utkuozdemir/cilium-talos-values.yaml

## cilium-talos-values.yaml
# https://artifacthub.io/packages/helm/cilium/cilium/1.18.4
prometheus:
  enabled: true
cgroup:
  autoMount:
    enabled: false
  hostRoot: /sys/fs/cgroup
cluster:
  name: homelab
externalIPs:
  enabled: true
gatewayAPI:
  enableAlpn: true
  enableAppProtocol: true
  enabled: true
hubble:
  relay:
    enabled: true
    prometheus:
      enabled: true
  metrics:
    enabled:
      - dns
      - drop
      - tcp
      - flow
      - port-distribution
      - icmp
      - httpV2:exemplars=true;labelsContext=source_ip,source_namespace,source_workload,destination_ip,destination_namespace,destination_workload,traffic_direction
    enableOpenMetrics: true
    dashboards:
      enabled: true
  ui:
    enabled: true
    ingress:
      enabled: true
      hosts:
        - hubble.homelab.example.org
      tls:
        - hosts:
            - hubble.homelab.example.org
ingressController:
  default: true
  enabled: true
  loadbalancerMode: shared
  defaultSecretNamespace: cert-manager
  defaultSecretName: homelab-wildcard-tls
  service:
    insecureNodePort: 32080
    secureNodePort: 32443
ipam:
  mode: kubernetes
k8sClientRateLimit:
  burst: 200
  qps: 50
k8sServiceHost: localhost
k8sServicePort: 7445
kubeProxyReplacement: true
l2announcements:
  enabled: true
operator:
  replicas: 1
  dashboards:
    enabled: true
routingMode: tunnel
securityContext:
  capabilities:
    ciliumAgent:
      - CHOWN
      - KILL
      - NET_ADMIN
      - NET_RAW
      - IPC_LOCK
      - SYS_ADMIN
      - SYS_RESOURCE
      - DAC_OVERRIDE
      - FOWNER
      - SETGID
      - SETUID
    cleanCiliumState:
      - NET_ADMIN
      - SYS_ADMIN
      - SYS_RESOURCE
tunnelProtocol: vxlan

dashboards:
  enabled: true
	# https://artifacthub.io/packages/helm/cilium/cilium/1.18.4
	prometheus:
	enabled: true
	cgroup:
	autoMount:
	enabled: false
	hostRoot: /sys/fs/cgroup
	cluster:
	name: homelab
	externalIPs:
	enabled: true
	gatewayAPI:
	enableAlpn: true
	enableAppProtocol: true
	enabled: true
	hubble:
	relay:
	enabled: true
	prometheus:
	enabled: true
	metrics:
	enabled:
	- dns
	- drop
	- tcp
	- flow
	- port-distribution
	- icmp
	- httpV2:exemplars=true;labelsContext=source_ip,source_namespace,source_workload,destination_ip,destination_namespace,destination_workload,traffic_direction
	enableOpenMetrics: true
	dashboards:
	enabled: true
	ui:
	enabled: true
	ingress:
	enabled: true
	hosts:
	- hubble.homelab.example.org
	tls:
	- hosts:
	- hubble.homelab.example.org
	ingressController:
	default: true
	enabled: true
	loadbalancerMode: shared
	defaultSecretNamespace: cert-manager
	defaultSecretName: homelab-wildcard-tls
	service:
	insecureNodePort: 32080
	secureNodePort: 32443
	ipam:
	mode: kubernetes
	k8sClientRateLimit:
	burst: 200
	qps: 50
	k8sServiceHost: localhost
	k8sServicePort: 7445
	kubeProxyReplacement: true
	l2announcements:
	enabled: true
	operator:
	replicas: 1
	dashboards:
	enabled: true
	routingMode: tunnel
	securityContext:
	capabilities:
	ciliumAgent:
	- CHOWN
	- KILL
	- NET_ADMIN
	- NET_RAW
	- IPC_LOCK
	- SYS_ADMIN
	- SYS_RESOURCE
	- DAC_OVERRIDE
	- FOWNER
	- SETGID
	- SETUID
	cleanCiliumState:
	- NET_ADMIN
	- SYS_ADMIN
	- SYS_RESOURCE
	tunnelProtocol: vxlan

	dashboards:
	enabled: true
No results found