-
Notifications
You must be signed in to change notification settings - Fork 10
/
values.yaml
107 lines (93 loc) · 3.56 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
---
# Default values for cloudflare-tunnel.
# Cloudflare parameters.
cloudflare:
# Your Cloudflare account number.
account: ""
# The name of the tunnel this instance will serve
tunnelName: ""
# The ID of the above tunnel.
tunnelId: ""
# The secret for the tunnel.
secret: ""
# If defined, no secret is created for the credentials, and instead, the secret referenced is used
secretName: null
# Specifies the protocol used to establish a connection between cloudflared and the Cloudflare global network. Available values are auto, http2, h2mux, and quic. (default: auto)
# https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/local-management/arguments/
protocol: ""
# If true, turn on WARP routing for TCP
enableWarp: false
# Define ingress rules for the tunnel. See
# https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/configuration-file/ingress
ingress: []
# The first rule proxies traffic to the httpbin sample service named web-server at port 80
# - hostname: tunnel.example.com
# service: http://web-service:80
# This rule sends traffic to the built-in hello-world HTTP server. This can help debug connectivity
# issues. If hello.example.com resolves and tunnel.example.com does not, then the problem is
# in the connection from cloudflared to your local service, not from the internet to cloudflared.
# - hostname: hello.example.com
# service: hello_world
metrics:
# -- The port on which to expose the metrics and ready endpoints
port: 2000
image:
repository: cloudflare/cloudflared
pullPolicy: IfNotPresent
# If supplied, this overrides "appVersion"
tag: "2024.2.1"
replicaCount: 1
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# -- Additional labels to add to all resources
additionalLabels: {}
# app: cloudflare-tunnel
serviceAccount:
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
# Security items common to everything in the pod. Here we require that it
# does not run as the user defined in the image, literally named "nonroot".
podSecurityContext:
runAsNonRoot: true
runAsUser: 65532
# Security items for one container. We lock it down.
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
# Default affinity is to spread out over nodes; use this to override.
affinity: {}
serviceMonitor:
# -- Enable this if you're using https://github.com/coreos/prometheus-operator
enabled: false
# -- Interval at which endpoints should be scraped.
interval: 30s
# -- Add custom labels to the ServiceMonitor resource
additionalLabels: {}
# prometheus: kube-prometheus
# -- Chooses the metric’s labels on collisions with target labels.
honorLabels: false
# -- Path to scrape metrics
path: /metrics
# -- Timeout for scrape metrics request
scrapeTimeout: 10s