-
Notifications
You must be signed in to change notification settings - Fork 6
/
values2_consul.yaml
121 lines (114 loc) · 2.67 KB
/
values2_consul.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
global:
name: consul
image: hashicorp/consul-enterprise:1.14-ent
datacenter: cluster-2
peering:
enabled: true
adminPartitions:
enabled: true
enableConsulNamespaces: true
enterpriseLicense:
secretName: "consul-license"
secretKey: "license"
gossipEncryption:
autoGenerate: false
secretName: consul-gossipencryptionkey
secretKey: key
tls:
enabled: true
httpsOnly: false
enableAutoEncrypt: true
verify: false
serverAdditionalDNSSANs: ["consul-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"]
acls:
manageSystemACLs: true
metrics:
enabled: true
enableAgentMetrics: true
server:
replicas: 3
resources:
requests:
memory: "16Gi"
cpu: "4.0"
limits:
memory: "32Gi"
cpu: "8.0"
extraConfig: |
{
"log_level": "INFO",
"dns_config": {
"service_ttl": {
"*": "1s"
},
"node_ttl": "1s"
},
"audit" : {
"enabled": true,
"sink" : {
"a_sink" : {
"type" :"file",
"format" : "json",
"path" : "/consul/data/audit/log.json",
"delivery_guarantee" : "best-effort",
"rotate_duration" : "24h",
"rotate_max_files" : 15,
"rotate_bytes" : 25165824
}
}
}
}
connectInject:
enabled: true
transparentProxy:
defaultEnabled: true
cni:
enabled: true
logLevel: info
cniBinDir: "/home/kubernetes/bin"
cniNetDir: "/etc/cni/net.d"
metrics:
defaultEnabled: true
defaultEnableMerging: true
consulNamespaces:
mirroringK8S: true
syncCatalog:
enabled: true
toConsul: true
toK8S: false
default: true
addK8SNamespaceSuffix: "c2-"
consulNamespaces:
mirroringK8S: true
mirroringK8SPrefix: "c2-"
ui:
service:
type: LoadBalancer
annotations: |
"external-dns.alpha.kubernetes.io/hostname": "consul-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com."
meshGateway:
enabled: true
wanAddress:
source: Service
service:
type: LoadBalancer
ingressGateways:
enabled: true
defaults:
service:
type: LoadBalancer
ports:
- port: 8443
gateways:
- name: dashboard-ingress-gateway
service:
annotations: |
external-dns.alpha.kubernetes.io/hostname: "dashboard-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"
- name: webapp-cluster-2-ig
service:
annotations: |
external-dns.alpha.kubernetes.io/hostname: "webapp-cluster-2.hc-4eaeab05d358430fb89d3ae6329.gcp.sbx.hashicorpdemo.com"
terminatingGateways:
enabled: false
prometheus:
enabled: false