Run container in a unpriviliged way
This commit is contained in:
Dennis Schmalacker
parent
0f2ea42f52
commit
6f1a1be286
@ -27,12 +27,13 @@ spec:
|
|||||||
args:
|
args:
|
||||||
- --tls-cert-file=/tls/tls.crt
|
- --tls-cert-file=/tls/tls.crt
|
||||||
- --tls-private-key-file=/tls/tls.key
|
- --tls-private-key-file=/tls/tls.key
|
||||||
|
- --secure-port=8443
|
||||||
env:
|
env:
|
||||||
- name: GROUP_NAME
|
- name: GROUP_NAME
|
||||||
value: {{ .Values.groupName | quote }}
|
value: {{ .Values.groupName | quote }}
|
||||||
ports:
|
ports:
|
||||||
- name: https
|
- name: https
|
||||||
containerPort: 443
|
containerPort: 8443
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
|
|||||||
@ -12,7 +12,7 @@ spec:
|
|||||||
type: {{ .Values.service.type }}
|
type: {{ .Values.service.type }}
|
||||||
ports:
|
ports:
|
||||||
- port: {{ .Values.service.port }}
|
- port: {{ .Values.service.port }}
|
||||||
targetPort: https
|
targetPort: 8443
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
name: https
|
name: https
|
||||||
selector:
|
selector:
|
||||||
|
|||||||
@ -9,7 +9,7 @@
|
|||||||
groupName: dns.hetzner.cloud
|
groupName: dns.hetzner.cloud
|
||||||
|
|
||||||
certManager:
|
certManager:
|
||||||
namespace: kube-system
|
namespace: cert-manager
|
||||||
serviceAccountName: cert-manager
|
serviceAccountName: cert-manager
|
||||||
|
|
||||||
image:
|
image:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user