-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdefaults.yml
More file actions
128 lines (118 loc) · 3.27 KB
/
defaults.yml
File metadata and controls
128 lines (118 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
parameters:
vcluster:
=_metadata:
multi_instance: true
multi_tenant: true
namespace: syn-${_instance}
namespaceMetadata: {}
charts:
vcluster:
source: https://charts.loft.sh
version: 0.29.1
images:
k8s:
registry: ghcr.io
image: loft-sh/kubernetes
tag: v1.35.4
syncer:
registry: ghcr.io
image: loft-sh/vcluster-oss
tag: "0.29.1"
oc:
registry: quay.io
image: appuio/oc
tag: v4.20
storage:
persistence: auto
size: 5Gi
class_name: null
k8s:
additional_apiserver_args: []
additional_controllermanager_args: []
additional_scheduler_args: []
ingress:
enabled: true
host: null
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
backing_store: {}
additional_manifests: ""
resources:
k8s:
requests:
cpu: 40m
memory: 64Mi
limits:
cpu: 100m
memory: 256Mi
syncer:
requests:
cpu: 200m
memory: 256Mi
limits:
memory: 2Gi
helm_values:
sync:
toHost:
ingresses:
enabled: true
controlPlane:
distro:
k3s:
enabled: false
k8s:
enabled: true
apiServer:
extraArgs: ${vcluster:k8s:additional_apiserver_args}
controllerManager:
extraArgs: ${vcluster:k8s:additional_controllermanager_args}
scheduler:
extraArgs: ${vcluster:k8s:additional_scheduler_args}
image:
registry: ${vcluster:images:k8s:registry}
repository: ${vcluster:images:k8s:image}
tag: ${vcluster:images:k8s:tag}
resources: ${vcluster:resources:k8s}
statefulSet:
security:
containerSecurityContext:
allowPrivilegeEscalation: false
runAsUser: null
runAsGroup: null
resources: ${vcluster:resources:syncer}
image:
registry: ${vcluster:images:syncer:registry}
repository: ${vcluster:images:syncer:image}
tag: ${vcluster:images:syncer:tag}
persistence:
volumeClaim:
enabled: ${vcluster:storage:persistence}
size: ${vcluster:storage:size}
storageClass: ${vcluster:storage:class_name}
backingStore: ${vcluster:backing_store}
ingress:
enabled: ${vcluster:ingress:enabled}
host: ${vcluster:ingress:host}
annotations: ${vcluster:ingress:annotations}
spec:
tls:
- hosts:
- ${vcluster:ingress:host}
secretName: ${_instance}-tls
rbac:
role:
extraRules:
- apiGroups: [""]
resources: ["endpoints/restricted"]
verbs: ["create"]
exportKubeConfig:
server: https://${vcluster:ingress:host}
serviceAccount:
name: ${_instance}-admin
clusterRole: cluster-admin
experimental:
deploy:
vcluster:
manifests: ${vcluster:additional_manifests}
syn:
registration_url: null