[1.16.x] Update helm docs (#18945)

Update helm docs
This commit is contained in:
Chris S. Kim 2023-09-21 14:17:00 -04:00 committed by GitHub
parent 5c958dc8bd
commit 4da99dc4a1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 12 deletions

View File

@ -134,6 +134,10 @@ Use these links to navigate to a particular top-level stanza.
- `vault` ((#v-global-secretsbackend-vault))
- `vaultNamespace` ((#v-global-secretsbackend-vault-vaultnamespace)) (`string: ""`) - Vault namespace (optional). This sets the Vault namespace for the `vault.hashicorp.com/namespace`
agent annotation and [Vault Connect CA namespace](/consul/docs/connect/ca/vault#namespace).
To override one of these values individually, see `agentAnnotations` and `connectCA.additionalConfig`.
- `enabled` ((#v-global-secretsbackend-vault-enabled)) (`boolean: false`) - Enabling the Vault secrets backend will replace Kubernetes secrets with referenced Vault secrets.
- `consulServerRole` ((#v-global-secretsbackend-vault-consulserverrole)) (`string: ""`) - The Vault role for the Consul server.
@ -235,7 +239,6 @@ Use these links to navigate to a particular top-level stanza.
{
"connect": [{
"ca_config": [{
"namespace": "my-vault-ns",
"leaf_cert_ttl": "36h"
}]
}]
@ -420,7 +423,7 @@ Use these links to navigate to a particular top-level stanza.
- `secretKey` ((#v-global-acls-replicationtoken-secretkey)) (`string: null`) - The key within the Kubernetes or Vault secret that holds the replication token.
- `resources` ((#v-global-acls-resources)) (`map`) - The resource requests (CPU, memory, etc.) for the server-acl-init and server-acl-init-cleanup pods.
- `resources` ((#v-global-acls-resources)) (`map`) - The resource requests (CPU, memory, etc.) for the server-acl-init and server-acl-init-cleanup pods.
This should be a YAML map corresponding to a Kubernetes
[`ResourceRequirements``](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core)
object.
@ -446,7 +449,7 @@ Use these links to navigate to a particular top-level stanza.
- `secretName` ((#v-global-acls-partitiontoken-secretname)) (`string: null`) - The name of the Vault secret that holds the partition token.
- `secretKey` ((#v-global-acls-partitiontoken-secretkey)) (`string: null`) - The key within the Vault secret that holds the partition token.
- `secretKey` ((#v-global-acls-partitiontoken-secretkey)) (`string: null`) - The key within the Vault secret that holds the parition token.
- `tolerations` ((#v-global-acls-tolerations)) (`string: ""`) - tolerations configures the taints and tolerations for the server-acl-init
and server-acl-init-cleanup jobs. This should be a multi-line string matching the
@ -471,6 +474,14 @@ Use these links to navigate to a particular top-level stanza.
"sample/annotation2": "bar"
```
- `argocd` ((#v-global-argocd)) - If argocd.enabled is set to true, following annotations are added to
job - server-acl-init-job
annotations -
argocd.argoproj.io/hook: Sync
argocd.argoproj.io/hook-delete-policy: HookSucceeded
- `enabled` ((#v-global-argocd-enabled)) (`boolean: false`)
- `enterpriseLicense` ((#v-global-enterpriselicense)) - <EnterpriseAlert inline /> This value refers to a Kubernetes or Vault secret that you have created
that contains your enterprise license. It is required if you are using an
enterprise binary. Defining it here applies it to your cluster once a leader
@ -490,7 +501,7 @@ Use these links to navigate to a particular top-level stanza.
- `enabled` ((#v-global-federation-enabled)) (`boolean: false`) - If enabled, this datacenter will be federation-capable. Only federation
via mesh gateways is supported.
Mesh gateways and servers will be configured to allow federation.
Requires `global.tls.enabled`, `connectInject.enabled`, and one of
Requires `global.tls.enabled`, `connectInject.enabled`, and one of
`meshGateway.enabled` or `externalServers.enabled` to be true.
Requires Consul 1.8+.
@ -514,7 +525,7 @@ Use these links to navigate to a particular top-level stanza.
from the one used by the Consul Service Mesh.
Please refer to the [Kubernetes Auth Method documentation](/consul/docs/security/acl/auth-methods/kubernetes).
If `externalServers.enabled` is set to true, `global.federation.k8sAuthMethodHost` and
If `externalServers.enabled` is set to true, `global.federation.k8sAuthMethodHost` and
`externalServers.k8sAuthMethodHost` should be set to the same value.
You can retrieve this value from your `kubeconfig` by running:
@ -1045,7 +1056,7 @@ Use these links to navigate to a particular top-level stanza.
See https://en.wikipedia.org/wiki/Token_bucket for more about token
buckets.
- `auditLogs` ((#v-server-auditlogs)) - <EnterpriseAlert inline /> Added in Consul 1.8, the audit object allow users to enable auditing
- `auditLogs` ((#v-server-auditlogs)) - <EnterpriseAlert inline /> Added in Consul 1.8, the audit object allow users to enable auditing
and configure a sink and filters for their audit logs. Please refer to
[audit logs](/consul/docs/enterprise/audit-logging) documentation
for further information.
@ -1134,7 +1145,7 @@ Use these links to navigate to a particular top-level stanza.
This address must be reachable from the Consul servers.
Please refer to the [Kubernetes Auth Method documentation](/consul/docs/security/acl/auth-methods/kubernetes).
If `global.federation.enabled` is set to true, `global.federation.k8sAuthMethodHost` and
If `global.federation.enabled` is set to true, `global.federation.k8sAuthMethodHost` and
`externalServers.k8sAuthMethodHost` should be set to the same value.
You could retrieve this value from your `kubeconfig` by running:
@ -1754,6 +1765,10 @@ Use these links to navigate to a particular top-level stanza.
These CRDs can clash with existing Gateway API CRDs if they are already installed in your cluster.
If this setting is false, you will need to install the Gateway API CRDs manually.
- `manageNonStandardCRDs` ((#v-connectinject-apigateway-managenonstandardcrds)) (`boolean: false`) - Enables Consul on Kubernets to manage only the non-standard CRDs used for Gateway API. If manageExternalCRDs is true
then all CRDs will be installed; otherwise, if manageNonStandardCRDs is true then only TCPRoute, GatewayClassConfig and MeshService
will be installed.
- `managedGatewayClass` ((#v-connectinject-apigateway-managedgatewayclass)) - Configuration settings for the GatewayClass installed by Consul on Kubernetes.
- `nodeSelector` ((#v-connectinject-apigateway-managedgatewayclass-nodeselector)) (`string: null`) - This value defines [`nodeSelector`](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector)
@ -1784,6 +1799,8 @@ Use these links to navigate to a particular top-level stanza.
- external-dns.alpha.kubernetes.io/hostname
```
- `resources` ((#v-connectinject-apigateway-managedgatewayclass-resources)) (`map`) - The resource settings for Pods handling traffic for Gateway API.
- `deployment` ((#v-connectinject-apigateway-managedgatewayclass-deployment)) - This value defines the number of pods to deploy for each Gateway as well as a min and max number of pods for all Gateways
- `defaultInstances` ((#v-connectinject-apigateway-managedgatewayclass-deployment-defaultinstances)) (`integer: 1`)
@ -1811,8 +1828,6 @@ Use these links to navigate to a particular top-level stanza.
"sample/annotation2": "bar"
```
- `resources` ((#v-connectinject-apigateway-resources)) (`map`) - The resource settings for Pods handling traffic for Gateway API.
- `cni` ((#v-connectinject-cni)) - Configures consul-cni plugin for Consul Service mesh services
- `enabled` ((#v-connectinject-cni-enabled)) (`boolean: false`) - If true, then all traffic redirection setup uses the consul-cni plugin.
@ -1946,7 +1961,7 @@ Use these links to navigate to a particular top-level stanza.
- `imageConsul` ((#v-connectinject-imageconsul)) (`string: null`) - The Docker image for Consul to use when performing Connect injection.
Defaults to global.image.
- `logLevel` ((#v-connectinject-loglevel)) (`string: ""`) - Override global log verbosity level. One of "debug", "info", "warn", or "error".
- `logLevel` ((#v-connectinject-loglevel)) (`string: ""`) - Sets the `logLevel` for the `consul-dataplane` sidecar and the `consul-connect-inject-init` container. When set, this value overrides the global log verbosity level. One of "debug", "info", "warn", or "error".
- `serviceAccount` ((#v-connectinject-serviceaccount))
@ -2447,8 +2462,9 @@ Use these links to navigate to a particular top-level stanza.
- `gateways` ((#v-ingressgateways-gateways)) (`array<map>`) - Gateways is a list of gateway objects. The only required field for
each is `name`, though they can also contain any of the fields in
`defaults`. Values defined here override the defaults except in the
case of annotations where both will be applied.
`defaults`. You must provide a unique name for each ingress gateway. These names
must be unique across different namespaces.
Values defined here override the defaults, except in the case of annotations where both will be applied.
- `name` ((#v-ingressgateways-gateways-name)) (`string: ingress-gateway`)