slim-sdk/deployments/multicluster/cluster-b-values.yaml at main · earthlings-dev/slim-sdk · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# Copyright AGNTCY Contributors (https://github.com/agntcy)
# SPDX-License-Identifier: Apache-2.0

slim:
  # Deploy as DaemonSet instead of StatefulSet
  daemonset: false
  # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
  replicaCount: 2

  # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
  image:
    repository: ghcr.io/agntcy/slim
    # This sets the pull policy for images.
    pullPolicy: IfNotPresent
    # Overrides the image tag whose default is the chart appVersion.
    tag: ""

  # This is for overriding the default config below
  overrideConfig:

  config:
    tracing:
      log_level: debug
      display_thread_names: true
      display_thread_ids: true

    runtime:
      n_cores: 0
      thread_name: "slim-data-plane"
      drain_timeout: 10s

    services:
      slim/0:
        node_id: ${env:SLIM_SVC_ID}
        group_name: "cluster-b.example"
        dataplane:
          servers:
            - endpoint: "0.0.0.0:{{ .Values.slim.service.data.port }}"
              metadata:
                local_endpoint: ${env:MY_POD_IP}
                external_endpoint: "slim.cluster-b.example:{{ .Values.slim.service.data.port }}"
              tls:
                #insecure: true
                insecure_skip_verify: false
                source:
                  type: spire
                  socket_path: unix:/tmp/spire-agent/public/api.sock
                ca_source:
                  type: spire
                  socket_path: unix:/tmp/spire-agent/public/api.sock
                trust_domains:
                  - cluster-b.example
          clients: []
        controller:
          clients:
            - endpoint: "https://slim-control.admin.example:50052"
              tls:
                #insecure: true
                insecure_skip_verify: false
                source:
                  type: spire
                  socket_path: unix:/tmp/spire-agent/public/api.sock
                ca_source:
                  type: spire
                  socket_path: unix:/tmp/spire-agent/public/api.sock
                  trust_domains:
                    - admin.example


  # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
  service:
    # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
    type: LoadBalancer
    headless: false
    data:
      port: 46357
    control:
      port: 46358

  # This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
  ingress:
    enabled: false
    className: ""
    annotations: {}
      # kubernetes.io/ingress.class: nginx
      # kubernetes.io/tls-acme: "true"
    hosts:
      - host: chart-example.local
        paths:
          - path: /
            pathType: ImplementationSpecific
    tls: []
    #  - secretName: chart-example-tls
    #    hosts:
    #      - chart-example.local

spire:
  enabled: true
  trustedDomains:
  - spiffe://admin.example
  - spiffe://cluster-a.example