home-kubernetes/gitops/home-kubernetes/cilium/helmrelelase_cilium.yaml

---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: cilium
  namespace: kube-system
spec:
  chart:
    spec:
      chart: cilium
      reconcileStrategy: ChartVersion
      sourceRef:
        kind: HelmRepository
        name: cilium
        namespace: flux-system
      version: 1.19.1
  interval: 5m0s
  values:
    cluster:
      name: "home-kube"
    devices: "eth+ bond+ en+"
    hubble:
      relay:
        enabled: true
      ui:
        enabled: true
    ingressController:
      enabled: true
    ipam:
      mode: cluster-pool
      operator:
        clusterPoolIPv4MaskSize: 24
        clusterPoolIPv4PodCIDRList: "10.96.0.0/16"
    l2announcements:
      enabled: true
    gatewayAPI:
      enabled: true
      gatewayClass:
        create: "true"
    kubeProxyReplacement: true
    k8sServiceHost: 192.168.0.31  # or LB IP
    k8sServicePort: 6443

    # disable envoy daemonset - i guess that is stupid idea anyway
    # envoy:
    #  enabled: false
    # l7Proxy: false