diff --git a/deployments/sentryflow/values.yaml b/deployments/sentryflow/values.yaml index 7d5fa1e..a07c815 100644 --- a/deployments/sentryflow/values.yaml +++ b/deployments/sentryflow/values.yaml @@ -2,15 +2,13 @@ # This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ replicaCount: 1 - # This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/ image: repository: docker.io/5gsec/sentryflow # This sets the pull policy for images. pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: latest - + tag: v0.1 # Arguments to pass SentryFlow container args: - --config @@ -22,7 +20,6 @@ args: # This is to override the chart name. nameOverride: "" fullnameOverride: "" - # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: # Specifies whether a service account should be created @@ -32,14 +29,11 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" - genericLabels: app.kubernetes.io/part-of: sentryflow - podSecurityContext: fsGroup: 2000 runAsNonRoot: true - securityContext: capabilities: drop: @@ -48,7 +42,6 @@ securityContext: runAsNonRoot: true runAsUser: 1000 allowPrivilegeEscalation: false - # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ service: # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types @@ -56,13 +49,12 @@ service: ports: - name: exporter port: 8888 # Make sure to use the same port as `.exporter.grpc.port` field of `config` - targetPort: 8888 # Make sure to use the same port as `.filters.server.port` field of `config` + targetPort: 8888 # Make sure to use the same port as `.filters.server.port` field of `config` protocol: TCP - name: receiver port: 9999 # Make sure to use the same port as `.filters.server.port` field of `config` targetPort: 9999 # Make sure to use the same port as `.filters.server.port` field of `config` protocol: TCP - resources: limits: cpu: 500m @@ -70,7 +62,6 @@ resources: requests: cpu: 500m memory: 256Mi - # This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ livenessProbe: httpGet: @@ -86,7 +77,6 @@ readinessProbe: httpHeaders: - name: status value: "200" - # This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/ autoscaling: enabled: false @@ -94,17 +84,15 @@ autoscaling: maxReplicas: 100 targetCPUUtilizationPercentage: 80 targetMemoryUtilizationPercentage: 80 - # Traffic sources configuration config: filters: server: port: 9999 - - # Envoy filter is required for `istio-sidecar` service-mesh receiver. - # Uncomment the following if you want to use `istio-sidecar` traffic source -# envoy: -# uri: 5gsec/sentryflow-httpfilter:latest + # Envoy filter is required for `istio-sidecar` service-mesh receiver. + # Uncomment the following if you want to use `istio-sidecar` traffic source + # envoy: + # uri: 5gsec/sentryflow-httpfilter:latest # Following is required for `nginx-inc-ingress-controller` receiver. # Uncomment the following if you want to use `nginx-inc-ingress-controller` traffic source @@ -112,13 +100,12 @@ config: # deploymentName: nginx-ingress-controller # configMapName: nginx-ingress # sentryFlowNjsConfigMapName: sentryflow-njs - receivers: # aka sources - # Uncomment the following receivers according to your requirement. -# serviceMeshes: - # To get API observability from Istio service mesh uncomment the following -# - name: istio-sidecar -# namespace: istio-system + # Uncomment the following receivers according to your requirement. + # serviceMeshes: + # To get API observability from Istio service mesh uncomment the following + # - name: istio-sidecar + # namespace: istio-system # others: # To get API observability from F5 nginx ingress controller uncomment the following @@ -126,17 +113,14 @@ config: # namespace: default # - name: nginx-webserver - exporter: grpc: port: 8888 - volumes: - name: sentryflow configMap: name: sentryflow defaultMode: 420 - volumeMounts: - name: sentryflow mountPath: "/var/lib/sentryflow/"