-
Notifications
You must be signed in to change notification settings - Fork 58
/
Copy pathvalues.yaml
54 lines (47 loc) · 1.52 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
certificates:
certManager:
# Enable cert manager integration. Cert manager should be already installed at the k8s cluster
enabled: true
version: "v1.16.2"
# If cert-manager integration is disabled, add self-signed ca.crt in base64 format
caBundle: ""
# If cert-manager integration is disabled, upload certs data (ca.crt, tls.crt and tls.key) as k8s secretName in the namespace
secretName: gmsa-server-cert
certReload:
# Enable cert reload when the certs change
enabled: false
credential:
enabled: false
hostAccountConfig: {}
# pluginGUID: "" # CCG Plugin GUID
# portableCcgVersion: "1" # This needs to equal the current version of CCG which right now is '1'
# pluginInput: "" # Format of this field is dependent upon specific CCG Plugin
domainJoinConfig:
dnsName: "" # DNS Domain Name
dnsTreeName: "" # DNS Domain Name Root
guid: "" # GUID of Domain
machineAccountName: "" # Username of the GMSA account
netBiosName: "" # NETBIOS Domain Name
sid: "" # SID of Domain
containerPort: "443"
image:
repository: registry.k8s.io/gmsa-webhook/k8s-gmsa-webhook
tag: v0.12.1
imagePullPolicy: IfNotPresent
# If true, will add os fields to pod specs for K8s versions where feature is in beta (v1.24+)
setPodOs: true
global:
systemDefaultRegistry: ""
affinity: {}
nodeSelector: {}
podDisruptionBudget:
enabled: false
# minAvailable: 1
# maxUnavailable: 1
podSecurityContext: {}
replicaCount: 2
securityContext: {}
tolerations: []
qps: 30.0
burst: 50
randomHostname: false