mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-30 09:13:36 -05:00
e9694d40b9
Bumping Cilium to also enable node-to-node encryption and node-to-node strict mode. Since the second is not upstream we use our fork.
31 lines
829 B
YAML
31 lines
829 B
YAML
{{- if and .Values.agent .Values.hubble.enabled }}
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: hubble-peer
|
|
namespace: {{ .Release.Namespace }}
|
|
{{- with .Values.hubble.annotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
labels:
|
|
k8s-app: cilium
|
|
app.kubernetes.io/part-of: cilium
|
|
app.kubernetes.io/name: hubble-peer
|
|
spec:
|
|
selector:
|
|
k8s-app: cilium
|
|
ports:
|
|
- name: peer-service
|
|
{{- if .Values.hubble.peerService.servicePort }}
|
|
port: {{ .Values.hubble.peerService.servicePort }}
|
|
{{- else }}
|
|
port: {{ .Values.hubble.tls.enabled | ternary 443 80 }}
|
|
{{- end }}
|
|
protocol: TCP
|
|
targetPort: {{ .Values.hubble.peerService.targetPort }}
|
|
{{- if semverCompare ">=1.22-0" .Capabilities.KubeVersion.GitVersion }}
|
|
internalTrafficPolicy: Local
|
|
{{- end }}
|
|
{{- end }}
|