a3e6896a43
Refactored how rbac_enabled is set Added RBAC to ubuntu-canal-ha CI job Added rbac for calico policy controller
39 lines
894 B
YAML
39 lines
894 B
YAML
---
|
|
# The interface used by canal for host <-> host communication.
|
|
# If left blank, then the interface is chosing using the node's
|
|
# default route.
|
|
canal_iface: ""
|
|
|
|
# Whether or not to masquerade traffic to destinations not within
|
|
# the pod network.
|
|
canal_masquerade: "true"
|
|
|
|
# Log-level
|
|
canal_log_level: "info"
|
|
|
|
# Etcd SSL dirs
|
|
canal_cert_dir: /etc/canal/certs
|
|
etcd_cert_dir: /etc/ssl/etcd/ssl
|
|
|
|
# Canal Network Policy directory
|
|
canal_policy_dir: /etc/kubernetes/policy
|
|
|
|
# Limits for apps
|
|
calico_node_memory_limit: 500M
|
|
calico_node_cpu_limit: 200m
|
|
calico_node_memory_requests: 64M
|
|
calico_node_cpu_requests: 50m
|
|
flannel_memory_limit: 500M
|
|
flannel_cpu_limit: 200m
|
|
flannel_memory_requests: 64M
|
|
flannel_cpu_requests: 50m
|
|
calicoctl_memory_limit: 170M
|
|
calicoctl_cpu_limit: 100m
|
|
calicoctl_memory_requests: 32M
|
|
calicoctl_cpu_requests: 25m
|
|
|
|
rbac_resources:
|
|
- sa
|
|
- clusterrole
|
|
- clusterrolebinding
|