-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
2 changed files
with
150 additions
and
128 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -82,87 +82,56 @@ helm show values opencti/opencti | |
| | affinity | object | `{}` | Affinity for pod assignment </br> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity | | ||
| | autoscaling | object | `{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80}` | Autoscaling with CPU or memory utilization percentage </br> Ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ | | ||
| | connectors | list | `[]` | Connectors </br> Ref: https://github.com/OpenCTI-Platform/connectors/tree/master | | ||
| | connectorsGlobalEnv | object | `{}` | Connector Global environment | | ||
| | connectorsGlobalEnv | object | `{}` | Connector Global environment | | ||
| | elasticsearch | object | `{"clusterName":"elastic","coordinating":{"replicaCount":0},"data":{"persistence":{"enabled":false},"replicaCount":1},"enabled":true,"extraEnvVars":[{"name":"ES_JAVA_OPTS","value":"-Xms512M -Xmx512M"}],"ingest":{"enabled":false},"master":{"masterOnly":true,"persistence":{"enabled":false},"replicaCount":1},"sysctlImage":{"enabled":false}}` | ElasticSearch subchart deployment </br> Ref: https://github.com/bitnami/charts/blob/main/bitnami/elasticsearch/values.yaml | | ||
| | elasticsearch.clusterName | string | `"elastic"` | Elasticsearch cluster name | | ||
| | elasticsearch.coordinating | object | `{"replicaCount":0}` | Coordinating-only nodes parameters | | ||
| | elasticsearch.coordinating.replicaCount | int | `0` | Number of coordinating-only replicas to deploy | | ||
| | elasticsearch.data | object | `{"persistence":{"enabled":false},"replicaCount":1}` | Data-only nodes parameters | | ||
| | elasticsearch.data.persistence | object | `{"enabled":false}` | Enable persistence using Persistent Volume Claims </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | elasticsearch.data.persistence.enabled | bool | `false` | Enable persistence using a `PersistentVolumeClaim` | | ||
| | elasticsearch.data.replicaCount | int | `1` | Number of data-only replicas to deploy | | ||
| | elasticsearch.enabled | bool | `true` | Enable or disable ElasticSearch subchart | | ||
| | elasticsearch.ingest | object | `{"enabled":false}` | Ingest-only nodes parameters | | ||
| | elasticsearch.ingest.enabled | bool | `false` | Enable ingest nodes | | ||
| | elasticsearch.master.masterOnly | bool | `true` | Deploy the Elasticsearch master-eligible nodes as master-only nodes. Recommended for high-demand deployments. | | ||
| | elasticsearch.master.persistence | object | `{"enabled":false}` | Enable persistence using Persistent Volume Claims </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | elasticsearch.master.persistence.enabled | bool | `false` | Enable persistence using a `PersistentVolumeClaim` | | ||
| | elasticsearch.master.replicaCount | int | `1` | Number of master-eligible replicas to deploy | | ||
| | env | object | `{"APP__ADMIN__EMAIL":"[email protected]","APP__ADMIN__PASSWORD":"ChangeMe","APP__ADMIN__TOKEN":"ChangeMe","APP__BASE_PATH":"/","APP__GRAPHQL__PLAYGROUND__ENABLED":false,"APP__GRAPHQL__PLAYGROUND__FORCE_DISABLED_INTROSPECTION":false,"APP__HEALTH_ACCESS_KEY":"ChangeMe","APP__TELEMETRY__METRICS__ENABLED":true,"ELASTICSEARCH__URL":"http://release-name-elasticsearch:9200","MINIO__ENDPOINT":"release-name-minio:9000","RABBITMQ__HOSTNAME":"release-name-rabbitmq","RABBITMQ__PASSWORD":"ChangeMe","RABBITMQ__PORT":5672,"RABBITMQ__PORT_MANAGEMENT":15672,"RABBITMQ__USERNAME":"user","REDIS__HOSTNAME":"release-name-redis-master","REDIS__MODE":"single","REDIS__PORT":6379}` | Environment variables to configure application </br> Ref: https://docs.openbas.io/latest/deployment/configuration/#platform | | ||
| | envFromSecrets | object | `{}` | Secrets from variables | | ||
| | fullnameOverride | string | `""` | String to fully override opencti.fullname template | | ||
| | global | object | `{"imagePullSecrets":[],"imageRegistry":""}` | Global configuration The global section contains configuration options that are applied to all services @default - See below | | ||
| | image | object | See below | Image registry The image configuration for the base service | | ||
| | global | object | `{"imagePullSecrets":[],"imageRegistry":""}` | Global section contains configuration options that are applied to all services @default - See below | | ||
| | global.imagePullSecrets | list | `[]` | Specifies the secrets to use for pulling images from private registries Leave empty if no secrets are required E.g. imagePullSecrets: - name: myRegistryKeySecretName | | ||
| | global.imageRegistry | string | `""` | Specifies the registry to pull images from. Leave empty for the default registry | | ||
| | image | object | See below | Image registry configuration for the base service | | ||
| | image.pullPolicy | string | `"IfNotPresent"` | Pull policy for the image | | ||
| | image.repository | string | `"opencti/platform"` | Repository of the image | | ||
| | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | | ||
| | imagePullSecrets | list | `[]` | Global Docker registry secret names as an array | | ||
| | ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Ingress configuration to expose app </br> Ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ | | ||
| | livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure liveness checker </br> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes | | ||
| | livenessProbeCustom | object | `{}` | Custom livenessProbe | | ||
| | minio | object | `{"auth":{"rootPassword":"ChangeMe","rootUser":"ChangeMe"},"enabled":true,"mode":"standalone","persistence":{"enabled":false}}` | MinIO subchart deployment </br> Ref: https://github.com/bitnami/charts/blob/main/bitnami/minio/values.yaml | | ||
| | minio.auth.rootPassword | string | `"ChangeMe"` | Password for Minio root user | | ||
| | minio.auth.rootUser | string | `"ChangeMe"` | Minio root username | | ||
| | minio.enabled | bool | `true` | Enable or disable MinIO subchart | | ||
| | minio.mode | string | `"standalone"` | mode Minio server mode (`standalone` or `distributed`) </br> Ref: https://docs.minio.io/docs/distributed-minio-quickstart-guide | | ||
| | minio.persistence | object | `{"enabled":false}` | Enable persistence using Persistent Volume Claims </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | minio.persistence.enabled | bool | `false` | Enable MinIO data persistence using PVC. If false, use emptyDir | | ||
| | nameOverride | string | `""` | String to partially override opencti.fullname template (will maintain the release name) | | ||
| | nodeSelector | object | `{}` | Node labels for pod assignment </br> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | ||
| | opensearch | object | `{"enabled":false,"opensearchJavaOpts":"-Xmx512M -Xms512M","persistence":{"enabled":false},"singleNode":true}` | OpenSearch subchart deployment </br> Ref: https://github.com/opensearch-project/helm-charts/blob/opensearch-2.16.1/charts/opensearch/values.yaml | | ||
| | opensearch.enabled | bool | `false` | Enable or disable OpenSearch subchart | | ||
| | opensearch.opensearchJavaOpts | string | `"-Xmx512M -Xms512M"` | OpenSearch Java options | | ||
| | opensearch.persistence | object | `{"enabled":false}` | Enable persistence using Persistent Volume Claims </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | opensearch.singleNode | bool | `true` | If discovery.type in the opensearch configuration is set to "single-node", this should be set to "true" If "true", replicas will be forced to 1 | | ||
| | opensearch.enabled | bool | `false` | Enable or disable OpenSearch subchart | | ||
| | podAnnotations | object | `{}` | Configure annotations on Pods | | ||
| | podLabels | object | `{}` | Configure labels on Pods | | ||
| | podSecurityContext | object | `{}` | Defines privilege and access control settings for a Pod </br> Ref: https://kubernetes.io/docs/concepts/security/pod-security-standards/ </br> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | | ||
| | rabbitmq | object | `{"auth":{"erlangCookie":"ChangeMe","password":"ChangeMe","username":"user"},"clustering":{"enabled":false},"enabled":true,"persistence":{"enabled":false},"replicaCount":1}` | RabbitMQ subchart deployment </br> Ref: https://github.com/bitnami/charts/blob/main/bitnami/rabbitmq/values.yaml | | ||
| | rabbitmq.auth | object | `{"erlangCookie":"ChangeMe","password":"ChangeMe","username":"user"}` | RabbitMQ Authentication parameters | | ||
| | rabbitmq.auth.password | string | `"ChangeMe"` | RabbitMQ application password </br> Ref: https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq#environment-variables | | ||
| | rabbitmq.auth.username | string | `"user"` | RabbitMQ application username </br> Ref: https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq#environment-variables | | ||
| | rabbitmq.clustering | object | `{"enabled":false}` | Clustering settings | | ||
| | rabbitmq.clustering.enabled | bool | `false` | Enable RabbitMQ clustering | | ||
| | rabbitmq.enabled | bool | `true` | Enable or disable RabbitMQ subchart | | ||
| | rabbitmq.persistence | object | `{"enabled":false}` | Persistence parameters | | ||
| | rabbitmq.persistence.enabled | bool | `false` | Enable RabbitMQ data persistence using PVC | | ||
| | rabbitmq.replicaCount | int | `1` | Number of RabbitMQ replicas to deploy | | ||
| | rabbitmq.enabled | bool | `true` | Enable or disable RabbitMQ subchart | | ||
| | readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Configure readinessProbe checker </br> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes | | ||
| | readinessProbeCustom | object | `{}` | Custom readinessProbe | | ||
| | readyChecker | object | `{"enabled":true,"retries":30,"services":[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}],"timeout":5}` | Enable or disable ready-checker | | ||
| | readyChecker.enabled | bool | `true` | Enable or disable ready-checker | | ||
| | readyChecker.retries | int | `30` | Number of retries before giving up | | ||
| | readyChecker.services | list | `[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}]` | List services | | ||
| | readyChecker.timeout | int | `5` | Timeout for each check | | ||
| | readyChecker | object | See below | Enable or disable ready-checker | | ||
| | readyChecker.enabled | bool | `true` | Enable or disable ready-checker | | ||
| | readyChecker.retries | int | `30` | Number of retries before giving up | | ||
| | readyChecker.services | list | `[{"name":"elasticsearch","port":9200},{"name":"minio","port":9000},{"name":"rabbitmq","port":5672},{"name":"redis-master","port":6379}]` | List services | | ||
| | readyChecker.timeout | int | `5` | Timeout for each check | | ||
| | redis | object | `{"architecture":"standalone","auth":{"enabled":false},"enabled":true,"master":{"count":1,"persistence":{"enabled":false}},"replica":{"persistence":{"enabled":false},"replicaCount":1}}` | Redis subchart deployment </br> Ref: https://github.com/bitnami/charts/blob/main/bitnami/redis/values.yaml | | ||
| | redis.architecture | string | `"standalone"` | Redis architecture. Allowed values: `standalone` or `replication` | | ||
| | redis.auth | object | `{"enabled":false}` | Redis Authentication parameters </br> Ref: https://github.com/bitnami/containers/tree/main/bitnami/redis#setting-the-server-password-on-first-run | | ||
| | redis.auth.enabled | bool | `false` | Enable password authentication | | ||
| | redis.enabled | bool | `true` | Enable or disable Redis subchart | | ||
| | redis.master | object | `{"count":1,"persistence":{"enabled":false}}` | Redis master configuration parameters | | ||
| | redis.master.count | int | `1` | Number of Redis master instances to deploy (experimental, requires additional configuration) | | ||
| | redis.master.persistence | object | `{"enabled":false}` | Persistence parameters </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | redis.master.persistence.enabled | bool | `false` | Enable persistence on Redis master nodes using Persistent Volume Claims | | ||
| | redis.replica | object | `{"persistence":{"enabled":false},"replicaCount":1}` | Redis replicas configuration parameters | | ||
| | redis.replica.persistence | object | `{"enabled":false}` | Persistence parameters </br> Ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ | | ||
| | redis.replica.persistence.enabled | bool | `false` | Enable persistence on Redis master nodes using Persistent Volume Claims | | ||
| | redis.replica.replicaCount | int | `1` | Number of Redis replicas to deploy | | ||
| | replicaCount | int | `1` | Number of replicas Specifies the number of replicas for the service | | ||
| | redis.enabled | bool | `true` | Enable or disable Redis subchart | | ||
| | replicaCount | int | `1` | Number of replicas for the service | | ||
| | resources | object | `{}` | The resources limits and requested </br> Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | | ||
| | secrets | object | `{}` | Secrets values to create credentials and reference by envFromSecrets Generate Secret with following name: <release-name>-credentials | | ||
| | secrets | object | `{}` | Secrets values to create credentials and reference by envFromSecrets Generate Secret with following name: `<release-name>-credentials` | | ||
| | securityContext | object | `{}` | Defines privilege and access control settings for a Container </br> Ref: https://kubernetes.io/docs/concepts/security/pod-security-standards/ </br> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | | ||
| | service | object | `{"port":80,"targetPort":4000,"type":"ClusterIP"}` | Kubernetes service to expose Pod </br> Ref: https://kubernetes.io/docs/concepts/services-networking/service/ | | ||
| | service.port | int | `80` | Kubernetes Service port | | ||
| | service.targetPort | int | `4000` | Pod expose port | | ||
| | service.type | string | `"ClusterIP"` | Kubernetes Service type. Allowed values: NodePort, LoadBalancer or ClusterIP | | ||
| | serviceAccount | object | `{"annotations":{},"automountServiceAccountToken":false,"create":true,"name":""}` | Enable creation of ServiceAccount @default - See below | | ||
| | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | ||
| | serviceAccount.automountServiceAccountToken | bool | `false` | Specifies if you don't want the kubelet to automatically mount a ServiceAccount's API credentials | | ||
| | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | ||
| | serviceAccount.name | string | `""` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template | | ||
| | serviceMonitor | object | `{"enabled":false,"interval":"30s","metricRelabelings":[],"relabelings":[],"scrapeTimeout":"10s"}` | Enable ServiceMonitor to get metrics </br> Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor | | ||
| | serviceMonitor.enabled | bool | `false` | Enable or disable | | ||
| | startupProbe | object | `{"enabled":true,"failureThreshold":30,"initialDelaySeconds":180,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":5}` | Configure startupProbe checker </br> Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes | | ||
|
|
@@ -177,13 +146,16 @@ helm show values opencti/opencti | |
| | worker.enabled | bool | `true` | Enable or disable worker | | ||
| | worker.env | object | `{"WORKER_LOG_LEVEL":"info","WORKER_TELEMETRY_ENABLED":true}` | Environment variables to configure application </br> Ref: https://docs.opencti.io/latest/deployment/configuration/#platform | | ||
| | worker.envFromSecrets | object | `{}` | Secrets from variables | | ||
| | worker.image | object | See below | Image registry The image configuration for the base service | | ||
| | worker.image | object | See below | Image registry configuration for the base service | | ||
| | worker.image.pullPolicy | string | `"IfNotPresent"` | Pull policy for the image | | ||
| | worker.image.repository | string | `"opencti/worker"` | Repository of the image | | ||
| | worker.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion | | ||
| | worker.nodeSelector | object | `{}` | Node labels for pod assignment </br> Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | ||
| | worker.readyChecker | object | `{"enabled":true,"retries":30,"timeout":5}` | Enable or disable ready-checker waiting server is ready | | ||
| | worker.readyChecker.enabled | bool | `true` | Enable or disable ready-checker | | ||
| | worker.readyChecker.retries | int | `30` | Number of retries before giving up | | ||
| | worker.readyChecker.timeout | int | `5` | Timeout for each check | | ||
| | worker.replicaCount | int | `1` | Number of replicas Specifies the number of replicas for the service | | ||
| | worker.readyChecker | object | See below | Enable or disable ready-checker waiting server is ready | | ||
| | worker.readyChecker.enabled | bool | `true` | Enable or disable ready-checker | | ||
| | worker.readyChecker.retries | int | `30` | Number of retries before giving up | | ||
| | worker.readyChecker.timeout | int | `5` | Timeout for each check | | ||
| | worker.replicaCount | int | `1` | Number of replicas for the service | | ||
| | worker.resources | object | `{}` | The resources limits and requested </br> Ref: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | | ||
| | worker.serviceMonitor | object | `{"enabled":false,"interval":"30s","metricRelabelings":[],"relabelings":[],"scrapeTimeout":"10s"}` | Enable ServiceMonitor to get metrics </br> Ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#servicemonitor | | ||
| | worker.serviceMonitor.enabled | bool | `false` | Enable or disable | | ||
|
|
||
Oops, something went wrong.