# Copyright 2017 AT&T Intellectual Property.  All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# limitations under the License.

manifests:
  daemonset_proxy: true
  rbac: true

pod:
  lifecycle:
    upgrades:
      daemonsets:
        pod_replacement_strategy: RollingUpdate
        proxy:
          enabled: true
          min_ready_seconds: 0
          max_unavailable: 1
    termination_grace_period:
      proxy:
        timeout: 30
  resources:
    enabled: false
    proxy:
      requests:
        memory: "128Mi"
        cpu: "100m"
      limits:
        memory: "1024Mi"
        cpu: "2000m"

images:
  tags:
    proxy: gcr.io/google_containers/hyperkube-amd64:v1.10.11
  pull_policy: "IfNotPresent"

command_prefix:
  - /proxy
  - --proxy-mode=iptables
  - --cluster-cidr=10.97.0.0/16

network:
  kubernetes_netloc: 10.96.0.1

kube_service:
  host: 127.0.0.1
  port: 6553

livenessProbe:
  config:
    # NOTE(mark-burnett): To avoid cascading failure modes, it is
    # important that these values are configured to avoid the possibility
    # of CrashLoopBackoff for this pod.  Otherwise, a small non-impacting
    # issue could disable kube-proxy for the entire site.
    failureThreshold: 10
    initialDelaySeconds: 15
    periodSeconds: 35
    successThreshold: 1
    timeoutSeconds: 10
  whitelist:
    # - postgres