catalog/stable/k8s-gateway/6.1.22/ix_values.yaml

134 lines
2.9 KiB
YAML
Raw Normal View History

image:
repository: tccr.io/truecharts/k8s_gateway
pullPolicy: IfNotPresent
tag: 0.3.2@sha256:594fd6990eb2e0af1df7df8ba76cb3ca66232f46c5df5ebf786a45dd19777ae5
controller:
# -- Set additional annotations on the deployment/statefulset/daemonset
# -- Number of desired pods
replicas: 2
# -- Set the controller upgrade strategy
# For Deployments, valid values are Recreate (default) and RollingUpdate.
# For StatefulSets, valid values are OnDelete and RollingUpdate (default).
# DaemonSets ignore this.
strategy: RollingUpdate
securityContext:
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
args: ["-conf", "/etc/coredns/Corefile"]
# -- TTL for non-apex responses (in seconds)
ttl: 300
# -- Limit what kind of resources to watch, e.g. watchedResources: ["Ingress"]
watchedResources: []
# -- Service name of a secondary DNS server (should be `serviceName.namespace`)
secondary: ""
# -- Override the default `serviceName.namespace` domain apex
apex: ""
# -- list of processed domains
domains:
# -- Delegated domain
- domain: "example.com"
# -- Optional configuration option for DNS01 challenge that will redirect all acme
# challenge requests to external cloud domain (e.g. managed by cert-manager)
# See: https://cert-manager.io/docs/configuration/acme/dns01/
dnsChallenge:
enabled: false
domain: dns01.clouddns.com
forward:
enabled: true
primary: tls://1.1.1.1
secondary: tls://1.0.0.1
options:
- name: tls_servername
value: cloudflare-dns.com
serviceAccount:
main:
# -- Specifies whether a service account should be created
enabled: true
# -- Create a ClusterRole and ClusterRoleBinding
# @default -- See below
rbac:
main:
# -- Enables or disables the ClusterRole and ClusterRoleBinding
enabled: true
# -- Set Rules on the ClusterRole
rules:
- apiGroups:
- ""
resources:
- services
- namespaces
verbs:
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs:
- list
- watch
service:
main:
ports:
main:
protocol: UDP
port: 53
targetPort: 53
probes:
liveness:
custom: true
spec:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readiness:
custom: true
spec:
httpGet:
path: /ready
port: 8181
scheme: HTTP
initialDelaySeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
startup:
custom: true
spec:
httpGet:
path: /ready
port: 8181
scheme: HTTP
initialDelaySeconds: 3
timeoutSeconds: 2
periodSeconds: 5
failureThreshold: 60
portal:
enabled: false