From c9f50442edac4e1389cd7971cc37283825e30706 Mon Sep 17 00:00:00 2001 From: Scott Cotton Date: Tue, 12 Sep 2023 18:32:31 +0200 Subject: [PATCH] add image defaults and descriptive text. --- signadot/operator/README.md | 39 +++++++++++++++++++++++-------------- 1 file changed, 24 insertions(+), 15 deletions(-) diff --git a/signadot/operator/README.md b/signadot/operator/README.md index ff86175..396c3b0 100644 --- a/signadot/operator/README.md +++ b/signadot/operator/README.md @@ -68,40 +68,49 @@ kubectl delete ns signadot ### Image customization parameters +The parameters in the table below allow one to specify image names for the +images used in our operator. For each image, the image label `vX.Y.Z` refers +to the [operator +version](https://www.signadot.com/docs/operator-version-policy). Some images +are sleighted for deprecation, in particular those with the suffix `-legacy` in +their name. Additionally, the `execpod-` images are for compatibility with old +style resources and are not needed in an installation which uses the new +[resource plugins](https://www.signadot.com/docs/resourceplugins). + | Name | Description | Default | | ------------------------------------- | ------------------------------------------------------- | -------------- | -| `operator.image` | Operator image override | `""` | +| `operator.image` | Operator image override | `signadot/operator:vX.Y.Z` | | `operator.imagePullPolicy` | Operator image pull policy | `IfNotPresent` | -| `agent.image` | Agent image override | `""` | +| `agent.image` | Agent image override | `signadot/agent:vX.Y.Z` | | `agent.imagePullPolicy` | Agent image pull policy | `IfNotPresent` | -| `routeServer.image` | Route Server image override | `""` | +| `routeServer.image` | Route Server image override | `signadot/route-server:vX.Y.Z` | | `routeServer.imagePullPolicy` | Route Server image pull policy | `IfNotPresent` | -| `ioContextServer.image` | IO Context Server image override | `""` | +| `ioContextServer.image` | IO Context Server image override | `signadot/io-context-server:vX.Y.Z` | | `ioContextServer.imagePullPolicy` | IO Context Server image pull policy | `IfNotPresent` | | `kubeRBACProxy.image` | Kube-rbac-proxy image override | `""` | | `kubeRBACProxy.imagePullPolicy` | Kube-rbac-proxy image pull policy | `IfNotPresent` | -| `routeInit.image` | Route Init container image override | `""` | -| `routeInit.legacy.image` | Route Init container image override (legacy version) | | +| `routeInit.image` | Route Init container image override | `signadot/route-sidecar-init:vX.Y.Z` | +| `routeInit.legacy.image` | Route Init container image override (legacy version) | `signadot/sd-init-networking:latest` | | `routeInit.imagePullPolicy` | Route Init container image pull policy | `IfNotPresent` | | `routeInit.imagePullSecret` | Route Init container image pull secret | `""` | -| `routeSidecar.image` | Route Sidecar container image override | `""` | -| `routeSidecar.legacy.image` | Route Sidecar container image override (legacy version) | `""` | +| `routeSidecar.image` | Route Sidecar container image override | `signadot/route-sidecar:vX.Y.Z` | +| `routeSidecar.legacy.image` | Route Sidecar container image override (legacy version) | `signadot/route-sidecar-legacy:vX.Y.Z` | | `routeSidecar.imagePullPolicy` | Route Sidecar container image pull policy | `IfNotPresent` | | `routeSidecar.imagePullSecret` | Route Sidecar container image pull secret | `""` | -| `ioInit.image` | IO Init container image override | `""` | +| `ioInit.image` | IO Init container image override | `signadot/io-init:vX.Y.Z` | | `ioInit.imagePullPolicy` | IO Init container image pull policy | `IfNotPresent` | | `ioInit.imagePullSecret` | IO Init container image pull secret | `""` | -| `ioSidecar.image` | IO Sidecar container image override | `""` | +| `ioSidecar.image` | IO Sidecar container image override | `signadot/io-sidecar:vX.Y.Z` | | `ioSidecar.imagePullPolicy` | IO Sidecar container image pull policy | `IfNotPresent` | | `ioSidecar.imagePullSecret` | IO Sidecar container image pull secret | `""` | -| `execpodSidecar.image` | ExecPod Sidecar container image override | `""` | +| `execpodSidecar.image` | ExecPod Sidecar container image override | `signadot/execpod-sidecar:vX.Y.Z` | | `execpodSidecar.imagePullPolicy` | ExecPod Sidecar container image pull policy | `IfNotPresent` | | `execpodSidecar.imagePullSecret` | ExecPod Sidecar container image pull secret | `""` | -| `tunnel.api.image` | Tunnel API image override | `""` | +| `tunnel.api.image` | Tunnel API image override | `signadot/tunnel-api:vX.Y.Z` | | `tunnel.api.imagePullPolicy` | Tunnel API image pull policy | `IfNotPresent` | -| `tunnel.proxy.image` | Tunnel Proxy image override | `""` | +| `tunnel.proxy.image` | Tunnel Proxy image override | `signadot/tunnel-proxy:vX.Y.Z` | | `tunnel.proxy.imagePullPolicy` | Tunnel Proxy image pull policy | `IfNotPresent` | -| `tunnel.auditor.init.image` | Tunnel Auditor init image override | `""` | +| `tunnel.auditor.init.image` | Tunnel Auditor init image override | `signadot/tunnel-auditor-init:vX.Y.Z` | | `tunnel.auditor.init.imagePullPolicy` | Tunnel Auditor init image pull policy | `IfNotPresent` | ### Tunnel parameters @@ -122,4 +131,4 @@ kubectl delete ns signadot | `tunnel.auditor.luaRocks` | This is an optional, space-separated list of Lua packages (called rocks) to install in the Envoy auditor Lua environment. | `""` | | `tunnel.auditor.inboundRulesLuaScript` | All inbound traffic (from cluster to workstation) will pass thru this script (if defined) in the Envoy auditor, check [HTTP Lua filter](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#stream-handle-api) documentation for details | `""` | | `tunnel.auditor.outboundRulesLuaScript` | All outbound traffic (from workstation to cluster) will pass thru this script (if defined) in the Envoy auditor, check [HTTP Lua filter](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#stream-handle-api) documentation for details | `""` | -| | | | \ No newline at end of file +| | | |