-
Notifications
You must be signed in to change notification settings - Fork 0
/
values-secondary1.yaml
77 lines (71 loc) · 1.72 KB
/
values-secondary1.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# file: values.yaml
global:
name: consul
datacenter: k3s-secondary1
#image: "docker.io/hashiderek/consul-dev:wanfed-oom-4"
tls:
enabled: true
# Here we're using the shared certificate authority from the primary
# datacenter that was exported via the federation secret.
caCert:
secretName: consul-federation
secretKey: caCert
caKey:
secretName: consul-federation
secretKey: caKey
acls:
manageSystemACLs: true
# Here we're importing the replication token that was
# exported from the primary via the federation secret.
replicationToken:
secretName: consul-federation
secretKey: replicationToken
federation:
enabled: true
k8sAuthMethodHost: https://${SECONDARY1_IP}:6443
primaryDatacenter: k3s-primary
gossipEncryption:
secretName: consul-federation
secretKey: gossipEncryptionKey
connectInject:
enabled: true
transparentProxy:
defaultEnabled: false
controller:
enabled: true
meshGateway:
enabled: true
replicas: 1
service:
port: 8443
server:
replicas: 1
resources:
requests:
memory: "3000Mi"
cpu: "1000m"
limits:
memory: "3000Mi"
cpu: "1000m"
# Here we're including the server config exported from the primary
# via the federation secret. This config includes the addresses of
# the primary datacenter's mesh gateways so Consul can begin federation.
extraVolumes:
- type: secret
name: consul-federation
items:
- key: serverConfigJSON
path: config.json
load: true
extraConfig: |
{
"enable_debug": true,
#"log_level": "TRACE"
}
ui:
enabled: true
service:
type: LoadBalancer
port:
http: 9500
https: 9501