forked from gruntwork-io/helm-kubernetes-services
-
Notifications
You must be signed in to change notification settings - Fork 0
/
values.yaml
873 lines (824 loc) · 44.9 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
---
#----------------------------------------------------------------------------------------------------------------------
# CHART PARAMETERS
# This file declares the configuration input values for the k8s-service Helm chart.
# This is a YAML-formatted file.
#----------------------------------------------------------------------------------------------------------------------
#----------------------------------------------------------------------------------------------------------------------
# REQUIRED VALUES
# These values are expected to be defined and passed in by the operator when deploying this helm chart.
#----------------------------------------------------------------------------------------------------------------------
# containerImage is a map that describes the container image that should be used to serve the application managed by
# this chart.
# The expected keys are:
# - repository (string) (required) : The container image repository that should be used.
# E.g `nginx` ; `gcr.io/kubernetes-helm/tiller`
# - tag (string) (required) : The tag of the image (e.g `latest`) that should be used. We recommend using a
# fixed tag or the SHA of the image. Avoid using the tags `latest`, `head`,
# `canary`, or other tags that are designed to be “floating”.
# - pullPolicy (string) : The image pull policy to employ. Determines when the image will be pulled in. See
# the official Kubernetes docs for more info. If undefined, this will default to
# `IfNotPresent`.
#
# The following example deploys the `nginx:stable` image with a `IfNotPresent` image pull policy, which indicates that
# the image should only be pulled if it has not been pulled previously.
#
# EXAMPLE:
#
# containerImage:
# repository: nginx
# tag: stable
# pullPolicy: IfNotPresent
# applicationName is a string that names the application. This is used to label the pod and to name the main application
# container in the pod spec. The label is keyed under "gruntwork.io/app-name"
#----------------------------------------------------------------------------------------------------------------------
# OPTIONAL VALUES
# These values have defaults, but may be overridden by the operator
#----------------------------------------------------------------------------------------------------------------------
# containerCommand is a list of strings that indicate a custom command to run for the container in place of the default
# configured on the image. Omit to run the default command configured on the image.
#
# Example (run echo "Hello World"):
#
# containerCommand:
# - "echo"
# - "Hello World"
containerCommand: null
# containerArgs is a list of strings that indicate custom args that will be passed to the container (CMD) place of the default
# configured on the image. Omit to use the default args configured in the image
#
# Example (run echo "Hello World"):
#
# containerArgs:
# - "echo"
# - "Hello World"
containerArgs: null
# containerPorts is a map that specifies the ports to open on the container. This is a nested map: the first map lists
# the named ports, while the second layer lists the port spec. The named references can be used to refer to the specific
# port of the container in other resources, like Service.
# The expected keys of the port spec are:
# - port (int) (required) : The port in the container that should be exposed.
# - protocol (string) (required) : The network protocol (e.g TCP or UDP) that is exposed.
# - disabled (bool) : Whether or not this port is disabled. This defaults to false if unset. Provided as a
# convenience to override the default ports on the commandline. For example, to
# disable the default port, you can pass `--set containerPorts.http.disabled=true`.
#
# The default config exposes TCP port 80 and binds the name `http` to it.
containerPorts:
http:
port: 80
protocol: TCP
# dnsPolicy sets the Pod DNS policy. Allowed values are "Default", "ClusterFirst", "ClusterFirstWithHostNet" (not supported on Windows),
# and "None". Note that "Default" is not the default DNS policy. If dnsPolicy is not explicitly specified, then "ClusterFirst" is used.
# See [Pod's DNS Policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) for details.
#
# EXAMPLE:
#
# dnsPolicy: "ClusterFirst"
# startupProbe is a map that specifies the startup probe of the main application container. Startup probes indicate
# when a container application has started. If such a probe is configured, it disables liveness and readiness checks
# until it succeeds, making sure those probes don't interfere with the application startup. This can be used to adopt
# liveness checks on slow starting containers, avoiding them getting killed by the kubelet before they are up and running.
# You can read more about container startup probes in the official docs:
# https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
# NOTE: This variable is injected directly into the container spec.
#
# The following example specifies an http GET based startup probe that will be based on a http GET request to
# the port bound to name `http` (see description on `containerPorts`) on the path `/`. The application will have a maximum
# of 5 minutes (30 * 10 = 300s) to finish its startup. Once the startup probe has succeeded once, the liveness probe takes over.
# If the startup probe never succeeds, the container is killed after 300s and subject to the pod's `restartPolicy`.
#
# EXAMPLE:
#
# startupProbe:
# httpGet:
# path: /
# port: http
# failureThreshold: 30
# periodSeconds: 10
startupProbe: {}
# livenessProbe is a map that specifies the liveness probe of the main application container. Liveness probes indicate
# when a container has reached a fatal state where it needs to be restarted to recover. When the liveness probe fails,
# the container is automatically recreated. You can read more about container liveness probes in the official docs:
# https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
# NOTE: This variable is injected directly into the container spec.
#
# The following example specifies an http GET based liveness probe that will be based on a http GET request to
# the port bound to name `http` (see description on `containerPorts`) on the path `/`.
#
# EXAMPLE:
#
# livenessProbe:
# httpGet:
# path: /
# port: http
livenessProbe: {}
# readinessProbe is a map that specifies the readiness probe of the main application container. Readiness probes
# indicate when a container is unable to serve traffic. When the readiness probe fails, the container is cycled out of
# the list of available containers to the `Service`. You can read more about readiness probes in the official docs:
# https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
# NOTE: This variable is injected directly into the container spec.
#
# The following example specifies an http GET based readiness probe that will be based on a http GET request to
# the port bound to name `http` (see description on `containerPorts`) on the path `/`.
#
# EXAMPLE:
#
# readinessProbe:
# httpGet:
# path: /
# port: http
readinessProbe: {}
# hostAliases is a list of maps that specify additional entries to be added to the pod's `/etc/hosts` file. This is useful
# for adding custom DNS entries to the pod. The items in the list are maps with the following keys:
# - ip (string) (required) : The IP address of the host.
# - hostnames (list[string]) (required) : A list of hostnames that should be resolved to the IP address.
#
# Refer to https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/ for more details.
#
# EXAMPLE:
#
# The following example specifies two aliases to be added to the pod's /etc/hosts file in a new section at the bottom:
#
# hostAliases:
# - ip: 127.0.0.1
# hostnames:
# - foo.local
# - bar.local
# - ip: 10.1.2.3
# hostnames:
# - foo.remote
# - bar.remote
#
# NOTE: This variable is injected directly into the deployment spec.
hostAliases: []
# securityContext is a map that specified the privilege and access control settings for a Pod of Container. Security Context
# can be specified when the application requires additional access control permissions. More details on securityContext and supported
# settings can be found at https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# similar to the podSecurityContext {} however, this sets security attributes at the container level rather than at the pod level scope.
#
# EXAMPLE:
# 1) To run a container in privileged mode
# securityContext:
# privileged: true
#
# 2) To run a container as a specific user
# securityContext:
# runAsUser: 2000
securityContext: {}
# podSecurityContext holds pod-level security access control settings.
# similar to the securityContext {} however, this sets security attributes at the pod level rather than at the container level scope.
# this allows certain attributes to be set that are not possible in the container level. For example 'fsGroup'.
# more details can be found at https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podsecuritycontext-v1-core
# EXAMPLE:
# podSecurityContext:
# fsGroup: 2000
podSecurityContext: {}
# shutdownDelay is the number of seconds to delay the shutdown sequence of the Pod by. This is implemented as a sleep
# call in the preStop hook. By default, this chart includes a preStop hook with a shutdown delay for eventual
# consistency reasons. You can read more about why you might want to do this in
# https://blog.gruntwork.io/delaying-shutdown-to-wait-for-pod-deletion-propagation-445f779a8304
# You can disable this behavior by setting this value to 0.
# NOTE: this conflicts with lifecycleHooks.preStop
shutdownDelay: 5
# lifecycleHooks configures container lifecycle hooks on the Pod so you can run arbitrary commands after the
# container starts (postStart) or before the container stops.
# Refer to https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ for more information on container
# lifecycles.
#
# EXAMPLE:
#
# lifecycleHooks:
# enabled: true
# postStart:
# exec:
# command:
# - echo
# - "Run after starting container"
# preStop:
# exec:
# command:
# - echo
# - "Run before stopping container"
#
# NOTE: the preStop hook conflicts with shutdownDelay
lifecycleHooks:
enabled: false
# sideCarContainers specifies any additional containers that should be deployed as side cars to the main application
# container. This will be included in the Deployment container spec so that it will be included in the application Pod.
# This is a nested map, where the first map key is used to name the container, with the nested map being injected as the
# container spec.
#
# The following example specifies a data dog agent container as a side car with some environment variables, binding the
# name `datadog`:
#
# EXAMPLE:
#
# sideCarContainers:
# datadog:
# image: datadog/agent:latest
# env:
# - name: DD_API_KEY
# value: ASDF-1234
# - name: SD_BACKEND
# value: docker
sideCarContainers: {}
# initContainers specifies any additional containers that should be deployed as init containers to the main application
# container. This will be included in the Deployment container spec so that it will be included in the application Pod.
# This is a nested map, where the first map key is used to name the container, with the nested map being injected as the
# container spec.
#
# The following example specifies a flyway image as an init container with an environment variable, binding the
# name `flyway`:
#
# EXAMPLE:
#
# initContainers:
# flyway:
# image: flyway/flyway
# env:
# - name: FLYWAY_LOCATIONS
# value: 'filesystem:/flyway/migrations'
initContainers: {}
# canary specifies test pod(s) that are deployed alongside your application's stable track pods.
# It is useful for testing a new release candidate in a production environment with minimal disruption and
# for allowing you to find any issues early.
# The expected keys of the canary spec are:
# - enabled (bool) (required) : Whether or not the canary deployment should be created. If false, no canary deployment will be created.
# - containerImage (map) (required) : A map that specifies the application container and tag to be managed by the canary deployment.
# This has the same structure as containerImage.
# - replicaCount (int) : The number of pods that should be managed by the canary deployment. Defaults to 1 if unset.
#
# The following example specifies a simple canary deployment:
#
# EXAMPLE:
#
# canary:
# enabled: true
# replicaCount: 1
# containerImage:
# repository: nginx
# tag: 1.16.0
# pullPolicy: IfNotPresent
canary: {}
# replicaCount can be used to configure the number of replica pods that should be deployed and maintained at any given
# point in time. For example, setting to 3 will signal Kubernetes (via the Deployment contoller) to maintain 3 pods.
replicaCount: 1
# deploymentStrategy specifies the strategy used to replace old Pods by new ones. Type can be "RollingUpdate" or
# "Recreate". "RollingUpdate" is the default value.
# RollingUpdate: The Deployment updates Pods in a rolling update fashion.
# Recreate: All existing Pods are killed before new ones are created.
#
# RollingUpdate can be further refined by providing custom rollingUpdate options.
# The rollingUpdate variable is a map that is directly injected into the deployment spec and it has the following keys:
# - maxUnavailable (Optional) : Field that specifies the maximum number of Pods that can be unavailable
# during the update process. The value can be an absolute number
# (for example, 5) or a percentage of desired Pods (for example, 10%).
# The value cannot be 0 if rollingUpdate.maxSurge is 0.
# This option defaults to 25%.
# - maxSurge (Optional) : Field that specifies the maximum number of Pods that can be created over
# the desired number of Pods. The value can be an absolute number (for example, 5)
# or a percentage of desired Pods (for example, 10%). The value cannot be 0 if
# MaxUnavailable is 0.
# This option defaults to 25%.
#
# EXAMPLE:
#
# deploymentStrategy:
# enabled: false
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 30%
# maxUnavailable: 30%
deploymentStrategy:
enabled: false
type: RollingUpdate
rollingUpdate: {}
# deploymentAnnotations will add the provided map to the annotations for the Deployment resource created by this chart.
# The keys and values are free form, but subject to the limitations of Kubernetes resource annotations.
# NOTE: This variable is injected directly into the deployment spec.
deploymentAnnotations: {}
# additionalDeploymentLabels will add the provided map to the labels for the Deployment resource created by this chart.
# this is in addition to the helm template related labels created by the chart
# The keys and values are free form, but subject to the limitations of Kubernetes labelling.
# NOTE: This variable is injected directly into the deployment spec.
additionalDeploymentLabels: {}
# podAnnotations will add the provided map to the annotations for the Pod resource created by the Deployment.
# The keys and values are free form, but subject to the limitations of Kubernetes resource annotations.
# NOTE: This variable is injected directly into the pod spec.
podAnnotations: {}
# additionalDeploymentLabels will add the provided map to the labels for the Pods created by the deployment resource.
# this is in addition to the helm template related labels created by the chart
# The keys and values are free form, but subject to the limitations of Kubernetes labelling.
# The match labels for the deployment aren't affected by these additional labels
# NOTE: This variable is injected directly into the deployment spec.
additionalPodLabels: {}
# minPodsAvailable specifies the minimum number of pods that should be available at any given point in time. This is
# used to configure a PodDisruptionBudget for the included pod. See
# https://blog.gruntwork.io/avoiding-outages-in-your-kubernetes-cluster-using-poddisruptionbudgets-ef6a4baa5085
# for an introduction to PodDisruptionBudgets.
# NOTE: setting this to 0 will skip creating the PodDisruptionBudget resource.
minPodsAvailable: 0
# service is a map that specifies the configuration for the Service resource that is created by the chart.
# The expected keys are:
# - enabled (bool) (required) : Whether or not the Service resource should be created. If false, no Service
# resource will be created.
# - type (string) : The Service type, as defined in Kubernetes
# (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types)
# Defaults to ClusterIP.
# - annotations (map) : Annotations that should be added to the Service resource. This is injected
# directly in to the resource yaml.
# - ports (map) (required) : A map that specifies the port bindings of the service against the Pods in the
# Deployment. This has the same structure as containerPorts, with the additional
# key of `targetPort` to indicate which port of the container the service port
# should route to. The `targetPort` can be a name defined in `containerPorts`.
# - clusterIP (string) : The IP to use as the ClusterIP.
# - sessionAffinity (string) : Used to maintain session affinity, as defined in Kubernetes - supports 'ClientIP' and 'None'
# (https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies)
# Kubernetes defaults to None.
# - sessionAffinityConfig (object) : Configuration for session affinity, as defined in Kubernetes
# (https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies)
# - externalTrafficPolicy (string) : Configuration to control traffic flow from external sources - supports 'Cluster' and 'Local'
# https://kubernetes.io/docs/concepts/services-networking/service/#external-traffic-policy
# - internalTrafficPolicy (string) : Configuration to control traffic flow from internal sources - supports 'Cluster' and 'Local'
# https://kubernetes.io/docs/concepts/services-networking/service/#internal-traffic-policy
#
# The following example uses the default config and enables client IP based session affinity with a maximum session
# sticky time of 3 hours.
# EXAMPLE:
#
# service:
# enabled: true
# ports:
# app:
# port: 80
# targetPort: http
# protocol: TCP
# sessionAffinity: ClientIP
# externalTrafficPolicy: Cluster
# internalTrafficPolicy: Cluster
# sessionAffinityConfig:
# clientIP:
# timeoutSeconds: 10800
#
# The default config configures a Service of type ClusterIP with no annotation, and binds port 80 of the pod to the
# port 80 of the service, and names the binding as `app`:
service:
enabled: true
ports:
app:
port: 80
targetPort: http
protocol: TCP
# servicemonitor is a map that can be used to configure a Service monitor for the operator. By default, service monitor is off.
# The expected keys are:
# - enabled (bool) (required) : Whether or not the Service Monitor resource should be created. If false, no
# Service Monitor resource will be created.
# - namespace (string) (required) : Namespace of Endpoints object.
# - endpoints (list[map]) (required) : An object used to discovers targets from listed endpoints of a service.
# For each endpoint address one target is discovered per port.
# If the endpoint is backed by a pod, all additional container ports of the pod,
# not bound to an endpoint port, are discovered as targets as well.
#
# The following example specifies a ServiceMonitor rule that describes the set of targets to be monitored by Prometheus.
# EXAMPLE:
#
# serviceMonitor:
# enabled: true
# namespace: monitoring
# endpoints:
# default:
# interval: 10s
# scrapeTimeout: 10s
# honorLabels: true
# path: /metrics
# port: http
# scheme: http
serviceMonitor:
enabled: false
namespace: monitoring
labels: {}
endpoints: {}
# ingress is a map that can be used to configure an Ingress resource for this service. By default, turn off ingress.
# NOTE: if you enable Ingress, then Service must also be enabled.
# The expected keys are:
# - enabled (bool) (required) : Whether or not the Ingress resource should be created. If false, no
# Ingress resource will be created.
# - annotations (map) : Annotations that should be added to the Service resource. This is
# injected directly in to the resource yaml.
# - tls (list[map]) : Sets up TLS termination on the ingress rule. Each item is a separate TLS
# rule that maps to one or more hosts specified in this ingress rule. This
# is injected directly in to the resource yaml.
# - hosts (list[string]) : Sets up the host routes for the ingress resource. There will be a routing
# rule for each host defined in this list. If empty, will match all hosts.
# - path (string) (required) : The url path to match to route to the Service.
# - pathType (string) (required in k8s version 1.19+)
# : The path type to use for the ingress rule. Refer to
# https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types
# for more information.
# - servicePort (int|string) (required) : The port (as a number) or the name of the port on the Service to route
# to.
# - additionalPaths (list[map]) : Additional paths that should be added to the ingress which will be lower
# priority than the application service path. Each item corresponds to
# another path, and should define `path`, `pathType`, `serviceName`, and
# `servicePort`.
# - additionalPathsHigherPriority (list[map])
# : Additional paths that should be added to the ingress which will be higher
# priority than the application service path. Each item corresponds to
# another path, and should define `path`, `pathType`, `serviceName`, and
# `servicePort`.
#
# The following example specifies an Ingress rule that routes chart-example.local/app to the Service port `app` with
# TLS configured using the certificate key pair in the Secret `chart-example-tls`:
#
# EXAMPLE:
#
# ingress:
# enabled: true
# annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# path: /app
# servicePort: app
# hosts:
# - chart-example.local
# tls:
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
ingress:
enabled: false
# envVars is a map of strings to strings that specifies hard coded environment variables that should be set on the
# application container. The keys will be mapped to environment variable keys, with the values mapping to the
# environment variable values.
#
# NOTE: If you wish to set environment variables using Secrets, see the `secrets` setting in this file.
#
# The following example configures two environment variables, DB_HOST and DB_PORT:
#
# EXAMPLE:
#
# envVars:
# DB_HOST: "mysql.default.svc.cluster.local"
# DB_PORT: 3306
envVars: {}
# additionalContainerEnv is a list of additional environment variables
# definitions that will be inserted into the Container's environment YAML.
#
# Example:
# additionalContainerEnv:
# - name: DD_AGENT_HOST
# valueFrom:
# fieldRef:
# fieldPath: status.hostIP
# - name: DD_ENTITY_ID
# valueFrom:
# fieldRef:
# fieldPath: metadata.uid
additionalContainerEnv: {}
# configMaps is a map that specifies the ConfigMap resources that should be exposed to the main application container. Each
# entry in the map represents a ConfigMap resource. The key refers to the name of the ConfigMap that should be exposed,
# with the value specifying how to expose the ConfigMap. The value is also a map and has the following attributes:
# - as (enum[volume,environment,envFrom,none]) (required)
# : ConfigMaps can be exposed to Pods as a volume mount, or as environment variables. This attribute is a string
# enum that is expected to be either "volume", "environment", or "envFrom", specifying that the ConfigMap should
# be exposed as a mounted volume, via environment variables, or loaded as environment variables respectively.
# This attribute can also be set to "none", which disables the `ConfigMap` on the container.
# - mountPath (string)
# : For ConfigMaps mounted as a volume, specify the mount path on the container file system where the config values
# will be available. Required when the ConfigMap is exposed as a volume. Ignored when the ConfigMap is exposed as
# environment variables.
# - subPath (string)
# : For ConfigMaps mounted as a volume, specify the sub path on the volume system where the config values will be
# available. Optional when the ConfigMap is exposed as a volume. Ignored when the ConfigMap is exposed as
# environment variables.
# - items (map[ConfigMapItem])
# : Specify how each ConfigMap value should be made available. The keys are the key of the ConfigMap that you wish
# to configure, while the value is another map that controls how that key should be exposed. Required when the
# ConfigMap is exposed as environment variables. When the ConfigMap is exposed as a volume, this field is optional.
# If empty for volume ConfigMaps, all ConfigMpas will be mounted with the key as the file name relative to the
# mountPath. See below for expected attributes.
# The expected attributes of the `ConfigMapItem` map (the submap within `items`) are:
# - filePath (string) : The file path relative to the ConfigMap mountPath where the value of the ConfigMap keyed at
# the given key of the item should be mounted to in the container. Ignored when the ConfigMap
# is exposed as environment variables.
# - fileMode (string) : The permissions mode of the file when mounted in the container. Ignored when the ConfigMap is
# exposed as environment variables. Expected to be the octal (e.g 777, 644). Defaults to 644.
# - envVarName (string) : The name of the environment variable where the value of the ConfigMap keyed at the given key
# of the item should be stored. Ignored when the ConfigMap is exposed as a volume mount.
#
# NOTE: These config values are only automatically injected to the main application container. To add them to the side
# car containers, use the official Kubernetes Pod syntax:
# https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
#
# The following example exposes the ConfigMap `myconfig` as a volume mounted to `/etc/myconfig`, while it exposes the
# ConfigMap `myotherconfig` as an environment variable. Additionally, it automatically mounts all of the keys
# `anotherconfig` as environment variables using the `envFrom` keyword.
#
# EXAMPLE:
#
# configMaps:
# myconfig:
# as: volume
# mountPath: /etc/myconfig
# myotherconfig:
# as: environment
# items:
# foo:
# envVarName: CONFIG_FOO
# anotherconfig:
# as: envFrom
configMaps: {}
# persistentVolumes is a map that specifies PersistentVolumes that should be mounted on the pod. Each entry represents a
# persistent volume which should already exist within your cluster. They Key is the name of the persistent volume.
# The value is also a map and has the following attributes:
# - mountPath (string) (required)
# : The path within the container upon which this volume should be mounted.
# - claimName (string) (required)
# : The name of the Persistent Volume Claim on which this Persistent Volume in bound.
#
# EXAMPLE:
# persistentVolumes:
# example-pv:
# mountPath: /mnt/myVol
# claimName: example-pv-claim
# example-pv-2:
# mountPath: /mnt/myOtherVol
# claimName: example-pv2-claim
#
#
persistentVolumes: {}
# scratchPaths is a map of key value pairs that specifies which paths in the container should be setup as scratch space.
# Under the hood each entry in the map is converted to a tmpfs volume with the name set to the key and mounted into the
# container on the path provided as the value.
#
# EXAMPLE:
# scratchPaths:
# example: /mnt/scratch
scratchPaths: {}
# emptyDirs is a map of key value pairs that specifies which paths in the container should be setup as an emptyDir volume.
# Under the hood each entry in the map is converted to a volume stored on whatever medium that backs the node
# (disk, SSD, network storage) and mounted into the container on the path provided as the value.
#
# EXAMPLE:
# emptyDirs:
# example: /mnt/example
emptyDirs: {}
# secrets is a map that specifies the Secret resources that should be exposed to the main application container. Each entry in
# the map represents a Secret resource. The key refers to the name of the Secret that should be exposed, with the value
# specifying how to expose the Secret. The value is also a map and has the following attributes:
# - as (enum[volume,environment,envFrom,csi,none]) (required)
# : Secrets can be exposed to Pods as a volume mount, or as environment variables. This attribute is a string enum
# that is expected to be either "volume", "environment", "envFrom", or "csi" specifying that the Secret should be
# exposed as a mounted volume, via environment variables, or loaded in its entirety as environment variables
# respectively. This attribute can also be set to "none", which disables the `Secret` on the container.
# - mountPath (string)
# : For Secrets mounted as a volume, specify the mount path on the container file system where the secrets will be
# available. Required when the Secret is exposed as a volume. Ignored when the Secret is exposed as environment
# variables.
# - subPath (string)
# : For Secrets mounted as a volume, specify the sub path on the volume system where the secret values will be
# available. Optional when the Secret is exposed as a volume. Ignored when the Secret is exposed as
# environment variables.
# - items (map[SecretItem])
# : Specify how each Secret value should be made available. The keys are the key of the Secret that you wish to
# configure, while the value is another map that controls how that key should be exposed. Required when the Secret
# is exposed as environment variables. When the Secret is exposed as a volume, this field is optional. If empty for
# volume Secrets, all Secrets will be mounted with the key as the file name relative to the mountPath. See below
# for expected attributes.
# The expected attributes of the `SecretItem` map (the submap within `items`) are:
# - filePath (string) : The file path relative to the Secret mountPath where the value of the Secret keyed at the
# given key of the item should be mounted to in the container. Ignored when the Secret is
# exposed as environment variables.
# - fileMode (string) : The permissions mode of the file when mounted in the container. Ignored when the Secret is
# exposed as environment variables. Expected to be the octal (e.g 777, 644). Defaults to 644.
# - envVarName (string) : The name of the environment variable where the value of the Secret keyed at the given key of
# the item should be stored. Ignored when the Secret is exposed as a volume mount.
# - csi (map)
# : For Secrets exposed as a volume using a CSI driver, specify the CSI driver details. This field should contain the
# following attributes:
# - driver (string) : The name of the CSI driver.
# - readOnly (boolean) : Specify whether the volume should be mounted read-only.
# - secretProviderClass (string) : The name of the SecretProviderClass.
# - readOnly (boolean) : Specify whether the volume should be mounted read-only.
# NOTE: These secrets are only automatically injected to the main application container. To add them to the side car
# containers, use the official Kubernetes Pod syntax:
# https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets
#
# The following example exposes the Secret `mysecret` as a volume mounted to `/etc/mysecret`, while it exposes the
# Secret `myothersecret` as an environment variable. Additionally, it automatically mounts all of the keys
# `anothersecret` as environment variables using the `envFrom` keyword.
# The following example exposes the Secret `onemoresecret` as a volume mounted to `/mnt/secrets-store-volume`,
# using the CSI driver `secrets-store.csi.k8s.io`, and configures an environment variable `SECRET_ONEMORESECRET`
# with the corresponding value from the Secret.
#
# EXAMPLE:
#
# secrets:
# mysecret:
# as: volume
# mountPath: /etc/mysecret
# myothersecret:
# as: environment
# items:
# foo:
# envVarName: SECRET_FOO
# anothersecret:
# as: envFrom
# onemoresecret:
# as: csi
# mountPath: /mnt/secrets-store-volume
# readOnly: true
# csi:
# driver: secrets-store.csi.k8s.io
# secretProviderClass: mysecretproviderclass
# items:
# onemoresecret:
# envVarName: SECRET_VAR
secrets: {}
# containerResources specifies the amount of resources the application container will require. Only specify if you have
# specific resource needs.
# NOTE: This variable is injected directly into the pod spec. See the official documentation for what this might look
# like: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
containerResources: {}
# nodeSelector and affinity specify restrictions on what node this pod should be scheduled on.
# NOTE: These variables are injected directly into the pod spec. See the official documentation for what this might look
# like: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
nodeSelector: {}
affinity: {}
# priorityClassName assigns a priorityClass to the deployment allowing pods to preempt or be preempted.
# See https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
priorityClassName: {}
# tolerations can be used to allow the pod to be scheduled on nodes with a specific taint.
# NOTE: This variable is injected directly into the pod spec. See the official documentation for what this might look
# like: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
# imagePullSecrets lists the Secret resources that should be used for accessing private registries. Each item in the
# list is a string that corresponds to the Secret name.
imagePullSecrets: []
# terminationGracePeriodSeconds sets grace period Kubernetes will wait before terminating the pod. The timeout happens
# in parallel to preStop hook and the SIGTERM signal, Kubernetes does not wait for preStop to finish before beginning
# the grace period.
#
# EXAMPLE:
# terminationGracePeriodSeconds: 30
terminationGracePeriodSeconds: {}
# serviceAccount is a map that configures the ServiceAccount information for the Pod.
# The expected keys of serviceAccount are:
# - name (string) : The name of the ServiceAccount in the Namespace where the Pod is deployed
# that should be used. By default this is the default ServiceAccount of the
# Namespace.
# - automountServiceAccountToken (bool) : Whether or not to automatically mount the ServiceAccount token as a volume
# into the Pod. Note that this can be used to override the equivalent config
# on the ServiceAccount.
# - create (bool) : Whether or not to create a service account with the desired name
# - annotations (map) : Annotations will add the provided map to the annotations for the service
# account created
# - labels (map) : Labels will add the provided map to the annotations for the service
# account created
#
# The default config uses empty string to indicate that the default service account should be used and one shouldn't
# be created
serviceAccount:
name: ""
create: false
annotations: {}
labels: {}
# horizontalPodAutoscaler is a map that configures the Horizontal Pod Autoscaler information for this pod
# The expected keys of hpa are:
# - enabled (bool) : Whether or not Horizontal Pod Autoscaler should be created, if false the
# Horizontal Pod Autoscaler will not be created
# - minReplicas (int) : The minimum amount of replicas allowed
# - maxReplicas (int) : The maximum amount of replicas allowed
# - avgCpuUtilization (int) : The target average CPU utilization to be used with the metrics
# - avgMemoryUtilization (int) : The target average Memory utilization to be used with the metrics
# - behavior (object) : Configures the scaling behavior of the target in both Up and Down directions
# (scaleUp and scaleDown fields respectively). If not set, the default
# HPAScalingRules for scale up and scale down are used.
# Details: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2/#HorizontalPodAutoscalerSpec
# The expected attributes of the "behavior" object are:
# - scaleDown (object) : The scaling policy for scaling Down
# - scaleUp (object) : The scaling policy for scaling Up
#
# The expected attributes of both the "scaleDown" and "scaleUp" objects are:
# - policies (list[object]) : List of potential scaling policies which can be used during
# scaling. At least one policy must be specified, otherwise the
# HPAScalingRules will be discarded as invalid
# - selectPolicy (string) : Used to specify which policy should be used. If not set, the
# default value MaxPolicySelect is used.
# - stabilizationWindowSeconds (int) : The number of seconds for which past recommendations should be
# considered while scaling up or scaling down. StabilizationWindowSeconds
# must be greater than or equal to zero and less than or equal to 3600 (one hour).
# If not set, use the default values:
# - For scale up: 0 (i.e. no stabilization is done).
# - For scale down: 300 (i.e. the stabilization window is 300 seconds long).
#
# The expected attributes of the "policies" list for both the "scaleDown" and "scaleUp" objects are:
# - periodSeconds (int) : Specifies the window of time for which the policy should hold true. PeriodSeconds
# must be greater than zero and less than or equal to 1800 (30 min).
# - type (string) : Used to specify the scaling policy.
# - value (int) : The amount of change which is permitted by the policy. It must be greater than zero.
#
# Example horizontalPodAutoscaler with "behavior" configuration:
#
# apiVersion: autoscaling/v2
# kind: HorizontalPodAutoscaler
# metadata:
# name: k8s-service-canary-test
# namespace: default
# spec:
# scaleTargetRef:
# apiVersion: apps/v1
# kind: Deployment
# name: k8s-service-canary-test
# minReplicas: 1
# maxReplicas: 10
# behavior:
# scaleDown:
# policies:
# - periodSeconds: 15
# type: Percent
# value: 100
# stabilizationWindowSeconds: 300
# scaleUp:
# policies:
# - periodSeconds: 15
# type: Percent
# value: 100
# - periodSeconds: 15
# type: Pods
# value: 4
# selectPolicy: Max
# stabilizationWindowSeconds: 0
#
#
# The default config will not create the Horizontal Pod Autoscaler by setting enabled = false, the default values are
# set so if enabled is true the horizontalPodAutoscaler has valid values.
horizontalPodAutoscaler:
enabled: false
minReplicas: 1
maxReplicas: 10
# customResources is a map that lets you define Kubernetes resources you want installed and configured as part of this chart.
# The expected keys of customResources are:
# - enabled (bool) : Whether or not the provided custom resource definitions should be created.
# - resources (map) : A map of custom Kubernetes resources you want to install during the installation of the chart.
#
# NOTE: By default enabled = false, and no custom resources will be created. If you provide any resources, be sure to
# provide them as quoted using "|", and set enabled: true.
#
# The following example creates a custom ConfigMap and a Secret.
#
# EXAMPLE:
#
# customResources:
# enabled: true
# resources:
# custom_configmap: |
# apiVersion: v1
# kind: ConfigMap
# metadata:
# name: example
# data:
# key: value
# custom_secret: |
# apiVersion: v1
# kind: Secret
# metadata:
# name: example
# type: Opaque
# data:
# key: dmFsdWU=
customResources:
enabled: false
resources: {}
# fullnameOverride is a string that allows overriding the default fullname that appears as the
# application name and is used as the application name by kubernetes.
fullnameOverride: ""
#----------------------------------------------------------------------------------------------------------------------
# GOOGLE SPECIFIC VALUES
# google specifies Google (GKE) specific configuration to be set via arguments/env. variables
#----------------------------------------------------------------------------------------------------------------------
google:
# managedCertificate can be used to provision a Google Managed Certificate. Associate the ManagedCertificate object
# to an Ingress by adding an annotation 'networking.gke.io/managed-certificates' to the Ingress.
#
# The expected keys are:
# - enabled (bool) (required) : Whether or not the ManagedCertificate resource should be created.
# - domainName (string) : Specifies the domain that the SSL certificate will be created for
# - name (string) : Specifies the name of the SSL certificate that you reference in Ingress with
# networking.gke.io/managed-certificates: name
#
# The following example specifies a ManagedCertificate with a domain name 'api.acme.com' and name 'acme-cert':
#
# EXAMPLE:
#
# google:
# managedCertificate:
# enabled: true
# name: acme-cert
# domainName: api.acme.com
#
# NOTE: if you enable managedCertificate, then Ingress must also be enabled.
# Use a Google Managed Certificate. By default, turn off.
managedCertificate:
enabled: false