Try cilium through helm
This commit is contained in:
17
clusters/talos/cilium/cilium-helm-release.yaml
Normal file
17
clusters/talos/cilium/cilium-helm-release.yaml
Normal file
@@ -0,0 +1,17 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: cilium
|
||||
namespace: kube-system
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: cilium/cilium
|
||||
version: '1.14.0'
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cilium
|
||||
namespace: flux-system
|
||||
interval: 15m
|
||||
valuesFile: values.yaml
|
||||
8
clusters/talos/cilium/cilium-repository.yaml
Normal file
8
clusters/talos/cilium/cilium-repository.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
apiVersion: source.toolkit.fluxcd.io/v1beta2
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: cilium
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 15m
|
||||
url: https://helm.cilium.io/
|
||||
5
clusters/talos/cilium/kustomization.yaml
Normal file
5
clusters/talos/cilium/kustomization.yaml
Normal file
@@ -0,0 +1,5 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- cilium-repository.yaml
|
||||
- cilium-helm-release.yaml
|
||||
23
clusters/talos/cilium/values.yaml
Normal file
23
clusters/talos/cilium/values.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
k8sServiceHost: "192.168.1.101"
|
||||
k8sServicePort: "6443"
|
||||
|
||||
operator:
|
||||
replicas: 1
|
||||
rollOutPods: true
|
||||
|
||||
externalIPs:
|
||||
enabled: true
|
||||
|
||||
enableCiliumEndpointSlice: true
|
||||
|
||||
kubeProxyReplacement: "disabled"
|
||||
ipam:
|
||||
mode: "kubernetes"
|
||||
securityContext:
|
||||
capabilities:
|
||||
ciliumAgent: "{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}"
|
||||
cleanCiliumState: "{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}"
|
||||
cgroup:
|
||||
hostRoot: "/sys/fs/cgroup"
|
||||
autoMount:
|
||||
enabled: "false"
|
||||
Reference in New Issue
Block a user