easylinux/proxmox-tofu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b57e34b5bbfadde3c1aded7c59de69b2c9a9dd53
proxmox-tofu/proxmox/helm_templates.tf
Max Pfeiffer f959d83f50 Removed Gateway and added load balancer, ingress and egress features 
Gateway API is still rather new, no time for experiments.
2025-09-16 20:03:46 +02:00

76 lines
1.7 KiB
HCL
Raw Blame History

data "helm_template" "cilium" {
name = "cilium"
namespace = "kube-system"
repository = "https://helm.cilium.io"
chart = "cilium"
version = "1.18.1"
kube_version = var.kubernetes_version
set = [
{
name = "ipam.mode"
value = "kubernetes"
},
{
name = "kubeProxyReplacement"
value = "true"
},
{
name = "securityContext.capabilities.ciliumAgent"
value = "{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}"
},
{
name = "securityContext.capabilities.cleanCiliumState"
value = "{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}"
},
{
name = "cgroup.autoMount.enabled"
value = "false"
},
{
name = "cgroup.hostRoot"
value = "/sys/fs/cgroup"
},
{
name = "k8sServiceHost"
value = "localhost"
},
{
name = "k8sServicePort"
value = "7445"
},
# Loadbalancer
# See: https://docs.cilium.io/en/stable/network/l2-announcements/
{
name = "l2announcements.enabled"
value = "true"
},
{
name = "k8sClientRateLimit.qps"
value = "50"
},
{
name = "k8sClientRateLimit.burst"
value = "100"
},
# Ingress Controller
# See: https://docs.cilium.io/en/stable/network/servicemesh/ingress/
{
name = "ingressController.enabled"
value = "true"
},
{
name = "ingressController.loadbalancerMode"
value = "dedicated"
},
# Egress Gateway
# See: https://docs.cilium.io/en/stable/network/egress-gateway/egress-gateway/
{
name = "egressGateway.enabled"
value = "true"
},
{
name = "bpf.masquerade"
value = "true"
},
]
}
Reference in New Issue View Git Blame Copy Permalink