrets: []
|
||||
|
||||
# If set, these override image-specific values: useful when installing the chart in a private registry environment.
|
||||
# Override image-specific values directly if a global override is not desired.
|
||||
images:
|
||||
envoyGateway:
|
||||
# This is the full image name including the hub, repo, and tag.
|
||||
image: docker.io/envoyproxy/gateway:v1.7.1
|
||||
# Specify image pull policy if default behavior isn't desired.
|
||||
# Default behavior: latest images will be Always else IfNotPresent.
|
||||
pullPolicy: IfNotPresent
|
||||
# List of secrets in the same namespace of the component that can be used to pull images from private repositories.
|
||||
pullSecrets: []
|
||||
ratelimit:
|
||||
# This is the full image name including the hub, repo, and tag.
|
||||
image: "docker.io/envoyproxy/ratelimit:c8765e89"
|
||||
# Specify image pull policy if default behavior isn't desired.
|
||||
# Default behavior: latest images will be Always else IfNotPresent.
|
||||
pullPolicy: IfNotPresent
|
||||
# List of secrets in the same namespace of the component that can be used to pull images from private repositories.
|
||||
pullSecrets: []
|
||||
|
||||
podDisruptionBudget:
|
||||
minAvailable: 0
|
||||
# maxUnavailable: 1
|
||||
|
||||
deployment:
|
||||
annotations: {}
|
||||
envoyGateway:
|
||||
image:
|
||||
# if both this and global.imageRegistry are specified, this has to include both registry and repository explicitly, eg docker.io/envoyproxy/gateway
|
||||
repository: ""
|
||||
tag: ""
|
||||
imagePullPolicy: ""
|
||||
imagePullSecrets: []
|
||||
resources:
|
||||
limits:
|
||||
memory: 1024Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 256Mi
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
privileged: false
|
||||
runAsNonRoot: true
|
||||
runAsGroup: 65532
|
||||
runAsUser: 65532
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
ports:
|
||||
- name: grpc
|
||||
port: 18000
|
||||
targetPort: 18000
|
||||
- name: ratelimit
|
||||
port: 18001
|
||||
targetPort: 18001
|
||||
- name: wasm
|
||||
port: 18002
|
||||
targetPort: 18002
|
||||
- name: metrics
|
||||
port: 19001
|
||||
targetPort: 19001
|
||||
priorityClassName: null
|
||||
replicas: 1
|
||||
pod:
|
||||
affinity: {}
|
||||
annotations:
|
||||
prometheus.io/scrape: 'true'
|
||||
prometheus.io/port: '19001'
|
||||
labels: {}
|
||||
topologySpreadConstraints: []
|
||||
tolerations: []
|
||||
nodeSelector: {}
|
||||
|
||||
service:
|
||||
# If set to PreferClose, the Envoy fleet will prioritize connecting to the Envoy Gateway pods that are topologically closest to them.
|
||||
trafficDistribution: ""
|
||||
annotations: {}
|
||||
# -- Service type. Can be set to LoadBalancer with specific IP, e.g.:
|
||||
# type: LoadBalancer
|
||||
loadBalancerIP: 192.168.1.30
|
||||
type: "ClusterIP"
|
||||
|
||||
hpa:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 1
|
||||
metrics: []
|
||||
behavior: {}
|
||||
|
||||
config:
|
||||
# -- EnvoyGateway configuration. Visit https://gateway.envoyproxy.io/docs/api/extension_types/#envoygateway to view all options.
|
||||
envoyGateway:
|
||||
gateway:
|
||||
controllerName: gateway.envoyproxy.io/gatewayclass-controller
|
||||
provider:
|
||||
type: Kubernetes
|
||||
logging:
|
||||
level:
|
||||
default: info
|
||||
extensionApis: {}
|
||||
|
||||
createNamespace: false
|
||||
|
||||
kubernetesClusterDomain: cluster.local
|
||||
|
||||
# -- Certgen is used to generate the certificates required by EnvoyGateway. If you want to construct a custom certificate, you can generate a custom certificate through Cert-Manager before installing EnvoyGateway. Certgen will not overwrite the custom certificate. Please do not manually modify `values.yaml` to disable certgen, it may cause EnvoyGateway OIDC,OAuth2,etc. to not work as expected.
|
||||
certgen:
|
||||
job:
|
||||
annotations: {}
|
||||
args: []
|
||||
pod:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
resources: {}
|
||||
affinity: {}
|
||||
tolerations: []
|
||||
nodeSelector: {}
|
||||
ttlSecondsAfterFinished: 30
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
privileged: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsGroup: 65532
|
||||
runAsUser: 65532
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
rbac:
|
||||
annotations: {}
|
||||
labels: {}
|
||||
|
||||
topologyInjector:
|
||||
enabled: true
|
||||
annotations: {}
|
||||
|
||||
Reference in New Issue
Block a user