Support for cloudflared cli Args

[christidis]

I don't see a way of configuring command line args for the cloudflared agents configured via ClusterTunnel CRD.

pod describe reveals the current configuration which is the following.

    Args:
      tunnel
      --config
      /etc/cloudflared/config/config.yaml
      --metrics
      0.0.0.0:2000
      run

I would like to request to be a able to set a custom Args configuration eg

arguments:
  - tunnel
  #- --loglevel
  #- debug
  - -p
  - http2
  - --metrics
  - 0.0.0.0:2000
  - --region
  - us
  - --config
  - /etc/cloudflared/config/config.yaml
  - run

For my setup the http2 protocol and the region are really important for the performance. I hope they are included

Also, if you have your ingress configuration managed by Cloudflare dashboard (and not in cloudflared), you can still use the operator but in this case you would need to remove --config config.yaml from the command line so cloudflared just pulls the ingress configuration from CF. In this case you would need something like this

arguments:
  - tunnel
  - -p
  - http2
  - --metrics
  - 0.0.0.0:2000
  #- --loglevel
  #- debug
  - --region
  - us
  - --no-autoupdate
  - --credentials-file
  - /etc/cloudflared/creds/credentials.json
  - run
  - uuid

[adyanth]

I've been thinking of allowing any of the pod spec of cloudflared to be changed as part of the CRD. The first request should be good. See #73

Regarding your second statement on removing the config, this operator works only with the config.yaml. Without it, you could just deploy the cloudflared deployment directly and perform configuration on the CF dashboard.

[christidis]

this operator works only with the config.yaml. Without it, you could just deploy the cloudflared deployment directly and perform configuration on the CF dashboard.

Fair enough. Sure, you can do that, but you would still need to create and manage the tunnels and their secrets externally which is something that the operator can nicely do for you. I am not personally interested for this feature, I've just added for the sake of completeness.

I've been thinking of allowing any of the pod spec of cloudflared to be changed as part of the CRD. The first request should be good. See #73

Good to see it's on the roadmap!

[dudo]

Even the official chart relies solely on the config file. I wouldn't want to diverge too much from "upstream" in that regard.

[christidis]

The Upstream here is Cloudflare Zero Trust and not the chart for cloudflared. They are the ones who offer cloudflare-managed tunnel configurations in the first place and the instructions to run cloudflared with a cloudflare-managed tunnel config does not include the --config arg at all. eg

docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token secret

IMO there is no diverge here, there is only support for both options and in an easy way too; by providing the option of fully controlling the arguments in values.yaml.

Also, in the official cloudflared helm chart they do provide 2 charts, one for each case, even though they could easily support both with a single chart: https://github.com/cloudflare/helm-charts/tree/main/charts

Anycase, this issue is a request to support cloudflared cli arguments and not to provide support for a cloudflare-managed tunnel configuration, this was just an idea or another use case let's say.