87f33a4644
Now calico can be deployed if there are other existing pools and not confuse IPAM and end up with pods in the wrong pools.
47 lines
1.5 KiB
YAML
47 lines
1.5 KiB
YAML
---
|
|
# Enables Internet connectivity from containers
|
|
nat_outgoing: true
|
|
|
|
# Use IP-over-IP encapsulation across hosts
|
|
ipip: true
|
|
ipip_mode: always # change to "cross-subnet" if you only want ipip encapsulation on traffic going across subnets
|
|
|
|
# Set to true if you want your calico cni binaries to overwrite the
|
|
# ones from hyperkube while leaving other cni plugins intact.
|
|
overwrite_hyperkube_cni: true
|
|
|
|
calico_cert_dir: /etc/calico/certs
|
|
etcd_cert_dir: /etc/ssl/etcd/ssl
|
|
|
|
# Global as_num (/calico/bgp/v1/global/as_num)
|
|
global_as_num: "64512"
|
|
|
|
# You can set MTU value here. If left undefined or empty, it will
|
|
# not be specified in calico CNI config, so Calico will use built-in
|
|
# defaults. The value should be a number, not a string.
|
|
# calico_mtu: 1500
|
|
|
|
# Limits for apps
|
|
calico_node_memory_limit: 500M
|
|
calico_node_cpu_limit: 300m
|
|
calico_node_memory_requests: 64M
|
|
calico_node_cpu_requests: 150m
|
|
calicoctl_memory_limit: 170M
|
|
calicoctl_cpu_limit: 100m
|
|
calicoctl_memory_requests: 32M
|
|
calicoctl_cpu_requests: 50m
|
|
|
|
# Enable Prometheus Metrics endpoint for felix
|
|
calico_felix_prometheusmetricsenabled: "false"
|
|
calico_felix_prometheusmetricsport: 9091
|
|
calico_felix_prometheusgometricsenabled: "true"
|
|
calico_felix_prometheusprocessmetricsenabled: "true"
|
|
|
|
# Should calico ignore kernel's RPF check setting,
|
|
# see https://github.com/projectcalico/felix/blob/ab8799eaea66627e5db7717e62fca61fd9c08646/python/calico/felix/config.py#L198
|
|
calico_node_ignorelooserpf: false
|
|
|
|
rbac_resources:
|
|
- sa
|
|
- clusterrole
|
|
- clusterrolebinding
|