values2_consul.yaml

global:
  name: consul
  image: hashicorp/consul-enterprise:1.14-ent
  datacenter: cluster-2
  peering:
    enabled: true
  adminPartitions:
    enabled: true
  enableConsulNamespaces: true
  enterpriseLicense:
    secretName: "consul-license"
    secretKey: "license"
  gossipEncryption:
    autoGenerate: false
    secretName: consul-gossipencryptionkey
    secretKey: key
  tls:
    enabled: true
    httpsOnly: false
    enableAutoEncrypt: true
    verify: false
    serverAdditionalDNSSANs: ["consul-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"]
  acls:
    manageSystemACLs: true
  metrics:
    enabled: true
    enableAgentMetrics: true

server:
  replicas: 3
  resources:
    requests:
      memory: "16Gi"
      cpu: "4.0"
    limits:
      memory: "32Gi"
      cpu: "8.0"
  extraConfig: |
    {
      "log_level": "INFO",
      "dns_config": {
        "service_ttl": {
          "*": "1s"
        },
        "node_ttl": "1s"
      },
      "audit" : {
        "enabled": true,
        "sink" : {
          "a_sink" : {
            "type"   :"file",
            "format" : "json",
            "path"   : "/consul/data/audit/log.json",
            "delivery_guarantee" : "best-effort",
            "rotate_duration" : "24h",
            "rotate_max_files" : 15,
            "rotate_bytes" : 25165824
          }
        }
      }
    }

connectInject:
  enabled: true
  transparentProxy:
    defaultEnabled: true
  cni:
    enabled: true
    logLevel: info
    cniBinDir: "/home/kubernetes/bin"
    cniNetDir: "/etc/cni/net.d"
  metrics:
    defaultEnabled: true
    defaultEnableMerging: true
  consulNamespaces:
    mirroringK8S: true

syncCatalog:
  enabled: true
  toConsul: true
  toK8S: false
  default: true
  addK8SNamespaceSuffix: "c2-"
  consulNamespaces:
    mirroringK8S: true
    mirroringK8SPrefix: "c2-"

ui:
  service:
    type: LoadBalancer
    annotations: |
      "external-dns.alpha.kubernetes.io/hostname": "consul-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com."
meshGateway:
  enabled: true
  wanAddress:
    source: Service
  service:
    type: LoadBalancer

ingressGateways:
  enabled: true
  defaults:
    service:
      type: LoadBalancer
      ports:
        - port: 8443
  gateways:
    - name: dashboard-ingress-gateway
      service:
        annotations: |
          external-dns.alpha.kubernetes.io/hostname: "dashboard-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"
    - name: webapp-cluster-2-ig
      service:
        annotations: |
          external-dns.alpha.kubernetes.io/hostname: "webapp-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"

terminatingGateways:
  enabled: false

prometheus:
  enabled: false