Update documentation and example values

examples/values-prod.yaml

@@ -1,7 +1,12 @@
 # Production environment values
-# Use with: helm install flow ./helm/flow -f ./helm/flow/values-prod.yaml
+# Use with: helm install flow ./helm/flow -f ./helm/flow/values-prod.yaml --namespace flow --create-namespace
 
 global:
+  # -- Explicit namespace for all Flow components
+  # Recommended for production to ensure consistent resource organization
+  # All resources will be created in this namespace for easy management and cleanup
+  namespace: "flow"
+  
   imageRegistry: "cr.kn.entit.eu"
   imagePullSecrets:
     - flow-registry-credentials
@@ -412,3 +417,42 @@ networkPolicy:
 podDisruptionBudget:
   enabled: true
   minAvailable: 1
+
+# =============================================================================
+# Internal TLS (mTLS between Microservices)
+# =============================================================================
+# Enable encrypted communication between all Flow microservices.
+# Requires cert-manager to be installed in the cluster.
+
+tls:
+  # Enable TLS for all internal service communication
+  enabled: true
+  
+  certManager:
+    # Use cert-manager to automatically manage certificates
+    enabled: true
+    
+    # Create a self-signed CA for internal certificates
+    # Set to false if using an existing issuer (e.g., Vault, enterprise CA)
+    createSelfSignedIssuer: true
+    
+    # Certificate validity duration (90 days)
+    duration: "2160h"
+    
+    # Renew certificates 30 days before expiry
+    renewBefore: "720h"
+    
+    # Use ECDSA for better performance
+    privateKey:
+      algorithm: "ECDSA"
+      size: 256
+    
+    # CA certificate settings
+    ca:
+      duration: "87600h"   # 10 years
+      renewBefore: "8760h" # 1 year
+      commonName: "Flow Internal CA"
+      organization: "Entit AB"
+  
+  # Minimum TLS version
+  minVersion: "1.2"