peterw
1 year ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with
15 additions and
0 deletions
-
inventory/sample/group_vars/k8s_cluster/k8s-net-cilium.yml
-
roles/network_plugin/cilium/defaults/main.yml
-
roles/network_plugin/cilium/templates/hubble/cr.yml.j2
-
roles/network_plugin/cilium/templates/hubble/crb.yml.j2
-
roles/network_plugin/cilium/templates/hubble/deploy.yml.j2
-
roles/network_plugin/cilium/templates/hubble/sa.yml.j2
-
roles/network_plugin/cilium/templates/hubble/service.yml.j2
|
|
|
@ -152,6 +152,9 @@ cilium_l2announcements: false |
|
|
|
# Hubble |
|
|
|
### Enable Hubble without install |
|
|
|
# cilium_enable_hubble: false |
|
|
|
### Enable Hubble-ui |
|
|
|
### Installed by default when hubble is enabled. To disable set to false |
|
|
|
# cilium_enable_hubble_ui: "{{ cilium_enable_hubble }} |
|
|
|
### Enable Hubble Metrics |
|
|
|
# cilium_enable_hubble_metrics: false |
|
|
|
### if cilium_enable_hubble_metrics: true |
|
|
|
|
|
|
|
@ -144,6 +144,8 @@ cilium_ip_masq_resync_interval: 60s |
|
|
|
# Hubble |
|
|
|
### Enable Hubble without install |
|
|
|
cilium_enable_hubble: false |
|
|
|
### Enable Hubble-ui |
|
|
|
cilium_enable_hubble_ui: "{{ cilium_enable_hubble }}" |
|
|
|
### Enable Hubble Metrics |
|
|
|
cilium_enable_hubble_metrics: false |
|
|
|
### if cilium_enable_hubble_metrics: true |
|
|
|
|
|
|
|
@ -60,6 +60,7 @@ rules: |
|
|
|
- get |
|
|
|
- list |
|
|
|
- watch |
|
|
|
{% if cilium_enable_hubble_ui %} |
|
|
|
--- |
|
|
|
# Source: cilium/templates/hubble-ui-clusterrole.yaml |
|
|
|
kind: ClusterRole |
|
|
|
@ -104,3 +105,4 @@ rules: |
|
|
|
- get |
|
|
|
- list |
|
|
|
- watch |
|
|
|
{% endif %} |
|
|
|
@ -28,6 +28,7 @@ subjects: |
|
|
|
- kind: ServiceAccount |
|
|
|
namespace: kube-system |
|
|
|
name: hubble-relay |
|
|
|
{% if cilium_enable_hubble_ui %} |
|
|
|
--- |
|
|
|
# Source: cilium/templates/hubble-ui-clusterrolebinding.yaml |
|
|
|
kind: ClusterRoleBinding |
|
|
|
@ -42,3 +43,4 @@ subjects: |
|
|
|
- kind: ServiceAccount |
|
|
|
namespace: kube-system |
|
|
|
name: hubble-ui |
|
|
|
{% endif %} |
|
|
|
@ -104,6 +104,7 @@ spec: |
|
|
|
name: tls |
|
|
|
{%- endif %} |
|
|
|
|
|
|
|
{% if cilium_enable_hubble_ui %} |
|
|
|
--- |
|
|
|
# Source: cilium/templates/hubble-ui/deployment.yaml |
|
|
|
kind: Deployment |
|
|
|
@ -195,3 +196,4 @@ spec: |
|
|
|
name: tls |
|
|
|
- emptyDir: {} |
|
|
|
name: tmp-dir |
|
|
|
{% endif %} |
|
|
|
@ -14,6 +14,7 @@ kind: ServiceAccount |
|
|
|
metadata: |
|
|
|
name: hubble-relay |
|
|
|
namespace: kube-system |
|
|
|
{% if cilium_enable_hubble_ui %} |
|
|
|
--- |
|
|
|
# Source: cilium/templates/hubble-ui-serviceaccount.yaml |
|
|
|
apiVersion: v1 |
|
|
|
@ -21,3 +22,4 @@ kind: ServiceAccount |
|
|
|
metadata: |
|
|
|
name: hubble-ui |
|
|
|
namespace: kube-system |
|
|
|
{% endif %} |
|
|
|
@ -68,6 +68,7 @@ spec: |
|
|
|
{% endif -%} |
|
|
|
targetPort: 4245 |
|
|
|
--- |
|
|
|
{% if cilium_enable_hubble_ui %} |
|
|
|
# Source: cilium/templates/hubble-ui-service.yaml |
|
|
|
kind: Service |
|
|
|
apiVersion: v1 |
|
|
|
@ -85,6 +86,7 @@ spec: |
|
|
|
targetPort: 8081 |
|
|
|
type: ClusterIP |
|
|
|
--- |
|
|
|
{% endif %} |
|
|
|
# Source: cilium/templates/hubble/peer-service.yaml |
|
|
|
apiVersion: v1 |
|
|
|
kind: Service |
|
|
|
|
