The cni-cilium module: configuration

Schema version: 1

• bpfLBModestring

  eBPF LoadBalancer mode.

  Default: "Hybrid"

  Allowed values: SNAT, Hybrid, DSR

• createNodeRoutesboolean

  Create routes to Pods on other Nodes.

  All Nodes must be located in the same L2 domain.

• debugLoggingboolean

  Enabled debug logging for Cilium components.

  Default: false

• labelsRegexarray of strings

  Labels regexes to reduce identity cardinality.

  Each label should be set in the format of YAML quoted string with special symbols escaping.

• policyAuditModeboolean

  Do not enforce any Network Policy. Only log allowed/disallowed connections.

  Default: false

• resourcesManagement

  cilium agent resources requests options.

  Examples:

  resourcesManagement:
    mode: VPA
    vpa:
      mode: Auto
      cpu:
        min: 50m
        max: 2
        limitRatio: 1.5
      memory:
        min: 256Mi
        max: 2Gi
        limitRatio: 1.5
  

  resourcesManagement:
    mode: Static
    static:
      requests:
        cpu: 55m
        memory: 256Mi
      limits:
        cpu: 2
        memory: 2Gi
  

  • resourcesManagement.modestring

    The mode for managing resource requests.

    • Static — classical requests/limit.
    • VPA — managing using VPA.

    Default: "VPA"

    Allowed values: VPA, Static

  • resourcesManagement.staticobject

    Static resource management settings.

    • resourcesManagement.static.limitsobject

      Limits configuration.

      • resourcesManagement.static.limits.cpu

        CPU limits.

      • resourcesManagement.static.limits.memory

        Memory limits.

    • resourcesManagement.static.requestsobject

      Requests configuration.

      • resourcesManagement.static.requests.cpu

        CPU requests.

      • resourcesManagement.static.requests.memory

        Memory requests.

  • resourcesManagement.vpaobject

    Parameters of the VPA mode.

    • resourcesManagement.vpa.cpuobject

      CPU-related parameters.

      • resourcesManagement.vpa.cpu.limitRationumber

        The coefficient to calculate cpu limits.

        It is optionally used to calculate initial limits for Pod. VPA for its part keeps the initial limits/requests ratio during further resource tunings.

      • resourcesManagement.vpa.cpu.max

        Maximum allowed CPU requests.

        Default: 4

      • resourcesManagement.vpa.cpu.min

        Minimum allowed CPU requests.

        Default: 100m

    • resourcesManagement.vpa.memoryobject

      The amount of memory requested.

      • resourcesManagement.vpa.memory.limitRationumber

        The coefficient to calculate memory limits.

        It is optionally used to calculate initial limits for Pod. VPA for its part keeps the initial limits/requests ratio during further resource tunings.

      • resourcesManagement.vpa.memory.max

        Maximum allowed memory requests.

        Default: 4Gi

      • resourcesManagement.vpa.memory.min

        Minimum allowed memory requests.

        Default: 128Mi

    • resourcesManagement.vpa.modestring

      The VPA usage mode.

      Default: "Initial"

      Allowed values: Initial, Auto

• svcSourceRangeCheckboolean

  Check source IP and validate it against Service’s “loadBalancerSourceRanges”.

  Do not enable behind a load balancer that performs any form of SNAT.

  Default: false

• tunnelModestring

  Tunnel mode.

  Note! After changing the parameter, it is necessary to restart all nodes, otherwise, there may be problems with the availability of Pods!

  Default: "Disabled"

  Allowed values: Disabled, VXLAN