f224b17ca1
- Fix consul HTTPRoute backend: consul-consul-ui -> consul-ui - Add consul.service.consul hostname to Gateway (cert SAN) and HTTPRoute - Add consul-svc listener on 443 for consul.service.consul SNI routing - Convert PDB inline patch to patches/consul-server-pdb.yaml - Set server.disruptionBudget.maxUnavailable: 1 explicitly in values - Expose consul DNS service as LoadBalancer (purelb 198.18.200.5) for anycast - Remove sandbox overlay (not needed in production GitOps)
59 lines
921 B
YAML
59 lines
921 B
YAML
global:
|
|
name: consul
|
|
datacenter: au-syd1
|
|
domain: consul
|
|
|
|
server:
|
|
image: hashicorp/consul:1.22.7
|
|
replicas: 5
|
|
bootstrapExpect: 5
|
|
storage: 10Gi
|
|
storageClass: cephrbd-fast-delete
|
|
|
|
connect: true
|
|
|
|
disruptionBudget:
|
|
maxUnavailable: 1
|
|
|
|
extraConfig: |
|
|
{
|
|
"disable_remote_exec": true,
|
|
"disable_update_check": true,
|
|
"performance": {
|
|
"raft_multiplier": 10
|
|
},
|
|
"ports": {
|
|
"dns": 8600,
|
|
"grpc": 8502,
|
|
"http": 8500,
|
|
"https": -1
|
|
},
|
|
"primary_datacenter": "au-syd1"
|
|
}
|
|
|
|
resources:
|
|
requests:
|
|
memory: 256Mi
|
|
cpu: 100m
|
|
limits:
|
|
memory: 2Gi
|
|
cpu: 1000m
|
|
|
|
client:
|
|
enabled: false
|
|
|
|
ui:
|
|
enabled: true
|
|
service:
|
|
type: ClusterIP
|
|
|
|
connectInject:
|
|
enabled: false
|
|
|
|
dns:
|
|
enabled: true
|
|
type: LoadBalancer
|
|
annotations: |
|
|
purelb.io/service-group: "common"
|
|
purelb.io/addresses: 198.18.200.5
|