ea71ebb55b
- Add cattle-system base ArgoCD application with namespace, Vault integration, and ingress - Create cattle-system overlay for au-syd1 with Rancher Helm chart configuration - Update platform ApplicationSet to include cattle-system deployment - Update platform project to include Rancher Helm repository as source - Configure Rancher v2.13.1 with HA, TLS, audit logging, and bootstrap secret from Vault - Maintain one-to-one migration from Terraform configuration Reviewed-on: #39
41 lines
616 B
YAML
41 lines
616 B
YAML
hostname: rancher.k8s.syd1.au.unkin.net
|
|
|
|
bootstrapPassword: ""
|
|
|
|
extraEnv:
|
|
- name: CATTLE_BOOTSTRAP_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rancher-bootstrap-secret
|
|
key: password
|
|
|
|
ingress:
|
|
enabled: false
|
|
|
|
tls: external
|
|
|
|
replicas: 3
|
|
|
|
priorityClassName: rancher-critical
|
|
|
|
# Resource limits for production
|
|
resources:
|
|
limits:
|
|
cpu: 2000m
|
|
memory: 8Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 256Mi
|
|
|
|
# Additional security settings
|
|
antiAffinity: preferred
|
|
|
|
# Audit logging configuration
|
|
auditLog:
|
|
enabled: true
|
|
destination: sidecar
|
|
level: 1
|
|
maxAge: 7
|
|
maxBackup: 3
|
|
maxSize: 100
|