cloud-provider-openstack/charts/openstack-cloud-controller-manager/values.yaml at a67f3fbbb09c2330ae249e1dcce41cf866c896cf · kubernetes/cloud-provider-openstack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
# Values OpenStack Cloud Controller Manager Helm Chart
#
# Define deployment mode for the controller and provide cloud credentials in cloudConfig at the end of the file
#
## Annotations to apply to all resources
commonAnnotations: {}
# commonAnnotations:
#   "helm.sh/hook": pre-install,pre-upgrade
#   "helm.sh/hook-weight": "-100"
#   "helm.sh/hook-delete-policy": before-hook-creation

# List of secrets to use as image pull secret
imagePullSecrets: []
# - pull-secret-1
# - pull-secret-2

# Image repository name and tag
image:
  repository: registry.k8s.io/provider-os/openstack-cloud-controller-manager
  tag: ""

# Additional containers which are run before the app containers are started.
extraInitContainers: []
# - name: wait
#   image: busybox
#   command: ['sh', '-c', 'echo waiting for 10 seconds; sleep 10;']

# Additional environment variables for the cloud-controller-manager.
extraEnv: []
# - name: OS_CCM_REGIONAL
#   value: "true"

# Set resources for Kubernetes daemonset
resources: {}
# resources:
#   requests:
#     cpu: 200m

# Set livenessProbe for Kubernetes daemonset. Used the same port for servicemonitor metrics
livenessProbe: {}
# livenessProbe:
#   httpGet:
#    path: /metrics
#    port: 10258

# Set readinessProbe in the same way like livenessProbe
readinessProbe: {}

dnsPolicy: ClusterFirst

# Set nodeSelector where the controller should run, i.e. controlplane nodes
nodeSelector:
  node-role.kubernetes.io/control-plane: ""

# Set tolerations for nodes where the controller should run, i.e. node
# should be uninitialized, controlplane...
tolerations:
  - key: node.cloudprovider.kubernetes.io/uninitialized
    value: "true"
    effect: NoSchedule
  - key: node-role.kubernetes.io/control-plane
    effect: NoSchedule

# Optional additional annotations to add to the controller Pods.
podAnnotations: {}

# Optional additional labels to add to the controller Pods.
podLabels: {}

# Set security settings for the controller pods
# For all available options, see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#podsecuritycontext-v1-core
podSecurityContext:
  runAsUser: 1001
  # seccompProfile:
  #   type: RuntimeDefault

# Set security settings for the controller container
# For all available options, see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#securitycontext-v1-core
securityContext: {}
# securityContext:
#   capabilities:
#     drop:
#     - ALL
#   readOnlyRootFilesystem: true
#   allowPrivilegeEscalation: false

# List of controllers should be enabled.
# Use '*' to enable all controllers.
# Prefix a controller with '-' to disable it.
enabledControllers:
  - cloud-node
  - cloud-node-lifecycle
  - route
  - service

# Any extra arguments for openstack-cloud-controller-manager
controllerExtraArgs: {}
# controllerExtraArgs: |-
#   - --cluster-name=my-cluster

# Create a service monitor for Prometheus Operator
serviceMonitor: {}
# serviceMonitor:
#   enabled: true
#   additionalLabels: {}

# Create a secret resource cloud-config (or other name) to store credentials and settings from cloudConfig
# You can also provide your own secret (not created by the Helm chart), in this case set create to false
# and adjust the name of the secret as necessary
# If you dont want to use a secret (because you are using something like an agent injector to inject the cloud config file)
# you can disable the secret usage by setting enabled to false.
# If you disable the secret, you have to insert the cloud config file into the path /etc/cloud/config.
secret:
  enabled: true
  create: true
  name: cloud-config

# Log verbosity level.
# See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md
# for description of individual verbosity levels.
logVerbosityLevel: 2

# Specify settings with the same key as the CCM config: https://github.com/kubernetes/cloud-provider-openstack/blob/master/docs/openstack-cloud-controller-manager/using-openstack-cloud-controller-manager.md#config-openstack-cloud-controller-manager
cloudConfig:
  global:
  networking:
  loadBalancer:
  blockStorage:
  metadata:
  route:

# Allow for specifying internal IP addresses for multiple hostnames
# hostAliases:
#   - ip: "10.0.0.1"
#     hostnames:
#     - "keystone.hostname.com"

## Pod priority settings
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName:

# The following three volumes are required to use all OCCM controllers,
# but might not be needed if you just use a specific controller
# Additional volumes that should be available to the pods:
extraVolumes:
  - name: flexvolume-dir
    hostPath:
      path: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
  - name: k8s-certs
    hostPath:
      path: /etc/kubernetes/pki
# Where the additional volumes should be mounted into the pods:
extraVolumeMounts:
  - name: flexvolume-dir
    mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
    readOnly: true
  - name: k8s-certs
    mountPath: /etc/kubernetes/pki
    readOnly: true

# cluster name that used for created cluster
cluster:
  name: kubernetes

clusterRoleName: system:cloud-controller-manager

serviceAccountName: cloud-controller-manager

# External mode configuration
# Enables split deployment across management and workload clusters
splitMode:
  # Enable external mode
  enabled: false
  # Which part to deploy: "management" or "workload"
  # - management: Deploys the Deployment (controller) with kubeconfig
  # - workload: Deploys only RBAC resources with configurable subject
  type: management

  # Management cluster settings (when type=management)
  kubeconfig:
    # Name of the pre-existing secret containing kubeconfig
    secretName: ""
    # Key in the secret containing the kubeconfig data
    secretKey: value
  # Number of replicas for the Deployment
  replicas: 1
  # Node selector for external mode Deployment
  nodeSelector: {}
  # Extra volumes for external mode
  extraVolumes: []
  # Extra volume mounts for external mode
  extraVolumeMounts: []

  # Workload cluster settings (when type=workload)
  # Subject for the ClusterRoleBinding
  subject:
    name: openstack-cloud-controller-manager