cilium helm

No introduction found. Create it?

Install

Install with:

helm repo add cilium https://helm.cilium.io/
helm install cilium cilium/cilium -f values.yaml

Examples

See examples from other people.

Top Repositories (5 out of 131)

NameRepoStarsVersionTimestamp
ciliumjoryirving/home-ops841.15.56 hours ago
ciliumjoryirving/home-ops841.15.56 hours ago
ciliumburoa/k8s-gitops1341.15.59 hours ago
ciliumchkpwd/iac521.15.410 hours ago
ciliumishioni/homelab-ops731.15.512 hours ago

Values

See the most popular values for this chart:

KeyTypes
hubble.ui.ingress.hosts[] (104)
- hubble.${SECRET_DOMAIN}
string
hubble.ui.ingress.enabled (103)
true
boolean
hubble.ui.ingress.className (96)
internal
string
hubble.ui.ingress.tls[].hosts[] (85)
- hubble.${SECRET_DOMAIN}
string
hubble.ui.ingress.tls[].secretName (22)
hubble-tls
string
hubble.ui.ingress.annotations."hajimari.io/icon" (20)
simple-icons:cilium
string
hubble.ui.ingress.annotations."cert-manager.io/cluster-issuer" (15)
letsencrypt-production
string
hubble.ui.ingress.annotations."gethomepage.dev/enabled" (11)
true
string
hubble.ui.ingress.annotations."gethomepage.dev/group" (11)
Observability
string
hubble.ui.ingress.annotations."gethomepage.dev/icon" (11)
cilium.png
string
hubble.ui.ingress.annotations."gethomepage.dev/name" (11)
Hubble
string
hubble.ui.ingress.annotations."gethomepage.dev/description" (9)
Network Monitoring Dashboard
string
hubble.ui.ingress.annotations."hajimari.io/appName" (9)
hubble
string
hubble.ui.ingress.annotations."traefik.ingress.kubernetes.io/router.middlewares" (8)
string
hubble.ui.ingress.annotations."hajimari.io/enable" (7)
true
string
hubble.ui.ingress.annotations."traefik.ingress.kubernetes.io/router.entrypoints" (6)
websecure
string
hubble.ui.ingress.annotations."hajimari.io/group" (5)
networking
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/whitelist-source-range" (5)
10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
string
hubble.ui.ingress.annotations."kubernetes.io/ingress.class" (3)
string
hubble.ui.ingress.annotations."kubernetes.io/tls-acme" (3)
true
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/auth-response-headers" (3)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/auth-signin" (3)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/auth-snippet" (3)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/auth-url" (3)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/force-ssl-redirect" (3)
true
string
hubble.ui.ingress.annotations."hajimari.io/instance" (2)
string
hubble.ui.ingress.annotations."auth.home.arpa/enabled" (1)
string
hubble.ui.ingress.annotations."cert-manager.io/common-name" (1)
string
hubble.ui.ingress.annotations."external-dns.alpha.kubernetes.io/target" (1)
string
hubble.ui.ingress.annotations."gethomepage.dev/weight" (1)
string
hubble.ui.ingress.annotations."ingress.home.arpa/nginx-internal" (1)
string
hubble.ui.ingress.annotations."ingress.home.arpa/type" (1)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/auth-method" (1)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1)
string
hubble.ui.ingress.annotations."nginx.ingress.kubernetes.io/ssl-redirect" (1)
string
hubble.ui.ingress.annotations."traefik.ingress.kubernetes.io/affinity" (1)
string
hubble.ui.ingress.annotations."traefik.ingress.kubernetes.io/router.tls" (1)
string
hubble.ui.ingress.ingressClassName (2)
string
hubble.ui.enabled (94)
true
boolean
hubble.ui.rollOutPods (85)
true
boolean
hubble.ui.replicas (3)
number
hubble.ui.backend.image.repository (1)
string
hubble.ui.backend.image.tag (1)
string
hubble.ui.frontend.image.repository (1)
string
hubble.ui.frontend.image.tag (1)
string
hubble.ui.podLabels."policy.gabe565.com/egress-namespace" (1)
string
hubble.ui.podLabels."policy.gabe565.com/egress-nodes" (1)
string
hubble.ui.podLabels."policy.gabe565.com/ingress-ingress" (1)
string
hubble.relay.enabled (91)
true
boolean
hubble.relay.prometheus.serviceMonitor.enabled (85)
true
boolean
hubble.relay.prometheus.enabled (6)
true
boolean
hubble.relay.rollOutPods (80)
true
boolean
hubble.relay.replicas (2)
number
hubble.relay.podLabels."policy.gabe565.com/egress-namespace" (1)
string
hubble.relay.podLabels."policy.gabe565.com/egress-nodes" (1)
string
hubble.relay.podLabels."policy.gabe565.com/ingress-namespace" (1)
string
hubble.enabled (90)
true
boolean
hubble.metrics.enabled[] (84)
- dns:query
- drop
- tcp
- flow
- port-distribution
- icmp
- http
string
hubble.metrics.serviceMonitor.enabled (76)
true
boolean
hubble.metrics.serviceMonitor.interval (1)
string
hubble.metrics.serviceMonitor.namespace (1)
string
hubble.metrics.serviceMonitor.relabelings[].action (1)
string
hubble.metrics.serviceMonitor.relabelings[].regex (1)
string
hubble.metrics.serviceMonitor.relabelings[].replacement (1)
string
hubble.metrics.serviceMonitor.relabelings[].sourceLabels[] (1)
string
hubble.metrics.serviceMonitor.relabelings[].targetLabel (1)
string
hubble.metrics.dashboards.enabled (66)
true
boolean
hubble.metrics.dashboards.annotations.grafana_folder (59)
Cilium
string
hubble.metrics.dashboards.annotations."gethomepage.dev/enabled" (1)
string
hubble.metrics.dashboards.annotations."gethomepage.dev/group" (1)
string
hubble.metrics.dashboards.annotations."gethomepage.dev/icon" (1)
string
hubble.metrics.dashboards.annotations."gethomepage.dev/name" (1)
string
hubble.metrics.dashboards.annotations."grafana.io/folder" (1)
string
hubble.metrics.dashboards.labelValue (4)
true
string
hubble.metrics.dashboards.label (2)
string
hubble.metrics.dashboards.namespace (2)
string
hubble.metrics.enableOpenMetrics (4)
true
boolean
hubble.serviceMonitor.enabled (25)
true
boolean
hubble.dashboards.enabled (22)
true
boolean
hubble.dashboards.namespace (17)
monitoring
string
hubble.dashboards.label (16)
grafana_dashboard
string
hubble.dashboards.labelValue (16)
1
string
hubble.dashboards.annotations.grafana_folder (7)
Cilium
string
hubble.dashboards.dashboards.annotations.grafana_folder (1)
string
hubble.dashboards.dashboards.enabled (1)
boolean
hubble.tls.auto.method (4)
string
hubble.tls.auto.enabled (3)
true
boolean
hubble.tls.auto.certValidityDuration (2)
number
hubble.tls.auto.schedule (2)
string
hubble.tls.auto.enable (1)
boolean
hubble.tls.enabled (2)
boolean
hubble.tls.insecure (1)
boolean
hubble.prometheus.serviceMonitor.enabled (2)
boolean
hubble.prometheus.enabled (1)
boolean
hubble.operator.prometheus.serviceMonitor.enabled (1)
boolean
operator.prometheus.serviceMonitor.enabled (99)
true
boolean
operator.prometheus.enabled (88)
true
boolean
operator.prometheus.dashboards.annotations.grafana_folder (1)
string
operator.prometheus.dashboards.enabled (1)
boolean
operator.dashboards.enabled (74)
true
boolean
operator.dashboards.annotations.grafana_folder (69)
Cilium
string
operator.dashboards.annotations."grafana.io/folder" (1)
string
operator.dashboards.label (1)
string
operator.dashboards.labelValue (1)
string
operator.dashboards.namespace (1)
string
operator.rollOutPods (70)
true
boolean
operator.replicas (57)
1
number
operator.enabled (4)
true
boolean
prometheus.serviceMonitor.enabled (99)
true
boolean
prometheus.serviceMonitor.trustCRDsExist (69)
true
boolean
prometheus.enabled (93)
true
boolean
prometheus.externalIPs.enabled (2)
boolean
prometheus.relay.enabled (1)
boolean
prometheus.relay.prometheus.serviceMonitor.enabled (1)
boolean
ipam.mode (77)
kubernetes
string
ipam.operator.clusterPoolIPv4PodCIDRList[] (2)
string
ipam.operator.clusterPoolIPv4MaskSize (1)
number
kubeProxyReplacement (74)
true
boolean, string
k8sServiceHost (73)
127.0.0.1
string
k8sServicePort (73)
6443
number, string
dashboards.enabled (72)
true
boolean
dashboards.annotations.grafana_folder (67)
Cilium
string
dashboards.annotations."grafana.io/folder" (1)
string
dashboards.label (1)
string
dashboards.labelValue (1)
string
rollOutCiliumPods (72)
true
boolean
containerRuntime.integration (67)
containerd
string
containerRuntime.socketPath (42)
/var/run/k3s/containerd/containerd.sock
string
cluster.name (66)
home-cluster
string
cluster.id (65)
1
number, string
kubeProxyReplacementHealthzBindAddr (66)
0.0.0.0:10256
string
ipv4NativeRoutingCIDR (65)
${CLUSTER_CIDR}
string
autoDirectNodeRoutes (63)
true
boolean
localRedirectPolicy (63)
true
boolean
loadBalancer.algorithm (62)
maglev
string
loadBalancer.mode (62)
dsr
string
loadBalancer.serviceTopology (2)
boolean
loadBalancer.acceleration (1)
string
loadBalancer.l7.backend (1)
string
loadBalancer.standalone (1)
boolean
endpointRoutes.enabled (60)
true
boolean
bpf.masquerade (59)
true
boolean
bpf.tproxy (8)
true
boolean
bpf.vlanBypass[] (2)
number
bpf.clockProbe (1)
boolean
bpf.preallocateMaps (1)
boolean
l2announcements.enabled (53)
true
boolean
l2announcements.leaseDuration (29)
120s
string
l2announcements.leaseRenewDeadline (29)
60s
string
l2announcements.leaseRetryPeriod (29)
1s
string
routingMode (46)
native
string
securityContext.privileged (38)
true
boolean
securityContext.capabilities.ciliumAgent[] (37)
- CHOWN
- KILL
- NET_ADMIN
- NET_RAW
- IPC_LOCK
- SYS_ADMIN
- SYS_RESOURCE
- DAC_OVERRIDE
- FOWNER
- SETGID
- SETUID
string
securityContext.capabilities.cleanCiliumState[] (37)
- NET_ADMIN
- SYS_ADMIN
- SYS_RESOURCE
string
securityContext.capabilities.applySysctlOverwrites[] (1)
string
securityContext.capabilities.mountCgroup[] (1)
string
bgpControlPlane.enabled (37)
true
boolean
bgpControlPlane.secretsNamespace.create (1)
boolean
bgpControlPlane.secretsNamespace.name (1)
string
bgpControlPlane.v2Enabled (1)
boolean
bgp.enabled (35)
false
boolean
bgp.announce.loadbalancerIP (11)
true
boolean
bgp.announce.podCIDR (5)
true
boolean
cgroup.hostRoot (34)
/sys/fs/cgroup
string
cgroup.automount.enabled (23)
false
boolean
cgroup.autoMount.enabled (12)
false
boolean
cgroup.hostRooot (1)
string
tunnel (26)
disabled
string
cni.exclusive (19)
false
boolean
cni.binPath (4)
/var/lib/rancher/k3s/data/current/bin
string
cni.confPath (4)
/var/lib/rancher/k3s/agent/etc/cni/net.d
string
bandwidthManager.bbr (14)
true
boolean
bandwidthManager.enabled (14)
true
boolean
enableRuntimeDeviceDetection (10)
true
boolean
ingressController.enabled (9)
true
boolean
ingressController.loadbalancerMode (5)
shared
string
ingressController.defaultSecretName (2)
string
ingressController.defaultSecretNamespace (2)
string
ingressController.service.annotations."io.cilium/lb-ipam-ips" (1)
string
ingressController.service.loadBalancerIP (1)
string
devices (6)
string
devices[] (6)
string
gatewayAPI.enabled (6)
true
boolean
gatewayAPI.secretsNamespace.create (2)
boolean
gatewayAPI.secretsNamespace.name (2)
string
gatewayAPI.secretsNamespace.sync (1)
boolean
ipv6.enabled (5)
true
boolean
externalIPs.enabled (4)
boolean
ipv6NativeRoutingCIDR (4)
string
l7Proxy (4)
true
boolean
enableCiliumEndpointSlice (3)
true
boolean
envoy.enabled (3)
boolean
envoy.prometheus.enabled (2)
boolean
envoy.prometheus.serviceMonitor.enabled (1)
boolean
envoy.capabilities.envoy[] (1)
string
envoy.privileged (1)
boolean
nodePort.enabled (3)
true
boolean
nodePort.range (1)
string
proxy.prometheus.enabled (3)
true
boolean
dnsProxy.dnsRejectResponseCode (2)
string
enableIdentityMark (2)
boolean
enableIPv6Masquerade (2)
boolean
enableK8sEndpointSlice (2)
boolean
endpointStatus.enabled (2)
boolean
endpointStatus.status (2)
string
l7proxy (2)
boolean
serviceMonitor.enabled (2)
boolean
socketLB.enabled (2)
boolean
socketLB.hostNamespaceOnly (1)
boolean
tunnelProtocol (2)
string
wellKnownIdentities.enabled (2)
boolean
annotateK8sNode (1)
boolean
apiRateLimit (1)
string
authentication.enabled (1)
boolean
disableEndpointCRD (1)
boolean
enableCnpStatusUpdates (1)
boolean
encryption.enabled (1)
boolean
envoyConfig.enabled (1)
boolean
global.encryption.enabled (1)
boolean
global.encryption.nodeEncryption (1)
boolean
hostFirewall.enabled (1)
boolean
hostPort.enabled (1)
boolean
image.repository (1)
string
image.tag (1)
string
k8sClientRateLimit.burst (1)
number
k8sClientRateLimit.qps (1)
number
l2NeighDiscovery.enabled (1)
boolean
logOptions.format (1)
string
monitor.enabled (1)
boolean
nativeRoutingCIDR (1)
string
pmtuDiscovery.enabled (1)
boolean
podAnnotations."webhooks.kyverno.io/exclude" (1)
string
policyEnforcementMode (1)
string
relay.enabled (1)
boolean
relay.prometheus.serviceMonitor.enabled (1)
boolean
relay.rollOutPods (1)
boolean
resources.limits.memory (1)
string
service.loadBalancerIP (1)
string
tunnelPort (1)
number
ui.enabled (1)
boolean
ui.rollOutPods (1)
boolean