tigera secure ee #80

Supports: xenial bionic
Add to new model

Description

Deploys Tigera Secure EE as a background service and configures CNI for use
with Tigera Secure EE on any principal charm that implements the
kubernetes-cni interface.


Tigera Secure EE Charm

This charm will deploy Tigera Secure Enterprise Edition (EE) as a background
service, and configure CNI for use with Tigera Secure EE, on any principal
charm that implements the kubernetes-cni interface.

Usage

The tigera-secure-ee charm is a subordinate. This charm will require a
principal charm that implements the kubernetes-cni interface in order to
properly deploy.

Documentation for how to use this with the Charmed Distribution of Kubernetes
can be found here: Using Tigera Secure EE with CDK

Further information


Configuration

calico-node-image
(string) The image id to use for cnx node.
tigera/cnx-node:v2.3.0
calicoctl-image
(string) The image id to use for calicoctl.
tigera/calicoctl:v2.3.0
enable-elasticsearch-operator
(boolean) Enable deployment of elasticsearch-operator into Kubernetes. This provides a monitoring and metrics solution for use with Tigera EE that is suitable for proof-of-concept purposes, but is not recommended for production use.
True
ipip
(string) IPIP mode. Must be one of "Always", "CrossSubnet", or "Never".
Never
license-key
(string) Tigera EE license key, base64-encoded. Example: juju config tigera-secure-ee license-key=$(base64 -w0 license.yaml)
nat-outgoing
(boolean) NAT outgoing traffic
True
registry
(string) Registry to use for images. If unspecified, defaults will be used: docker.io, quay.io, docker.elastic.co
registry-credentials
(string) Private docker registry credentials, in the form of a base64-encoded docker config.json file. Example: juju config tigera-secure-ee registry-credentials=$(base64 -w0 config.json)