-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathvalues.yaml
162 lines (156 loc) · 6.71 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
#-- global variables, can be accessed by sub-charts.
global:
#-- the registry where the images are stored. override during runtime for other registry at global level or individual level.
repository: ~ # provide the repo name from where images will be sourced for example bcgo
#-- the registry where the images are stored. override during runtime for other registry at global level or individual level. default is ghcr.io
registry: ghcr.io # ghcr.io for directly streaming from github container registry or "artifacts.developer.gov.bc.ca/github-docker-remote" for artifactory, or any other registry.
#-- the tag of the image, it can be latest, 1.0.0 etc..., or the sha256 hash
tag: ~
#-- turn off autoscaling for the entire suite by setting this to false. default is true.
autoscaling: false
#-- global secrets, can be accessed by sub-charts.
secrets:
enabled: true
databasePassword: ~
databaseName: ~
persist: true
config:
databaseUser: ~
#-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster
domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster
#-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc.
#databaseAlias: bitnamipg #uncomment when using bitnami pg and comment below.
databaseAlias: postgres-crunchy #uncomment when using crunchy and comment above.
#-- the components of the application, backend.
backend:
#-- enable or disable backend
enabled: true
#-- the deployment strategy, can be "Recreate" or "RollingUpdate"
deploymentStrategy: Recreate
#-- autoscaling for the component. it is optional and is an object.
autoscaling:
#-- enable or disable autoscaling.
enabled: true
#-- the minimum number of replicas.
minReplicas: 3
#-- the maximum number of replicas.
maxReplicas: 7
#-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU.
targetCPUUtilizationPercentage: 80
#-- vault, for injecting secrets from vault. it is optional and is an object. it creates an initContainer which reads from vault and app container can source those secrets. for referring to a working example with vault follow this link: https://github.com/bcgov/onroutebc/blob/main/charts/onroutebc/values.yaml#L171-L186
vault:
#-- enable or disable vault.
enabled: false
#-- the role of the vault. it is required, #licenseplate-prod or licenseplate-nonprod, license plate is the namespace without env
role: ~
#-- the vault path where the secrets live. it is required, dev/api-1, dev/api-2, test/api-1 etc...
secretPaths:
- dev/api-1
- dev/api-2
- test/api-1
- test/api-2
- prod/api-1
- prod/api-2
#-- resources specific to vault initContainer. it is optional and is an object.
resources:
requests:
cpu: 50m
memory: 25Mi
#-- the service for the component. for inter namespace communication, use the service name as the hostname.
service:
#-- the type of the service. it can be ClusterIP, NodePort, LoadBalancer, ExternalName. ClusterIP is the default and is recommended.
type: ClusterIP
port: 80 # this is the service port, where it will be exposed internal to the namespace.
targetPort: 3000 # this is container port where app listens on
pdb:
enabled: false # enable it in PRODUCTION for having pod disruption budget.
minAvailable: 1 # the minimum number of pods that must be available during the disruption budget.
frontend:
# -- enable or disable a component deployment.
enabled: true
# -- the deployment strategy, can be "Recreate" or "RollingUpdate"
deploymentStrategy: Recreate
#-- autoscaling for the component. it is optional and is an object.
autoscaling:
#-- enable or disable autoscaling.
enabled: true
#-- the minimum number of replicas.
minReplicas: 3
#-- the maximum number of replicas.
maxReplicas: 7
#-- the target cpu utilization percentage, is from request cpu and NOT LIMIT CPU.
targetCPUUtilizationPercentage: 80
#-- the service for the component. for inter namespace communication, use the service name as the hostname.
service:
#-- enable or disable the service.
enabled: true
#-- the type of the service. it can be ClusterIP, NodePort, LoadBalancer, ExternalName. ClusterIP is the default and is recommended.
type: ClusterIP
#-- the ports for the service.
ports:
- name: http
#-- the port for the service. the service will be accessible on this port within the namespace.
port: 80
#-- the container port where the application is listening on
targetPort: 3000
#-- the protocol for the port. it can be TCP or UDP. TCP is the default and is recommended.
protocol: TCP
- port: 3003
targetPort: 3003
protocol: TCP
name: metrics
ingress:
annotations:
route.openshift.io/termination: "edge"
haproxy.router.openshift.io/rate-limit-connections: "true"
haproxy.router.openshift.io/rate-limit-connections.concurrent-tcp: "10"
haproxy.router.openshift.io/rate-limit-connections.rate-http: "20"
haproxy.router.openshift.io/rate-limit-connections.rate-tcp: "50"
haproxy.router.openshift.io/disable_cookies: "true"
pdb:
enabled: false # enable it in PRODUCTION for having pod disruption budget.
minAvailable: 1 # the minimum number of pods that must be available during the disruption budget.
crunchy:
enabled: true # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis.
bitnamipg:
enabled: false
image:
registry: ghcr.io
repository: bcgov/nr-containers/bitnami/postgresql
tag: 15.10.0
auth:
existingSecret: '{{ .Release.Name }}-database'
username: 'quickstart' # make sure this is aligned with secret.yaml
database: quickstart # make sure this is aligned with secret.yaml
shmVolume:
enabled: false
backup:
enabled: false
cronjob:
containerSecurityContext: { }
podSecurityContext:
enabled: false
storage:
size: 200Mi
primary:
persistence:
enabled: true
storageClass: netapp-block-standard
accessModes:
- ReadWriteOnce
size: 100Mi
containerSecurityContext:
enabled: false
podSecurityContext:
enabled: false
initdb:
scripts: # remove the below script, if POSTGIS is not required.
postgis.sh: |
#!/bin/sh
PGPASSWORD=$POSTGRES_PASSWORD psql -U postgres -d quickstart -c "CREATE EXTENSION postgis;"
resources:
requests:
cpu: 50m
memory: 150Mi