richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5938 Commits
34 Branches
82 Tags
155 MiB
Tree: 0ac364dfae
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0ac364dfae'
${ noResults }
kubespray/roles/network_plugin/cilium/templates/hubble-config.yml.j2

86 lines
3.0 KiB
Raw Normal View History

Upgrade cilium role (#7521) * Upgrade cilium roles * Del old test result * Add hubble ui examples * Refactor hubble metrics * Markdown fix pipeline errors * yamllint check and fix * refactor install from https://github.com/kubernetes-sigs/kubespray/pull/7520 * Docs syntax change (fix) * Cilium set default 1.8.9 * Update cilium version in Readme
3 years ago
  1. ---
  2. # Source: cilium/templates/hubble-relay-configmap.yaml
  3. apiVersion: v1
  4. kind: ConfigMap
  5. metadata:
  6. name: hubble-relay-config
  7. namespace: kube-system
  8. data:
  9. config.yaml: |
  10. peer-service: unix:///var/run/cilium/hubble.sock
  11. listen-address: :4245
  12. dial-timeout:
  13. retry-timeout:
  14. sort-buffer-len-max:
  15. sort-buffer-drain-timeout:
  16. tls-client-cert-file: /var/lib/hubble-relay/tls/client.crt
  17. tls-client-key-file: /var/lib/hubble-relay/tls/client.key
  18. tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt
  19. disable-server-tls: true
  20. ---
  21. # Source: cilium/templates/hubble-ui-configmap.yaml
  22. apiVersion: v1
  23. kind: ConfigMap
  24. metadata:
  25. name: hubble-ui-envoy
  26. namespace: kube-system
  27. data:
  28. envoy.yaml: |
  29. static_resources:
  30. listeners:
  31. - name: listener_hubble_ui
  32. address:
  33. socket_address:
  34. address: 0.0.0.0
  35. port_value: 8081
  36. filter_chains:
  37. - filters:
  38. - name: envoy.filters.network.http_connection_manager
  39. config:
  40. codec_type: auto
  41. stat_prefix: ingress_http
  42. route_config:
  43. name: local_route
  44. virtual_hosts:
  45. - name: local_service
  46. domains: ['*']
  47. routes:
  48. - match:
  49. prefix: '/api/'
  50. route:
  51. cluster: backend
  52. max_grpc_timeout: 0s
  53. prefix_rewrite: '/'
  54. - match:
  55. prefix: '/'
  56. route:
  57. cluster: frontend
  58. cors:
  59. allow_origin_string_match:
  60. - prefix: '*'
  61. allow_methods: GET, PUT, DELETE, POST, OPTIONS
  62. allow_headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout
  63. max_age: '1728000'
  64. expose_headers: grpc-status,grpc-message
  65. http_filters:
  66. - name: envoy.filters.http.grpc_web
  67. - name: envoy.filters.http.cors
  68. - name: envoy.filters.http.router
  69. clusters:
  70. - name: frontend
  71. connect_timeout: 0.25s
  72. type: strict_dns
  73. lb_policy: round_robin
  74. hosts:
  75. - socket_address:
  76. address: 127.0.0.1
  77. port_value: 8080
  78. - name: backend
  79. connect_timeout: 0.25s
  80. type: logical_dns
  81. lb_policy: round_robin
  82. http2_protocol_options: {}
  83. hosts:
  84. - socket_address:
  85. address: 127.0.0.1
  86. port_value: 8090