Parameters

The parent key for all of the following parameters is ingress_nginx.

namespace

type

string

default

syn-ingress-nginx

The namespace in which to deploy this component.

release_name

type

string

default

ingress-nginx

The name ingress-nginx is deployed. Usually there is just one deployment and therefore no change is required.

kubernetes_version

type

string

default

null

The kubernetes version to be used.

chroot

type

boolean

default

false

Whether to enable the chrooted web proxy server. Please see the chroot how-to.

pod_security_admission

type

dict

default
pod_security_admission:
  enabled: false (1)
  enforce: privileged (2)
  audit: privileged (3)
  warn: privileged (4)
1 Whether to set any Pod Security Admission labels
2 Which Pod Security Standard to enforce in the created namespace
3 Which Pod Security Standard to audit in the created namespace
4 Which Pod Security Standard to warn on in the created namespace

The Pod Security Admission configuration.

Pod Security Admission can be enabled or disabled and the standard to use for enforce, warn, and audit can be configured. You can remove any of the labels by setting the respective field to an empty string or null.

Please consult the upstream documentation.

We default to enforce the privileged standard. As of writing this the helm chart sets allowPrivilegeEscalation: true, which is only allowed for privileged workloads. However, this is most likely not needed and if the upstream chart changes this default should be reevaluated.

charts.ingress-nginx

type

string

default

See class/defaults.yml

helm_values

type

dict

All helm_values are passed to the helm chart. This allows to configure all ingress-nginx helm chart values.

parameters:
  ingress_nginx:
    helm_values:
      controller:
        config:
          hsts: 'false'