Skip to content

Latest commit

 

History

History
95 lines (73 loc) · 6.56 KB

README.md

File metadata and controls

95 lines (73 loc) · 6.56 KB

tigera-operator

Version: 2.11.3 Type: application AppVersion: 1.36.3

The Tigera Operator is a Kubernetes operator which manages the lifecycle of a Calico or Calico Enterprise installation on Kubernetes. Its goal is to make installation, upgrades, and ongoing lifecycle management of Calico and Calico Enterprise as simple and reliable as possible.

It is possible to use the Tigera Operator for other use-cases by installing additional CRDs and adding custom RBAC rules via rbac.customRules.

Homepage: https://www.tigera.io/

Maintainers

Name Email Url
stevehipwell steve.hipwell@gmail.com

Source Code

Installing the Chart

OCI Repository

To install the chart using the recommended OCI method you can use the following command.

helm upgrade --install tigera-operator oci://ghcr.io/stevehipwell/helm-charts/tigera-operator --version 2.11.3

Verification

As the OCI chart release is signed by Cosign you can verify the chart before installing it by running the following command.

cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github\.com/action-stars/helm-workflows/\.github/workflows/release\.yaml@.+' --certificate-github-workflow-repository stevehipwell/helm-charts --certificate-github-workflow-name Release ghcr.io/stevehipwell/helm-charts/tigera-operator:2.11.3

Non-OCI Repository

Alternatively you can use the legacy non-OCI method via the following commands.

helm repo add stevehipwell https://stevehipwell.github.io/helm-charts/
helm upgrade --install tigera-operator stevehipwell/tigera-operator --version 2.11.3

Values

Key Type Default Description
affinity object {} Affinity settings for scheduling. If an explicit label selector is not provided for pod affinity or pod anti-affinity one will be created from the pod selector labels.
apiServer.enabled bool false If true, install an APIServer control plane according to the apiServer.spec.
apiServer.spec object {} APIServer Spec to enable kubectl to manage Calico APIs.
args list [] Extra args for the default container.
commonLabels object {} Labels to add to all chart resources.
dnsPolicy string "ClusterFirstWithHostNet" Pod DNS policy.
env list [] Environment variables for the default container.
envFrom list [] DEPRECATED - Environment variables from a config map or secret for the default container.
fullnameOverride string nil Override the full name of the chart.
hostNetwork bool true If true, the pod will use the host network namespace. This can be set to false if Calico is not the CNI.
image.pullPolicy string "IfNotPresent" Image pull policy for the default container.
image.repository string "quay.io/tigera/operator" Image repository for the default container.
image.tag string nil Image tag for the default container, this will default to printf "v%s" .Chart.AppVersion if not set.
imagePullSecrets list [] Image pull secrets.
installation.enabled bool false If true, install a Calico control plane according to the installation.spec value.
installation.spec object {"registry":"quay.io/","variant":"Calico"} Tigera Operator Spec to deploy Calico with.
nameOverride string nil Override the name of the chart.
nodeSelector object {"kubernetes.io/os":"linux"} Node selector labels for scheduling.
podAnnotations object {} Annotations to add to the pod.
podLabels object {} Labels to add to the pod.
podSecurityContext object See values.yaml Security context for the pod.
priorityClassName string nil Priority class name for the pod.
rbac.create bool true If true, create a ClusterRole & ClusterRoleBinding with access to the Kubernetes API.
rbac.customRules string nil Additional rules to add to the ClusterRole.
resources object {} Resources for the default container.
securityContext object See values.yaml Security context for the default container.
serviceAccount.annotations object {} Annotations to add to the service account.
serviceAccount.create bool true If true, create a new ServiceAccount.
serviceAccount.labels object {} Labels to add to the service account.
serviceAccount.name string nil If this is set and serviceAccount.create is true this will be used for the created service account name, if set and serviceAccount.create is false then this will define an existing service account to use.
serviceMonitor.additionalLabels object {} Additional labels for the service monitor.
serviceMonitor.enabled bool false If true, create a ServiceMonitor resource to support collecting metrics via the Prometheus Operator.
serviceMonitor.endpointConfig object {} Additional endpoint configuration for the service monitor endpoint.
serviceMonitor.interval int nil DEPRECATED - Prometheus scrape interval for the service monitor endpoint.
terminationGracePeriodSeconds int nil Termination grace period for the pod in seconds.
tolerations list [] Node taints that will be tolerated for scheduling.
topologySpreadConstraints list [] Topology spread constraints for scheduling. If an explicit label selector is not provided one will be created from the pod selector labels.
uninstall.enabled bool true If true, run a Job as a pre-delete Helm hook to make sure that Tigera Operator can be uninstalled.

Autogenerated from chart metadata using helm-docs.