From 0bb71e572f4d6b7bb9b59caf6ab28f3df72e689a Mon Sep 17 00:00:00 2001 From: Jota Martos Date: Fri, 20 Oct 2023 08:15:07 +0200 Subject: [PATCH] [bitnami/*] Standardize documentation Signed-off-by: Jota Martos --- .github/workflows/generate-chart-readme.yml | 21 + README.md | 10 +- bitnami/airflow/README.md | 565 ++++----- bitnami/airflow/values.yaml | 24 +- bitnami/apache/README.md | 247 ++-- bitnami/apache/values.yaml | 12 +- bitnami/apisix/README.md | 428 +++---- bitnami/apisix/values.yaml | 16 +- bitnami/appsmith/README.md | 77 +- bitnami/appsmith/values.yaml | 8 +- bitnami/argo-cd/README.md | 109 +- bitnami/argo-cd/values.yaml | 16 +- bitnami/argo-workflows/README.md | 449 +++---- bitnami/argo-workflows/values.yaml | 12 +- bitnami/aspnet-core/README.md | 49 +- bitnami/aspnet-core/values.yaml | 12 +- bitnami/cassandra/README.md | 177 +-- bitnami/cassandra/values.yaml | 12 +- bitnami/cert-manager/README.md | 368 +++--- bitnami/cert-manager/values.yaml | 16 +- bitnami/clickhouse/README.md | 173 +-- bitnami/clickhouse/values.yaml | 12 +- bitnami/concourse/README.md | 85 +- bitnami/concourse/values.yaml | 8 +- bitnami/consul/README.md | 175 +-- bitnami/consul/values.yaml | 12 +- bitnami/contour/README.md | 494 ++++---- bitnami/contour/values.yaml | 12 +- bitnami/deepspeed/README.md | 123 +- bitnami/deepspeed/values.yaml | 12 +- bitnami/discourse/README.md | 141 ++- bitnami/discourse/values.yaml | 8 +- bitnami/dokuwiki/README.md | 67 +- bitnami/dokuwiki/values.yaml | 16 +- bitnami/drupal/README.md | 299 ++--- bitnami/drupal/values.yaml | 16 +- bitnami/ejbca/README.md | 181 +-- bitnami/ejbca/values.yaml | 4 +- bitnami/elasticsearch/README.md | 323 ++--- bitnami/elasticsearch/values.yaml | 16 +- bitnami/etcd/README.md | 49 +- bitnami/etcd/values.yaml | 8 +- bitnami/external-dns/README.md | 573 ++++----- bitnami/external-dns/values.yaml | 4 +- bitnami/flink/README.md | 12 +- bitnami/flink/values.yaml | 4 +- bitnami/fluent-bit/README.md | 26 +- bitnami/fluent-bit/values.yaml | 4 +- bitnami/fluentd/README.md | 19 +- bitnami/fluentd/values.yaml | 12 +- bitnami/flux/README.md | 1030 +++++++-------- bitnami/flux/values.yaml | 28 +- bitnami/ghost/README.md | 75 +- bitnami/ghost/values.yaml | 8 +- bitnami/gitea/README.md | 225 ++-- bitnami/gitea/values.yaml | 8 +- bitnami/grafana-loki/README.md | 433 +++---- bitnami/grafana-loki/values.yaml | 32 +- bitnami/grafana-mimir/README.md | 301 ++--- bitnami/grafana-mimir/values.yaml | 28 +- bitnami/grafana-operator/README.md | 360 +++--- bitnami/grafana-operator/values.yaml | 8 +- bitnami/grafana-tempo/README.md | 423 +++---- bitnami/grafana-tempo/values.yaml | 16 +- bitnami/grafana/README.md | 189 +-- bitnami/grafana/values.yaml | 12 +- bitnami/haproxy/README.md | 161 +-- bitnami/haproxy/values.yaml | 4 +- bitnami/harbor/README.md | 786 ++++++------ bitnami/harbor/values.yaml | 40 +- bitnami/influxdb/README.md | 382 +++--- bitnami/influxdb/values.yaml | 20 +- bitnami/jaeger/README.md | 60 +- bitnami/jaeger/values.yaml | 8 +- bitnami/jasperreports/README.md | 75 +- bitnami/jasperreports/values.yaml | 4 +- bitnami/jenkins/README.md | 179 +-- bitnami/jenkins/values.yaml | 12 +- bitnami/joomla/README.md | 209 ++-- bitnami/joomla/values.yaml | 8 +- bitnami/jupyterhub/README.md | 378 +++--- bitnami/jupyterhub/values.yaml | 16 +- bitnami/kafka/README.md | 265 ++-- bitnami/kafka/values.yaml | 20 +- bitnami/keycloak/README.md | 91 +- bitnami/keycloak/values.yaml | 8 +- bitnami/kiam/README.md | 18 +- bitnami/kiam/values.yaml | 4 +- bitnami/kibana/README.md | 281 +++-- bitnami/kibana/values.yaml | 8 +- bitnami/kong/README.md | 196 +-- bitnami/kong/values.yaml | 12 +- bitnami/kube-prometheus/README.md | 1103 +++++++++-------- bitnami/kube-prometheus/values.yaml | 20 +- bitnami/kube-state-metrics/README.md | 275 ++-- bitnami/kube-state-metrics/values.yaml | 4 +- bitnami/kubeapps/README.md | 723 +++++------ bitnami/kubeapps/values.yaml | 32 +- bitnami/kubernetes-event-exporter/README.md | 166 +-- bitnami/kubernetes-event-exporter/values.yaml | 4 +- bitnami/logstash/README.md | 261 ++-- bitnami/logstash/values.yaml | 8 +- bitnami/magento/README.md | 325 ++--- bitnami/magento/values.yaml | 24 +- bitnami/mariadb-galera/README.md | 375 +++--- bitnami/mariadb-galera/values.yaml | 8 +- bitnami/mariadb/README.md | 175 +-- bitnami/mariadb/values.yaml | 12 +- bitnami/mastodon/README.md | 77 +- bitnami/mastodon/values.yaml | 8 +- bitnami/matomo/README.md | 261 ++-- bitnami/matomo/values.yaml | 16 +- bitnami/mediawiki/README.md | 121 +- bitnami/mediawiki/values.yaml | 8 +- bitnami/memcached/README.md | 179 +-- bitnami/memcached/values.yaml | 12 +- bitnami/metallb/README.md | 310 ++--- bitnami/metallb/values.yaml | 8 +- bitnami/metrics-server/README.md | 201 +-- bitnami/metrics-server/values.yaml | 4 +- bitnami/milvus/README.md | 299 ++--- bitnami/milvus/values.yaml | 16 +- bitnami/minio/README.md | 101 +- bitnami/minio/values.yaml | 12 +- bitnami/mlflow/README.md | 88 +- bitnami/mlflow/values.yaml | 16 +- bitnami/mongodb-sharded/README.md | 228 ++-- bitnami/mongodb-sharded/values.yaml | 12 +- bitnami/mongodb/README.md | 406 +++--- bitnami/mongodb/values.yaml | 20 +- bitnami/moodle/README.md | 267 ++-- bitnami/moodle/values.yaml | 16 +- bitnami/multus-cni/README.md | 149 +-- bitnami/multus-cni/values.yaml | 4 +- bitnami/mxnet/README.md | 113 +- bitnami/mxnet/values.yaml | 12 +- bitnami/mysql/README.md | 185 +-- bitnami/mysql/values.yaml | 12 +- bitnami/nats/README.md | 147 +-- bitnami/nats/values.yaml | 8 +- bitnami/nginx-ingress-controller/README.md | 239 ++-- bitnami/nginx-ingress-controller/values.yaml | 8 +- bitnami/nginx/README.md | 115 +- bitnami/nginx/values.yaml | 12 +- bitnami/node-exporter/README.md | 215 ++-- bitnami/node-exporter/values.yaml | 4 +- bitnami/oauth2-proxy/README.md | 31 +- bitnami/oauth2-proxy/values.yaml | 4 +- bitnami/odoo/README.md | 19 +- bitnami/odoo/values.yaml | 4 +- bitnami/opencart/README.md | 245 ++-- bitnami/opencart/values.yaml | 16 +- bitnami/opensearch/README.md | 343 ++--- bitnami/opensearch/values.yaml | 16 +- bitnami/osclass/README.md | 163 +-- bitnami/osclass/values.yaml | 16 +- bitnami/parse/README.md | 375 +++--- bitnami/parse/values.yaml | 12 +- bitnami/phpbb/README.md | 229 ++-- bitnami/phpbb/values.yaml | 12 +- bitnami/phpmyadmin/README.md | 111 +- bitnami/phpmyadmin/values.yaml | 8 +- bitnami/pinniped/README.md | 47 +- bitnami/pinniped/values.yaml | 4 +- bitnami/postgresql-ha/README.md | 897 +++++++------- bitnami/postgresql-ha/values.yaml | 16 +- bitnami/postgresql/README.md | 283 ++--- bitnami/postgresql/values.yaml | 12 +- bitnami/prestashop/README.md | 267 ++-- bitnami/prestashop/values.yaml | 16 +- bitnami/prometheus/README.md | 433 +++---- bitnami/prometheus/values.yaml | 16 +- bitnami/pytorch/README.md | 201 +-- bitnami/pytorch/values.yaml | 12 +- bitnami/rabbitmq-cluster-operator/README.md | 361 +++--- bitnami/rabbitmq-cluster-operator/values.yaml | 16 +- bitnami/rabbitmq/README.md | 73 +- bitnami/rabbitmq/values.yaml | 8 +- bitnami/redis-cluster/README.md | 317 ++--- bitnami/redis-cluster/values.yaml | 16 +- bitnami/redis/README.md | 423 ++++--- bitnami/redis/values.yaml | 20 +- bitnami/redmine/README.md | 81 +- bitnami/redmine/values.yaml | 8 +- bitnami/schema-registry/README.md | 79 +- bitnami/schema-registry/values.yaml | 4 +- bitnami/sealed-secrets/README.md | 155 +-- bitnami/sealed-secrets/values.yaml | 4 +- bitnami/solr/README.md | 43 +- bitnami/solr/values.yaml | 8 +- bitnami/sonarqube/README.md | 203 +-- bitnami/sonarqube/values.yaml | 24 +- bitnami/spark/README.md | 35 +- bitnami/spark/values.yaml | 4 +- bitnami/spring-cloud-dataflow/README.md | 669 +++++----- bitnami/spring-cloud-dataflow/values.yaml | 24 +- bitnami/suitecrm/README.md | 261 ++-- bitnami/suitecrm/values.yaml | 16 +- bitnami/supabase/README.md | 985 +++++++-------- bitnami/supabase/values.yaml | 44 +- bitnami/tensorflow-resnet/README.md | 189 +-- bitnami/tensorflow-resnet/values.yaml | 8 +- bitnami/thanos/README.md | 97 +- bitnami/thanos/values.yaml | 8 +- bitnami/tomcat/README.md | 91 +- bitnami/tomcat/values.yaml | 12 +- bitnami/vault/README.md | 356 +++--- bitnami/vault/values.yaml | 16 +- bitnami/whereabouts/README.md | 147 +-- bitnami/whereabouts/values.yaml | 4 +- bitnami/wildfly/README.md | 81 +- bitnami/wildfly/values.yaml | 8 +- bitnami/wordpress/README.md | 173 +-- bitnami/wordpress/values.yaml | 12 +- bitnami/zookeeper/README.md | 129 +- bitnami/zookeeper/values.yaml | 8 +- 216 files changed, 14699 insertions(+), 13690 deletions(-) diff --git a/.github/workflows/generate-chart-readme.yml b/.github/workflows/generate-chart-readme.yml index 2eaaec9b4701d3..8e1a9ab2c3d806 100644 --- a/.github/workflows/generate-chart-readme.yml +++ b/.github/workflows/generate-chart-readme.yml @@ -31,12 +31,33 @@ jobs: DIFF_URL: "${{github.event.pull_request.diff_url}}" TEMP_FILE: "${{runner.temp}}/pr-${{github.event.number}}.diff" run: | + exit_code=0 # This request doesn't consume API calls. curl -Lkso $TEMP_FILE $DIFF_URL files_changed="$(sed -nr 's/[\-\+]{3} [ab]\/(.*)/\1/p' $TEMP_FILE | sort | uniq)" # Adding || true to avoid "Process exited with code 1" errors charts_dirs_changed="$(echo "$files_changed" | xargs dirname | grep -o "bitnami/[^/]*" | sort | uniq || true)" for chart in ${charts_dirs_changed}; do + echo "Validating README.md for ${chart}" + while read line; do + echo "$line" | grep --quiet "\[default: \(REGISTRY_NAME\|\"\"\)\]" || exit_code=$? + done < <(grep "@param\s\+[A-Za-z\.-]\+\.registry\s\+" "charts/${chart}/values.yaml") + if [[ $exit_code -ne 0 ]]; then + echo "::error:: Please ensure all *.registry params include the [default: REGISTRY_NAME] modifier the ${chart}/values.yaml file" + exit "$exit_code" + fi + while read line; do + param=$(echo "$line" | awk '{print $3}') + # Checking if it's a image's registry-related param + registry_param=$(echo ${param} | sed 's/\.repository/\.registry/g') + grep --quiet "@param\s\+${registry_param}" "${c}/values.yaml" && ( echo "$line" | grep --quiet "\[default: \(REPOSITORY_NAME/.*\|\"\"\)\]" || exit_code=$? ) + echo "$line" | grep --quiet "\[default: \(REPOSITORY_NAME/.*\|\"\"\)\]" || exit_code=$? + done < <(grep "@param\s\+[A-Za-z\.-]\+\.repository\s\+" "charts/${chart}/values.yaml") + echo "$exit_code" + if [[ $exit_code -ne 0 ]]; then + echo "::error:: Please ensure all *.repository params include the [default: REPOSITORY_NAME] modifier the ${chart}/values.yaml file" + exit "$exit_code" + fi echo "Updating README.md for ${chart}" readme-generator --values "charts/${chart}/values.yaml" --readme "charts/${chart}/README.md" --schema "/tmp/schema.json" done diff --git a/README.md b/README.md index 808ae1697cc052..73e2734cf4c833 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,11 @@ Looking to use our applications in production? Try [VMware Application Catalog]( ## TL;DR ```bash -helm install my-release oci://registry-1.docker.io/bitnamicharts/ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/ ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Vulnerabilities scanner Each Helm chart contains one or more containers. Those containers use images provided by Bitnami through its test & release pipeline and whose source code can be found at [bitnami/containers](https://github.com/bitnami/containers). @@ -54,8 +56,10 @@ Please refer to the [Quick Start guide](https://helm.sh/docs/intro/quickstart/) Useful Helm Client Commands: -- Install a chart: `helm install my-release oci://registry-1.docker.io/bitnamicharts/` -- Upgrade your application: `helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/` +- Install a chart: `helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/` +- Upgrade your application: `helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. ## License diff --git a/bitnami/airflow/README.md b/bitnami/airflow/README.md index f891ebb544e16e..248e117a1f2a77 100644 --- a/bitnami/airflow/README.md +++ b/bitnami/airflow/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/airflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/airflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [Apache Airflow](https://github.com/bitnami/containers/tree/main/bitnami/airflow) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Apache Airflow in production? Try [VMware Application Catalog](ht To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/airflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/airflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Airflow on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,248 +80,248 @@ The command removes all the Kubernetes components associated with the chart and ### Airflow common parameters -| Name | Description | Value | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `auth.username` | Username to access web UI | `user` | -| `auth.password` | Password to access web UI | `""` | -| `auth.fernetKey` | Fernet key to secure connections | `""` | -| `auth.secretKey` | Secret key to run your flask app | `""` | -| `auth.existingSecret` | Name of an existing secret to use for Airflow credentials | `""` | -| `executor` | Airflow executor. Allowed values: `SequentialExecutor`, `LocalExecutor`, `CeleryExecutor`, `KubernetesExecutor`, `CeleryKubernetesExecutor` and `LocalKubernetesExecutor` | `CeleryExecutor` | -| `loadExamples` | Switch to load some Airflow examples | `false` | -| `configuration` | Specify content for Airflow config file (auto-generated based on other env. vars otherwise) | `""` | -| `existingConfigmap` | Name of an existing ConfigMap with the Airflow config file | `""` | -| `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` | -| `dags.image.registry` | Init container load-dags image registry | `docker.io` | -| `dags.image.repository` | Init container load-dags image repository | `bitnami/os-shell` | -| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` | -| `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` | -| `extraEnvVars` | Add extra environment variables for all the Airflow pods | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables for all the Airflow pods | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables for all the Airflow pods | `""` | -| `extraEnvVarsSecrets` | List of secrets with extra environment variables for all the Airflow pods | `[]` | -| `sidecars` | Add additional sidecar containers to all the Airflow pods | `[]` | -| `initContainers` | Add additional init containers to all the Airflow pods | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for all the Airflow pods | `[]` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the all the Airflow pods | `[]` | +| Name | Description | Value | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `auth.username` | Username to access web UI | `user` | +| `auth.password` | Password to access web UI | `""` | +| `auth.fernetKey` | Fernet key to secure connections | `""` | +| `auth.secretKey` | Secret key to run your flask app | `""` | +| `auth.existingSecret` | Name of an existing secret to use for Airflow credentials | `""` | +| `executor` | Airflow executor. Allowed values: `SequentialExecutor`, `LocalExecutor`, `CeleryExecutor`, `KubernetesExecutor`, `CeleryKubernetesExecutor` and `LocalKubernetesExecutor` | `CeleryExecutor` | +| `loadExamples` | Switch to load some Airflow examples | `false` | +| `configuration` | Specify content for Airflow config file (auto-generated based on other env. vars otherwise) | `""` | +| `existingConfigmap` | Name of an existing ConfigMap with the Airflow config file | `""` | +| `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` | +| `dags.image.registry` | Init container load-dags image registry | `REGISTRY_NAME` | +| `dags.image.repository` | Init container load-dags image repository | `REPOSITORY_NAME/os-shell` | +| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` | +| `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` | +| `extraEnvVars` | Add extra environment variables for all the Airflow pods | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables for all the Airflow pods | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables for all the Airflow pods | `""` | +| `extraEnvVarsSecrets` | List of secrets with extra environment variables for all the Airflow pods | `[]` | +| `sidecars` | Add additional sidecar containers to all the Airflow pods | `[]` | +| `initContainers` | Add additional init containers to all the Airflow pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for all the Airflow pods | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the all the Airflow pods | `[]` | ### Airflow web parameters -| Name | Description | Value | -| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | -| `web.image.registry` | Airflow image registry | `docker.io` | -| `web.image.repository` | Airflow image repository | `bitnami/airflow` | -| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.7.2-debian-11-r0` | -| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | -| `web.image.pullSecrets` | Airflow image pull secrets | `[]` | -| `web.image.debug` | Enable image debug mode | `false` | -| `web.baseUrl` | URL used to access to Airflow web ui | `""` | -| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` | -| `web.command` | Override default container command (useful when using custom images) | `[]` | -| `web.args` | Override default container args (useful when using custom images) | `[]` | -| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` | -| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` | -| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` | -| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` | -| `web.containerPorts.http` | Airflow web HTTP container port | `8080` | -| `web.replicaCount` | Number of Airflow web replicas | `1` | -| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` | -| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` | -| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` | -| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | -| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` | -| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` | -| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` | -| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` | -| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` | -| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` | -| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` | -| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` | -| `web.hostAliases` | Deployment pod host aliases | `[]` | -| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` | -| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` | -| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` | -| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` | -| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` | -| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` | -| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` | -| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | -| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` | -| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `web.priorityClassName` | Priority Class Name | `""` | -| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` | -| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` | -| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` | -| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` | -| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` | -| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` | -| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` | -| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` | -| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` | -| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` | +| Name | Description | Value | +| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------- | +| `web.image.registry` | Airflow image registry | `REGISTRY_NAME` | +| `web.image.repository` | Airflow image repository | `REPOSITORY_NAME/airflow` | +| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.7.2-debian-11-r0` | +| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | +| `web.image.pullSecrets` | Airflow image pull secrets | `[]` | +| `web.image.debug` | Enable image debug mode | `false` | +| `web.baseUrl` | URL used to access to Airflow web ui | `""` | +| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` | +| `web.command` | Override default container command (useful when using custom images) | `[]` | +| `web.args` | Override default container args (useful when using custom images) | `[]` | +| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` | +| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` | +| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` | +| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` | +| `web.containerPorts.http` | Airflow web HTTP container port | `8080` | +| `web.replicaCount` | Number of Airflow web replicas | `1` | +| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` | +| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` | +| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` | +| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | +| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` | +| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` | +| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` | +| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` | +| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` | +| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` | +| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` | +| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` | +| `web.hostAliases` | Deployment pod host aliases | `[]` | +| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` | +| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` | +| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` | +| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` | +| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` | +| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` | +| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` | +| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | +| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` | +| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `web.priorityClassName` | Priority Class Name | `""` | +| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` | +| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` | +| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` | +| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` | +| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` | +| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` | +| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` | +| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` | +| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` | +| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` | ### Airflow scheduler parameters -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- | -| `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` | -| `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` | -| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.7.2-debian-11-r0` | -| `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` | -| `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` | -| `scheduler.image.debug` | Enable image debug mode | `false` | -| `scheduler.replicaCount` | Number of scheduler replicas | `1` | -| `scheduler.command` | Override cmd | `[]` | -| `scheduler.args` | Override args | `[]` | -| `scheduler.extraEnvVars` | Add extra environment variables | `[]` | -| `scheduler.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `scheduler.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `scheduler.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow scheduler pods | `[]` | -| `scheduler.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `scheduler.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `scheduler.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `scheduler.resources.limits` | The resources limits for the Airflow scheduler containers | `{}` | -| `scheduler.resources.requests` | The requested resources for the Airflow scheduler containers | `{}` | -| `scheduler.podSecurityContext.enabled` | Enabled Airflow scheduler pods' Security Context | `true` | -| `scheduler.podSecurityContext.fsGroup` | Set Airflow scheduler pod's Security Context fsGroup | `1001` | -| `scheduler.containerSecurityContext.enabled` | Enabled Airflow scheduler containers' Security Context | `true` | -| `scheduler.containerSecurityContext.runAsUser` | Set Airflow scheduler containers' Security Context runAsUser | `1001` | -| `scheduler.containerSecurityContext.runAsNonRoot` | Set Airflow scheduler containers' Security Context runAsNonRoot | `true` | -| `scheduler.lifecycleHooks` | for the Airflow scheduler container(s) to automate configuration before or after startup | `{}` | -| `scheduler.hostAliases` | Deployment pod host aliases | `[]` | -| `scheduler.podLabels` | Add extra labels to the Airflow scheduler pods | `{}` | -| `scheduler.podAnnotations` | Add extra annotations to the Airflow scheduler pods | `{}` | -| `scheduler.affinity` | Affinity for Airflow scheduler pods assignment (evaluated as a template) | `{}` | -| `scheduler.nodeAffinityPreset.key` | Node label key to match. Ignored if `scheduler.affinity` is set. | `""` | -| `scheduler.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `scheduler.nodeAffinityPreset.values` | Node label values to match. Ignored if `scheduler.affinity` is set. | `[]` | -| `scheduler.nodeSelector` | Node labels for Airflow scheduler pods assignment | `{}` | -| `scheduler.podAffinityPreset` | Pod affinity preset. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard`. | `""` | -| `scheduler.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | -| `scheduler.tolerations` | Tolerations for Airflow scheduler pods assignment | `[]` | -| `scheduler.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `scheduler.priorityClassName` | Priority Class Name | `""` | -| `scheduler.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `scheduler.terminationGracePeriodSeconds` | Seconds Airflow scheduler pod needs to terminate gracefully | `""` | -| `scheduler.updateStrategy.type` | Airflow scheduler deployment strategy type | `RollingUpdate` | -| `scheduler.updateStrategy.rollingUpdate` | Airflow scheduler deployment rolling update configuration parameters | `{}` | -| `scheduler.sidecars` | Add additional sidecar containers to the Airflow scheduler pods | `[]` | -| `scheduler.initContainers` | Add additional init containers to the Airflow scheduler pods | `[]` | -| `scheduler.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow scheduler pods | `[]` | -| `scheduler.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow scheduler pods | `[]` | -| `scheduler.pdb.create` | Deploy a pdb object for the Airflow scheduler pods | `false` | -| `scheduler.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `1` | -| `scheduler.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `""` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----------------------------------- | +| `scheduler.image.registry` | Airflow Scheduler image registry | `REGISTRY_NAME` | +| `scheduler.image.repository` | Airflow Scheduler image repository | `REPOSITORY_NAME/airflow-scheduler` | +| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.7.2-debian-11-r0` | +| `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` | +| `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` | +| `scheduler.image.debug` | Enable image debug mode | `false` | +| `scheduler.replicaCount` | Number of scheduler replicas | `1` | +| `scheduler.command` | Override cmd | `[]` | +| `scheduler.args` | Override args | `[]` | +| `scheduler.extraEnvVars` | Add extra environment variables | `[]` | +| `scheduler.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `scheduler.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `scheduler.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow scheduler pods | `[]` | +| `scheduler.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `scheduler.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `scheduler.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `scheduler.resources.limits` | The resources limits for the Airflow scheduler containers | `{}` | +| `scheduler.resources.requests` | The requested resources for the Airflow scheduler containers | `{}` | +| `scheduler.podSecurityContext.enabled` | Enabled Airflow scheduler pods' Security Context | `true` | +| `scheduler.podSecurityContext.fsGroup` | Set Airflow scheduler pod's Security Context fsGroup | `1001` | +| `scheduler.containerSecurityContext.enabled` | Enabled Airflow scheduler containers' Security Context | `true` | +| `scheduler.containerSecurityContext.runAsUser` | Set Airflow scheduler containers' Security Context runAsUser | `1001` | +| `scheduler.containerSecurityContext.runAsNonRoot` | Set Airflow scheduler containers' Security Context runAsNonRoot | `true` | +| `scheduler.lifecycleHooks` | for the Airflow scheduler container(s) to automate configuration before or after startup | `{}` | +| `scheduler.hostAliases` | Deployment pod host aliases | `[]` | +| `scheduler.podLabels` | Add extra labels to the Airflow scheduler pods | `{}` | +| `scheduler.podAnnotations` | Add extra annotations to the Airflow scheduler pods | `{}` | +| `scheduler.affinity` | Affinity for Airflow scheduler pods assignment (evaluated as a template) | `{}` | +| `scheduler.nodeAffinityPreset.key` | Node label key to match. Ignored if `scheduler.affinity` is set. | `""` | +| `scheduler.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `scheduler.nodeAffinityPreset.values` | Node label values to match. Ignored if `scheduler.affinity` is set. | `[]` | +| `scheduler.nodeSelector` | Node labels for Airflow scheduler pods assignment | `{}` | +| `scheduler.podAffinityPreset` | Pod affinity preset. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard`. | `""` | +| `scheduler.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `scheduler.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | +| `scheduler.tolerations` | Tolerations for Airflow scheduler pods assignment | `[]` | +| `scheduler.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `scheduler.priorityClassName` | Priority Class Name | `""` | +| `scheduler.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `scheduler.terminationGracePeriodSeconds` | Seconds Airflow scheduler pod needs to terminate gracefully | `""` | +| `scheduler.updateStrategy.type` | Airflow scheduler deployment strategy type | `RollingUpdate` | +| `scheduler.updateStrategy.rollingUpdate` | Airflow scheduler deployment rolling update configuration parameters | `{}` | +| `scheduler.sidecars` | Add additional sidecar containers to the Airflow scheduler pods | `[]` | +| `scheduler.initContainers` | Add additional init containers to the Airflow scheduler pods | `[]` | +| `scheduler.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow scheduler pods | `[]` | +| `scheduler.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow scheduler pods | `[]` | +| `scheduler.pdb.create` | Deploy a pdb object for the Airflow scheduler pods | `false` | +| `scheduler.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `1` | +| `scheduler.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow scheduler replicas | `""` | ### Airflow worker parameters -| Name | Description | Value | -| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | -| `worker.image.registry` | Airflow Worker image registry | `docker.io` | -| `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` | -| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.2-debian-11-r1` | -| `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` | -| `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` | -| `worker.image.debug` | Enable image debug mode | `false` | -| `worker.command` | Override default container command (useful when using custom images) | `[]` | -| `worker.args` | Override default container args (useful when using custom images) | `[]` | -| `worker.extraEnvVars` | Array with extra environment variables to add Airflow worker pods | `[]` | -| `worker.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow worker pods | `""` | -| `worker.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow worker pods | `""` | -| `worker.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow worker pods | `[]` | -| `worker.containerPorts.http` | Airflow worker HTTP container port | `8793` | -| `worker.replicaCount` | Number of Airflow worker replicas | `1` | -| `worker.livenessProbe.enabled` | Enable livenessProbe on Airflow worker containers | `true` | -| `worker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `worker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `worker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `worker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `worker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `worker.readinessProbe.enabled` | Enable readinessProbe on Airflow worker containers | `true` | -| `worker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `worker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `worker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `worker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `worker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `worker.startupProbe.enabled` | Enable startupProbe on Airflow worker containers | `false` | -| `worker.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | -| `worker.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `worker.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `worker.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `worker.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `worker.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `worker.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `worker.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `worker.resources.limits` | The resources limits for the Airflow worker containers | `{}` | -| `worker.resources.requests` | The requested resources for the Airflow worker containers | `{}` | -| `worker.podSecurityContext.enabled` | Enabled Airflow worker pods' Security Context | `true` | -| `worker.podSecurityContext.fsGroup` | Set Airflow worker pod's Security Context fsGroup | `1001` | -| `worker.containerSecurityContext.enabled` | Enabled Airflow worker containers' Security Context | `true` | -| `worker.containerSecurityContext.runAsUser` | Set Airflow worker containers' Security Context runAsUser | `1001` | -| `worker.containerSecurityContext.runAsNonRoot` | Set Airflow worker containers' Security Context runAsNonRoot | `true` | -| `worker.lifecycleHooks` | for the Airflow worker container(s) to automate configuration before or after startup | `{}` | -| `worker.hostAliases` | Deployment pod host aliases | `[]` | -| `worker.podLabels` | Add extra labels to the Airflow worker pods | `{}` | -| `worker.podAnnotations` | Add extra annotations to the Airflow worker pods | `{}` | -| `worker.affinity` | Affinity for Airflow worker pods assignment (evaluated as a template) | `{}` | -| `worker.nodeAffinityPreset.key` | Node label key to match. Ignored if `worker.affinity` is set. | `""` | -| `worker.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `worker.nodeAffinityPreset.values` | Node label values to match. Ignored if `worker.affinity` is set. | `[]` | -| `worker.nodeSelector` | Node labels for Airflow worker pods assignment | `{}` | -| `worker.podAffinityPreset` | Pod affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`. | `""` | -| `worker.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | -| `worker.tolerations` | Tolerations for Airflow worker pods assignment | `[]` | -| `worker.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `worker.priorityClassName` | Priority Class Name | `""` | -| `worker.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `worker.terminationGracePeriodSeconds` | Seconds Airflow worker pod needs to terminate gracefully | `""` | -| `worker.updateStrategy.type` | Airflow worker deployment strategy type | `RollingUpdate` | -| `worker.updateStrategy.rollingUpdate` | Airflow worker deployment rolling update configuration parameters | `{}` | -| `worker.sidecars` | Add additional sidecar containers to the Airflow worker pods | `[]` | -| `worker.initContainers` | Add additional init containers to the Airflow worker pods | `[]` | -| `worker.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow worker pods | `[]` | -| `worker.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow worker pods | `[]` | -| `worker.extraVolumeClaimTemplates` | Optionally specify extra list of volumesClaimTemplates for the Airflow worker statefulset | `[]` | -| `worker.podTemplate` | Template to replace the default one to be use when `executor=KubernetesExecutor` to create Airflow worker pods | `{}` | -| `worker.pdb.create` | Deploy a pdb object for the Airflow worker pods | `false` | -| `worker.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow worker replicas | `1` | -| `worker.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow worker replicas | `""` | -| `worker.autoscaling.enabled` | Whether enable horizontal pod autoscaler | `false` | -| `worker.autoscaling.minReplicas` | Configure a minimum amount of pods | `1` | -| `worker.autoscaling.maxReplicas` | Configure a maximum amount of pods | `3` | -| `worker.autoscaling.targetCPU` | Define the CPU target to trigger the scaling actions (utilization percentage) | `80` | -| `worker.autoscaling.targetMemory` | Define the memory target to trigger the scaling actions (utilization percentage) | `80` | +| Name | Description | Value | +| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------------------- | +| `worker.image.registry` | Airflow Worker image registry | `REGISTRY_NAME` | +| `worker.image.repository` | Airflow Worker image repository | `REPOSITORY_NAME/airflow-worker` | +| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.2-debian-11-r1` | +| `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` | +| `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` | +| `worker.image.debug` | Enable image debug mode | `false` | +| `worker.command` | Override default container command (useful when using custom images) | `[]` | +| `worker.args` | Override default container args (useful when using custom images) | `[]` | +| `worker.extraEnvVars` | Array with extra environment variables to add Airflow worker pods | `[]` | +| `worker.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow worker pods | `""` | +| `worker.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow worker pods | `""` | +| `worker.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow worker pods | `[]` | +| `worker.containerPorts.http` | Airflow worker HTTP container port | `8793` | +| `worker.replicaCount` | Number of Airflow worker replicas | `1` | +| `worker.livenessProbe.enabled` | Enable livenessProbe on Airflow worker containers | `true` | +| `worker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `worker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `worker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `worker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `worker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `worker.readinessProbe.enabled` | Enable readinessProbe on Airflow worker containers | `true` | +| `worker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `worker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `worker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `worker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `worker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `worker.startupProbe.enabled` | Enable startupProbe on Airflow worker containers | `false` | +| `worker.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | +| `worker.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `worker.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `worker.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `worker.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `worker.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `worker.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `worker.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `worker.resources.limits` | The resources limits for the Airflow worker containers | `{}` | +| `worker.resources.requests` | The requested resources for the Airflow worker containers | `{}` | +| `worker.podSecurityContext.enabled` | Enabled Airflow worker pods' Security Context | `true` | +| `worker.podSecurityContext.fsGroup` | Set Airflow worker pod's Security Context fsGroup | `1001` | +| `worker.containerSecurityContext.enabled` | Enabled Airflow worker containers' Security Context | `true` | +| `worker.containerSecurityContext.runAsUser` | Set Airflow worker containers' Security Context runAsUser | `1001` | +| `worker.containerSecurityContext.runAsNonRoot` | Set Airflow worker containers' Security Context runAsNonRoot | `true` | +| `worker.lifecycleHooks` | for the Airflow worker container(s) to automate configuration before or after startup | `{}` | +| `worker.hostAliases` | Deployment pod host aliases | `[]` | +| `worker.podLabels` | Add extra labels to the Airflow worker pods | `{}` | +| `worker.podAnnotations` | Add extra annotations to the Airflow worker pods | `{}` | +| `worker.affinity` | Affinity for Airflow worker pods assignment (evaluated as a template) | `{}` | +| `worker.nodeAffinityPreset.key` | Node label key to match. Ignored if `worker.affinity` is set. | `""` | +| `worker.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `worker.nodeAffinityPreset.values` | Node label values to match. Ignored if `worker.affinity` is set. | `[]` | +| `worker.nodeSelector` | Node labels for Airflow worker pods assignment | `{}` | +| `worker.podAffinityPreset` | Pod affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`. | `""` | +| `worker.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `worker.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | +| `worker.tolerations` | Tolerations for Airflow worker pods assignment | `[]` | +| `worker.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `worker.priorityClassName` | Priority Class Name | `""` | +| `worker.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `worker.terminationGracePeriodSeconds` | Seconds Airflow worker pod needs to terminate gracefully | `""` | +| `worker.updateStrategy.type` | Airflow worker deployment strategy type | `RollingUpdate` | +| `worker.updateStrategy.rollingUpdate` | Airflow worker deployment rolling update configuration parameters | `{}` | +| `worker.sidecars` | Add additional sidecar containers to the Airflow worker pods | `[]` | +| `worker.initContainers` | Add additional init containers to the Airflow worker pods | `[]` | +| `worker.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow worker pods | `[]` | +| `worker.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow worker pods | `[]` | +| `worker.extraVolumeClaimTemplates` | Optionally specify extra list of volumesClaimTemplates for the Airflow worker statefulset | `[]` | +| `worker.podTemplate` | Template to replace the default one to be use when `executor=KubernetesExecutor` to create Airflow worker pods | `{}` | +| `worker.pdb.create` | Deploy a pdb object for the Airflow worker pods | `false` | +| `worker.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow worker replicas | `1` | +| `worker.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow worker replicas | `""` | +| `worker.autoscaling.enabled` | Whether enable horizontal pod autoscaler | `false` | +| `worker.autoscaling.minReplicas` | Configure a minimum amount of pods | `1` | +| `worker.autoscaling.maxReplicas` | Configure a maximum amount of pods | `3` | +| `worker.autoscaling.targetCPU` | Define the CPU target to trigger the scaling actions (utilization percentage) | `80` | +| `worker.autoscaling.targetMemory` | Define the memory target to trigger the scaling actions (utilization percentage) | `80` | ### Airflow git sync parameters | Name | Description | Value | | ------------------------------ | --------------------------------------------------------------------------------------------------- | ---------------------- | -| `git.image.registry` | Git image registry | `docker.io` | -| `git.image.repository` | Git image repository | `bitnami/git` | +| `git.image.registry` | Git image registry | `REGISTRY_NAME` | +| `git.image.repository` | Git image repository | `REPOSITORY_NAME/git` | | `git.image.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | | `git.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `git.image.pullPolicy` | Git image pull policy | `IfNotPresent` | @@ -405,53 +409,53 @@ The command removes all the Kubernetes components associated with the chart and ### Airflow metrics parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` | -| `metrics.image.registry` | Airflow exporter image registry | `docker.io` | -| `metrics.image.repository` | Airflow exporter image repository | `bitnami/airflow-exporter` | -| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r438` | -| `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` | -| `metrics.extraEnvVars` | Array with extra environment variables to add Airflow exporter pods | `[]` | -| `metrics.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow exporter pods | `""` | -| `metrics.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow exporter pods | `""` | -| `metrics.containerPorts.http` | Airflow exporter metrics container port | `9112` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.podSecurityContext.enabled` | Enable security context for the pods | `true` | -| `metrics.podSecurityContext.fsGroup` | Set Airflow exporter pod's Security Context fsGroup | `1001` | -| `metrics.containerSecurityContext.enabled` | Enable Airflow exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Airflow exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Airflow exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.lifecycleHooks` | for the Airflow exporter container(s) to automate configuration before or after startup | `{}` | -| `metrics.hostAliases` | Airflow exporter pods host aliases | `[]` | -| `metrics.podLabels` | Extra labels for Airflow exporter pods | `{}` | -| `metrics.podAnnotations` | Extra annotations for Airflow exporter pods | `{}` | -| `metrics.podAffinityPreset` | Pod affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `metrics.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.nodeAffinityPreset.key` | Node label key to match Ignored if `metrics.affinity` is set. | `""` | -| `metrics.nodeAffinityPreset.values` | Node label values to match. Ignored if `metrics.affinity` is set. | `[]` | -| `metrics.affinity` | Affinity for pod assignment | `{}` | -| `metrics.nodeSelector` | Node labels for pod assignment | `{}` | -| `metrics.tolerations` | Tolerations for pod assignment | `[]` | -| `metrics.schedulerName` | Name of the k8s scheduler (other than default) for Airflow exporter | `""` | -| `metrics.service.ports.http` | Airflow exporter metrics service port | `9112` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metrics.service.annotations` | Annotations for the Airflow exporter service | `{}` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| Name | Description | Value | +| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` | +| `metrics.image.registry` | Airflow exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Airflow exporter image repository | `REPOSITORY_NAME/airflow-exporter` | +| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r438` | +| `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` | +| `metrics.extraEnvVars` | Array with extra environment variables to add Airflow exporter pods | `[]` | +| `metrics.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow exporter pods | `""` | +| `metrics.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow exporter pods | `""` | +| `metrics.containerPorts.http` | Airflow exporter metrics container port | `9112` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.podSecurityContext.enabled` | Enable security context for the pods | `true` | +| `metrics.podSecurityContext.fsGroup` | Set Airflow exporter pod's Security Context fsGroup | `1001` | +| `metrics.containerSecurityContext.enabled` | Enable Airflow exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Airflow exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Airflow exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.lifecycleHooks` | for the Airflow exporter container(s) to automate configuration before or after startup | `{}` | +| `metrics.hostAliases` | Airflow exporter pods host aliases | `[]` | +| `metrics.podLabels` | Extra labels for Airflow exporter pods | `{}` | +| `metrics.podAnnotations` | Extra annotations for Airflow exporter pods | `{}` | +| `metrics.podAffinityPreset` | Pod affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `metrics.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.nodeAffinityPreset.key` | Node label key to match Ignored if `metrics.affinity` is set. | `""` | +| `metrics.nodeAffinityPreset.values` | Node label values to match. Ignored if `metrics.affinity` is set. | `[]` | +| `metrics.affinity` | Affinity for pod assignment | `{}` | +| `metrics.nodeSelector` | Node labels for pod assignment | `{}` | +| `metrics.tolerations` | Tolerations for pod assignment | `[]` | +| `metrics.schedulerName` | Name of the k8s scheduler (other than default) for Airflow exporter | `""` | +| `metrics.service.ports.http` | Airflow exporter metrics service port | `9112` | +| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.service.annotations` | Annotations for the Airflow exporter service | `{}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | ### Airflow database parameters @@ -491,9 +495,11 @@ helm install my-release \ --set auth.password=my-passsword \ --set auth.fernetKey=my-fernet-key \ --set auth.secretKey=my-secret-key \ - oci://registry-1.docker.io/bitnamicharts/airflow + oci://REGISTRY_NAME/REPOSITORY_NAME/airflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the credentials to access the Airflow web UI. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -501,9 +507,10 @@ The above command sets the credentials to access the Airflow web UI. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/airflow +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/airflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/airflow/values.yaml b/bitnami/airflow/values.yaml index d7c7b8f541abfd..2f108f611aa475 100644 --- a/bitnami/airflow/values.yaml +++ b/bitnami/airflow/values.yaml @@ -111,8 +111,8 @@ dags: existingConfigmap: "" ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param dags.image.registry Init container load-dags image registry - ## @param dags.image.repository Init container load-dags image repository + ## @param dags.image.registry [default: REGISTRY_NAME] Init container load-dags image registry + ## @param dags.image.repository [default: REPOSITORY_NAME/os-shell] Init container load-dags image repository ## @param dags.image.tag Init container load-dags image tag (immutable tags are recommended) ## @param dags.image.digest Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param dags.image.pullPolicy Init container load-dags image pull policy @@ -178,8 +178,8 @@ extraVolumes: [] web: ## Bitnami Airflow image version ## ref: https://hub.docker.com/r/bitnami/airflow/tags/ - ## @param web.image.registry Airflow image registry - ## @param web.image.repository Airflow image repository + ## @param web.image.registry [default: REGISTRY_NAME] Airflow image registry + ## @param web.image.repository [default: REPOSITORY_NAME/airflow] Airflow image repository ## @param web.image.tag Airflow image tag (immutable tags are recommended) ## @param web.image.digest Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param web.image.pullPolicy Airflow image pull policy @@ -435,8 +435,8 @@ web: scheduler: ## Bitnami Airflow Scheduler image version ## ref: https://hub.docker.com/r/bitnami/airflow-scheduler/tags/ - ## @param scheduler.image.registry Airflow Scheduler image registry - ## @param scheduler.image.repository Airflow Scheduler image repository + ## @param scheduler.image.registry [default: REGISTRY_NAME] Airflow Scheduler image registry + ## @param scheduler.image.repository [default: REPOSITORY_NAME/airflow-scheduler] Airflow Scheduler image repository ## @param scheduler.image.tag Airflow Scheduler image tag (immutable tags are recommended) ## @param scheduler.image.digest Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param scheduler.image.pullPolicy Airflow Scheduler image pull policy @@ -639,8 +639,8 @@ scheduler: worker: ## Bitnami Airflow Worker image version ## ref: https://hub.docker.com/r/bitnami/airflow-worker/tags/ - ## @param worker.image.registry Airflow Worker image registry - ## @param worker.image.repository Airflow Worker image repository + ## @param worker.image.registry [default: REGISTRY_NAME] Airflow Worker image registry + ## @param worker.image.repository [default: REPOSITORY_NAME/airflow-worker] Airflow Worker image repository ## @param worker.image.tag Airflow Worker image tag (immutable tags are recommended) ## @param worker.image.digest Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param worker.image.pullPolicy Airflow Worker image pull policy @@ -913,8 +913,8 @@ worker: git: ## Bitnami Git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ - ## @param git.image.registry Git image registry - ## @param git.image.repository Git image repository + ## @param git.image.registry [default: REGISTRY_NAME] Git image registry + ## @param git.image.repository [default: REPOSITORY_NAME/git] Git image repository ## @param git.image.tag Git image tag (immutable tags are recommended) ## @param git.image.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param git.image.pullPolicy Git image pull policy @@ -1276,8 +1276,8 @@ metrics: enabled: false ## Bitnami Airflow exporter image ## ref: https://hub.docker.com/r/bitnami/airflow-exporter/tags/ - ## @param metrics.image.registry Airflow exporter image registry - ## @param metrics.image.repository Airflow exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Airflow exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/airflow-exporter] Airflow exporter image repository ## @param metrics.image.tag Airflow exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Airflow exporter image pull policy diff --git a/bitnami/apache/README.md b/bitnami/apache/README.md index b90cd8a035944a..45591d70613081 100644 --- a/bitnami/apache/README.md +++ b/bitnami/apache/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/apache +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/apache ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -36,9 +38,11 @@ Looking to use Apache in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/apache +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/apache ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Apache on the Kubernetes cluster in the default configuration. > **Tip**: List all releases using `helm list` @@ -76,96 +80,96 @@ The command removes all the Kubernetes components associated with the chart and ### Apache parameters -| Name | Description | Value | -| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------------- | -| `image.registry` | Apache image registry | `docker.io` | -| `image.repository` | Apache image repository | `bitnami/apache` | -| `image.tag` | Apache image tag (immutable tags are recommended) | `2.4.58-debian-11-r0` | -| `image.digest` | Apache image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Apache image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Apache image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `git.registry` | Git image registry | `docker.io` | -| `git.repository` | Git image name | `bitnami/git` | -| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | -| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | -| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `replicaCount` | Number of replicas of the Apache deployment | `1` | -| `revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `extraPodSpec` | Optionally specify extra PodSpec | `{}` | -| `cloneHtdocsFromGit.enabled` | Get the server static content from a git repository | `false` | -| `cloneHtdocsFromGit.repository` | Repository to clone static content from | `""` | -| `cloneHtdocsFromGit.branch` | Branch inside the git repository | `""` | -| `cloneHtdocsFromGit.enableAutoRefresh` | Enables an automatic git pull with a sidecar container | `true` | -| `cloneHtdocsFromGit.interval` | Interval for sidecar container pull from the repository | `60` | -| `cloneHtdocsFromGit.resources` | Init container git resource requests | `{}` | -| `cloneHtdocsFromGit.extraVolumeMounts` | Add extra volume mounts for the GIT containers | `[]` | -| `htdocsConfigMap` | Name of a config map with the server static content | `""` | -| `htdocsPVC` | Name of a PVC with the server static content | `""` | -| `vhostsConfigMap` | Name of a config map with the virtual hosts content | `""` | -| `httpdConfConfigMap` | Name of a config map with the httpd.conf file contents | `""` | -| `podLabels` | Extra labels for Apache pods | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `priorityClassName` | Apache Server pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `podSecurityContext.enabled` | Enabled Apache Server pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Apache Server pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled Apache Server containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set Apache Server containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the Apache server container(s) to automate configuration before or after startup | `{}` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Path to access on the HTTP server | `/` | -| `startupProbe.port` | Port for startupProbe | `http` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `180` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable liveness probe | `true` | -| `livenessProbe.path` | Path to access on the HTTP server | `/` | -| `livenessProbe.port` | Port for livenessProbe | `http` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readiness probe | `true` | -| `readinessProbe.path` | Path to access on the HTTP server | `/` | -| `readinessProbe.port` | Port for readinessProbe | `http` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `customReadinessProbe` | Custom rediness probe for the Web component | `{}` | -| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | -| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | -| `extraEnvVars` | Array to add extra environment variables | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Apache server nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Apache server nodes | `""` | -| `containerPorts.http` | Apache server HTTP container port | `8080` | -| `containerPorts.https` | Apache server HTTPS container port | `8443` | -| `initContainers` | Add additional init containers to the Apache pods | `[]` | -| `sidecars` | Add additional sidecar containers to the Apache pods | `[]` | -| `updateStrategy.type` | Apache Server deployment strategy type. | `RollingUpdate` | +| Name | Description | Value | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | +| `image.registry` | Apache image registry | `REGISTRY_NAME` | +| `image.repository` | Apache image repository | `REPOSITORY_NAME/apache` | +| `image.tag` | Apache image tag (immutable tags are recommended) | `2.4.58-debian-11-r0` | +| `image.digest` | Apache image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Apache image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Apache image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `git.registry` | Git image registry | `REGISTRY_NAME` | +| `git.repository` | Git image name | `REPOSITORY_NAME/git` | +| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | +| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | +| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `replicaCount` | Number of replicas of the Apache deployment | `1` | +| `revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `extraPodSpec` | Optionally specify extra PodSpec | `{}` | +| `cloneHtdocsFromGit.enabled` | Get the server static content from a git repository | `false` | +| `cloneHtdocsFromGit.repository` | Repository to clone static content from | `""` | +| `cloneHtdocsFromGit.branch` | Branch inside the git repository | `""` | +| `cloneHtdocsFromGit.enableAutoRefresh` | Enables an automatic git pull with a sidecar container | `true` | +| `cloneHtdocsFromGit.interval` | Interval for sidecar container pull from the repository | `60` | +| `cloneHtdocsFromGit.resources` | Init container git resource requests | `{}` | +| `cloneHtdocsFromGit.extraVolumeMounts` | Add extra volume mounts for the GIT containers | `[]` | +| `htdocsConfigMap` | Name of a config map with the server static content | `""` | +| `htdocsPVC` | Name of a PVC with the server static content | `""` | +| `vhostsConfigMap` | Name of a config map with the virtual hosts content | `""` | +| `httpdConfConfigMap` | Name of a config map with the httpd.conf file contents | `""` | +| `podLabels` | Extra labels for Apache pods | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `priorityClassName` | Apache Server pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `podSecurityContext.enabled` | Enabled Apache Server pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Apache Server pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled Apache Server containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set Apache Server containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the Apache server container(s) to automate configuration before or after startup | `{}` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Path to access on the HTTP server | `/` | +| `startupProbe.port` | Port for startupProbe | `http` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `180` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable liveness probe | `true` | +| `livenessProbe.path` | Path to access on the HTTP server | `/` | +| `livenessProbe.port` | Port for livenessProbe | `http` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readiness probe | `true` | +| `readinessProbe.path` | Path to access on the HTTP server | `/` | +| `readinessProbe.port` | Port for readinessProbe | `http` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `customReadinessProbe` | Custom rediness probe for the Web component | `{}` | +| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | +| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | +| `extraEnvVars` | Array to add extra environment variables | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Apache server nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Apache server nodes | `""` | +| `containerPorts.http` | Apache server HTTP container port | `8080` | +| `containerPorts.https` | Apache server HTTPS container port | `8443` | +| `initContainers` | Add additional init containers to the Apache pods | `[]` | +| `sidecars` | Add additional sidecar containers to the Apache pods | `[]` | +| `updateStrategy.type` | Apache Server deployment strategy type. | `RollingUpdate` | ### Other Parameters @@ -214,49 +218,52 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose Apache metrics | `false` | -| `metrics.image.registry` | Apache Exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache Exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache Exporter image tag (immutable tags are recommended) | `1.0.3-debian-11-r0` | -| `metrics.image.digest` | Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Apache Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Apache Exporter image pull secrets | `[]` | -| `metrics.image.debug` | Apache Exporter image debug mode | `false` | -| `metrics.podAnnotations` | Additional custom annotations for Apache exporter service | `{}` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.service.port` | Metrics service port | `9117` | -| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator PodMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the PodMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Labels that can be used so PodMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.labels` | Labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| Name | Description | Value | +| ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose Apache metrics | `false` | +| `metrics.image.registry` | Apache Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache Exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache Exporter image tag (immutable tags are recommended) | `1.0.3-debian-11-r0` | +| `metrics.image.digest` | Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache Exporter image pull secrets | `[]` | +| `metrics.image.debug` | Apache Exporter image debug mode | `false` | +| `metrics.podAnnotations` | Additional custom annotations for Apache exporter service | `{}` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.service.port` | Metrics service port | `9117` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator PodMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the PodMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Labels that can be used so PodMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.labels` | Labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set imagePullPolicy=Always \ - oci://registry-1.docker.io/bitnamicharts/apache + oci://REGISTRY_NAME/REPOSITORY_NAME/apache ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `imagePullPolicy` to `Always`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/apache +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/apache ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/apache/values.yaml b/bitnami/apache/values.yaml index 48cbc8810f6899..cf278634a63833 100644 --- a/bitnami/apache/values.yaml +++ b/bitnami/apache/values.yaml @@ -44,8 +44,8 @@ extraDeploy: [] ## Bitnami Apache image ## ref: https://hub.docker.com/r/bitnami/apache/tags/ -## @param image.registry Apache image registry -## @param image.repository Apache image repository +## @param image.registry [default: REGISTRY_NAME] Apache image registry +## @param image.repository [default: REPOSITORY_NAME/apache] Apache image repository ## @param image.tag Apache image tag (immutable tags are recommended) ## @param image.digest Apache image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Apache image pull policy @@ -75,8 +75,8 @@ image: debug: false ## Bitnami Git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ -## @param git.registry Git image registry -## @param git.repository Git image name +## @param git.registry [default: REGISTRY_NAME] Git image registry +## @param git.repository [default: REPOSITORY_NAME/git] Git image name ## @param git.tag Git image tag (immutable tags are recommended) ## @param git.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param git.pullPolicy Git image pull policy @@ -584,8 +584,8 @@ metrics: enabled: false ## Bitnami Apache Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ - ## @param metrics.image.registry Apache Exporter image registry - ## @param metrics.image.repository Apache Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache Exporter image repository ## @param metrics.image.tag Apache Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Apache Exporter image pull policy diff --git a/bitnami/apisix/README.md b/bitnami/apisix/README.md index e30c1d95d7b9a1..8b21abd96fcf29 100644 --- a/bitnami/apisix/README.md +++ b/bitnami/apisix/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/apisix +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/apisix ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Apache APISIX](https://github.com/bitnami/containers/tree/main/bitnami/apisix) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -61,26 +63,26 @@ The command removes all the Kubernetes components associated with the chart and ### Common parameters -| Name | Description | Value | -| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.name | `""` | -| `fullnameOverride` | String to fully override common.names.fullname | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | -| `image.registry` | APISIX image registry | `docker.io` | -| `image.repository` | APISIX image repository | `bitnami/apisix` | -| `image.tag` | APISIX image tag (immutable tags are recommended) | `3.6.0-debian-11-r3` | -| `image.digest` | APISIX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `image.pullPolicy` | APISIX image pull policy | `IfNotPresent` | -| `image.pullSecrets` | APISIX image pull secrets | `[]` | -| `image.debug` | Enable APISIX image debug mode | `false` | +| Name | Description | Value | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.name | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | +| `image.registry` | APISIX image registry | `REGISTRY_NAME` | +| `image.repository` | APISIX image repository | `REPOSITORY_NAME/apisix` | +| `image.tag` | APISIX image tag (immutable tags are recommended) | `3.6.0-debian-11-r3` | +| `image.digest` | APISIX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `image.pullPolicy` | APISIX image pull policy | `IfNotPresent` | +| `image.pullSecrets` | APISIX image pull secrets | `[]` | +| `image.debug` | Enable APISIX image debug mode | `false` | ### APISIX Data Plane parameters @@ -421,97 +423,97 @@ The command removes all the Kubernetes components associated with the chart and ### APISIX Dashboard Parameters -| Name | Description | Value | -| ------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `dashboard.enabled` | Enable APISIX Dashboard | `true` | -| `dashboard.replicaCount` | Number of APISIX Dashboard replicas to deploy | `1` | -| `dashboard.image.registry` | APISIX Dashboard image registry | `docker.io` | -| `dashboard.image.repository` | APISIX Dashboard image repository | `bitnami/apisix-dashboard` | -| `dashboard.image.tag` | APISIX Dashboard image tag (immutable tags are recommended) | `3.0.1-debian-11-r135` | -| `dashboard.image.digest` | APISIX Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `dashboard.image.pullPolicy` | APISIX Dashboard image pull policy | `IfNotPresent` | -| `dashboard.image.pullSecrets` | APISIX Dashboard image pull secrets | `[]` | -| `dashboard.image.debug` | Enable APISIX Dashboard image debug mode | `false` | -| `dashboard.username` | APISIX Dashboard username | `user` | -| `dashboard.password` | APISIX Dashboard password | `""` | -| `dashboard.existingSecret` | Name of a existing secret containing the password for APISIX Dashboard | `""` | -| `dashboard.existingSecretPasswordKey` | Key inside the secret containing the password for APISIX Dashboard | `""` | -| `dashboard.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` | -| `dashboard.extraConfig` | extra configuration settings for APISIX Dashboard | `{}` | -| `dashboard.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | -| `dashboard.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | -| `dashboard.tls.enabled` | Enable TLS transport in Dashboard | `true` | -| `dashboard.tls.autoGenerated` | Auto-generate self-signed certificates | `true` | -| `dashboard.tls.existingSecret` | Name of a secret containing the certificates | `""` | -| `dashboard.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` | -| `dashboard.tls.certKeyFilename` | Path of the certificate key file when mounted as a secret | `tls.key` | -| `dashboard.tls.certCAFilename` | Path of the certificate CA file when mounted as a secret | `ca.crt` | -| `dashboard.tls.cert` | Content of the certificate to be added to the secret | `""` | -| `dashboard.tls.key` | Content of the certificate key to be added to the secret | `""` | -| `dashboard.tls.ca` | Content of the certificate CA to be added to the secret | `""` | -| `dashboard.hostAliases` | APISIX Dashboard pods host aliases | `[]` | -| `dashboard.podLabels` | Extra labels for APISIX Dashboard pods | `{}` | -| `dashboard.podAnnotations` | Annotations for APISIX Dashboard pods | `{}` | -| `dashboard.podAffinityPreset` | Pod affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `dashboard.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.nodeAffinityPreset.key` | Node label key to match. Ignored if `dashboard.affinity` is set | `""` | -| `dashboard.nodeAffinityPreset.values` | Node label values to match. Ignored if `dashboard.affinity` is set | `[]` | -| `dashboard.affinity` | Affinity for APISIX Dashboard pods assignment | `{}` | -| `dashboard.nodeSelector` | Node labels for APISIX Dashboard pods assignment | `{}` | -| `dashboard.tolerations` | Tolerations for APISIX Dashboard pods assignment | `[]` | -| `dashboard.updateStrategy.type` | APISIX Dashboard statefulset strategy type | `RollingUpdate` | -| `dashboard.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `dashboard.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `dashboard.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `dashboard.priorityClassName` | APISIX Dashboard pods' priorityClassName | `""` | -| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Dashboard pods | `""` | -| `dashboard.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Dashboard pod(s) | `[]` | -| `dashboard.sidecars` | Add additional sidecar containers to the APISIX Dashboard pod(s) | `[]` | -| `dashboard.initContainers` | Add additional init containers to the APISIX Dashboard pod(s) | `[]` | -| `dashboard.podSecurityContext.enabled` | Enabled Dashboard pods' Security Context | `true` | -| `dashboard.podSecurityContext.fsGroup` | Set Dashboard pod's Security Context fsGroup | `1001` | -| `dashboard.podSecurityContext.seccompProfile.type` | Set Dashboard pod's Security Context seccomp profile | `RuntimeDefault` | -| `dashboard.containerPorts.http` | Dashboard http container port | `8080` | -| `dashboard.containerPorts.https` | Dashboard https container port | `8443` | -| `dashboard.livenessProbe.enabled` | Enable livenessProbe on Dashboard container | `true` | -| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `dashboard.readinessProbe.enabled` | Enable readinessProbe on Dashboard container | `true` | -| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `dashboard.startupProbe.enabled` | Enable startupProbe on Dashboard container | `false` | -| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `dashboard.resources.limits` | The resources limits for the Dashboard container | `{}` | -| `dashboard.resources.requests` | The requested resources for the Dashboard container | `{}` | -| `dashboard.containerSecurityContext.enabled` | Enabled Dashboard container' Security Context | `true` | -| `dashboard.containerSecurityContext.runAsUser` | Set Dashboard container' Security Context runAsUser | `1001` | -| `dashboard.containerSecurityContext.runAsNonRoot` | Set Dashboard container' Security Context runAsNonRoot | `true` | -| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set Dashboard container' Security Context runAsNonRoot | `true` | -| `dashboard.containerSecurityContext.allowPrivilegeEscalation` | Set Dashboard container's privilege escalation | `false` | -| `dashboard.containerSecurityContext.capabilities.drop` | Set Dashboard container's Security Context runAsNonRoot | `["ALL"]` | -| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | -| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | -| `dashboard.lifecycleHooks` | for the Dashboard container(s) to automate configuration before or after startup | `{}` | -| `dashboard.extraEnvVars` | Array with extra environment variables to add to Dashboard nodes | `[]` | -| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Dashboard nodes | `""` | -| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Dashboard nodes | `""` | -| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Dashboard container | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `dashboard.enabled` | Enable APISIX Dashboard | `true` | +| `dashboard.replicaCount` | Number of APISIX Dashboard replicas to deploy | `1` | +| `dashboard.image.registry` | APISIX Dashboard image registry | `REGISTRY_NAME` | +| `dashboard.image.repository` | APISIX Dashboard image repository | `REPOSITORY_NAME/apisix-dashboard` | +| `dashboard.image.tag` | APISIX Dashboard image tag (immutable tags are recommended) | `3.0.1-debian-11-r135` | +| `dashboard.image.digest` | APISIX Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `dashboard.image.pullPolicy` | APISIX Dashboard image pull policy | `IfNotPresent` | +| `dashboard.image.pullSecrets` | APISIX Dashboard image pull secrets | `[]` | +| `dashboard.image.debug` | Enable APISIX Dashboard image debug mode | `false` | +| `dashboard.username` | APISIX Dashboard username | `user` | +| `dashboard.password` | APISIX Dashboard password | `""` | +| `dashboard.existingSecret` | Name of a existing secret containing the password for APISIX Dashboard | `""` | +| `dashboard.existingSecretPasswordKey` | Key inside the secret containing the password for APISIX Dashboard | `""` | +| `dashboard.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` | +| `dashboard.extraConfig` | extra configuration settings for APISIX Dashboard | `{}` | +| `dashboard.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | +| `dashboard.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | +| `dashboard.tls.enabled` | Enable TLS transport in Dashboard | `true` | +| `dashboard.tls.autoGenerated` | Auto-generate self-signed certificates | `true` | +| `dashboard.tls.existingSecret` | Name of a secret containing the certificates | `""` | +| `dashboard.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` | +| `dashboard.tls.certKeyFilename` | Path of the certificate key file when mounted as a secret | `tls.key` | +| `dashboard.tls.certCAFilename` | Path of the certificate CA file when mounted as a secret | `ca.crt` | +| `dashboard.tls.cert` | Content of the certificate to be added to the secret | `""` | +| `dashboard.tls.key` | Content of the certificate key to be added to the secret | `""` | +| `dashboard.tls.ca` | Content of the certificate CA to be added to the secret | `""` | +| `dashboard.hostAliases` | APISIX Dashboard pods host aliases | `[]` | +| `dashboard.podLabels` | Extra labels for APISIX Dashboard pods | `{}` | +| `dashboard.podAnnotations` | Annotations for APISIX Dashboard pods | `{}` | +| `dashboard.podAffinityPreset` | Pod affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `dashboard.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.nodeAffinityPreset.key` | Node label key to match. Ignored if `dashboard.affinity` is set | `""` | +| `dashboard.nodeAffinityPreset.values` | Node label values to match. Ignored if `dashboard.affinity` is set | `[]` | +| `dashboard.affinity` | Affinity for APISIX Dashboard pods assignment | `{}` | +| `dashboard.nodeSelector` | Node labels for APISIX Dashboard pods assignment | `{}` | +| `dashboard.tolerations` | Tolerations for APISIX Dashboard pods assignment | `[]` | +| `dashboard.updateStrategy.type` | APISIX Dashboard statefulset strategy type | `RollingUpdate` | +| `dashboard.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `dashboard.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `dashboard.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `dashboard.priorityClassName` | APISIX Dashboard pods' priorityClassName | `""` | +| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Dashboard pods | `""` | +| `dashboard.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Dashboard pod(s) | `[]` | +| `dashboard.sidecars` | Add additional sidecar containers to the APISIX Dashboard pod(s) | `[]` | +| `dashboard.initContainers` | Add additional init containers to the APISIX Dashboard pod(s) | `[]` | +| `dashboard.podSecurityContext.enabled` | Enabled Dashboard pods' Security Context | `true` | +| `dashboard.podSecurityContext.fsGroup` | Set Dashboard pod's Security Context fsGroup | `1001` | +| `dashboard.podSecurityContext.seccompProfile.type` | Set Dashboard pod's Security Context seccomp profile | `RuntimeDefault` | +| `dashboard.containerPorts.http` | Dashboard http container port | `8080` | +| `dashboard.containerPorts.https` | Dashboard https container port | `8443` | +| `dashboard.livenessProbe.enabled` | Enable livenessProbe on Dashboard container | `true` | +| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `dashboard.readinessProbe.enabled` | Enable readinessProbe on Dashboard container | `true` | +| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `dashboard.startupProbe.enabled` | Enable startupProbe on Dashboard container | `false` | +| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `dashboard.resources.limits` | The resources limits for the Dashboard container | `{}` | +| `dashboard.resources.requests` | The requested resources for the Dashboard container | `{}` | +| `dashboard.containerSecurityContext.enabled` | Enabled Dashboard container' Security Context | `true` | +| `dashboard.containerSecurityContext.runAsUser` | Set Dashboard container' Security Context runAsUser | `1001` | +| `dashboard.containerSecurityContext.runAsNonRoot` | Set Dashboard container' Security Context runAsNonRoot | `true` | +| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set Dashboard container' Security Context runAsNonRoot | `true` | +| `dashboard.containerSecurityContext.allowPrivilegeEscalation` | Set Dashboard container's privilege escalation | `false` | +| `dashboard.containerSecurityContext.capabilities.drop` | Set Dashboard container's Security Context runAsNonRoot | `["ALL"]` | +| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | +| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | +| `dashboard.lifecycleHooks` | for the Dashboard container(s) to automate configuration before or after startup | `{}` | +| `dashboard.extraEnvVars` | Array with extra environment variables to add to Dashboard nodes | `[]` | +| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Dashboard nodes | `""` | +| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Dashboard nodes | `""` | +| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Dashboard container | `[]` | ### APISIX Dashboard Traffic Exposure Parameters @@ -572,93 +574,93 @@ The command removes all the Kubernetes components associated with the chart and ### APISIX Ingress Controller Parameters -| Name | Description | Value | -| --------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -| `ingressController.enabled` | Enable APISIX Ingress Controller | `true` | -| `ingressController.image.registry` | APISIX Ingress Controller image registry | `docker.io` | -| `ingressController.image.repository` | APISIX Ingress Controller image repository | `bitnami/apisix-ingress-controller` | -| `ingressController.image.tag` | APISIX Ingress Controller image tag (immutable tags are recommended) | `1.7.0-debian-11-r15` | -| `ingressController.image.digest` | APISIX Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `ingressController.image.pullPolicy` | APISIX Ingress Controller image pull policy | `IfNotPresent` | -| `ingressController.image.pullSecrets` | APISIX Ingress Controller image pull secrets | `[]` | -| `ingressController.image.debug` | Enable APISIX Ingress Controller image debug mode | `false` | -| `ingressController.replicaCount` | Number of APISIX Ingress Controller replicas to deploy | `1` | -| `ingressController.containerPorts.http` | APISIX Ingress Controller http container port | `8080` | -| `ingressController.containerPorts.https` | APISIX Ingress Controller https container port | `8443` | -| `ingressController.livenessProbe.enabled` | Enable livenessProbe on APISIX Ingress Controller containers | `true` | -| `ingressController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `ingressController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `ingressController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `ingressController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `ingressController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `ingressController.readinessProbe.enabled` | Enable readinessProbe on APISIX Ingress Controller containers | `true` | -| `ingressController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `ingressController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `ingressController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `ingressController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `ingressController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `ingressController.startupProbe.enabled` | Enable startupProbe on APISIX Ingress Controller containers | `false` | -| `ingressController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `ingressController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `ingressController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `ingressController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `ingressController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `ingressController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `ingressController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `ingressController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `ingressController.resources.limits` | The resources limits for the APISIX Ingress Controller containers | `{}` | -| `ingressController.resources.requests` | The requested resources for the APISIX Ingress Controller containers | `{}` | -| `ingressController.podSecurityContext.enabled` | Enabled APISIX Ingress Controller pods' Security Context | `true` | -| `ingressController.podSecurityContext.fsGroup` | Set APISIX Ingress Controller pod's Security Context fsGroup | `1001` | -| `ingressController.podSecurityContext.seccompProfile.type` | Set APISIX Ingress Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `ingressController.containerSecurityContext.enabled` | Enabled APISIX Ingress Controller containers' Security Context | `true` | -| `ingressController.containerSecurityContext.runAsUser` | Set APISIX Ingress Controller containers' Security Context runAsUser | `1001` | -| `ingressController.containerSecurityContext.runAsNonRoot` | Set APISIX Ingress Controller containers' Security Context runAsNonRoot | `true` | -| `ingressController.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Ingress Controller containers' Security Context runAsNonRoot | `true` | -| `ingressController.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Ingress Controller container's privilege escalation | `false` | -| `ingressController.containerSecurityContext.capabilities.drop` | Set APISIX Ingress Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `ingressController.command` | Override default container command (useful when using custom images) | `[]` | -| `ingressController.args` | Override default container args (useful when using custom images) | `[]` | -| `ingressController.hostAliases` | APISIX Ingress Controller pods host aliases | `[]` | -| `ingressController.podLabels` | Extra labels for APISIX Ingress Controller pods | `{}` | -| `ingressController.podAnnotations` | Annotations for APISIX Ingress Controller pods | `{}` | -| `ingressController.podAffinityPreset` | Pod affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `ingressController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `ingressController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `ingressController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `ingressController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `ingressController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `ingressController.nodeAffinityPreset.key` | Node label key to match. Ignored if `injector.affinity` is set | `""` | -| `ingressController.nodeAffinityPreset.values` | Node label values to match. Ignored if `injector.affinity` is set | `[]` | -| `ingressController.affinity` | Affinity for APISIX Ingress Controller pods assignment | `{}` | -| `ingressController.nodeSelector` | Node labels for APISIX Ingress Controller pods assignment | `{}` | -| `ingressController.tolerations` | Tolerations for APISIX Ingress Controller pods assignment | `[]` | -| `ingressController.updateStrategy.type` | APISIX Ingress Controller statefulset strategy type | `RollingUpdate` | -| `ingressController.priorityClassName` | APISIX Ingress Controller pods' priorityClassName | `""` | -| `ingressController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `ingressController.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Ingress Controller pods | `""` | -| `ingressController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `ingressController.lifecycleHooks` | for the APISIX Ingress Controller container(s) to automate configuration before or after startup | `{}` | -| `ingressController.extraEnvVars` | Array with extra environment variables to add to APISIX Ingress Controller nodes | `[]` | -| `ingressController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX Ingress Controller nodes | `""` | -| `ingressController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX Ingress Controller nodes | `""` | -| `ingressController.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Ingress Controller pod(s) | `[]` | -| `ingressController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Ingress Controller container(s) | `[]` | -| `ingressController.sidecars` | Add additional sidecar containers to the APISIX Ingress Controller pod(s) | `[]` | -| `ingressController.initContainers` | Add additional init containers to the APISIX Ingress Controller pod(s) | `[]` | -| `ingressController.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` | -| `ingressController.extraConfig` | Extra configuration parameters for APISIX Ingress Controller | `{}` | -| `ingressController.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | -| `ingressController.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | -| `ingressController.tls.enabled` | Enable TLS transport in Ingress Controller | `true` | -| `ingressController.tls.autoGenerated` | Auto-generate self-signed certificates | `true` | -| `ingressController.tls.existingSecret` | Name of a secret containing the certificates | `""` | -| `ingressController.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` | -| `ingressController.tls.certKeyFilename` | Path of the certificate key file when mounted as a secret | `tls.key` | -| `ingressController.tls.certCAFilename` | Path of the certificate CA file when mounted as a secret | `ca.crt` | -| `ingressController.tls.cert` | Content of the certificate to be added to the secret | `""` | -| `ingressController.tls.key` | Content of the certificate key to be added to the secret | `""` | -| `ingressController.tls.ca` | Content of the certificate CA to be added to the secret | `""` | +| Name | Description | Value | +| --------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | +| `ingressController.enabled` | Enable APISIX Ingress Controller | `true` | +| `ingressController.image.registry` | APISIX Ingress Controller image registry | `REGISTRY_NAME` | +| `ingressController.image.repository` | APISIX Ingress Controller image repository | `REPOSITORY_NAME/apisix-ingress-controller` | +| `ingressController.image.tag` | APISIX Ingress Controller image tag (immutable tags are recommended) | `1.7.0-debian-11-r15` | +| `ingressController.image.digest` | APISIX Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `ingressController.image.pullPolicy` | APISIX Ingress Controller image pull policy | `IfNotPresent` | +| `ingressController.image.pullSecrets` | APISIX Ingress Controller image pull secrets | `[]` | +| `ingressController.image.debug` | Enable APISIX Ingress Controller image debug mode | `false` | +| `ingressController.replicaCount` | Number of APISIX Ingress Controller replicas to deploy | `1` | +| `ingressController.containerPorts.http` | APISIX Ingress Controller http container port | `8080` | +| `ingressController.containerPorts.https` | APISIX Ingress Controller https container port | `8443` | +| `ingressController.livenessProbe.enabled` | Enable livenessProbe on APISIX Ingress Controller containers | `true` | +| `ingressController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `ingressController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `ingressController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `ingressController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `ingressController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `ingressController.readinessProbe.enabled` | Enable readinessProbe on APISIX Ingress Controller containers | `true` | +| `ingressController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `ingressController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `ingressController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `ingressController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `ingressController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `ingressController.startupProbe.enabled` | Enable startupProbe on APISIX Ingress Controller containers | `false` | +| `ingressController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `ingressController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `ingressController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `ingressController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `ingressController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `ingressController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `ingressController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `ingressController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `ingressController.resources.limits` | The resources limits for the APISIX Ingress Controller containers | `{}` | +| `ingressController.resources.requests` | The requested resources for the APISIX Ingress Controller containers | `{}` | +| `ingressController.podSecurityContext.enabled` | Enabled APISIX Ingress Controller pods' Security Context | `true` | +| `ingressController.podSecurityContext.fsGroup` | Set APISIX Ingress Controller pod's Security Context fsGroup | `1001` | +| `ingressController.podSecurityContext.seccompProfile.type` | Set APISIX Ingress Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `ingressController.containerSecurityContext.enabled` | Enabled APISIX Ingress Controller containers' Security Context | `true` | +| `ingressController.containerSecurityContext.runAsUser` | Set APISIX Ingress Controller containers' Security Context runAsUser | `1001` | +| `ingressController.containerSecurityContext.runAsNonRoot` | Set APISIX Ingress Controller containers' Security Context runAsNonRoot | `true` | +| `ingressController.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Ingress Controller containers' Security Context runAsNonRoot | `true` | +| `ingressController.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Ingress Controller container's privilege escalation | `false` | +| `ingressController.containerSecurityContext.capabilities.drop` | Set APISIX Ingress Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `ingressController.command` | Override default container command (useful when using custom images) | `[]` | +| `ingressController.args` | Override default container args (useful when using custom images) | `[]` | +| `ingressController.hostAliases` | APISIX Ingress Controller pods host aliases | `[]` | +| `ingressController.podLabels` | Extra labels for APISIX Ingress Controller pods | `{}` | +| `ingressController.podAnnotations` | Annotations for APISIX Ingress Controller pods | `{}` | +| `ingressController.podAffinityPreset` | Pod affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `ingressController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `ingressController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `ingressController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `ingressController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `ingressController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `ingressController.nodeAffinityPreset.key` | Node label key to match. Ignored if `injector.affinity` is set | `""` | +| `ingressController.nodeAffinityPreset.values` | Node label values to match. Ignored if `injector.affinity` is set | `[]` | +| `ingressController.affinity` | Affinity for APISIX Ingress Controller pods assignment | `{}` | +| `ingressController.nodeSelector` | Node labels for APISIX Ingress Controller pods assignment | `{}` | +| `ingressController.tolerations` | Tolerations for APISIX Ingress Controller pods assignment | `[]` | +| `ingressController.updateStrategy.type` | APISIX Ingress Controller statefulset strategy type | `RollingUpdate` | +| `ingressController.priorityClassName` | APISIX Ingress Controller pods' priorityClassName | `""` | +| `ingressController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `ingressController.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Ingress Controller pods | `""` | +| `ingressController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `ingressController.lifecycleHooks` | for the APISIX Ingress Controller container(s) to automate configuration before or after startup | `{}` | +| `ingressController.extraEnvVars` | Array with extra environment variables to add to APISIX Ingress Controller nodes | `[]` | +| `ingressController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX Ingress Controller nodes | `""` | +| `ingressController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX Ingress Controller nodes | `""` | +| `ingressController.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Ingress Controller pod(s) | `[]` | +| `ingressController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Ingress Controller container(s) | `[]` | +| `ingressController.sidecars` | Add additional sidecar containers to the APISIX Ingress Controller pod(s) | `[]` | +| `ingressController.initContainers` | Add additional init containers to the APISIX Ingress Controller pod(s) | `[]` | +| `ingressController.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` | +| `ingressController.extraConfig` | Extra configuration parameters for APISIX Ingress Controller | `{}` | +| `ingressController.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | +| `ingressController.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | +| `ingressController.tls.enabled` | Enable TLS transport in Ingress Controller | `true` | +| `ingressController.tls.autoGenerated` | Auto-generate self-signed certificates | `true` | +| `ingressController.tls.existingSecret` | Name of a secret containing the certificates | `""` | +| `ingressController.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` | +| `ingressController.tls.certKeyFilename` | Path of the certificate key file when mounted as a secret | `tls.key` | +| `ingressController.tls.certCAFilename` | Path of the certificate CA file when mounted as a secret | `ca.crt` | +| `ingressController.tls.cert` | Content of the certificate to be added to the secret | `""` | +| `ingressController.tls.key` | Content of the certificate key to be added to the secret | `""` | +| `ingressController.tls.ca` | Content of the certificate CA to be added to the secret | `""` | ### APISIX Ingress Controller Traffic Exposure Parameters @@ -734,20 +736,20 @@ The command removes all the Kubernetes components associated with the chart and ### Init containers parameters -| Name | Description | Value | -| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `waitContainer.image.registry` | Init container wait-container image registry | `docker.io` | -| `waitContainer.image.repository` | Init container wait-container image name | `bitnami/os-shell` | -| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | -| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | -| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` | -| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` | -| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` | -| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | +| Name | Description | Value | +| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `waitContainer.image.registry` | Init container wait-container image registry | `REGISTRY_NAME` | +| `waitContainer.image.repository` | Init container wait-container image name | `REPOSITORY_NAME/os-shell` | +| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | +| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | +| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` | +| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` | +| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` | +| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | ### External etcd settings diff --git a/bitnami/apisix/values.yaml b/bitnami/apisix/values.yaml index df90e46b29cbba..afc4c6369617c9 100644 --- a/bitnami/apisix/values.yaml +++ b/bitnami/apisix/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami APISIX image ## ref: https://hub.docker.com/r/bitnami/apisix/tags/ -## @param image.registry APISIX image registry -## @param image.repository APISIX image repository +## @param image.registry [default: REGISTRY_NAME] APISIX image registry +## @param image.repository [default: REPOSITORY_NAME/apisix] APISIX image repository ## @param image.tag APISIX image tag (immutable tags are recommended) ## @param image.digest APISIX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param image.pullPolicy APISIX image pull policy @@ -1501,8 +1501,8 @@ dashboard: replicaCount: 1 ## Bitnami APISIX Dashboard image ## ref: https://hub.docker.com/r/bitnami/apisix-dashboard/tags/ - ## @param dashboard.image.registry APISIX Dashboard image registry - ## @param dashboard.image.repository APISIX Dashboard image repository + ## @param dashboard.image.registry [default: REGISTRY_NAME] APISIX Dashboard image registry + ## @param dashboard.image.repository [default: REPOSITORY_NAME/apisix-dashboard] APISIX Dashboard image repository ## @param dashboard.image.tag APISIX Dashboard image tag (immutable tags are recommended) ## @param dashboard.image.digest APISIX Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param dashboard.image.pullPolicy APISIX Dashboard image pull policy @@ -2179,8 +2179,8 @@ ingressController: enabled: true ## Bitnami APISIX Ingress Controller image ## ref: https://hub.docker.com/r/bitnami/vault-k8s/tags/ - ## @param ingressController.image.registry APISIX Ingress Controller image registry - ## @param ingressController.image.repository APISIX Ingress Controller image repository + ## @param ingressController.image.registry [default: REGISTRY_NAME] APISIX Ingress Controller image registry + ## @param ingressController.image.repository [default: REPOSITORY_NAME/apisix-ingress-controller] APISIX Ingress Controller image repository ## @param ingressController.image.tag APISIX Ingress Controller image tag (immutable tags are recommended) ## @param ingressController.image.digest APISIX Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param ingressController.image.pullPolicy APISIX Ingress Controller image pull policy @@ -2819,8 +2819,8 @@ ingressController: ## @section Init containers parameters ## waitContainer: - ## @param waitContainer.image.registry Init container wait-container image registry - ## @param waitContainer.image.repository Init container wait-container image name + ## @param waitContainer.image.registry [default: REGISTRY_NAME] Init container wait-container image registry + ## @param waitContainer.image.repository [default: REPOSITORY_NAME/os-shell] Init container wait-container image name ## @param waitContainer.image.tag Init container wait-container image tag ## @param waitContainer.image.digest Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/appsmith/README.md b/bitnami/appsmith/README.md index 2d6fa5dc784506..77bfc13f2fda4e 100644 --- a/bitnami/appsmith/README.md +++ b/bitnami/appsmith/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/appsmith +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/appsmith ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -38,9 +40,11 @@ Looking to use Appsmith in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/appsmith +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/appsmith ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Appsmith on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -67,26 +71,26 @@ The command removes all the Kubernetes components associated with the chart and ### Common parameters -| Name | Description | Value | -| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.name | `""` | -| `fullnameOverride` | String to fully override common.names.fullname | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | -| `image.registry` | Appsmith image registry | `docker.io` | -| `image.repository` | Appsmith image repository | `bitnami/appsmith` | -| `image.tag` | Appsmith image tag (immutable tags are recommended) | `1.9.38-debian-11-r1` | -| `image.digest` | Appsmith image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `image.pullPolicy` | Appsmith image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Appsmith image pull secrets | `[]` | -| `image.debug` | Enable Appsmith image debug mode | `false` | +| Name | Description | Value | +| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.name | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | +| `image.registry` | Appsmith image registry | `REGISTRY_NAME` | +| `image.repository` | Appsmith image repository | `REPOSITORY_NAME/appsmith` | +| `image.tag` | Appsmith image tag (immutable tags are recommended) | `1.9.38-debian-11-r1` | +| `image.digest` | Appsmith image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `image.pullPolicy` | Appsmith image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Appsmith image pull secrets | `[]` | +| `image.debug` | Enable Appsmith image debug mode | `false` | ### Appsmith Client Parameters @@ -363,17 +367,17 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -439,9 +443,11 @@ helm install my-release \ --set appsmithUsername=admin \ --set appsmithPassword=password \ --set mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/appsmith + oci://REGISTRY_NAME/REPOSITORY_NAME/appsmith ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the appsmith administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -449,9 +455,10 @@ The above command sets the appsmith administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/appsmith +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/appsmith ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/appsmith/values.yaml b/bitnami/appsmith/values.yaml index 74d8bd361c0727..c2ae4312d31838 100644 --- a/bitnami/appsmith/values.yaml +++ b/bitnami/appsmith/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami Appsmith image ## ref: https://hub.docker.com/r/bitnami/appsmith/tags/ -## @param image.registry Appsmith image registry -## @param image.repository Appsmith image repository +## @param image.registry [default: REGISTRY_NAME] Appsmith image registry +## @param image.repository [default: REPOSITORY_NAME/appsmith] Appsmith image repository ## @param image.tag Appsmith image tag (immutable tags are recommended) ## @param image.digest Appsmith image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param image.pullPolicy Appsmith image pull policy @@ -1108,8 +1108,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets diff --git a/bitnami/argo-cd/README.md b/bitnami/argo-cd/README.md index 2ce964764c9713..68b8f295faf951 100644 --- a/bitnami/argo-cd/README.md +++ b/bitnami/argo-cd/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/argo-cd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/argo-cd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an Argo CD deployment on a Kubernetes cluster using the Helm package manager. @@ -34,9 +36,11 @@ Looking to use Argo CD in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/argo-cd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/argo-cd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys argo-cd on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -75,15 +79,15 @@ The command removes all the Kubernetes components associated with the chart and ### Argo CD image parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Argo CD image registry | `docker.io` | -| `image.repository` | Argo CD image repository | `bitnami/argo-cd` | -| `image.tag` | Argo CD image tag (immutable tags are recommended) | `2.8.4-debian-11-r17` | -| `image.digest` | Argo CD image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Argo CD image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Argo CD image pull secrets | `[]` | -| `image.debug` | Enable Argo CD image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | Argo CD image registry | `REGISTRY_NAME` | +| `image.repository` | Argo CD image repository | `REPOSITORY_NAME/argo-cd` | +| `image.tag` | Argo CD image tag (immutable tags are recommended) | `2.8.4-debian-11-r17` | +| `image.digest` | Argo CD image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Argo CD image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Argo CD image pull secrets | `[]` | +| `image.debug` | Enable Argo CD image debug mode | `false` | ### Argo CD application controller parameters @@ -691,8 +695,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ---------------------- | -| `dex.image.registry` | Dex image registry | `docker.io` | -| `dex.image.repository` | Dex image repository | `bitnami/dex` | +| `dex.image.registry` | Dex image registry | `REGISTRY_NAME` | +| `dex.image.repository` | Dex image repository | `REPOSITORY_NAME/dex` | | `dex.image.tag` | Dex image tag (immutable tags are recommended) | `2.37.0-debian-11-r97` | | `dex.image.digest` | Dex image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `dex.image.pullPolicy` | Dex image pull policy | `IfNotPresent` | @@ -828,45 +832,45 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters -| Name | Description | Value | -| ----------------------------------------- | ----------------------------------------------------------------------------------------------------- | -------------------- | -| `rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `redis.image.registry` | Redis image registry | `docker.io` | -| `redis.image.repository` | Redis image repository | `bitnami/redis` | -| `redis.image.tag` | Redis image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `redis.image.digest` | Redis image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `redis.image.pullPolicy` | Redis image pull policy | `IfNotPresent` | -| `redis.image.pullSecrets` | Redis image pull secrets | `[]` | -| `redis.enabled` | Enable Redis dependency | `true` | -| `redis.nameOverride` | Name override for the Redis dependency | `""` | -| `redis.service.port` | Service port for Redis dependency | `6379` | -| `redis.auth.enabled` | Enable Redis dependency authentication | `true` | -| `redis.auth.existingSecret` | Existing secret to load redis dependency password | `""` | -| `redis.auth.existingSecretPasswordKey` | Pasword key name inside the existing secret | `redis-password` | -| `redis.architecture` | Redis® architecture. Allowed values: `standalone` or `replication` | `standalone` | -| `externalRedis.host` | External Redis host | `""` | -| `externalRedis.port` | External Redis port | `6379` | -| `externalRedis.password` | External Redis password | `""` | -| `externalRedis.existingSecret` | Existing secret for the external redis | `""` | -| `externalRedis.existingSecretPasswordKey` | Password key for the existing secret containing the external redis password | `redis-password` | -| `redisWait.enabled` | Enables waiting for redis | `true` | -| `redisWait.extraArgs` | Additional arguments for the redis-cli call, such as TLS | `""` | -| `redisWait.securityContext` | Security context for init container | `{}` | +| Name | Description | Value | +| ----------------------------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `redis.image.registry` | Redis image registry | `REGISTRY_NAME` | +| `redis.image.repository` | Redis image repository | `REPOSITORY_NAME/redis` | +| `redis.image.tag` | Redis image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | +| `redis.image.digest` | Redis image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `redis.image.pullPolicy` | Redis image pull policy | `IfNotPresent` | +| `redis.image.pullSecrets` | Redis image pull secrets | `[]` | +| `redis.enabled` | Enable Redis dependency | `true` | +| `redis.nameOverride` | Name override for the Redis dependency | `""` | +| `redis.service.port` | Service port for Redis dependency | `6379` | +| `redis.auth.enabled` | Enable Redis dependency authentication | `true` | +| `redis.auth.existingSecret` | Existing secret to load redis dependency password | `""` | +| `redis.auth.existingSecretPasswordKey` | Pasword key name inside the existing secret | `redis-password` | +| `redis.architecture` | Redis® architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `externalRedis.host` | External Redis host | `""` | +| `externalRedis.port` | External Redis port | `6379` | +| `externalRedis.password` | External Redis password | `""` | +| `externalRedis.existingSecret` | Existing secret for the external redis | `""` | +| `externalRedis.existingSecretPasswordKey` | Password key for the existing secret containing the external redis password | `redis-password` | +| `redisWait.enabled` | Enables waiting for redis | `true` | +| `redisWait.extraArgs` | Additional arguments for the redis-cli call, such as TLS | `""` | +| `redisWait.securityContext` | Security context for init container | `{}` | The above parameters map to the env variables defined in [bitnami/argo-cd](https://github.com/bitnami/containers/tree/main/bitnami/argo-cd). For more information please refer to the [bitnami/argo-cd](https://github.com/bitnami/containers/tree/main/bitnami/argo-cd) image documentation. @@ -876,9 +880,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set controller.replicaCount=2 \ --set server.metrics.enabled=true \ - oci://registry-1.docker.io/bitnamicharts/argo-cd + oci://REGISTRY_NAME/REPOSITORY_NAME/argo-cd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the argo-cd controller replicas to 2, and enabled argo-cd server metrics. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -886,9 +892,10 @@ The above command sets the argo-cd controller replicas to 2, and enabled argo-cd Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/argo-cd +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/argo-cd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/argo-cd/values.yaml b/bitnami/argo-cd/values.yaml index c12a19a8c601cc..2cb35306ef5636 100644 --- a/bitnami/argo-cd/values.yaml +++ b/bitnami/argo-cd/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami Argo CD image ## ref: https://hub.docker.com/r/bitnami/argo-cd/tags/ -## @param image.registry Argo CD image registry -## @param image.repository Argo CD image repository +## @param image.registry [default: REGISTRY_NAME] Argo CD image registry +## @param image.repository [default: REPOSITORY_NAME/argo-cd] Argo CD image repository ## @param image.tag Argo CD image tag (immutable tags are recommended) ## @param image.digest Argo CD image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Argo CD image pull policy @@ -2690,8 +2690,8 @@ repoServer: dex: ## Bitnami Dex image ## ref: https://hub.docker.com/r/bitnami/argo-cd/tags/ - ## @param dex.image.registry Dex image registry - ## @param dex.image.repository Dex image repository + ## @param dex.image.registry [default: REGISTRY_NAME] Dex image registry + ## @param dex.image.repository [default: REPOSITORY_NAME/dex] Dex image repository ## @param dex.image.tag Dex image tag (immutable tags are recommended) ## @param dex.image.digest Dex image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param dex.image.pullPolicy Dex image pull policy @@ -3314,8 +3314,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -3367,8 +3367,8 @@ rbac: redis: ## Bitnami Redis image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ - ## @param redis.image.registry Redis image registry - ## @param redis.image.repository Redis image repository + ## @param redis.image.registry [default: REGISTRY_NAME] Redis image registry + ## @param redis.image.repository [default: REPOSITORY_NAME/redis] Redis image repository ## @param redis.image.tag Redis image tag (immutable tags are recommended) ## @param redis.image.digest Redis image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param redis.image.pullPolicy Redis image pull policy diff --git a/bitnami/argo-workflows/README.md b/bitnami/argo-workflows/README.md index 2680b24b0eb9a5..eba53dc9bf6c16 100644 --- a/bitnami/argo-workflows/README.md +++ b/bitnami/argo-workflows/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/argo-workflows +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/argo-workflows ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Argo Workflows](https://argoproj.github.io/workflows) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Argo Workflows in production? Try [VMware Application Catalog](ht To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/argo-workflows +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/argo-workflows ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Argo Workflows on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,229 +81,229 @@ The command removes all the Kubernetes components associated with the chart and ### Argo Workflows Server configuration parameters -| Name | Description | Value | -| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `server.image.registry` | server image registry | `docker.io` | -| `server.image.repository` | server image repository | `bitnami/argo-workflow-cli` | -| `server.image.tag` | server image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | -| `server.image.digest` | server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.image.pullPolicy` | server image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | server image pull secrets | `[]` | -| `server.enabled` | Enable server deployment | `true` | -| `server.replicaCount` | Number of server replicas to deploy | `1` | -| `server.livenessProbe.enabled` | Enable livenessProbe on server nodes | `true` | -| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `server.readinessProbe.enabled` | Enable readinessProbe on server nodes | `true` | -| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | -| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `server.startupProbe.enabled` | Enable startupProbe | `false` | -| `server.startupProbe.path` | Path to check for startupProbe | `/` | -| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `300` | -| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `server.customLivenessProbe` | Server custom livenessProbe that overrides the default one | `{}` | -| `server.customReadinessProbe` | Server custom readinessProbe that overrides the default one | `{}` | -| `server.customStartupProbe` | Server custom startupProbe that overrides the default one | `{}` | -| `server.resources.limits` | The resources limits for the server containers | `{}` | -| `server.resources.requests` | The requested resources for the server containers | `{}` | -| `server.podSecurityContext.enabled` | Enabled server pods' Security Context | `true` | -| `server.podSecurityContext.fsGroup` | Set server pod's Security Context fsGroup | `1001` | -| `server.containerSecurityContext.enabled` | Enabled server containers' Security Context | `true` | -| `server.containerSecurityContext.runAsUser` | Set server containers' Security Context runAsUser | `1001` | -| `server.containerSecurityContext.runAsNonRoot` | Set server containers' Security Context runAsNonRoot | `true` | -| `server.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Conte | `true` | -| `server.rbac.create` | Create RBAC resources for the Argo workflows server | `true` | -| `server.extraArgs` | Extra arguments for the server command line | `""` | -| `server.auth.enabled` | Enable authentication | `true` | -| `server.auth.mode` | Set authentication mode. Either `server`, `client` or `sso`. | `client` | -| `server.auth.sso.enabled` | Enable SSO configuration for the server auth mode | `false` | -| `server.auth.sso.config.issuer` | Root URL for the OIDC identity provider | `""` | -| `server.auth.sso.config.clientId.name` | Name of the secret containing the OIDC client ID | `""` | -| `server.auth.sso.config.clientId.key` | Key in the secret to obtain the OIDC client ID | `""` | -| `server.auth.sso.config.clientSecret.name` | Name of the secret containing the OIDC client secret | `""` | -| `server.auth.sso.config.clientSecret.key` | Key in the secret to obtain the OIDC client secret | `""` | -| `server.auth.sso.config.redirectUrl` | The OIDC redirect URL. Should be in the form /oauth2/callback. | `""` | -| `server.auth.sso.rbac.enabled` | Create RBAC resources for SSO | `true` | -| `server.auth.sso.rbac.secretWhitelist` | Restricts the secrets that the server can read | `[]` | -| `server.auth.sso.scopes` | Scopes requested from the SSO ID provider | `[]` | -| `server.clusterWorkflowTemplates.enabled` | Create ClusterRole and CRB for the controoler to access ClusterWorkflowTemplates | `true` | -| `server.clusterWorkflowTemplates.enableEditing` | Give the server permissions to edit ClusterWorkflowTemplates | `true` | -| `server.pdb.enabled` | Create Pod Disruption Budget for the server component | `false` | -| `server.pdb.minAvailable` | Sets the min number of pods availables for the Pod Disruption Budget | `1` | -| `server.pdb.maxUnavailable` | Sets the max number of pods unavailable for the Pod Disruption Budget | `1` | -| `server.secure` | Run Argo server in secure mode | `false` | -| `server.baseHref` | Base href of the Argo Workflows deployment | `/` | -| `server.containerPorts.web` | argo Server container port | `2746` | -| `server.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `server.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `server.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `server.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `server.command` | Override default container command (useful when using custom images) | `[]` | -| `server.args` | Override default container args (useful when using custom images) | `[]` | -| `server.hostAliases` | server pods host aliases | `[]` | -| `server.podLabels` | Extra labels for server pods | `{}` | -| `server.podAnnotations` | Annotations for server pods | `{}` | -| `server.podAffinityPreset` | Pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `server.affinity` is set | `""` | -| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `server.affinity` is set | `[]` | -| `server.affinity` | Affinity for server pods assignment | `{}` | -| `server.nodeSelector` | Node labels for server pods assignment | `{}` | -| `server.tolerations` | Tolerations for server pods assignment | `[]` | -| `server.updateStrategy.type` | server statefulset strategy type | `RollingUpdate` | -| `server.topologySpreadConstraints` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in | `[]` | -| `server.schedulerName` | Alternate scheduler for the server deployment | `""` | -| `server.priorityClassName` | server pods' priorityClassName | `""` | -| `server.lifecycleHooks` | for the server container(s) to automate configuration before or after startup | `{}` | -| `server.extraEnvVars` | Array with extra environment variables to add to server nodes | `[]` | -| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for server nodes | `""` | -| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for server nodes | `""` | -| `server.extraVolumes` | Optionally specify extra list of additional volumes for the server pod(s) | `[]` | -| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the server container(s) | `[]` | -| `server.sidecars` | Add additional sidecar containers to the server pod(s) | `[]` | -| `server.initContainers` | Add additional init containers to the server pod(s) | `[]` | -| `server.service.type` | server service type | `ClusterIP` | -| `server.service.ports.http` | server service HTTP port | `80` | -| `server.service.nodePorts.http` | Node port for HTTP | `""` | -| `server.service.clusterIP` | server service Cluster IP | `""` | -| `server.service.loadBalancerIP` | server service Load Balancer IP | `""` | -| `server.service.loadBalancerSourceRanges` | server service Load Balancer sources | `[]` | -| `server.service.externalTrafficPolicy` | server service external traffic policy | `Cluster` | -| `server.service.annotations` | Additional custom annotations for server service | `{}` | -| `server.service.extraPorts` | Extra port to expose on the server service | `[]` | +| Name | Description | Value | +| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `server.image.registry` | server image registry | `REGISTRY_NAME` | +| `server.image.repository` | server image repository | `REPOSITORY_NAME/argo-workflow-cli` | +| `server.image.tag` | server image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | +| `server.image.digest` | server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.image.pullPolicy` | server image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | server image pull secrets | `[]` | +| `server.enabled` | Enable server deployment | `true` | +| `server.replicaCount` | Number of server replicas to deploy | `1` | +| `server.livenessProbe.enabled` | Enable livenessProbe on server nodes | `true` | +| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `server.readinessProbe.enabled` | Enable readinessProbe on server nodes | `true` | +| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | +| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `server.startupProbe.enabled` | Enable startupProbe | `false` | +| `server.startupProbe.path` | Path to check for startupProbe | `/` | +| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `300` | +| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `server.customLivenessProbe` | Server custom livenessProbe that overrides the default one | `{}` | +| `server.customReadinessProbe` | Server custom readinessProbe that overrides the default one | `{}` | +| `server.customStartupProbe` | Server custom startupProbe that overrides the default one | `{}` | +| `server.resources.limits` | The resources limits for the server containers | `{}` | +| `server.resources.requests` | The requested resources for the server containers | `{}` | +| `server.podSecurityContext.enabled` | Enabled server pods' Security Context | `true` | +| `server.podSecurityContext.fsGroup` | Set server pod's Security Context fsGroup | `1001` | +| `server.containerSecurityContext.enabled` | Enabled server containers' Security Context | `true` | +| `server.containerSecurityContext.runAsUser` | Set server containers' Security Context runAsUser | `1001` | +| `server.containerSecurityContext.runAsNonRoot` | Set server containers' Security Context runAsNonRoot | `true` | +| `server.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Conte | `true` | +| `server.rbac.create` | Create RBAC resources for the Argo workflows server | `true` | +| `server.extraArgs` | Extra arguments for the server command line | `""` | +| `server.auth.enabled` | Enable authentication | `true` | +| `server.auth.mode` | Set authentication mode. Either `server`, `client` or `sso`. | `client` | +| `server.auth.sso.enabled` | Enable SSO configuration for the server auth mode | `false` | +| `server.auth.sso.config.issuer` | Root URL for the OIDC identity provider | `""` | +| `server.auth.sso.config.clientId.name` | Name of the secret containing the OIDC client ID | `""` | +| `server.auth.sso.config.clientId.key` | Key in the secret to obtain the OIDC client ID | `""` | +| `server.auth.sso.config.clientSecret.name` | Name of the secret containing the OIDC client secret | `""` | +| `server.auth.sso.config.clientSecret.key` | Key in the secret to obtain the OIDC client secret | `""` | +| `server.auth.sso.config.redirectUrl` | The OIDC redirect URL. Should be in the form /oauth2/callback. | `""` | +| `server.auth.sso.rbac.enabled` | Create RBAC resources for SSO | `true` | +| `server.auth.sso.rbac.secretWhitelist` | Restricts the secrets that the server can read | `[]` | +| `server.auth.sso.scopes` | Scopes requested from the SSO ID provider | `[]` | +| `server.clusterWorkflowTemplates.enabled` | Create ClusterRole and CRB for the controoler to access ClusterWorkflowTemplates | `true` | +| `server.clusterWorkflowTemplates.enableEditing` | Give the server permissions to edit ClusterWorkflowTemplates | `true` | +| `server.pdb.enabled` | Create Pod Disruption Budget for the server component | `false` | +| `server.pdb.minAvailable` | Sets the min number of pods availables for the Pod Disruption Budget | `1` | +| `server.pdb.maxUnavailable` | Sets the max number of pods unavailable for the Pod Disruption Budget | `1` | +| `server.secure` | Run Argo server in secure mode | `false` | +| `server.baseHref` | Base href of the Argo Workflows deployment | `/` | +| `server.containerPorts.web` | argo Server container port | `2746` | +| `server.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `server.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `server.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `server.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `server.command` | Override default container command (useful when using custom images) | `[]` | +| `server.args` | Override default container args (useful when using custom images) | `[]` | +| `server.hostAliases` | server pods host aliases | `[]` | +| `server.podLabels` | Extra labels for server pods | `{}` | +| `server.podAnnotations` | Annotations for server pods | `{}` | +| `server.podAffinityPreset` | Pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `server.affinity` is set | `""` | +| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `server.affinity` is set | `[]` | +| `server.affinity` | Affinity for server pods assignment | `{}` | +| `server.nodeSelector` | Node labels for server pods assignment | `{}` | +| `server.tolerations` | Tolerations for server pods assignment | `[]` | +| `server.updateStrategy.type` | server statefulset strategy type | `RollingUpdate` | +| `server.topologySpreadConstraints` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in | `[]` | +| `server.schedulerName` | Alternate scheduler for the server deployment | `""` | +| `server.priorityClassName` | server pods' priorityClassName | `""` | +| `server.lifecycleHooks` | for the server container(s) to automate configuration before or after startup | `{}` | +| `server.extraEnvVars` | Array with extra environment variables to add to server nodes | `[]` | +| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for server nodes | `""` | +| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for server nodes | `""` | +| `server.extraVolumes` | Optionally specify extra list of additional volumes for the server pod(s) | `[]` | +| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the server container(s) | `[]` | +| `server.sidecars` | Add additional sidecar containers to the server pod(s) | `[]` | +| `server.initContainers` | Add additional init containers to the server pod(s) | `[]` | +| `server.service.type` | server service type | `ClusterIP` | +| `server.service.ports.http` | server service HTTP port | `80` | +| `server.service.nodePorts.http` | Node port for HTTP | `""` | +| `server.service.clusterIP` | server service Cluster IP | `""` | +| `server.service.loadBalancerIP` | server service Load Balancer IP | `""` | +| `server.service.loadBalancerSourceRanges` | server service Load Balancer sources | `[]` | +| `server.service.externalTrafficPolicy` | server service external traffic policy | `Cluster` | +| `server.service.annotations` | Additional custom annotations for server service | `{}` | +| `server.service.extraPorts` | Extra port to expose on the server service | `[]` | ### Argo Workflows Controller configuration parameters -| Name | Description | Value | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | -| `controller.image.registry` | controller image registry | `docker.io` | -| `controller.image.repository` | controller image repository | `bitnami/argo-workflow-controller` | -| `controller.image.tag` | controller image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | -| `controller.image.digest` | controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `controller.image.pullPolicy` | controller image pull policy | `IfNotPresent` | -| `controller.image.pullSecrets` | controller image pull secrets | `[]` | -| `controller.replicaCount` | Number of controller replicas to deploy | `1` | -| `controller.livenessProbe.enabled` | Enable livenessProbe on controller nodes | `true` | -| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `90` | -| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `60` | -| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | -| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `controller.readinessProbe.enabled` | Enable readinessProbe on controller nodes | `true` | -| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `60` | -| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | -| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `controller.startupProbe.enabled` | Enable startupProbe | `false` | -| `controller.startupProbe.path` | Path to check for startupProbe | `/` | -| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `300` | -| `controller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `controller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `controller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `controller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `controller.customLivenessProbe` | Controller custom livenessProbe that overrides the default one | `{}` | -| `controller.customReadinessProbe` | Controller custom readinessProbe that overrides the default one | `{}` | -| `controller.customStartupProbe` | Controller custom startupProbe that overrides the default one | `{}` | -| `controller.resources.limits` | The resources limits for the controller containers | `{}` | -| `controller.resources.requests` | The requested resources for the controller containers | `{}` | -| `controller.podSecurityContext.enabled` | Enabled controller pods' Security Context | `true` | -| `controller.podSecurityContext.fsGroup` | Set controller pod's Security Context fsGroup | `1001` | -| `controller.containerSecurityContext.enabled` | Enabled controller containers' Security Context | `true` | -| `controller.containerSecurityContext.runAsUser` | Set controller containers' Security Context runAsUser | `1001` | -| `controller.containerSecurityContext.runAsNonRoot` | Set controller containers' Security Context runAsNonRoot | `true` | -| `controller.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Conte | `true` | -| `controller.containerPorts.metrics` | Port to expose controller metrics | `9090` | -| `controller.containerPorts.telemetry` | Port to expose controller telemetry | `8081` | -| `controller.rbac.create` | Create RBAC resources for the Argo workflows controller | `true` | -| `controller.existingConfigMap` | | `""` | -| `controller.extraArgs` | Extra arguments for the controller command line | `""` | -| `controller.persistence.archive.enabled` | Save completed workflows to an SQL database. | `false` | -| `controller.config` | Controller configmap configuration content | `{}` | -| `controller.instanceID.enabled` | Enable submission filtering based on instanceID attribute. Requires to set instanceID.useReleaseName or instanceID.explicitID | `false` | -| `controller.instanceID.useReleaseName` | Use the release name to filter submissions | `false` | -| `controller.instanceID.explicitID` | Filter submissions based on an explicit instance ID | `""` | -| `controller.clusterWorkflowTemplates.enabled` | Whether to create a ClusterRole and Cluster Role Binding to access ClusterWokflowTemplates resources | `true` | -| `controller.metrics.enabled` | Enable controller metrics exporter | `false` | -| `controller.metrics.path` | Path to expose controller metrics | `/metrics` | -| `controller.metrics.serviceMonitor.enabled` | Enable prometheus service monitor configuration | `false` | -| `controller.telemetry.enabled` | Enable telemetry for the controller | `false` | -| `controller.telemetry.path` | Path to expose telemetry information | `/telemetry` | -| `controller.workflowWorkers` | Number of workflow workers to deploy | `32` | -| `controller.workflowNamespaces` | Namespaces allowed to run workflows | `["default"]` | -| `controller.workflowDefaults` | Default Workflow Values | `{}` | -| `controller.logging.level` | Level for the controller logging | `info` | -| `controller.logging.globalLevel` | Global logging level for the controller | `0` | -| `controller.pdb.enabled` | Create Pod Disruption Budget for the controller component | `false` | -| `controller.pdb.minAvailable` | Sets the min number of pods availables for the Pod Disruption Budget | `1` | -| `controller.pdb.maxUnavailable` | Sets the max number of pods unavailable for the Pod Disruption Budget | `1` | -| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `controller.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `controller.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `controller.command` | Override default container command (useful when using custom images) | `[]` | -| `controller.args` | Override default container args (useful when using custom images) | `[]` | -| `controller.hostAliases` | controller pods host aliases | `[]` | -| `controller.podLabels` | Extra labels for controller pods | `{}` | -| `controller.podAnnotations` | Annotations for controller pods | `{}` | -| `controller.podAffinityPreset` | Pod affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `controller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `controller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `controller.nodeAffinityPreset.key` | Node label key to match. Ignored if `controller.affinity` is set | `""` | -| `controller.nodeAffinityPreset.values` | Node label values to match. Ignored if `controller.affinity` is set | `[]` | -| `controller.affinity` | Affinity for controller pods assignment | `{}` | -| `controller.nodeSelector` | Node labels for controller pods assignment | `{}` | -| `controller.tolerations` | Tolerations for controller pods assignment | `[]` | -| `controller.updateStrategy.type` | controller statefulset strategy type | `RollingUpdate` | -| `controller.topologySpreadConstraints` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in | `[]` | -| `controller.schedulerName` | Alternate scheduler for the server controller | `""` | -| `controller.priorityClassName` | controller pods' priorityClassName | `""` | -| `controller.lifecycleHooks` | for the controller container(s) to automate configuration before or after startup | `{}` | -| `controller.extraEnvVars` | Array with extra environment variables to add to controller nodes | `[]` | -| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for controller nodes | `""` | -| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for controller nodes | `""` | -| `controller.extraVolumes` | Optionally specify extra list of additional volumes for the controller pod(s) | `[]` | -| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the controller container(s) | `[]` | -| `controller.sidecars` | Add additional sidecar containers to the controller pod(s) | `[]` | -| `controller.initContainers` | Add additional init containers to the controller pod(s) | `[]` | -| `controller.service.type` | controller service type | `ClusterIP` | -| `controller.service.ports.metrics` | Metrics port for the controller | `8080` | -| `controller.service.ports.telemetry` | Telemetry port for the controller | `8081` | -| `controller.service.nodePorts.metrics` | Node port for HTTP | `""` | -| `controller.service.nodePorts.telemetry` | Node port for HTTPS | `""` | -| `controller.service.clusterIP` | controller service Cluster IP | `""` | -| `controller.service.loadBalancerIP` | controller service Load Balancer IP | `""` | -| `controller.service.loadBalancerSourceRanges` | controller service Load Balancer sources | `[]` | -| `controller.service.externalTrafficPolicy` | controller service external traffic policy | `Cluster` | -| `controller.service.annotations` | Additional custom annotations for controller service | `{}` | -| `controller.service.extraPorts` | Extra port to expose on the controller service | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ | +| `controller.image.registry` | controller image registry | `REGISTRY_NAME` | +| `controller.image.repository` | controller image repository | `REPOSITORY_NAME/argo-workflow-controller` | +| `controller.image.tag` | controller image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | +| `controller.image.digest` | controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `controller.image.pullPolicy` | controller image pull policy | `IfNotPresent` | +| `controller.image.pullSecrets` | controller image pull secrets | `[]` | +| `controller.replicaCount` | Number of controller replicas to deploy | `1` | +| `controller.livenessProbe.enabled` | Enable livenessProbe on controller nodes | `true` | +| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `90` | +| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `60` | +| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | +| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `controller.readinessProbe.enabled` | Enable readinessProbe on controller nodes | `true` | +| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `60` | +| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | +| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `controller.startupProbe.enabled` | Enable startupProbe | `false` | +| `controller.startupProbe.path` | Path to check for startupProbe | `/` | +| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `300` | +| `controller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `controller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `controller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `controller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `controller.customLivenessProbe` | Controller custom livenessProbe that overrides the default one | `{}` | +| `controller.customReadinessProbe` | Controller custom readinessProbe that overrides the default one | `{}` | +| `controller.customStartupProbe` | Controller custom startupProbe that overrides the default one | `{}` | +| `controller.resources.limits` | The resources limits for the controller containers | `{}` | +| `controller.resources.requests` | The requested resources for the controller containers | `{}` | +| `controller.podSecurityContext.enabled` | Enabled controller pods' Security Context | `true` | +| `controller.podSecurityContext.fsGroup` | Set controller pod's Security Context fsGroup | `1001` | +| `controller.containerSecurityContext.enabled` | Enabled controller containers' Security Context | `true` | +| `controller.containerSecurityContext.runAsUser` | Set controller containers' Security Context runAsUser | `1001` | +| `controller.containerSecurityContext.runAsNonRoot` | Set controller containers' Security Context runAsNonRoot | `true` | +| `controller.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Conte | `true` | +| `controller.containerPorts.metrics` | Port to expose controller metrics | `9090` | +| `controller.containerPorts.telemetry` | Port to expose controller telemetry | `8081` | +| `controller.rbac.create` | Create RBAC resources for the Argo workflows controller | `true` | +| `controller.existingConfigMap` | | `""` | +| `controller.extraArgs` | Extra arguments for the controller command line | `""` | +| `controller.persistence.archive.enabled` | Save completed workflows to an SQL database. | `false` | +| `controller.config` | Controller configmap configuration content | `{}` | +| `controller.instanceID.enabled` | Enable submission filtering based on instanceID attribute. Requires to set instanceID.useReleaseName or instanceID.explicitID | `false` | +| `controller.instanceID.useReleaseName` | Use the release name to filter submissions | `false` | +| `controller.instanceID.explicitID` | Filter submissions based on an explicit instance ID | `""` | +| `controller.clusterWorkflowTemplates.enabled` | Whether to create a ClusterRole and Cluster Role Binding to access ClusterWokflowTemplates resources | `true` | +| `controller.metrics.enabled` | Enable controller metrics exporter | `false` | +| `controller.metrics.path` | Path to expose controller metrics | `/metrics` | +| `controller.metrics.serviceMonitor.enabled` | Enable prometheus service monitor configuration | `false` | +| `controller.telemetry.enabled` | Enable telemetry for the controller | `false` | +| `controller.telemetry.path` | Path to expose telemetry information | `/telemetry` | +| `controller.workflowWorkers` | Number of workflow workers to deploy | `32` | +| `controller.workflowNamespaces` | Namespaces allowed to run workflows | `["default"]` | +| `controller.workflowDefaults` | Default Workflow Values | `{}` | +| `controller.logging.level` | Level for the controller logging | `info` | +| `controller.logging.globalLevel` | Global logging level for the controller | `0` | +| `controller.pdb.enabled` | Create Pod Disruption Budget for the controller component | `false` | +| `controller.pdb.minAvailable` | Sets the min number of pods availables for the Pod Disruption Budget | `1` | +| `controller.pdb.maxUnavailable` | Sets the max number of pods unavailable for the Pod Disruption Budget | `1` | +| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `controller.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `controller.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `controller.command` | Override default container command (useful when using custom images) | `[]` | +| `controller.args` | Override default container args (useful when using custom images) | `[]` | +| `controller.hostAliases` | controller pods host aliases | `[]` | +| `controller.podLabels` | Extra labels for controller pods | `{}` | +| `controller.podAnnotations` | Annotations for controller pods | `{}` | +| `controller.podAffinityPreset` | Pod affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `controller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.nodeAffinityPreset.key` | Node label key to match. Ignored if `controller.affinity` is set | `""` | +| `controller.nodeAffinityPreset.values` | Node label values to match. Ignored if `controller.affinity` is set | `[]` | +| `controller.affinity` | Affinity for controller pods assignment | `{}` | +| `controller.nodeSelector` | Node labels for controller pods assignment | `{}` | +| `controller.tolerations` | Tolerations for controller pods assignment | `[]` | +| `controller.updateStrategy.type` | controller statefulset strategy type | `RollingUpdate` | +| `controller.topologySpreadConstraints` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in | `[]` | +| `controller.schedulerName` | Alternate scheduler for the server controller | `""` | +| `controller.priorityClassName` | controller pods' priorityClassName | `""` | +| `controller.lifecycleHooks` | for the controller container(s) to automate configuration before or after startup | `{}` | +| `controller.extraEnvVars` | Array with extra environment variables to add to controller nodes | `[]` | +| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for controller nodes | `""` | +| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for controller nodes | `""` | +| `controller.extraVolumes` | Optionally specify extra list of additional volumes for the controller pod(s) | `[]` | +| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the controller container(s) | `[]` | +| `controller.sidecars` | Add additional sidecar containers to the controller pod(s) | `[]` | +| `controller.initContainers` | Add additional init containers to the controller pod(s) | `[]` | +| `controller.service.type` | controller service type | `ClusterIP` | +| `controller.service.ports.metrics` | Metrics port for the controller | `8080` | +| `controller.service.ports.telemetry` | Telemetry port for the controller | `8081` | +| `controller.service.nodePorts.metrics` | Node port for HTTP | `""` | +| `controller.service.nodePorts.telemetry` | Node port for HTTPS | `""` | +| `controller.service.clusterIP` | controller service Cluster IP | `""` | +| `controller.service.loadBalancerIP` | controller service Load Balancer IP | `""` | +| `controller.service.loadBalancerSourceRanges` | controller service Load Balancer sources | `[]` | +| `controller.service.externalTrafficPolicy` | controller service external traffic policy | `Cluster` | +| `controller.service.annotations` | Additional custom annotations for controller service | `{}` | +| `controller.service.extraPorts` | Extra port to expose on the controller service | `[]` | ### Executor configuration section -| Name | Description | Value | -| ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `executor.image.registry` | executor image registry | `docker.io` | -| `executor.image.repository` | executor image repository | `bitnami/argo-workflow-exec` | -| `executor.image.tag` | executor image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | -| `executor.image.digest` | executor image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `executor.image.pullPolicy` | executor image pull policy | `IfNotPresent` | -| `executor.image.pullSecrets` | executor image pull secrets | `[]` | -| `executor.resources.limits` | The resources limits for the init container | `{}` | -| `executor.resources.requests` | The requested resources for the init container | `{}` | -| `executor.extraEnvVars` | Array with extra environment variables to add to server nodes | `[]` | -| `executor.containerSecurityContext.enabled` | Enabled executor pods' Security Context | `true` | -| `executor.containerSecurityContext.fsGroup` | Set executor pod's Security Context fsGroup | `1001` | -| `executor.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Context | `true` | +| Name | Description | Value | +| ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ------------------------------------ | +| `executor.image.registry` | executor image registry | `REGISTRY_NAME` | +| `executor.image.repository` | executor image repository | `REPOSITORY_NAME/argo-workflow-exec` | +| `executor.image.tag` | executor image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | +| `executor.image.digest` | executor image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `executor.image.pullPolicy` | executor image pull policy | `IfNotPresent` | +| `executor.image.pullSecrets` | executor image pull secrets | `[]` | +| `executor.resources.limits` | The resources limits for the init container | `{}` | +| `executor.resources.requests` | The requested resources for the init container | `{}` | +| `executor.extraEnvVars` | Array with extra environment variables to add to server nodes | `[]` | +| `executor.containerSecurityContext.enabled` | Enabled executor pods' Security Context | `true` | +| `executor.containerSecurityContext.fsGroup` | Set executor pod's Security Context fsGroup | `1001` | +| `executor.containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's Security Context | `true` | ### Traffic Exposure Parameters @@ -372,9 +376,11 @@ helm install my-release \ --set argo-workflowsUsername=admin \ --set argo-workflowsPassword=password \ --set mysql.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/argo-workflows + oci://REGISTRY_NAME/REPOSITORY_NAME/argo-workflows ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Argo Workflows administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MySQL `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -382,9 +388,10 @@ The above command sets the Argo Workflows administrator account username and pas Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/argo-workflows +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/argo-workflows ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/argo-workflows/values.yaml b/bitnami/argo-workflows/values.yaml index 117e94fe82bd7f..6dcad93fde8d1f 100644 --- a/bitnami/argo-workflows/values.yaml +++ b/bitnami/argo-workflows/values.yaml @@ -58,8 +58,8 @@ createAggregateRoles: true server: ## Bitnami Argo Workflow CLI image ## ref: https://hub.docker.com/r/bitnami/argo-workflow-cli/tags/ - ## @param server.image.registry server image registry - ## @param server.image.repository server image repository + ## @param server.image.registry [default: REGISTRY_NAME] server image registry + ## @param server.image.repository [default: REPOSITORY_NAME/argo-workflow-cli] server image repository ## @param server.image.tag server image tag (immutable tags are recommended) ## @param server.image.digest server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param server.image.pullPolicy server image pull policy @@ -467,8 +467,8 @@ server: controller: ## Bitnami Argo Workflow Controller image ## ref: https://hub.docker.com/r/bitnami/argo-workflow-controller/tags/ - ## @param controller.image.registry controller image registry - ## @param controller.image.repository controller image repository + ## @param controller.image.registry [default: REGISTRY_NAME] controller image registry + ## @param controller.image.repository [default: REPOSITORY_NAME/argo-workflow-controller] controller image repository ## @param controller.image.tag controller image tag (immutable tags are recommended) ## @param controller.image.digest controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param controller.image.pullPolicy controller image pull policy @@ -946,8 +946,8 @@ controller: executor: ## Bitnami Argo Workflow Executor image ## ref: https://hub.docker.com/r/bitnami/argo-workflow-exec/tags/ - ## @param executor.image.registry executor image registry - ## @param executor.image.repository executor image repository + ## @param executor.image.registry [default: REGISTRY_NAME] executor image registry + ## @param executor.image.repository [default: REPOSITORY_NAME/argo-workflow-exec] executor image repository ## @param executor.image.tag executor image tag (immutable tags are recommended) ## @param executor.image.digest executor image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param executor.image.pullPolicy executor image pull policy diff --git a/bitnami/aspnet-core/README.md b/bitnami/aspnet-core/README.md index e4fe9a1a282e94..6f53a518918d96 100644 --- a/bitnami/aspnet-core/README.md +++ b/bitnami/aspnet-core/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/aspnet-core +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/aspnet-core ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -34,7 +36,7 @@ Looking to use ASP.NET Core in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/aspnet-core +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/aspnet-core ``` These commands deploy a ASP.NET Core Core application on the Kubernetes cluster in the default configuration. @@ -76,21 +78,21 @@ The command removes all the Kubernetes components associated with the chart and ### ASP.NET Core Core parameters -| Name | Description | Value | -| -------------------- | ----------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | ASP.NET Core Core image registry | `docker.io` | -| `image.repository` | ASP.NET Core Core image repository | `bitnami/aspnet-core` | -| `image.tag` | ASP.NET Core Core image tag (immutable tags are recommended) | `7.0.12-debian-11-r1` | -| `image.digest` | ASP.NET Core Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | ASP.NET Core Core image pull policy | `IfNotPresent` | -| `image.pullSecrets` | ASP.NET Core Core image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `bindURLs` | URLs to bind | `http://+:8080` | -| `extraEnvVars` | Extra environment variables to be set on ASP.NET Core Core container | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| Name | Description | Value | +| -------------------- | ----------------------------------------------------------------------------------------------------------------- | ----------------------------- | +| `image.registry` | ASP.NET Core Core image registry | `REGISTRY_NAME` | +| `image.repository` | ASP.NET Core Core image repository | `REPOSITORY_NAME/aspnet-core` | +| `image.tag` | ASP.NET Core Core image tag (immutable tags are recommended) | `7.0.12-debian-11-r1` | +| `image.digest` | ASP.NET Core Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | ASP.NET Core Core image pull policy | `IfNotPresent` | +| `image.pullSecrets` | ASP.NET Core Core image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `bindURLs` | URLs to bind | `http://+:8080` | +| `extraEnvVars` | Extra environment variables to be set on ASP.NET Core Core container | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | ### ASP.NET Core Core deployment parameters @@ -161,8 +163,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ----------------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- | | `appFromExternalRepo.enabled` | Enable to download/build ASP.NET Core Core app from external git repository | `true` | -| `appFromExternalRepo.clone.image.registry` | Git image registry | `docker.io` | -| `appFromExternalRepo.clone.image.repository` | Git image repository | `bitnami/git` | +| `appFromExternalRepo.clone.image.registry` | Git image registry | `REGISTRY_NAME` | +| `appFromExternalRepo.clone.image.repository` | Git image repository | `REPOSITORY_NAME/git` | | `appFromExternalRepo.clone.image.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | | `appFromExternalRepo.clone.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `appFromExternalRepo.clone.image.pullPolicy` | Git image pull policy | `IfNotPresent` | @@ -170,8 +172,8 @@ The command removes all the Kubernetes components associated with the chart and | `appFromExternalRepo.clone.repository` | Git repository to clone | `https://github.com/dotnet/AspNetCore.Docs.git` | | `appFromExternalRepo.clone.revision` | Git revision to checkout | `main` | | `appFromExternalRepo.clone.extraVolumeMounts` | Add extra volume mounts for the GIT container | `[]` | -| `appFromExternalRepo.publish.image.registry` | .NET SDK image registry | `docker.io` | -| `appFromExternalRepo.publish.image.repository` | .NET SDK image repository | `bitnami/dotnet-sdk` | +| `appFromExternalRepo.publish.image.registry` | .NET SDK image registry | `REGISTRY_NAME` | +| `appFromExternalRepo.publish.image.repository` | .NET SDK image repository | `REPOSITORY_NAME/dotnet-sdk` | | `appFromExternalRepo.publish.image.tag` | .NET SDK image tag (immutable tags are recommended) | `7.0.402-debian-11-r1` | | `appFromExternalRepo.publish.image.digest` | .NET SDK image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `appFromExternalRepo.publish.image.pullPolicy` | .NET SDK image pull policy | `IfNotPresent` | @@ -236,7 +238,7 @@ The command removes all the Kubernetes components associated with the chart and Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set replicaCount=2 oci://registry-1.docker.io/bitnamicharts/aspnet-core +helm install my-release --set replicaCount=2 oci://REGISTRY_NAME/REPOSITORY_NAME/aspnet-core ``` The above command install ASP.NET Core Core chart with 2 replicas. @@ -244,9 +246,10 @@ The above command install ASP.NET Core Core chart with 2 replicas. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/aspnet-core +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/aspnet-core ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/aspnet-core/values.yaml b/bitnami/aspnet-core/values.yaml index 76cec34f8899ef..fc43ba5c3a0703 100644 --- a/bitnami/aspnet-core/values.yaml +++ b/bitnami/aspnet-core/values.yaml @@ -53,8 +53,8 @@ extraDeploy: [] ## Bitnami ASP.NET Core Core image ## ref: https://hub.docker.com/r/bitnami/aspnet-core/tags/ -## @param image.registry ASP.NET Core Core image registry -## @param image.repository ASP.NET Core Core image repository +## @param image.registry [default: REGISTRY_NAME] ASP.NET Core Core image registry +## @param image.repository [default: REPOSITORY_NAME/aspnet-core] ASP.NET Core Core image repository ## @param image.tag ASP.NET Core Core image tag (immutable tags are recommended) ## @param image.digest ASP.NET Core Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy ASP.NET Core Core image pull policy @@ -366,8 +366,8 @@ appFromExternalRepo: clone: ## Bitnami Git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ - ## @param appFromExternalRepo.clone.image.registry Git image registry - ## @param appFromExternalRepo.clone.image.repository Git image repository + ## @param appFromExternalRepo.clone.image.registry [default: REGISTRY_NAME] Git image registry + ## @param appFromExternalRepo.clone.image.repository [default: REPOSITORY_NAME/git] Git image repository ## @param appFromExternalRepo.clone.image.tag Git image tag (immutable tags are recommended) ## @param appFromExternalRepo.clone.image.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param appFromExternalRepo.clone.image.pullPolicy Git image pull policy @@ -408,8 +408,8 @@ appFromExternalRepo: publish: ## Bitnami .NET SDK image version ## ref: https://hub.docker.com/r/bitnami/dotnet-sdk/tags/ - ## @param appFromExternalRepo.publish.image.registry .NET SDK image registry - ## @param appFromExternalRepo.publish.image.repository .NET SDK image repository + ## @param appFromExternalRepo.publish.image.registry [default: REGISTRY_NAME] .NET SDK image registry + ## @param appFromExternalRepo.publish.image.repository [default: REPOSITORY_NAME/dotnet-sdk] .NET SDK image repository ## @param appFromExternalRepo.publish.image.tag .NET SDK image tag (immutable tags are recommended) ## @param appFromExternalRepo.publish.image.digest .NET SDK image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param appFromExternalRepo.publish.image.pullPolicy .NET SDK image pull policy diff --git a/bitnami/cassandra/README.md b/bitnami/cassandra/README.md index fa3a7a8677e5bb..94775183c84e52 100644 --- a/bitnami/cassandra/README.md +++ b/bitnami/cassandra/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/cassandra +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cassandra ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [Apache Cassandra](https://github.com/bitnami/containers/tree/main/bitnami/cassandra) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Apache Cassandra in production? Try [VMware Application Catalog]( To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/cassandra +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cassandra ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy one node with Apache Cassandra on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,40 +81,40 @@ The command removes all the Kubernetes components associated with the chart and ### Cassandra parameters -| Name | Description | Value | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Cassandra image registry | `docker.io` | -| `image.repository` | Cassandra image repository | `bitnami/cassandra` | -| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.3-debian-11-r71` | -| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Cassandra image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `dbUser.user` | Cassandra admin user | `cassandra` | -| `dbUser.forcePassword` | Force the user to provide a non | `false` | -| `dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | -| `dbUser.existingSecret` | Use an existing secret object for `dbUser.user` password (will ignore `dbUser.password`) | `""` | -| `initDBConfigMap` | ConfigMap with cql scripts. Useful for creating a keyspace and pre-populating data | `""` | -| `initDBSecret` | Secret with cql script (with sensitive data). Useful for creating a keyspace and pre-populating data | `""` | -| `existingConfiguration` | ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart | `""` | -| `cluster.name` | Cassandra cluster name | `cassandra` | -| `cluster.seedCount` | Number of seed nodes | `1` | -| `cluster.numTokens` | Number of tokens for each node | `256` | -| `cluster.datacenter` | Datacenter name | `dc1` | -| `cluster.rack` | Rack name | `rack1` | -| `cluster.endpointSnitch` | Endpoint Snitch | `SimpleSnitch` | -| `cluster.internodeEncryption` | DEPRECATED: use tls.internode and tls.client instead. Encryption values. | `none` | -| `cluster.clientEncryption` | Client Encryption | `false` | -| `cluster.extraSeeds` | For an external/second cassandra ring. | `[]` | -| `cluster.enableUDF` | Enable User defined functions | `false` | -| `jvm.extraOpts` | Set the value for Java Virtual Machine extra options | `""` | -| `jvm.maxHeapSize` | Set Java Virtual Machine maximum heap size (MAX_HEAP_SIZE). Calculated automatically if `nil` | `""` | -| `jvm.newHeapSize` | Set Java Virtual Machine new heap size (HEAP_NEWSIZE). Calculated automatically if `nil` | `""` | -| `command` | Command for running the container (set to default if not set). Use array form | `[]` | -| `args` | Args for running the container (set to default if not set). Use array form | `[]` | -| `extraEnvVars` | Extra environment variables to be set on cassandra container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | Cassandra image registry | `REGISTRY_NAME` | +| `image.repository` | Cassandra image repository | `REPOSITORY_NAME/cassandra` | +| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.3-debian-11-r71` | +| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Cassandra image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `dbUser.user` | Cassandra admin user | `cassandra` | +| `dbUser.forcePassword` | Force the user to provide a non | `false` | +| `dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | +| `dbUser.existingSecret` | Use an existing secret object for `dbUser.user` password (will ignore `dbUser.password`) | `""` | +| `initDBConfigMap` | ConfigMap with cql scripts. Useful for creating a keyspace and pre-populating data | `""` | +| `initDBSecret` | Secret with cql script (with sensitive data). Useful for creating a keyspace and pre-populating data | `""` | +| `existingConfiguration` | ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart | `""` | +| `cluster.name` | Cassandra cluster name | `cassandra` | +| `cluster.seedCount` | Number of seed nodes | `1` | +| `cluster.numTokens` | Number of tokens for each node | `256` | +| `cluster.datacenter` | Datacenter name | `dc1` | +| `cluster.rack` | Rack name | `rack1` | +| `cluster.endpointSnitch` | Endpoint Snitch | `SimpleSnitch` | +| `cluster.internodeEncryption` | DEPRECATED: use tls.internode and tls.client instead. Encryption values. | `none` | +| `cluster.clientEncryption` | Client Encryption | `false` | +| `cluster.extraSeeds` | For an external/second cassandra ring. | `[]` | +| `cluster.enableUDF` | Enable User defined functions | `false` | +| `jvm.extraOpts` | Set the value for Java Virtual Machine extra options | `""` | +| `jvm.maxHeapSize` | Set Java Virtual Machine maximum heap size (MAX_HEAP_SIZE). Calculated automatically if `nil` | `""` | +| `jvm.newHeapSize` | Set Java Virtual Machine new heap size (HEAP_NEWSIZE). Calculated automatically if `nil` | `""` | +| `command` | Command for running the container (set to default if not set). Use array form | `[]` | +| `args` | Args for running the container (set to default if not set). Use array form | `[]` | +| `extraEnvVars` | Extra environment variables to be set on cassandra container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | ### Statefulset parameters @@ -227,54 +231,54 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | -| `volumePermissions.securityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| `volumePermissions.securityContext.runAsUser` | User ID for the init container | `0` | ### Metrics parameters -| Name | Description | Value | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ---------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Cassandra exporter image registry | `docker.io` | -| `metrics.image.repository` | Cassandra exporter image name | `bitnami/cassandra-exporter` | -| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r429` | -| `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `45` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for cassandra-exporter container | `[]` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | -| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `monitoring` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.labels` | Used to pass Labels that are required by the installed Prometheus Operator | `{}` | -| `metrics.containerPorts.http` | HTTP Port on the Host and Container | `8080` | -| `metrics.containerPorts.jmx` | JMX Port on the Host and Container | `5555` | -| `metrics.hostPorts.http` | HTTP Port on the Host | `""` | -| `metrics.hostPorts.jmx` | JMX Port on the Host | `""` | -| `metrics.configuration` | Configure Cassandra-exporter with a custom config.yml file | `""` | +| Name | Description | Value | +| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------------------------ | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Cassandra exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Cassandra exporter image name | `REPOSITORY_NAME/cassandra-exporter` | +| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r429` | +| `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `45` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for cassandra-exporter container | `[]` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `monitoring` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.labels` | Used to pass Labels that are required by the installed Prometheus Operator | `{}` | +| `metrics.containerPorts.http` | HTTP Port on the Host and Container | `8080` | +| `metrics.containerPorts.jmx` | JMX Port on the Host and Container | `5555` | +| `metrics.hostPorts.http` | HTTP Port on the Host | `""` | +| `metrics.hostPorts.jmx` | JMX Port on the Host | `""` | +| `metrics.configuration` | Configure Cassandra-exporter with a custom config.yml file | `""` | ### TLS/SSL parameters @@ -299,15 +303,18 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set dbUser.user=admin,dbUser.password=password \ - oci://registry-1.docker.io/bitnamicharts/cassandra + oci://REGISTRY_NAME/REPOSITORY_NAME/cassandra ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/cassandra +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/cassandra ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -378,9 +385,11 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to set the `dbUser.password` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use. Please note down the password and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/cassandra --set dbUser.password=[PASSWORD] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cassandra --set dbUser.password=[PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder *[PASSWORD]* with the value obtained in the installation notes. ### To 9.0.0 diff --git a/bitnami/cassandra/values.yaml b/bitnami/cassandra/values.yaml index 9b13e634bde63d..4768b3464d4ed9 100644 --- a/bitnami/cassandra/values.yaml +++ b/bitnami/cassandra/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami Cassandra image ## ref: https://hub.docker.com/r/bitnami/cassandra/tags/ -## @param image.registry Cassandra image registry -## @param image.repository Cassandra image repository +## @param image.registry [default: REGISTRY_NAME] Cassandra image registry +## @param image.repository [default: REPOSITORY_NAME/cassandra] Cassandra image repository ## @param image.tag Cassandra image tag (immutable tags are recommended) ## @param image.digest Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy @@ -606,8 +606,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume image registry - ## @param volumePermissions.image.repository Init container volume image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume image repository ## @param volumePermissions.image.tag Init container volume image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume pull policy @@ -674,8 +674,8 @@ metrics: enabled: false ## Bitnami Cassandra Exporter image ## ref: https://hub.docker.com/r/bitnami/cassandra-exporter/tags/ - ## @param metrics.image.registry Cassandra exporter image registry - ## @param metrics.image.repository Cassandra exporter image name + ## @param metrics.image.registry [default: REGISTRY_NAME] Cassandra exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/cassandra-exporter] Cassandra exporter image name ## @param metrics.image.tag Cassandra exporter image tag ## @param metrics.image.digest Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy image pull policy diff --git a/bitnami/cert-manager/README.md b/bitnami/cert-manager/README.md index bf78f6cc8ed27f..76afa5eeddbaa9 100644 --- a/bitnami/cert-manager/README.md +++ b/bitnami/cert-manager/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/cert-manager +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cert-manager ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -35,9 +37,10 @@ Looking to use cert-manager in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/cert-manager +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cert-manager ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: List all releases using `helm list` ## Uninstalling the Chart @@ -78,189 +81,189 @@ The command removes all the Kubernetes components associated with the chart and ### Controller deployment parameters -| Name | Description | Value | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------- | -| `controller.replicaCount` | Number of Controller replicas | `1` | -| `controller.image.registry` | Controller image registry | `docker.io` | -| `controller.image.repository` | Controller image repository | `bitnami/cert-manager` | -| `controller.image.tag` | Controller image tag (immutable tags are recommended) | `1.13.1-debian-11-r11` | -| `controller.image.digest` | Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `controller.image.pullPolicy` | Controller image pull policy | `IfNotPresent` | -| `controller.image.pullSecrets` | Controller image pull secrets | `[]` | -| `controller.image.debug` | Controller image debug mode | `false` | -| `controller.acmesolver.image.registry` | Controller image registry | `docker.io` | -| `controller.acmesolver.image.repository` | Controller image repository | `bitnami/acmesolver` | -| `controller.acmesolver.image.tag` | Controller image tag (immutable tags are recommended) | `1.13.1-debian-11-r8` | -| `controller.acmesolver.image.digest` | Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `controller.acmesolver.image.pullPolicy` | Controller image pull policy | `IfNotPresent` | -| `controller.acmesolver.image.pullSecrets` | Controller image pull secrets | `[]` | -| `controller.acmesolver.image.debug` | Controller image debug mode | `false` | -| `controller.resources.limits` | The resources limits for the Controller container | `{}` | -| `controller.resources.requests` | The requested resources for the Controller container | `{}` | -| `controller.podSecurityContext.enabled` | Enabled Controller pods' Security Context | `true` | -| `controller.podSecurityContext.fsGroup` | Set Controller pod's Security Context fsGroup | `1001` | -| `controller.containerSecurityContext.enabled` | Enabled Controller containers' Security Context | `true` | -| `controller.containerSecurityContext.runAsUser` | Set Controller container's Security Context runAsUser | `1001` | -| `controller.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `controller.podAffinityPreset` | Pod affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `controller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `controller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `controller.nodeAffinityPreset.key` | Node label key to match. Ignored if `controller.affinity` is set | `""` | -| `controller.nodeAffinityPreset.values` | Node label values to match. Ignored if `controller.affinity` is set | `[]` | -| `controller.affinity` | Affinity for cert-manager Controller | `{}` | -| `controller.nodeSelector` | Node labels for pod assignment | `{}` | -| `controller.containerPort` | Controller container port | `9402` | -| `controller.command` | Override Controller default command | `[]` | -| `controller.args` | Override Controller default args | `[]` | -| `controller.priorityClassName` | Controller pod priority class name | `""` | -| `controller.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | -| `controller.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `controller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `controller.hostAliases` | Custom host aliases for Controller pods | `[]` | -| `controller.tolerations` | Tolerations for pod assignment | `[]` | -| `controller.podLabels` | Extra labels for Controller pods | `{}` | -| `controller.podAnnotations` | Annotations for Controller pods | `{}` | -| `controller.dnsPolicy` | Controller pod DNS policy | `""` | -| `controller.dnsConfig` | Controller pod DNS config. Required if `controller.dnsPolicy` is set to `None` | `{}` | -| `controller.lifecycleHooks` | Add lifecycle hooks to the Controller deployment | `{}` | -| `controller.updateStrategy.type` | Controller deployment update strategy | `RollingUpdate` | -| `controller.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | -| `controller.extraArgs` | Extra arguments to pass to the Controller container | `[]` | -| `controller.extraEnvVars` | Add extra environment variables to the Controller container | `[]` | -| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `controller.extraVolumes` | Optionally specify extra list of additional volumes for Controller pods | `[]` | -| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Controller container(s) | `[]` | -| `controller.initContainers` | Add additional init containers to the Controller pods | `[]` | -| `controller.sidecars` | Add additional sidecar containers to the Controller pod | `[]` | -| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `controller.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `controller.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| Name | Description | Value | +| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `controller.replicaCount` | Number of Controller replicas | `1` | +| `controller.image.registry` | Controller image registry | `REGISTRY_NAME` | +| `controller.image.repository` | Controller image repository | `REPOSITORY_NAME/cert-manager` | +| `controller.image.tag` | Controller image tag (immutable tags are recommended) | `1.13.1-debian-11-r11` | +| `controller.image.digest` | Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `controller.image.pullPolicy` | Controller image pull policy | `IfNotPresent` | +| `controller.image.pullSecrets` | Controller image pull secrets | `[]` | +| `controller.image.debug` | Controller image debug mode | `false` | +| `controller.acmesolver.image.registry` | Controller image registry | `REGISTRY_NAME` | +| `controller.acmesolver.image.repository` | Controller image repository | `REPOSITORY_NAME/acmesolver` | +| `controller.acmesolver.image.tag` | Controller image tag (immutable tags are recommended) | `1.13.1-debian-11-r8` | +| `controller.acmesolver.image.digest` | Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `controller.acmesolver.image.pullPolicy` | Controller image pull policy | `IfNotPresent` | +| `controller.acmesolver.image.pullSecrets` | Controller image pull secrets | `[]` | +| `controller.acmesolver.image.debug` | Controller image debug mode | `false` | +| `controller.resources.limits` | The resources limits for the Controller container | `{}` | +| `controller.resources.requests` | The requested resources for the Controller container | `{}` | +| `controller.podSecurityContext.enabled` | Enabled Controller pods' Security Context | `true` | +| `controller.podSecurityContext.fsGroup` | Set Controller pod's Security Context fsGroup | `1001` | +| `controller.containerSecurityContext.enabled` | Enabled Controller containers' Security Context | `true` | +| `controller.containerSecurityContext.runAsUser` | Set Controller container's Security Context runAsUser | `1001` | +| `controller.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `controller.podAffinityPreset` | Pod affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `controller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `controller.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.nodeAffinityPreset.key` | Node label key to match. Ignored if `controller.affinity` is set | `""` | +| `controller.nodeAffinityPreset.values` | Node label values to match. Ignored if `controller.affinity` is set | `[]` | +| `controller.affinity` | Affinity for cert-manager Controller | `{}` | +| `controller.nodeSelector` | Node labels for pod assignment | `{}` | +| `controller.containerPort` | Controller container port | `9402` | +| `controller.command` | Override Controller default command | `[]` | +| `controller.args` | Override Controller default args | `[]` | +| `controller.priorityClassName` | Controller pod priority class name | `""` | +| `controller.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `controller.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `controller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `controller.hostAliases` | Custom host aliases for Controller pods | `[]` | +| `controller.tolerations` | Tolerations for pod assignment | `[]` | +| `controller.podLabels` | Extra labels for Controller pods | `{}` | +| `controller.podAnnotations` | Annotations for Controller pods | `{}` | +| `controller.dnsPolicy` | Controller pod DNS policy | `""` | +| `controller.dnsConfig` | Controller pod DNS config. Required if `controller.dnsPolicy` is set to `None` | `{}` | +| `controller.lifecycleHooks` | Add lifecycle hooks to the Controller deployment | `{}` | +| `controller.updateStrategy.type` | Controller deployment update strategy | `RollingUpdate` | +| `controller.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | +| `controller.extraArgs` | Extra arguments to pass to the Controller container | `[]` | +| `controller.extraEnvVars` | Add extra environment variables to the Controller container | `[]` | +| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `controller.extraVolumes` | Optionally specify extra list of additional volumes for Controller pods | `[]` | +| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Controller container(s) | `[]` | +| `controller.initContainers` | Add additional init containers to the Controller pods | `[]` | +| `controller.sidecars` | Add additional sidecar containers to the Controller pod | `[]` | +| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `controller.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `controller.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | ### Webhook deployment parameters -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------ | -| `webhook.replicaCount` | Number of Webhook replicas | `1` | -| `webhook.image.registry` | Webhook image registry | `docker.io` | -| `webhook.image.repository` | Webhook image repository | `bitnami/cert-manager-webhook` | -| `webhook.image.tag` | Webhook image tag (immutable tags are recommended) | `1.13.1-debian-11-r10` | -| `webhook.image.digest` | Webhook image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `webhook.image.pullPolicy` | Webhook image pull policy | `IfNotPresent` | -| `webhook.image.pullSecrets` | Webhook image pull secrets | `[]` | -| `webhook.image.debug` | Webhook image debug mode | `false` | -| `webhook.resources.limits` | The resources limits for the Webhook container | `{}` | -| `webhook.resources.requests` | The requested resources for the Webhook container | `{}` | -| `webhook.podSecurityContext.enabled` | Enabled Webhook pods' Security Context | `true` | -| `webhook.podSecurityContext.fsGroup` | Set Webhook pod's Security Context fsGroup | `1001` | -| `webhook.containerSecurityContext.enabled` | Enabled Webhook containers' Security Context | `true` | -| `webhook.containerSecurityContext.runAsUser` | Set Webhook container's Security Context runAsUser | `1001` | -| `webhook.containerSecurityContext.runAsNonRoot` | Set Webhook container's Security Context runAsNonRoot | `true` | -| `webhook.podAffinityPreset` | Pod affinity preset. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `webhook.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `webhook.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `webhook.nodeAffinityPreset.key` | Node label key to match. Ignored if `webhook.affinity` is set | `""` | -| `webhook.nodeAffinityPreset.values` | Node label values to match. Ignored if `webhook.affinity` is set | `[]` | -| `webhook.affinity` | Affinity for cert-manager Webhook | `{}` | -| `webhook.nodeSelector` | Node labels for pod assignment | `{}` | -| `webhook.containerPort` | Webhook container port | `10250` | -| `webhook.httpsPort` | Webhook container port | `443` | -| `webhook.command` | Override Webhook default command | `[]` | -| `webhook.args` | Override Webhook default args | `[]` | -| `webhook.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `webhook.livenessProbe.path` | Path for livenessProbe | `/livez` | -| `webhook.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | -| `webhook.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `webhook.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `webhook.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `webhook.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `webhook.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `webhook.readinessProbe.path` | Path for readinessProbe | `/healthz` | -| `webhook.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `webhook.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `webhook.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `webhook.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `webhook.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `webhook.customStartupProbe` | Override default startup probe | `{}` | -| `webhook.customLivenessProbe` | Override default liveness probe | `{}` | -| `webhook.customReadinessProbe` | Override default readiness probe | `{}` | -| `webhook.priorityClassName` | Webhook pod priority class name | `""` | -| `webhook.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | -| `webhook.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `webhook.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `webhook.hostAliases` | Custom host aliases for Webhook pods | `[]` | -| `webhook.tolerations` | Tolerations for pod assignment | `[]` | -| `webhook.podLabels` | Extra labels for Webhook pods | `{}` | -| `webhook.podAnnotations` | Annotations for Webhook pods | `{}` | -| `webhook.lifecycleHooks` | Add lifecycle hooks to the Webhook deployment | `{}` | -| `webhook.updateStrategy.type` | Webhook deployment update strategy | `RollingUpdate` | -| `webhook.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | -| `webhook.extraArgs` | Extra arguments to pass to the Webhook container | `[]` | -| `webhook.extraEnvVars` | Add extra environment variables to the Webhook container | `[]` | -| `webhook.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `webhook.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `webhook.extraVolumes` | Optionally specify extra list of additional volumes for Webhook pods | `[]` | -| `webhook.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Webhook container | `[]` | -| `webhook.initContainers` | Add additional init containers to the Webhook pods | `[]` | -| `webhook.sidecars` | Add additional sidecar containers to the Webhook pod | `[]` | -| `webhook.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `webhook.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `webhook.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `webhook.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `webhook.hostNetwork` | Specifies hostNetwork value | `false` | +| Name | Description | Value | +| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | -------------------------------------- | +| `webhook.replicaCount` | Number of Webhook replicas | `1` | +| `webhook.image.registry` | Webhook image registry | `REGISTRY_NAME` | +| `webhook.image.repository` | Webhook image repository | `REPOSITORY_NAME/cert-manager-webhook` | +| `webhook.image.tag` | Webhook image tag (immutable tags are recommended) | `1.13.1-debian-11-r10` | +| `webhook.image.digest` | Webhook image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `webhook.image.pullPolicy` | Webhook image pull policy | `IfNotPresent` | +| `webhook.image.pullSecrets` | Webhook image pull secrets | `[]` | +| `webhook.image.debug` | Webhook image debug mode | `false` | +| `webhook.resources.limits` | The resources limits for the Webhook container | `{}` | +| `webhook.resources.requests` | The requested resources for the Webhook container | `{}` | +| `webhook.podSecurityContext.enabled` | Enabled Webhook pods' Security Context | `true` | +| `webhook.podSecurityContext.fsGroup` | Set Webhook pod's Security Context fsGroup | `1001` | +| `webhook.containerSecurityContext.enabled` | Enabled Webhook containers' Security Context | `true` | +| `webhook.containerSecurityContext.runAsUser` | Set Webhook container's Security Context runAsUser | `1001` | +| `webhook.containerSecurityContext.runAsNonRoot` | Set Webhook container's Security Context runAsNonRoot | `true` | +| `webhook.podAffinityPreset` | Pod affinity preset. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `webhook.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `webhook.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `webhook.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `webhook.nodeAffinityPreset.key` | Node label key to match. Ignored if `webhook.affinity` is set | `""` | +| `webhook.nodeAffinityPreset.values` | Node label values to match. Ignored if `webhook.affinity` is set | `[]` | +| `webhook.affinity` | Affinity for cert-manager Webhook | `{}` | +| `webhook.nodeSelector` | Node labels for pod assignment | `{}` | +| `webhook.containerPort` | Webhook container port | `10250` | +| `webhook.httpsPort` | Webhook container port | `443` | +| `webhook.command` | Override Webhook default command | `[]` | +| `webhook.args` | Override Webhook default args | `[]` | +| `webhook.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `webhook.livenessProbe.path` | Path for livenessProbe | `/livez` | +| `webhook.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | +| `webhook.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `webhook.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `webhook.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `webhook.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `webhook.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `webhook.readinessProbe.path` | Path for readinessProbe | `/healthz` | +| `webhook.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `webhook.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `webhook.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `webhook.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `webhook.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `webhook.customStartupProbe` | Override default startup probe | `{}` | +| `webhook.customLivenessProbe` | Override default liveness probe | `{}` | +| `webhook.customReadinessProbe` | Override default readiness probe | `{}` | +| `webhook.priorityClassName` | Webhook pod priority class name | `""` | +| `webhook.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `webhook.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `webhook.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `webhook.hostAliases` | Custom host aliases for Webhook pods | `[]` | +| `webhook.tolerations` | Tolerations for pod assignment | `[]` | +| `webhook.podLabels` | Extra labels for Webhook pods | `{}` | +| `webhook.podAnnotations` | Annotations for Webhook pods | `{}` | +| `webhook.lifecycleHooks` | Add lifecycle hooks to the Webhook deployment | `{}` | +| `webhook.updateStrategy.type` | Webhook deployment update strategy | `RollingUpdate` | +| `webhook.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | +| `webhook.extraArgs` | Extra arguments to pass to the Webhook container | `[]` | +| `webhook.extraEnvVars` | Add extra environment variables to the Webhook container | `[]` | +| `webhook.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `webhook.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `webhook.extraVolumes` | Optionally specify extra list of additional volumes for Webhook pods | `[]` | +| `webhook.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Webhook container | `[]` | +| `webhook.initContainers` | Add additional init containers to the Webhook pods | `[]` | +| `webhook.sidecars` | Add additional sidecar containers to the Webhook pod | `[]` | +| `webhook.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `webhook.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `webhook.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `webhook.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `webhook.hostNetwork` | Specifies hostNetwork value | `false` | ### CAInjector deployment parameters -| Name | Description | Value | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | -| `cainjector.replicaCount` | Number of CAInjector replicas | `1` | -| `cainjector.image.registry` | CAInjector image registry | `docker.io` | -| `cainjector.image.repository` | CAInjector image repository | `bitnami/cainjector` | -| `cainjector.image.tag` | CAInjector image tag (immutable tags are recommended) | `1.13.1-debian-11-r9` | -| `cainjector.image.digest` | CAInjector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `cainjector.image.pullPolicy` | CAInjector image pull policy | `IfNotPresent` | -| `cainjector.image.pullSecrets` | CAInjector image pull secrets | `[]` | -| `cainjector.image.debug` | CAInjector image debug mode | `false` | -| `cainjector.resources.limits` | The resources limits for the CAInjector container | `{}` | -| `cainjector.resources.requests` | The requested resources for the CAInjector container | `{}` | -| `cainjector.podSecurityContext.enabled` | Enabled CAInjector pods' Security Context | `true` | -| `cainjector.podSecurityContext.fsGroup` | Set CAInjector pod's Security Context fsGroup | `1001` | -| `cainjector.containerSecurityContext.enabled` | Enabled CAInjector containers' Security Context | `true` | -| `cainjector.containerSecurityContext.runAsUser` | Set CAInjector container's Security Context runAsUser | `1001` | -| `cainjector.containerSecurityContext.runAsNonRoot` | Set CAInjector container's Security Context runAsNonRoot | `true` | -| `cainjector.podAffinityPreset` | Pod affinity preset. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `cainjector.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `cainjector.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `cainjector.nodeAffinityPreset.key` | Node label key to match. Ignored if `cainjector.affinity` is set | `""` | -| `cainjector.nodeAffinityPreset.values` | Node label values to match. Ignored if `cainjector.affinity` is set | `[]` | -| `cainjector.affinity` | Affinity for cert-manager CAInjector | `{}` | -| `cainjector.nodeSelector` | Node labels for pod assignment | `{}` | -| `cainjector.command` | Override CAInjector default command | `[]` | -| `cainjector.args` | Override CAInjector default args | `[]` | -| `cainjector.priorityClassName` | CAInjector pod priority class name | `""` | -| `cainjector.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | -| `cainjector.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `cainjector.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `cainjector.hostAliases` | Custom host aliases for CAInjector pods | `[]` | -| `cainjector.tolerations` | Tolerations for pod assignment | `[]` | -| `cainjector.podLabels` | Extra labels for CAInjector pods | `{}` | -| `cainjector.podAnnotations` | Annotations for CAInjector pods | `{}` | -| `cainjector.lifecycleHooks` | Add lifecycle hooks to the CAInjector deployment | `{}` | -| `cainjector.updateStrategy.type` | Controller deployment update strategy | `RollingUpdate` | -| `cainjector.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | -| `cainjector.extraArgs` | Extra arguments to pass to the CAInjector container | `[]` | -| `cainjector.extraEnvVars` | Add extra environment variables to the CAInjector container | `[]` | -| `cainjector.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `cainjector.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `cainjector.extraVolumes` | Optionally specify extra list of additional volumes for CAInjector pods | `[]` | -| `cainjector.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for CAInjector container(s) | `[]` | -| `cainjector.initContainers` | Add additional init containers to the CAInjector pods | `[]` | -| `cainjector.sidecars` | Add additional sidecar containers to the CAInjector pod | `[]` | -| `cainjector.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `cainjector.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `cainjector.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `cainjector.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| Name | Description | Value | +| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `cainjector.replicaCount` | Number of CAInjector replicas | `1` | +| `cainjector.image.registry` | CAInjector image registry | `REGISTRY_NAME` | +| `cainjector.image.repository` | CAInjector image repository | `REPOSITORY_NAME/cainjector` | +| `cainjector.image.tag` | CAInjector image tag (immutable tags are recommended) | `1.13.1-debian-11-r9` | +| `cainjector.image.digest` | CAInjector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `cainjector.image.pullPolicy` | CAInjector image pull policy | `IfNotPresent` | +| `cainjector.image.pullSecrets` | CAInjector image pull secrets | `[]` | +| `cainjector.image.debug` | CAInjector image debug mode | `false` | +| `cainjector.resources.limits` | The resources limits for the CAInjector container | `{}` | +| `cainjector.resources.requests` | The requested resources for the CAInjector container | `{}` | +| `cainjector.podSecurityContext.enabled` | Enabled CAInjector pods' Security Context | `true` | +| `cainjector.podSecurityContext.fsGroup` | Set CAInjector pod's Security Context fsGroup | `1001` | +| `cainjector.containerSecurityContext.enabled` | Enabled CAInjector containers' Security Context | `true` | +| `cainjector.containerSecurityContext.runAsUser` | Set CAInjector container's Security Context runAsUser | `1001` | +| `cainjector.containerSecurityContext.runAsNonRoot` | Set CAInjector container's Security Context runAsNonRoot | `true` | +| `cainjector.podAffinityPreset` | Pod affinity preset. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `cainjector.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `cainjector.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `cainjector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `cainjector.nodeAffinityPreset.key` | Node label key to match. Ignored if `cainjector.affinity` is set | `""` | +| `cainjector.nodeAffinityPreset.values` | Node label values to match. Ignored if `cainjector.affinity` is set | `[]` | +| `cainjector.affinity` | Affinity for cert-manager CAInjector | `{}` | +| `cainjector.nodeSelector` | Node labels for pod assignment | `{}` | +| `cainjector.command` | Override CAInjector default command | `[]` | +| `cainjector.args` | Override CAInjector default args | `[]` | +| `cainjector.priorityClassName` | CAInjector pod priority class name | `""` | +| `cainjector.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `cainjector.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `cainjector.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `cainjector.hostAliases` | Custom host aliases for CAInjector pods | `[]` | +| `cainjector.tolerations` | Tolerations for pod assignment | `[]` | +| `cainjector.podLabels` | Extra labels for CAInjector pods | `{}` | +| `cainjector.podAnnotations` | Annotations for CAInjector pods | `{}` | +| `cainjector.lifecycleHooks` | Add lifecycle hooks to the CAInjector deployment | `{}` | +| `cainjector.updateStrategy.type` | Controller deployment update strategy | `RollingUpdate` | +| `cainjector.updateStrategy.rollingUpdate` | Controller deployment rolling update configuration parameters | `{}` | +| `cainjector.extraArgs` | Extra arguments to pass to the CAInjector container | `[]` | +| `cainjector.extraEnvVars` | Add extra environment variables to the CAInjector container | `[]` | +| `cainjector.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `cainjector.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `cainjector.extraVolumes` | Optionally specify extra list of additional volumes for CAInjector pods | `[]` | +| `cainjector.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for CAInjector container(s) | `[]` | +| `cainjector.initContainers` | Add additional init containers to the CAInjector pods | `[]` | +| `cainjector.sidecars` | Add additional sidecar containers to the CAInjector pod | `[]` | +| `cainjector.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `cainjector.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `cainjector.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `cainjector.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | ### Metrics Parameters @@ -291,16 +294,19 @@ The command removes all the Kubernetes components associated with the chart and Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/cert-manager \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/cert-manager \ --set installCRDs=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/cert-manager +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/cert-manager ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/cert-manager/values.yaml b/bitnami/cert-manager/values.yaml index 2ec6cb10b63683..846a893e253cb0 100644 --- a/bitnami/cert-manager/values.yaml +++ b/bitnami/cert-manager/values.yaml @@ -61,8 +61,8 @@ controller: replicaCount: 1 ## Bitnami cert-manager image ## ref: https://hub.docker.com/r/bitnami/cert-manager/tags/ - ## @param controller.image.registry Controller image registry - ## @param controller.image.repository Controller image repository + ## @param controller.image.registry [default: REGISTRY_NAME] Controller image registry + ## @param controller.image.repository [default: REPOSITORY_NAME/cert-manager] Controller image repository ## @param controller.image.tag Controller image tag (immutable tags are recommended) ## @param controller.image.digest Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param controller.image.pullPolicy Controller image pull policy @@ -92,8 +92,8 @@ controller: ## debug: false acmesolver: - ## @param controller.acmesolver.image.registry Controller image registry - ## @param controller.acmesolver.image.repository Controller image repository + ## @param controller.acmesolver.image.registry [default: REGISTRY_NAME] Controller image registry + ## @param controller.acmesolver.image.repository [default: REPOSITORY_NAME/acmesolver] Controller image repository ## @param controller.acmesolver.image.tag Controller image tag (immutable tags are recommended) ## @param controller.acmesolver.image.digest Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param controller.acmesolver.image.pullPolicy Controller image pull policy @@ -318,8 +318,8 @@ webhook: replicaCount: 1 ## Bitnami cert-manager Webhook image ## ref: https://hub.docker.com/r/bitnami/cert-manager-webhook/tags/ - ## @param webhook.image.registry Webhook image registry - ## @param webhook.image.repository Webhook image repository + ## @param webhook.image.registry [default: REGISTRY_NAME] Webhook image registry + ## @param webhook.image.repository [default: REPOSITORY_NAME/cert-manager-webhook] Webhook image repository ## @param webhook.image.tag Webhook image tag (immutable tags are recommended) ## @param webhook.image.digest Webhook image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param webhook.image.pullPolicy Webhook image pull policy @@ -584,8 +584,8 @@ cainjector: ## Bitnami CAInjector image ## ref: https://hub.docker.com/r/bitnami/cainjector/tags/ - ## @param cainjector.image.registry CAInjector image registry - ## @param cainjector.image.repository CAInjector image repository + ## @param cainjector.image.registry [default: REGISTRY_NAME] CAInjector image registry + ## @param cainjector.image.repository [default: REPOSITORY_NAME/cainjector] CAInjector image repository ## @param cainjector.image.tag CAInjector image tag (immutable tags are recommended) ## @param cainjector.image.digest CAInjector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param cainjector.image.pullPolicy CAInjector image pull policy diff --git a/bitnami/clickhouse/README.md b/bitnami/clickhouse/README.md index 53299f7a855c1f..dac631073d96f0 100644 --- a/bitnami/clickhouse/README.md +++ b/bitnami/clickhouse/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/clickhouse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/clickhouse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -42,9 +44,11 @@ Looking to use ClickHouse in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/clickhouse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/clickhouse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys ClickHouse on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -87,65 +91,65 @@ The command removes all the Kubernetes components associated with the chart and ### ClickHouse Parameters -| Name | Description | Value | -| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | ClickHouse image registry | `docker.io` | -| `image.repository` | ClickHouse image repository | `bitnami/clickhouse` | -| `image.tag` | ClickHouse image tag (immutable tags are recommended) | `23.9.2-debian-11-r0` | -| `image.digest` | ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | ClickHouse image pull policy | `IfNotPresent` | -| `image.pullSecrets` | ClickHouse image pull secrets | `[]` | -| `image.debug` | Enable ClickHouse image debug mode | `false` | -| `shards` | Number of ClickHouse shards to deploy | `2` | -| `replicaCount` | Number of ClickHouse replicas per shard to deploy | `3` | -| `distributeReplicasByZone` | Schedules replicas of the same shard to different availability zones | `false` | -| `containerPorts.http` | ClickHouse HTTP container port | `8123` | -| `containerPorts.https` | ClickHouse HTTPS container port | `8443` | -| `containerPorts.tcp` | ClickHouse TCP container port | `9000` | -| `containerPorts.tcpSecure` | ClickHouse TCP (secure) container port | `9440` | -| `containerPorts.keeper` | ClickHouse keeper TCP container port | `2181` | -| `containerPorts.keeperSecure` | ClickHouse keeper TCP (secure) container port | `3181` | -| `containerPorts.keeperInter` | ClickHouse keeper interserver TCP container port | `9444` | -| `containerPorts.mysql` | ClickHouse MySQL container port | `9004` | -| `containerPorts.postgresql` | ClickHouse PostgreSQL container port | `9005` | -| `containerPorts.interserver` | ClickHouse Interserver container port | `9009` | -| `containerPorts.metrics` | ClickHouse metrics container port | `8001` | -| `livenessProbe.enabled` | Enable livenessProbe on ClickHouse containers | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe on ClickHouse containers | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe on ClickHouse containers | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `resources.limits` | The resources limits for the ClickHouse containers | `{}` | -| `resources.requests` | The requested resources for the ClickHouse containers | `{}` | -| `podSecurityContext.enabled` | Enabled ClickHouse pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set ClickHouse pod's Security Context fsGroup | `1001` | -| `podSecurityContext.seccompProfile.type` | Set ClickHouse container's Security Context seccomp profile | `RuntimeDefault` | -| `containerSecurityContext.enabled` | Enabled ClickHouse containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set ClickHouse containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set ClickHouse containers' Security Context runAsNonRoot | `true` | -| `containerSecurityContext.allowPrivilegeEscalation` | Set ClickHouse container's privilege escalation | `false` | -| `containerSecurityContext.capabilities.drop` | Set ClickHouse container's Security Context runAsNonRoot | `["ALL"]` | -| `auth.username` | ClickHouse Admin username | `default` | -| `auth.password` | ClickHouse Admin password | `""` | -| `auth.existingSecret` | Name of a secret containing the Admin password | `""` | -| `auth.existingSecretKey` | Name of the key inside the existing secret | `""` | -| `logLevel` | Logging level | `information` | +| Name | Description | Value | +| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | ClickHouse image registry | `REGISTRY_NAME` | +| `image.repository` | ClickHouse image repository | `REPOSITORY_NAME/clickhouse` | +| `image.tag` | ClickHouse image tag (immutable tags are recommended) | `23.9.2-debian-11-r0` | +| `image.digest` | ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | ClickHouse image pull policy | `IfNotPresent` | +| `image.pullSecrets` | ClickHouse image pull secrets | `[]` | +| `image.debug` | Enable ClickHouse image debug mode | `false` | +| `shards` | Number of ClickHouse shards to deploy | `2` | +| `replicaCount` | Number of ClickHouse replicas per shard to deploy | `3` | +| `distributeReplicasByZone` | Schedules replicas of the same shard to different availability zones | `false` | +| `containerPorts.http` | ClickHouse HTTP container port | `8123` | +| `containerPorts.https` | ClickHouse HTTPS container port | `8443` | +| `containerPorts.tcp` | ClickHouse TCP container port | `9000` | +| `containerPorts.tcpSecure` | ClickHouse TCP (secure) container port | `9440` | +| `containerPorts.keeper` | ClickHouse keeper TCP container port | `2181` | +| `containerPorts.keeperSecure` | ClickHouse keeper TCP (secure) container port | `3181` | +| `containerPorts.keeperInter` | ClickHouse keeper interserver TCP container port | `9444` | +| `containerPorts.mysql` | ClickHouse MySQL container port | `9004` | +| `containerPorts.postgresql` | ClickHouse PostgreSQL container port | `9005` | +| `containerPorts.interserver` | ClickHouse Interserver container port | `9009` | +| `containerPorts.metrics` | ClickHouse metrics container port | `8001` | +| `livenessProbe.enabled` | Enable livenessProbe on ClickHouse containers | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on ClickHouse containers | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on ClickHouse containers | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `resources.limits` | The resources limits for the ClickHouse containers | `{}` | +| `resources.requests` | The requested resources for the ClickHouse containers | `{}` | +| `podSecurityContext.enabled` | Enabled ClickHouse pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set ClickHouse pod's Security Context fsGroup | `1001` | +| `podSecurityContext.seccompProfile.type` | Set ClickHouse container's Security Context seccomp profile | `RuntimeDefault` | +| `containerSecurityContext.enabled` | Enabled ClickHouse containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set ClickHouse containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set ClickHouse containers' Security Context runAsNonRoot | `true` | +| `containerSecurityContext.allowPrivilegeEscalation` | Set ClickHouse container's privilege escalation | `false` | +| `containerSecurityContext.capabilities.drop` | Set ClickHouse container's Security Context runAsNonRoot | `["ALL"]` | +| `auth.username` | ClickHouse Admin username | `default` | +| `auth.password` | ClickHouse Admin password | `""` | +| `auth.existingSecret` | Name of a secret containing the Admin password | `""` | +| `auth.existingSecretKey` | Name of the key inside the existing secret | `""` | +| `logLevel` | Logging level | `information` | ### ClickHouse keeper configuration parameters @@ -295,17 +299,17 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -342,15 +346,15 @@ The command removes all the Kubernetes components associated with the chart and ### Zookeeper subchart parameters -| Name | Description | Value | -| -------------------------------- | ---------------------------------------------------- | -------------------- | -| `zookeeper.enabled` | Deploy Zookeeper subchart | `true` | -| `zookeeper.replicaCount` | Number of Zookeeper instances | `3` | -| `zookeeper.service.ports.client` | Zookeeper client port | `2181` | -| `zookeeper.image.registry` | Zookeeper image registry | `docker.io` | -| `zookeeper.image.repository` | Zookeeper image repository | `bitnami/zookeeper` | -| `zookeeper.image.tag` | Zookeeper image tag (immutable tags are recommended) | `3.8.3-debian-11-r1` | -| `zookeeper.image.pullPolicy` | Zookeeper image pull policy | `IfNotPresent` | +| Name | Description | Value | +| -------------------------------- | ---------------------------------------------------- | --------------------------- | +| `zookeeper.enabled` | Deploy Zookeeper subchart | `true` | +| `zookeeper.replicaCount` | Number of Zookeeper instances | `3` | +| `zookeeper.service.ports.client` | Zookeeper client port | `2181` | +| `zookeeper.image.registry` | Zookeeper image registry | `REGISTRY_NAME` | +| `zookeeper.image.repository` | Zookeeper image repository | `REPOSITORY_NAME/zookeeper` | +| `zookeeper.image.tag` | Zookeeper image tag (immutable tags are recommended) | `3.8.3-debian-11-r1` | +| `zookeeper.image.pullPolicy` | Zookeeper image pull policy | `IfNotPresent` | See to create the table. @@ -362,9 +366,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set auth.username=admin \ --set auth.password=password \ - oci://registry-1.docker.io/bitnamicharts/clickhouse + oci://REGISTRY_NAME/REPOSITORY_NAME/clickhouse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the ClickHouse administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -372,9 +378,10 @@ The above command sets the ClickHouse administrator account username and passwor Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/clickhouse +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/clickhouse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/clickhouse/values.yaml b/bitnami/clickhouse/values.yaml index 5159f31c540299..e0c7db190d60c8 100644 --- a/bitnami/clickhouse/values.yaml +++ b/bitnami/clickhouse/values.yaml @@ -68,8 +68,8 @@ diagnosticMode: ## Bitnami ClickHouse image ## ref: https://hub.docker.com/r/bitnami/clickhouse/tags/ -## @param image.registry ClickHouse image registry -## @param image.repository ClickHouse image repository +## @param image.registry [default: REGISTRY_NAME] ClickHouse image registry +## @param image.repository [default: REPOSITORY_NAME/clickhouse] ClickHouse image repository ## @param image.tag ClickHouse image tag (immutable tags are recommended) ## @param image.digest ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy ClickHouse image pull policy @@ -957,8 +957,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets @@ -1112,8 +1112,8 @@ zookeeper: enabled: true ## Override zookeeper default image as 3.9 is not supported https://github.com/ClickHouse/ClickHouse/issues/53749 ## ref: https://github.com/bitnami/containers/tree/main/bitnami/zookeeper - ## @param zookeeper.image.registry Zookeeper image registry - ## @param zookeeper.image.repository Zookeeper image repository + ## @param zookeeper.image.registry [default: REGISTRY_NAME] Zookeeper image registry + ## @param zookeeper.image.repository [default: REPOSITORY_NAME/zookeeper] Zookeeper image repository ## @param zookeeper.image.tag Zookeeper image tag (immutable tags are recommended) ## @param zookeeper.image.pullPolicy Zookeeper image pull policy image: diff --git a/bitnami/concourse/README.md b/bitnami/concourse/README.md index 64cd4386e08326..5e402ccaf9f472 100644 --- a/bitnami/concourse/README.md +++ b/bitnami/concourse/README.md @@ -9,9 +9,11 @@ Concourse is an automation system written in Go. It is most commonly used for CI ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/concourse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/concourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Concourse](https://concourse-ci.org/) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Concourse in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/concourse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/concourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys concourse on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,28 +82,28 @@ The command removes all the Kubernetes components associated with the chart and ### Common Concourse Parameters -| Name | Description | Value | -| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | image registry | `docker.io` | -| `image.repository` | image repository | `bitnami/concourse` | -| `image.tag` | image tag (immutable tags are recommended) | `7.10.0-debian-11-r57` | -| `image.digest` | image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | image pull policy | `IfNotPresent` | -| `image.pullSecrets` | image pull secrets | `[]` | -| `secrets.localAuth.enabled` | the use of local authentication (basic auth). | `true` | -| `secrets.localUsers` | List of `username:password` or `username:bcrypted_password` combinations for all your local concourse users. Auto-generated if not set | `""` | -| `secrets.teamAuthorizedKeys` | Array of team names and public keys for team external workers | `[]` | -| `secrets.conjurAccount` | Account for Conjur auth provider. | `""` | -| `secrets.conjurAuthnLogin` | Host username for Conjur auth provider. | `""` | -| `secrets.conjurAuthnApiKey` | API key for host used for Conjur auth provider. Either API key or token file can be used, but not both. | `""` | -| `secrets.conjurAuthnTokenFile` | Token file used for Conjur auth provider if running in Kubernetes or IAM. Either token file or API key can be used, but not both. | `""` | -| `secrets.conjurCACert` | CA Certificate to specify if conjur instance is deployed with a self-signed cert | `""` | -| `secrets.hostKey` | Concourse Host Keys. | `""` | -| `secrets.hostKeyPub` | Concourse Host Keys. | `""` | -| `secrets.sessionSigningKey` | Concourse Session Signing Keys. | `""` | -| `secrets.workerKey` | Concourse Worker Keys. | `""` | -| `secrets.workerKeyPub` | Concourse Worker Keys. | `""` | -| `secrets.workerAdditionalCerts` | Additional certificates to add to the worker nodes | `""` | +| Name | Description | Value | +| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | image registry | `REGISTRY_NAME` | +| `image.repository` | image repository | `REPOSITORY_NAME/concourse` | +| `image.tag` | image tag (immutable tags are recommended) | `7.10.0-debian-11-r62` | +| `image.digest` | image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | image pull policy | `IfNotPresent` | +| `image.pullSecrets` | image pull secrets | `[]` | +| `secrets.localAuth.enabled` | the use of local authentication (basic auth). | `true` | +| `secrets.localUsers` | List of `username:password` or `username:bcrypted_password` combinations for all your local concourse users. Auto-generated if not set | `""` | +| `secrets.teamAuthorizedKeys` | Array of team names and public keys for team external workers | `[]` | +| `secrets.conjurAccount` | Account for Conjur auth provider. | `""` | +| `secrets.conjurAuthnLogin` | Host username for Conjur auth provider. | `""` | +| `secrets.conjurAuthnApiKey` | API key for host used for Conjur auth provider. Either API key or token file can be used, but not both. | `""` | +| `secrets.conjurAuthnTokenFile` | Token file used for Conjur auth provider if running in Kubernetes or IAM. Either token file or API key can be used, but not both. | `""` | +| `secrets.conjurCACert` | CA Certificate to specify if conjur instance is deployed with a self-signed cert | `""` | +| `secrets.hostKey` | Concourse Host Keys. | `""` | +| `secrets.hostKeyPub` | Concourse Host Keys. | `""` | +| `secrets.sessionSigningKey` | Concourse Session Signing Keys. | `""` | +| `secrets.workerKey` | Concourse Worker Keys. | `""` | +| `secrets.workerKeyPub` | Concourse Worker Keys. | `""` | +| `secrets.workerAdditionalCerts` | Additional certificates to add to the worker nodes | `""` | ### Concourse Web parameters @@ -351,19 +355,19 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r89` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Concourse database parameters @@ -398,9 +402,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set secrets.localUsers=admin:password \ - oci://registry-1.docker.io/bitnamicharts/concourse + oci://REGISTRY_NAME/REPOSITORY_NAME/concourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Concourse account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -408,9 +414,10 @@ The above command sets the Concourse account username and password to `admin` an Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/concourse +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/concourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/concourse/values.yaml b/bitnami/concourse/values.yaml index 0db6ff9aac1690..7bcd846a38e643 100644 --- a/bitnami/concourse/values.yaml +++ b/bitnami/concourse/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Concourse image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry image registry -## @param image.repository image repository +## @param image.registry [default: REGISTRY_NAME] image registry +## @param image.repository [default: REPOSITORY_NAME/concourse] image repository ## @param image.tag image tag (immutable tags are recommended) ## @param image.digest image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy @@ -1202,8 +1202,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/consul/README.md b/bitnami/consul/README.md index 3a221f1b432d06..c632dab053643f 100644 --- a/bitnami/consul/README.md +++ b/bitnami/consul/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/consul +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [HashiCorp Consul](https://github.com/bitnami/containers/tree/main/bitnami/consul) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use HashiCorp Consul in production? Try [VMware Application Catalog]( To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/consul +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy HashiCorp Consul on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,41 +85,41 @@ helm delete --purge my-release ### HashiCorp Consul parameters -| Name | Description | Value | -| ------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | HashiCorp Consul image registry | `docker.io` | -| `image.repository` | HashiCorp Consul image repository | `bitnami/consul` | -| `image.tag` | HashiCorp Consul image tag (immutable tags are recommended) | `1.16.2-debian-11-r15` | -| `image.digest` | HashiCorp Consul image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | HashiCorp Consul image pull policy | `IfNotPresent` | -| `image.pullSecrets` | HashiCorp Consul image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `datacenterName` | Datacenter name for Consul. If not supplied, will use the Consul | `dc1` | -| `domain` | Consul domain name | `consul` | -| `raftMultiplier` | Multiplier used to scale key Raft timing parameters | `1` | -| `gossipKey` | Gossip key for all members. The key must be 16-bytes, can be generated with $(consul keygen) | `""` | -| `tlsEncryptionSecretName` | Name of existing secret with TLS encryption data | `""` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `configuration` | HashiCorp Consul configuration to be injected as ConfigMap | `""` | -| `existingConfigmap` | ConfigMap with HashiCorp Consul configuration | `""` | -| `localConfig` | Extra configuration that will be added to the default one | `""` | -| `podLabels` | Pod labels | `{}` | -| `priorityClassName` | Priority class assigned to the Pods | `""` | -| `runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | -| `schedulerName` | Alternative scheduler | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the Consul pod needs to terminate gracefully | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `command` | Command for running the container (set to default if not set). Use array form | `[]` | -| `args` | Args for running the container (set to default if not set). Use array form | `[]` | -| `extraEnvVars` | Extra environment variables to be set on HashiCorp Consul container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `containerPorts.http` | Port to open for HTTP in Consul | `8500` | -| `containerPorts.dns` | Port to open for DNS server in Consul | `8600` | -| `containerPorts.rpc` | Port to open for RPC in Consul | `8400` | -| `containerPorts.rpcServer` | Port to open for RPC Server in Consul | `8300` | -| `containerPorts.serfLAN` | Port to open for Serf LAN in Consul | `8301` | -| `lifecycleHooks` | Add lifecycle hooks to the deployment | `{}` | +| Name | Description | Value | +| ------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | HashiCorp Consul image registry | `REGISTRY_NAME` | +| `image.repository` | HashiCorp Consul image repository | `REPOSITORY_NAME/consul` | +| `image.tag` | HashiCorp Consul image tag (immutable tags are recommended) | `1.16.2-debian-11-r17` | +| `image.digest` | HashiCorp Consul image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | HashiCorp Consul image pull policy | `IfNotPresent` | +| `image.pullSecrets` | HashiCorp Consul image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `datacenterName` | Datacenter name for Consul. If not supplied, will use the Consul | `dc1` | +| `domain` | Consul domain name | `consul` | +| `raftMultiplier` | Multiplier used to scale key Raft timing parameters | `1` | +| `gossipKey` | Gossip key for all members. The key must be 16-bytes, can be generated with $(consul keygen) | `""` | +| `tlsEncryptionSecretName` | Name of existing secret with TLS encryption data | `""` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `configuration` | HashiCorp Consul configuration to be injected as ConfigMap | `""` | +| `existingConfigmap` | ConfigMap with HashiCorp Consul configuration | `""` | +| `localConfig` | Extra configuration that will be added to the default one | `""` | +| `podLabels` | Pod labels | `{}` | +| `priorityClassName` | Priority class assigned to the Pods | `""` | +| `runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `schedulerName` | Alternative scheduler | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the Consul pod needs to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `command` | Command for running the container (set to default if not set). Use array form | `[]` | +| `args` | Args for running the container (set to default if not set). Use array form | `[]` | +| `extraEnvVars` | Extra environment variables to be set on HashiCorp Consul container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `containerPorts.http` | Port to open for HTTP in Consul | `8500` | +| `containerPorts.dns` | Port to open for DNS server in Consul | `8600` | +| `containerPorts.rpc` | Port to open for RPC in Consul | `8400` | +| `containerPorts.rpcServer` | Port to open for RPC Server in Consul | `8300` | +| `containerPorts.serfLAN` | Port to open for Serf LAN in Consul | `8301` | +| `lifecycleHooks` | Add lifecycle hooks to the deployment | `{}` | ### Statefulset parameters @@ -215,55 +219,57 @@ helm delete --purge my-release ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r89` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | HashiCorp Consul Prometheus Exporter image registry | `docker.io` | -| `metrics.image.repository` | HashiCorp Consul Prometheus Exporter image repository | `bitnami/consul-exporter` | -| `metrics.image.tag` | HashiCorp Consul Prometheus Exporter image tag (immutable tags are recommended) | `0.9.0-debian-11-r297` | -| `metrics.image.digest` | HashiCorp Consul Prometheus Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | HashiCorp Consul Prometheus Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | HashiCorp Consul Prometheus Exporter image pull secrets | `[]` | -| `metrics.containerSecurityContext.enabled` | HashiCorp Consul Prometheus Exporter securityContext | `true` | -| `metrics.containerSecurityContext.runAsUser` | User ID for the HashiCorp Consul Prometheus Exporter | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Force the container to be run as non root | `true` | -| `metrics.service.type` | Kubernetes Service type | `ClusterIP` | -| `metrics.service.loadBalancerIP` | Service Load Balancer IP | `""` | -| `metrics.service.annotations` | Provide any additional annotations which may be required. | `{}` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator, set to true to create a Service Monitor Entry | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics relabelings to add to the scrape endpoint | `[]` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | HashiCorp Consul Prometheus Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | HashiCorp Consul Prometheus Exporter image repository | `REPOSITORY_NAME/consul-exporter` | +| `metrics.image.tag` | HashiCorp Consul Prometheus Exporter image tag (immutable tags are recommended) | `0.9.0-debian-11-r299` | +| `metrics.image.digest` | HashiCorp Consul Prometheus Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | HashiCorp Consul Prometheus Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | HashiCorp Consul Prometheus Exporter image pull secrets | `[]` | +| `metrics.containerSecurityContext.enabled` | HashiCorp Consul Prometheus Exporter securityContext | `true` | +| `metrics.containerSecurityContext.runAsUser` | User ID for the HashiCorp Consul Prometheus Exporter | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Force the container to be run as non root | `true` | +| `metrics.service.type` | Kubernetes Service type | `ClusterIP` | +| `metrics.service.loadBalancerIP` | Service Load Balancer IP | `""` | +| `metrics.service.annotations` | Provide any additional annotations which may be required. | `{}` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator, set to true to create a Service Monitor Entry | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.metricRelabelings` | Metrics relabelings to add to the scrape endpoint | `[]` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set domain=consul-domain,gossipKey=secretkey oci://registry-1.docker.io/bitnamicharts/consul +helm install my-release --set domain=consul-domain,gossipKey=secretkey oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the HashiCorp Consul domain to `consul-domain` and sets the gossip key to `secretkey`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -271,9 +277,10 @@ The above command sets the HashiCorp Consul domain to `consul-domain` and sets t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/consul +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -482,9 +489,11 @@ The field `podManagementPolicy` can't be updated in a StatefulSet, so you need t ```console kubectl delete statefulset consul -helm upgrade oci://registry-1.docker.io/bitnamicharts/consul +helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 6.0.0 This release updates the Bitnami Consul container to `1.6.1-debian-9-r6`, which is based on Bash instead of Node.js. @@ -494,15 +503,19 @@ This release updates the Bitnami Consul container to `1.6.1-debian-9-r6`, which Consul container was moved to a non-root approach. There shouldn't be any issue when upgrading since the corresponding `securityContext` is enabled by default. Both the container image and the chart can be upgraded by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/consul +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/consul ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you use a previous container image (previous to **1.4.0-r16**) disable the `securityContext` by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/consul --set securityContext.enabled=false,image.tag=XXX +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/consul --set securityContext.enabled=false,image.tag=XXX ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 2.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/consul/values.yaml b/bitnami/consul/values.yaml index 45e55cbf0008a0..68a8446a7befc0 100644 --- a/bitnami/consul/values.yaml +++ b/bitnami/consul/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami HashiCorp Consul image ## ref: https://hub.docker.com/r/bitnami/consul/tags/ -## @param image.registry HashiCorp Consul image registry -## @param image.repository HashiCorp Consul image repository +## @param image.registry [default: REGISTRY_NAME] HashiCorp Consul image registry +## @param image.repository [default: REPOSITORY_NAME/consul] HashiCorp Consul image repository ## @param image.tag HashiCorp Consul image tag (immutable tags are recommended) ## @param image.digest HashiCorp Consul image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy HashiCorp Consul image pull policy @@ -612,8 +612,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -663,8 +663,8 @@ metrics: enabled: false ## Bitnami HashiCorp Consul Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/consul-exporter/tags/ - ## @param metrics.image.registry HashiCorp Consul Prometheus Exporter image registry - ## @param metrics.image.repository HashiCorp Consul Prometheus Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] HashiCorp Consul Prometheus Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/consul-exporter] HashiCorp Consul Prometheus Exporter image repository ## @param metrics.image.tag HashiCorp Consul Prometheus Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest HashiCorp Consul Prometheus Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy HashiCorp Consul Prometheus Exporter image pull policy diff --git a/bitnami/contour/README.md b/bitnami/contour/README.md index 682748fc8a4afc..b7dbedce230506 100644 --- a/bitnami/contour/README.md +++ b/bitnami/contour/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/contour +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/contour ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -35,9 +37,11 @@ Looking to use Contour in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/contour +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/contour ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy contour on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` or `helm ls --all-namespaces` @@ -83,254 +87,254 @@ helm uninstall my-release ### Contour parameters -| Name | Description | Value | -| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `existingConfigMap` | Specifies the name of an externally-defined ConfigMap to use as the configuration (this is mutually exclusive with `configInline`) | `""` | -| `configInline` | Specifies Contour's configuration directly in YAML format | `{}` | -| `contour.enabled` | Contour Deployment creation. | `true` | -| `contour.image.registry` | Contour image registry | `docker.io` | -| `contour.image.repository` | Contour image name | `bitnami/contour` | -| `contour.image.tag` | Contour image tag | `1.26.1-debian-11-r0` | -| `contour.image.digest` | Contour image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `contour.image.pullPolicy` | Contour Image pull policy | `IfNotPresent` | -| `contour.image.pullSecrets` | Contour Image pull secrets | `[]` | -| `contour.image.debug` | Enable image debug mode | `false` | -| `contour.contourConfigName` | Contour Deployment with ContourConfiguration CRD. | `contour` | -| `contour.configPath` | Contour Deployment with configmap. | `true` | -| `contour.replicaCount` | Number of Contour Pod replicas | `1` | -| `contour.priorityClassName` | Priority class assigned to the pods | `""` | -| `contour.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `contour.terminationGracePeriodSeconds` | In seconds, time the given to the Contour pod needs to terminate gracefully | `""` | -| `contour.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `contour.containerPorts.xds` | Set xds port inside Contour pod | `8001` | -| `contour.containerPorts.metrics` | Set metrics port inside Contour pod | `8000` | -| `contour.hostAliases` | Add deployment host aliases | `[]` | -| `contour.updateStrategy` | Strategy to use to update Pods | `{}` | -| `contour.extraArgs` | Extra arguments passed to Contour container | `[]` | -| `contour.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | -| `contour.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | -| `contour.manageCRDs` | Manage the creation, upgrade and deletion of Contour CRDs. | `true` | -| `contour.envoyServiceNamespace` | Namespace of the envoy service to inspect for Ingress status details. | `""` | -| `contour.envoyServiceName` | Name of the envoy service to inspect for Ingress status details. | `""` | -| `contour.leaderElectionResourceName` | Name of the contour (Lease) leader election will lease. | `""` | -| `contour.ingressStatusAddress` | Address to set in Ingress object status. It is exclusive with `envoyServiceName` and `envoyServiceNamespace`. | `""` | -| `contour.podAffinityPreset` | Contour Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `contour.podAntiAffinityPreset` | Contour Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `contour.podLabels` | Extra labels for Contour pods | `{}` | -| `contour.lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup. | `{}` | -| `contour.customLivenessProbe` | Override default liveness probe | `{}` | -| `contour.customReadinessProbe` | Override default readiness probe | `{}` | -| `contour.customStartupProbe` | Override default startup probe | `{}` | -| `contour.nodeAffinityPreset.type` | Contour Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `contour.nodeAffinityPreset.key` | Contour Node label key to match Ignored if `affinity` is set. | `""` | -| `contour.nodeAffinityPreset.values` | Contour Node label values to match. Ignored if `affinity` is set. | `[]` | -| `contour.command` | Override default command | `[]` | -| `contour.args` | Override default args | `[]` | -| `contour.affinity` | Affinity for Contour pod assignment | `{}` | -| `contour.nodeSelector` | Node labels for Contour pod assignment | `{}` | -| `contour.tolerations` | Tolerations for Contour pod assignment | `[]` | -| `contour.podAnnotations` | Contour Pod annotations | `{}` | -| `contour.serviceAccount.create` | Create a serviceAccount for the Contour pod | `true` | -| `contour.serviceAccount.name` | Use the serviceAccount with the specified name, a name is generated using the fullname template | `""` | -| `contour.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `contour.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `contour.podSecurityContext.enabled` | Default backend Pod securityContext | `true` | -| `contour.podSecurityContext.fsGroup` | Set Default backend Pod's Security Context fsGroup | `1001` | -| `contour.containerSecurityContext.enabled` | Envoy Container securityContext | `true` | -| `contour.containerSecurityContext.runAsUser` | User ID for the Contour container (to change this, http and https containerPorts must be set to >1024) | `1001` | -| `contour.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | -| `contour.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `contour.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `contour.livenessProbe.periodSeconds` | How often to perform the probe | `20` | -| `contour.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `contour.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `contour.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `contour.readinessProbe.enabled` | Enable/disable the readiness probe | `true` | -| `contour.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `15` | -| `contour.readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `contour.readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `contour.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `contour.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `contour.startupProbe.enabled` | Enable/disable the startup probe | `false` | -| `contour.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `15` | -| `contour.startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `contour.startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `contour.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `contour.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `contour.certgen.serviceAccount.create` | Create a serviceAccount for the Contour pod | `true` | -| `contour.certgen.serviceAccount.name` | Use the serviceAccount with the specified name, a name is generated using the fullname template | `""` | -| `contour.certgen.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `contour.certgen.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `contour.certgen.certificateLifetime` | Generated certificate lifetime (in days). | `365` | -| `contour.tlsExistingSecret` | Name of the existingSecret to be use in Contour deployment. If it is not nil `contour.certgen` will be disabled. | `""` | -| `contour.service.type` | Service type | `ClusterIP` | -| `contour.service.ports.xds` | Contour service xds port | `8001` | -| `contour.service.ports.metrics` | Contour service xds port | `8000` | -| `contour.service.nodePorts.xds` | Node port for HTTP | `""` | -| `contour.service.clusterIP` | Contour service Cluster IP | `""` | -| `contour.service.loadBalancerIP` | Contour service Load Balancer IP | `""` | -| `contour.service.loadBalancerSourceRanges` | Contour service Load Balancer sources | `[]` | -| `contour.service.loadBalancerClass` | Contour service Load Balancer Class | `""` | -| `contour.service.externalTrafficPolicy` | Contour service external traffic policy | `Cluster` | -| `contour.service.annotations` | Additional custom annotations for Contour service | `{}` | -| `contour.service.extraPorts` | Extra port to expose on Contour service | `[]` | -| `contour.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `contour.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `contour.initContainers` | Attach additional init containers to Contour pods | `[]` | -| `contour.sidecars` | Add additional sidecar containers to the Contour pods | `[]` | -| `contour.extraVolumes` | Array to add extra volumes | `[]` | -| `contour.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | -| `contour.extraEnvVars` | Array containing extra env vars to be added to all Contour containers | `[]` | -| `contour.extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all Contour containers | `""` | -| `contour.extraEnvVarsSecret` | Secret containing extra env vars to be added to all Contour containers | `""` | -| `contour.ingressClass.name` | Name of the ingress class to route through this controller. | `""` | -| `contour.ingressClass.create` | Whether to create or not the IngressClass resource | `true` | -| `contour.ingressClass.default` | Mark IngressClass resource as default for cluster | `true` | -| `contour.debug` | Enable Contour debug log level | `false` | -| `contour.logFormat` | Set contour log-format. Default text, either text or json. | `text` | -| `contour.kubernetesDebug` | Contour kubernetes debug log level, Default 0, minimum 0, maximum 9. | `0` | -| `contour.rootNamespaces` | Restrict Contour to searching these namespaces for root ingress routes. | `""` | -| `contour.overloadManager.enabled` | Enable Overload Manager | `false` | -| `contour.overloadManager.maxHeapBytes` | Overload Manager's maximum heap size in bytes | `2147483648` | +| Name | Description | Value | +| ------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `existingConfigMap` | Specifies the name of an externally-defined ConfigMap to use as the configuration (this is mutually exclusive with `configInline`) | `""` | +| `configInline` | Specifies Contour's configuration directly in YAML format | `{}` | +| `contour.enabled` | Contour Deployment creation. | `true` | +| `contour.image.registry` | Contour image registry | `REGISTRY_NAME` | +| `contour.image.repository` | Contour image name | `REPOSITORY_NAME/contour` | +| `contour.image.tag` | Contour image tag | `1.26.1-debian-11-r0` | +| `contour.image.digest` | Contour image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `contour.image.pullPolicy` | Contour Image pull policy | `IfNotPresent` | +| `contour.image.pullSecrets` | Contour Image pull secrets | `[]` | +| `contour.image.debug` | Enable image debug mode | `false` | +| `contour.contourConfigName` | Contour Deployment with ContourConfiguration CRD. | `contour` | +| `contour.configPath` | Contour Deployment with configmap. | `true` | +| `contour.replicaCount` | Number of Contour Pod replicas | `1` | +| `contour.priorityClassName` | Priority class assigned to the pods | `""` | +| `contour.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `contour.terminationGracePeriodSeconds` | In seconds, time the given to the Contour pod needs to terminate gracefully | `""` | +| `contour.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `contour.containerPorts.xds` | Set xds port inside Contour pod | `8001` | +| `contour.containerPorts.metrics` | Set metrics port inside Contour pod | `8000` | +| `contour.hostAliases` | Add deployment host aliases | `[]` | +| `contour.updateStrategy` | Strategy to use to update Pods | `{}` | +| `contour.extraArgs` | Extra arguments passed to Contour container | `[]` | +| `contour.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | +| `contour.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | +| `contour.manageCRDs` | Manage the creation, upgrade and deletion of Contour CRDs. | `true` | +| `contour.envoyServiceNamespace` | Namespace of the envoy service to inspect for Ingress status details. | `""` | +| `contour.envoyServiceName` | Name of the envoy service to inspect for Ingress status details. | `""` | +| `contour.leaderElectionResourceName` | Name of the contour (Lease) leader election will lease. | `""` | +| `contour.ingressStatusAddress` | Address to set in Ingress object status. It is exclusive with `envoyServiceName` and `envoyServiceNamespace`. | `""` | +| `contour.podAffinityPreset` | Contour Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `contour.podAntiAffinityPreset` | Contour Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `contour.podLabels` | Extra labels for Contour pods | `{}` | +| `contour.lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup. | `{}` | +| `contour.customLivenessProbe` | Override default liveness probe | `{}` | +| `contour.customReadinessProbe` | Override default readiness probe | `{}` | +| `contour.customStartupProbe` | Override default startup probe | `{}` | +| `contour.nodeAffinityPreset.type` | Contour Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `contour.nodeAffinityPreset.key` | Contour Node label key to match Ignored if `affinity` is set. | `""` | +| `contour.nodeAffinityPreset.values` | Contour Node label values to match. Ignored if `affinity` is set. | `[]` | +| `contour.command` | Override default command | `[]` | +| `contour.args` | Override default args | `[]` | +| `contour.affinity` | Affinity for Contour pod assignment | `{}` | +| `contour.nodeSelector` | Node labels for Contour pod assignment | `{}` | +| `contour.tolerations` | Tolerations for Contour pod assignment | `[]` | +| `contour.podAnnotations` | Contour Pod annotations | `{}` | +| `contour.serviceAccount.create` | Create a serviceAccount for the Contour pod | `true` | +| `contour.serviceAccount.name` | Use the serviceAccount with the specified name, a name is generated using the fullname template | `""` | +| `contour.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `contour.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `contour.podSecurityContext.enabled` | Default backend Pod securityContext | `true` | +| `contour.podSecurityContext.fsGroup` | Set Default backend Pod's Security Context fsGroup | `1001` | +| `contour.containerSecurityContext.enabled` | Envoy Container securityContext | `true` | +| `contour.containerSecurityContext.runAsUser` | User ID for the Contour container (to change this, http and https containerPorts must be set to >1024) | `1001` | +| `contour.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | +| `contour.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `contour.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `contour.livenessProbe.periodSeconds` | How often to perform the probe | `20` | +| `contour.livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `contour.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | +| `contour.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `contour.readinessProbe.enabled` | Enable/disable the readiness probe | `true` | +| `contour.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `15` | +| `contour.readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `contour.readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `contour.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `contour.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `contour.startupProbe.enabled` | Enable/disable the startup probe | `false` | +| `contour.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `15` | +| `contour.startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `contour.startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `contour.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `contour.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `contour.certgen.serviceAccount.create` | Create a serviceAccount for the Contour pod | `true` | +| `contour.certgen.serviceAccount.name` | Use the serviceAccount with the specified name, a name is generated using the fullname template | `""` | +| `contour.certgen.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `contour.certgen.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `contour.certgen.certificateLifetime` | Generated certificate lifetime (in days). | `365` | +| `contour.tlsExistingSecret` | Name of the existingSecret to be use in Contour deployment. If it is not nil `contour.certgen` will be disabled. | `""` | +| `contour.service.type` | Service type | `ClusterIP` | +| `contour.service.ports.xds` | Contour service xds port | `8001` | +| `contour.service.ports.metrics` | Contour service xds port | `8000` | +| `contour.service.nodePorts.xds` | Node port for HTTP | `""` | +| `contour.service.clusterIP` | Contour service Cluster IP | `""` | +| `contour.service.loadBalancerIP` | Contour service Load Balancer IP | `""` | +| `contour.service.loadBalancerSourceRanges` | Contour service Load Balancer sources | `[]` | +| `contour.service.loadBalancerClass` | Contour service Load Balancer Class | `""` | +| `contour.service.externalTrafficPolicy` | Contour service external traffic policy | `Cluster` | +| `contour.service.annotations` | Additional custom annotations for Contour service | `{}` | +| `contour.service.extraPorts` | Extra port to expose on Contour service | `[]` | +| `contour.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `contour.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `contour.initContainers` | Attach additional init containers to Contour pods | `[]` | +| `contour.sidecars` | Add additional sidecar containers to the Contour pods | `[]` | +| `contour.extraVolumes` | Array to add extra volumes | `[]` | +| `contour.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | +| `contour.extraEnvVars` | Array containing extra env vars to be added to all Contour containers | `[]` | +| `contour.extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all Contour containers | `""` | +| `contour.extraEnvVarsSecret` | Secret containing extra env vars to be added to all Contour containers | `""` | +| `contour.ingressClass.name` | Name of the ingress class to route through this controller. | `""` | +| `contour.ingressClass.create` | Whether to create or not the IngressClass resource | `true` | +| `contour.ingressClass.default` | Mark IngressClass resource as default for cluster | `true` | +| `contour.debug` | Enable Contour debug log level | `false` | +| `contour.logFormat` | Set contour log-format. Default text, either text or json. | `text` | +| `contour.kubernetesDebug` | Contour kubernetes debug log level, Default 0, minimum 0, maximum 9. | `0` | +| `contour.rootNamespaces` | Restrict Contour to searching these namespaces for root ingress routes. | `""` | +| `contour.overloadManager.enabled` | Enable Overload Manager | `false` | +| `contour.overloadManager.maxHeapBytes` | Overload Manager's maximum heap size in bytes | `2147483648` | ### Envoy parameters -| Name | Description | Value | -| ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `envoy.enabled` | Envoy Proxy creation | `true` | -| `envoy.image.registry` | Envoy Proxy image registry | `docker.io` | -| `envoy.image.repository` | Envoy Proxy image repository | `bitnami/envoy` | -| `envoy.image.tag` | Envoy Proxy image tag (immutable tags are recommended) | `1.26.6-debian-11-r0` | -| `envoy.image.digest` | Envoy Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `envoy.image.pullPolicy` | Envoy image pull policy | `IfNotPresent` | -| `envoy.image.pullSecrets` | Envoy image pull secrets | `[]` | -| `envoy.priorityClassName` | Priority class assigned to the pods | `""` | -| `envoy.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `envoy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `envoy.extraArgs` | Extra arguments passed to Envoy container | `[]` | -| `envoy.hostAliases` | Add deployment host aliases | `[]` | -| `envoy.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | -| `envoy.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | -| `envoy.command` | Override default command | `[]` | -| `envoy.args` | Override default args | `[]` | -| `envoy.shutdownManager.enabled` | Contour shutdownManager sidecar | `true` | -| `envoy.shutdownManager.extraArgs` | Extra arguments passed to shutdown container | `[]` | -| `envoy.shutdownManager.port` | Specify Port for shutdown container | `8090` | -| `envoy.shutdownManager.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | -| `envoy.shutdownManager.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | -| `envoy.shutdownManager.containerSecurityContext.enabled` | Shutdown Manager Container securityContext | `true` | -| `envoy.shutdownManager.containerSecurityContext.runAsUser` | User ID for the Shutdown Manager container (to change this, http and https containerPorts must be set to >1024) | `1001` | -| `envoy.shutdownManager.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | -| `envoy.initConfig.containerSecurityContext.enabled` | Envoy initconfig Container securityContext | `true` | -| `envoy.initConfig.containerSecurityContext.runAsUser` | User ID for the Envoy initconfig container (to change this, http and https containerPorts must be set to >1024) | `1001` | -| `envoy.initConfig.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | -| `envoy.kind` | Install as deployment or daemonset | `daemonset` | -| `envoy.replicaCount` | Desired number of Controller pods | `1` | -| `envoy.lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup. | `{}` | -| `envoy.updateStrategy` | Strategy to use to update Pods | `{}` | -| `envoy.minReadySeconds` | The minimum number of seconds for which a newly created Pod should be ready | `0` | -| `envoy.revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | -| `envoy.autoscaling.enabled` | Enable autoscaling for Controller | `false` | -| `envoy.autoscaling.minReplicas` | Minimum number of Controller replicas | `1` | -| `envoy.autoscaling.maxReplicas` | Maximum number of Controller replicas | `11` | -| `envoy.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `envoy.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `envoy.autoscaling.behavior` | HPA Behavior | `{}` | -| `envoy.podAffinityPreset` | Envoy Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `envoy.podAntiAffinityPreset` | Envoy Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `envoy.nodeAffinityPreset.type` | Envoy Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `envoy.nodeAffinityPreset.key` | Envoy Node label key to match Ignored if `affinity` is set. | `""` | -| `envoy.nodeAffinityPreset.values` | Envoy Node label values to match. Ignored if `affinity` is set. | `[]` | -| `envoy.affinity` | Affinity for Envoy pod assignment | `{}` | -| `envoy.nodeSelector` | Node labels for Envoy pod assignment | `{}` | -| `envoy.tolerations` | Tolerations for Envoy pod assignment | `[]` | -| `envoy.podAnnotations` | Envoy Pod annotations | `{}` | -| `envoy.podLabels` | Extra labels for Envoy pods | `{}` | -| `envoy.podSecurityContext.enabled` | Envoy Pod securityContext | `false` | -| `envoy.podSecurityContext.fsGroup` | User ID for the for the mounted volumes | `0` | -| `envoy.podSecurityContext.sysctls` | Array of sysctl options to allow | `[]` | -| `envoy.containerSecurityContext.enabled` | Envoy Container securityContext | `true` | -| `envoy.containerSecurityContext.runAsUser` | User ID for the Envoy container (to change this, http and https containerPorts must be set to >1024) | `1001` | -| `envoy.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | -| `envoy.hostNetwork` | Envoy Pod host network access | `false` | -| `envoy.dnsPolicy` | Envoy Pod Dns Policy's DNS Policy | `ClusterFirst` | -| `envoy.tlsExistingSecret` | Name of the existingSecret to be use in Envoy deployment | `""` | -| `envoy.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `envoy.serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | `""` | -| `envoy.serviceAccount.automountServiceAccountToken` | Whether to auto mount API credentials for a service account | `false` | -| `envoy.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `envoy.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `envoy.livenessProbe.port` | LivenessProbe port | `8002` | -| `envoy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `envoy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `envoy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `envoy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `envoy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `envoy.readinessProbe.enabled` | Enable/disable the readiness probe | `true` | -| `envoy.readinessProbe.port` | ReadinessProbe port | `8002` | -| `envoy.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `10` | -| `envoy.readinessProbe.periodSeconds` | How often to perform the probe | `3` | -| `envoy.readinessProbe.timeoutSeconds` | When the probe times out | `1` | -| `envoy.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `envoy.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `envoy.startupProbe.enabled` | Enable/disable the startup probe | `false` | -| `envoy.startupProbe.port` | StartupProbe port | `8002` | -| `envoy.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `15` | -| `envoy.startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `envoy.startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `envoy.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `envoy.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `envoy.customLivenessProbe` | Override default liveness probe | `{}` | -| `envoy.customReadinessProbe` | Override default readiness probe | `{}` | -| `envoy.customStartupProbe` | Override default startup probe | `{}` | -| `envoy.terminationGracePeriodSeconds` | Envoy termination grace period in seconds | `300` | -| `envoy.logLevel` | Envoy log level | `info` | -| `envoy.service.name` | envoy service name | `""` | -| `envoy.service.targetPorts` | Map the controller service HTTP/HTTPS port | `{}` | -| `envoy.service.type` | Type of Envoy service to create | `LoadBalancer` | -| `envoy.service.externalTrafficPolicy` | Envoy Service external cluster policy. If `envoy.service.type` is NodePort or LoadBalancer | `Local` | -| `envoy.service.labels` | Labels to add to te envoy service | `{}` | -| `envoy.service.clusterIP` | Internal envoy cluster service IP | `""` | -| `envoy.service.externalIPs` | Envoy service external IP addresses | `[]` | -| `envoy.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | -| `envoy.service.loadBalancerSourceRanges` | List of IP CIDRs allowed access to load balancer (if supported) | `[]` | -| `envoy.service.loadBalancerClass` | Envoy service Load Balancer Class | `""` | -| `envoy.service.ipFamilyPolicy` | , support SingleStack, PreferDualStack and RequireDualStack | `""` | -| `envoy.service.ipFamilies` | List of IP families (e.g. IPv4, IPv6) assigned to the service. | `[]` | -| `envoy.service.annotations` | Annotations for Envoy service | `{}` | -| `envoy.service.ports.http` | Sets service http port | `80` | -| `envoy.service.ports.https` | Sets service https port | `443` | -| `envoy.service.nodePorts.http` | HTTP Port. If `envoy.service.type` is NodePort and this is non-empty | `""` | -| `envoy.service.nodePorts.https` | HTTPS Port. If `envoy.service.type` is NodePort and this is non-empty | `""` | -| `envoy.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `envoy.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `envoy.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `envoy.useHostPort` | Enable/disable `hostPort` for TCP/80 and TCP/443 | `true` | -| `envoy.useHostIP` | Enable/disable `hostIP` | `false` | -| `envoy.hostPorts.http` | Sets `hostPort` http port | `80` | -| `envoy.hostPorts.https` | Sets `hostPort` https port | `443` | -| `envoy.hostPorts.metrics` | Sets `hostPort` metrics port | `8002` | -| `envoy.hostIPs.http` | Sets `hostIP` http IP | `127.0.0.1` | -| `envoy.hostIPs.https` | Sets `hostIP` https IP | `127.0.0.1` | -| `envoy.hostIPs.metrics` | Sets `hostIP` metrics IP | `127.0.0.1` | -| `envoy.containerPorts.http` | Sets http port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8080` | -| `envoy.containerPorts.https` | Sets https port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8443` | -| `envoy.containerPorts.metrics` | Sets metrics port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8002` | -| `envoy.initContainers` | Attach additional init containers to Envoy pods | `[]` | -| `envoy.sidecars` | Add additional sidecar containers to the Envoy pods | `[]` | -| `envoy.extraVolumes` | Array to add extra volumes | `[]` | -| `envoy.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | -| `envoy.extraEnvVars` | Array containing extra env vars to be added to all Envoy containers | `[]` | -| `envoy.extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all Envoy containers | `""` | -| `envoy.extraEnvVarsSecret` | Secret containing extra env vars to be added to all Envoy containers | `""` | +| Name | Description | Value | +| ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `envoy.enabled` | Envoy Proxy creation | `true` | +| `envoy.image.registry` | Envoy Proxy image registry | `REGISTRY_NAME` | +| `envoy.image.repository` | Envoy Proxy image repository | `REPOSITORY_NAME/envoy` | +| `envoy.image.tag` | Envoy Proxy image tag (immutable tags are recommended) | `1.26.6-debian-11-r0` | +| `envoy.image.digest` | Envoy Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `envoy.image.pullPolicy` | Envoy image pull policy | `IfNotPresent` | +| `envoy.image.pullSecrets` | Envoy image pull secrets | `[]` | +| `envoy.priorityClassName` | Priority class assigned to the pods | `""` | +| `envoy.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `envoy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `envoy.extraArgs` | Extra arguments passed to Envoy container | `[]` | +| `envoy.hostAliases` | Add deployment host aliases | `[]` | +| `envoy.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | +| `envoy.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | +| `envoy.command` | Override default command | `[]` | +| `envoy.args` | Override default args | `[]` | +| `envoy.shutdownManager.enabled` | Contour shutdownManager sidecar | `true` | +| `envoy.shutdownManager.extraArgs` | Extra arguments passed to shutdown container | `[]` | +| `envoy.shutdownManager.port` | Specify Port for shutdown container | `8090` | +| `envoy.shutdownManager.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | +| `envoy.shutdownManager.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | +| `envoy.shutdownManager.containerSecurityContext.enabled` | Shutdown Manager Container securityContext | `true` | +| `envoy.shutdownManager.containerSecurityContext.runAsUser` | User ID for the Shutdown Manager container (to change this, http and https containerPorts must be set to >1024) | `1001` | +| `envoy.shutdownManager.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | +| `envoy.initConfig.containerSecurityContext.enabled` | Envoy initconfig Container securityContext | `true` | +| `envoy.initConfig.containerSecurityContext.runAsUser` | User ID for the Envoy initconfig container (to change this, http and https containerPorts must be set to >1024) | `1001` | +| `envoy.initConfig.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | +| `envoy.kind` | Install as deployment or daemonset | `daemonset` | +| `envoy.replicaCount` | Desired number of Controller pods | `1` | +| `envoy.lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup. | `{}` | +| `envoy.updateStrategy` | Strategy to use to update Pods | `{}` | +| `envoy.minReadySeconds` | The minimum number of seconds for which a newly created Pod should be ready | `0` | +| `envoy.revisionHistoryLimit` | The number of old history to retain to allow rollback | `10` | +| `envoy.autoscaling.enabled` | Enable autoscaling for Controller | `false` | +| `envoy.autoscaling.minReplicas` | Minimum number of Controller replicas | `1` | +| `envoy.autoscaling.maxReplicas` | Maximum number of Controller replicas | `11` | +| `envoy.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `envoy.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `envoy.autoscaling.behavior` | HPA Behavior | `{}` | +| `envoy.podAffinityPreset` | Envoy Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `envoy.podAntiAffinityPreset` | Envoy Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `envoy.nodeAffinityPreset.type` | Envoy Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `envoy.nodeAffinityPreset.key` | Envoy Node label key to match Ignored if `affinity` is set. | `""` | +| `envoy.nodeAffinityPreset.values` | Envoy Node label values to match. Ignored if `affinity` is set. | `[]` | +| `envoy.affinity` | Affinity for Envoy pod assignment | `{}` | +| `envoy.nodeSelector` | Node labels for Envoy pod assignment | `{}` | +| `envoy.tolerations` | Tolerations for Envoy pod assignment | `[]` | +| `envoy.podAnnotations` | Envoy Pod annotations | `{}` | +| `envoy.podLabels` | Extra labels for Envoy pods | `{}` | +| `envoy.podSecurityContext.enabled` | Envoy Pod securityContext | `false` | +| `envoy.podSecurityContext.fsGroup` | User ID for the for the mounted volumes | `0` | +| `envoy.podSecurityContext.sysctls` | Array of sysctl options to allow | `[]` | +| `envoy.containerSecurityContext.enabled` | Envoy Container securityContext | `true` | +| `envoy.containerSecurityContext.runAsUser` | User ID for the Envoy container (to change this, http and https containerPorts must be set to >1024) | `1001` | +| `envoy.containerSecurityContext.runAsNonRoot` | Run as non root | `true` | +| `envoy.hostNetwork` | Envoy Pod host network access | `false` | +| `envoy.dnsPolicy` | Envoy Pod Dns Policy's DNS Policy | `ClusterFirst` | +| `envoy.tlsExistingSecret` | Name of the existingSecret to be use in Envoy deployment | `""` | +| `envoy.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `envoy.serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `envoy.serviceAccount.automountServiceAccountToken` | Whether to auto mount API credentials for a service account | `false` | +| `envoy.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `envoy.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `envoy.livenessProbe.port` | LivenessProbe port | `8002` | +| `envoy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `envoy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `envoy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `envoy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `envoy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `envoy.readinessProbe.enabled` | Enable/disable the readiness probe | `true` | +| `envoy.readinessProbe.port` | ReadinessProbe port | `8002` | +| `envoy.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `10` | +| `envoy.readinessProbe.periodSeconds` | How often to perform the probe | `3` | +| `envoy.readinessProbe.timeoutSeconds` | When the probe times out | `1` | +| `envoy.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `envoy.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `envoy.startupProbe.enabled` | Enable/disable the startup probe | `false` | +| `envoy.startupProbe.port` | StartupProbe port | `8002` | +| `envoy.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `15` | +| `envoy.startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `envoy.startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `envoy.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `envoy.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `envoy.customLivenessProbe` | Override default liveness probe | `{}` | +| `envoy.customReadinessProbe` | Override default readiness probe | `{}` | +| `envoy.customStartupProbe` | Override default startup probe | `{}` | +| `envoy.terminationGracePeriodSeconds` | Envoy termination grace period in seconds | `300` | +| `envoy.logLevel` | Envoy log level | `info` | +| `envoy.service.name` | envoy service name | `""` | +| `envoy.service.targetPorts` | Map the controller service HTTP/HTTPS port | `{}` | +| `envoy.service.type` | Type of Envoy service to create | `LoadBalancer` | +| `envoy.service.externalTrafficPolicy` | Envoy Service external cluster policy. If `envoy.service.type` is NodePort or LoadBalancer | `Local` | +| `envoy.service.labels` | Labels to add to te envoy service | `{}` | +| `envoy.service.clusterIP` | Internal envoy cluster service IP | `""` | +| `envoy.service.externalIPs` | Envoy service external IP addresses | `[]` | +| `envoy.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | +| `envoy.service.loadBalancerSourceRanges` | List of IP CIDRs allowed access to load balancer (if supported) | `[]` | +| `envoy.service.loadBalancerClass` | Envoy service Load Balancer Class | `""` | +| `envoy.service.ipFamilyPolicy` | , support SingleStack, PreferDualStack and RequireDualStack | `""` | +| `envoy.service.ipFamilies` | List of IP families (e.g. IPv4, IPv6) assigned to the service. | `[]` | +| `envoy.service.annotations` | Annotations for Envoy service | `{}` | +| `envoy.service.ports.http` | Sets service http port | `80` | +| `envoy.service.ports.https` | Sets service https port | `443` | +| `envoy.service.nodePorts.http` | HTTP Port. If `envoy.service.type` is NodePort and this is non-empty | `""` | +| `envoy.service.nodePorts.https` | HTTPS Port. If `envoy.service.type` is NodePort and this is non-empty | `""` | +| `envoy.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `envoy.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `envoy.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `envoy.useHostPort` | Enable/disable `hostPort` for TCP/80 and TCP/443 | `true` | +| `envoy.useHostIP` | Enable/disable `hostIP` | `false` | +| `envoy.hostPorts.http` | Sets `hostPort` http port | `80` | +| `envoy.hostPorts.https` | Sets `hostPort` https port | `443` | +| `envoy.hostPorts.metrics` | Sets `hostPort` metrics port | `8002` | +| `envoy.hostIPs.http` | Sets `hostIP` http IP | `127.0.0.1` | +| `envoy.hostIPs.https` | Sets `hostIP` https IP | `127.0.0.1` | +| `envoy.hostIPs.metrics` | Sets `hostIP` metrics IP | `127.0.0.1` | +| `envoy.containerPorts.http` | Sets http port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8080` | +| `envoy.containerPorts.https` | Sets https port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8443` | +| `envoy.containerPorts.metrics` | Sets metrics port inside Envoy pod (change this to >1024 to run envoy as a non-root user) | `8002` | +| `envoy.initContainers` | Attach additional init containers to Envoy pods | `[]` | +| `envoy.sidecars` | Add additional sidecar containers to the Envoy pods | `[]` | +| `envoy.extraVolumes` | Array to add extra volumes | `[]` | +| `envoy.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | +| `envoy.extraEnvVars` | Array containing extra env vars to be added to all Envoy containers | `[]` | +| `envoy.extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all Envoy containers | `""` | +| `envoy.extraEnvVarsSecret` | Secret containing extra env vars to be added to all Envoy containers | `""` | ### Default backend parameters | Name | Description | Value | | ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------ | | `defaultBackend.enabled` | Enable a default backend based on NGINX | `false` | -| `defaultBackend.image.registry` | Default backend image registry | `docker.io` | -| `defaultBackend.image.repository` | Default backend image name | `bitnami/nginx` | +| `defaultBackend.image.registry` | Default backend image registry | `REGISTRY_NAME` | +| `defaultBackend.image.repository` | Default backend image name | `REPOSITORY_NAME/nginx` | | `defaultBackend.image.tag` | Default backend image tag | `1.25.2-debian-11-r47` | | `defaultBackend.image.digest` | Default backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `defaultBackend.image.pullPolicy` | Image pull policy | `IfNotPresent` | @@ -449,9 +453,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set envoy.readinessProbe.successThreshold=5 \ - oci://registry-1.docker.io/bitnamicharts/contour + oci://REGISTRY_NAME/REPOSITORY_NAME/contour ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `envoy.readinessProbe.successThreshold` to `5`. ## Configuration and installation details @@ -642,9 +648,11 @@ kubectl delete tlscertificatedelegations.projectcontour.io Upgrade the Contour chart with the release name `my-release`: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/contour +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/contour ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you made a backup earlier, restore the objects: ```console diff --git a/bitnami/contour/values.yaml b/bitnami/contour/values.yaml index d582c31c26968b..01f7274402180f 100644 --- a/bitnami/contour/values.yaml +++ b/bitnami/contour/values.yaml @@ -85,8 +85,8 @@ contour: ## @param contour.enabled Contour Deployment creation. ## enabled: true - ## @param contour.image.registry Contour image registry - ## @param contour.image.repository Contour image name + ## @param contour.image.registry [default: REGISTRY_NAME] Contour image registry + ## @param contour.image.repository [default: REPOSITORY_NAME/contour] Contour image name ## @param contour.image.tag Contour image tag ## @param contour.image.digest Contour image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param contour.image.pullPolicy Contour Image pull policy @@ -498,8 +498,8 @@ envoy: enabled: true ## Bitnami Envoy image ## ref: https://hub.docker.com/r/bitnami/envoy/tags/ - ## @param envoy.image.registry Envoy Proxy image registry - ## @param envoy.image.repository Envoy Proxy image repository + ## @param envoy.image.registry [default: REGISTRY_NAME] Envoy Proxy image registry + ## @param envoy.image.repository [default: REPOSITORY_NAME/envoy] Envoy Proxy image repository ## @param envoy.image.tag Envoy Proxy image tag (immutable tags are recommended) ## @param envoy.image.digest Envoy Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param envoy.image.pullPolicy Envoy image pull policy @@ -970,8 +970,8 @@ defaultBackend: enabled: false ## Bitnami NGINX image ## ref: https://hub.docker.com/r/bitnami/nginx/tags/ - ## @param defaultBackend.image.registry Default backend image registry - ## @param defaultBackend.image.repository Default backend image name + ## @param defaultBackend.image.registry [default: REGISTRY_NAME] Default backend image registry + ## @param defaultBackend.image.repository [default: REPOSITORY_NAME/nginx] Default backend image name ## @param defaultBackend.image.tag Default backend image tag ## @param defaultBackend.image.digest Default backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param defaultBackend.image.pullPolicy Image pull policy diff --git a/bitnami/deepspeed/README.md b/bitnami/deepspeed/README.md index a239fbdb1bc52d..cdad5a12a32e3a 100644 --- a/bitnami/deepspeed/README.md +++ b/bitnami/deepspeed/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/deepspeed +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/deepspeed ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [DeepSpeed](https://github.com/bitnami/containers/tree/main/bitnami/deepspeed) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,9 +37,11 @@ Looking to use DeepSpeed in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/deepspeed +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/deepspeed ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy DeepSpeed on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured. > **Tip**: List all releases using `helm list` @@ -79,32 +83,32 @@ The command removes all the Kubernetes components associated with the chart and ### Source code parameters -| Name | Description | Value | -| ----------------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Deepspeed image registry | `docker.io` | -| `image.repository` | Deepspeed image repository | `bitnami/deepspeed` | -| `image.tag` | Deepspeed image tag (immutable tags are recommended) | `0.10.3-debian-11-r24` | -| `image.digest` | Deepspeed image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Deepspeed image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `source.type` | Where the source comes from: Possible values: configmap, git, custom | `configmap` | -| `source.launchCommand` | deepspeed command to run over the project | `""` | -| `source.configMap` | List of files of the project | `{}` | -| `source.existingConfigMap` | Name of a configmap containing the files of the project | `""` | -| `source.git.repository` | Repository that holds the files | `""` | -| `source.git.revision` | Revision from the repository to checkout | `""` | -| `source.git.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` | -| `config.defaultHostFile` | Host file generated by default (only edit if you know what you are doing) | `""` | -| `config.overrideHostFile` | Override default host file with the content in this value | `""` | -| `config.existingHostFileConfigMap` | Name of a ConfigMap containing the hostfile | `""` | -| `config.defaultSSHClient` | Default SSH client configuration for the client node (only edit if you know what you are doing) | `""` | -| `config.overrideSSHClient` | Override default SSH cliient configuration with the content in this value | `""` | -| `config.existingSSHClientConfigMap` | Name of a ConfigMap containing the SSH client configuration | `""` | -| `config.defaultSSHServer` | Default SSH Server configuration for the worker nodes (only edit if you know what you are doing) | `""` | -| `config.overrideSSHServer` | Overidde SSH Server configuration with the content in this value | `""` | -| `config.existingSSHServerConfigMap` | Name of a ConfigMap with with the SSH Server configuration | `""` | -| `config.sshPrivateKey` | Private key for the client node to connect to the worker nodes | `""` | -| `config.existingSSHKeySecret` | Name of a secret containing the ssh private key | `""` | +| Name | Description | Value | +| ----------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | Deepspeed image registry | `REGISTRY_NAME` | +| `image.repository` | Deepspeed image repository | `REPOSITORY_NAME/deepspeed` | +| `image.tag` | Deepspeed image tag (immutable tags are recommended) | `0.10.3-debian-11-r24` | +| `image.digest` | Deepspeed image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Deepspeed image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `source.type` | Where the source comes from: Possible values: configmap, git, custom | `configmap` | +| `source.launchCommand` | deepspeed command to run over the project | `""` | +| `source.configMap` | List of files of the project | `{}` | +| `source.existingConfigMap` | Name of a configmap containing the files of the project | `""` | +| `source.git.repository` | Repository that holds the files | `""` | +| `source.git.revision` | Revision from the repository to checkout | `""` | +| `source.git.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` | +| `config.defaultHostFile` | Host file generated by default (only edit if you know what you are doing) | `""` | +| `config.overrideHostFile` | Override default host file with the content in this value | `""` | +| `config.existingHostFileConfigMap` | Name of a ConfigMap containing the hostfile | `""` | +| `config.defaultSSHClient` | Default SSH client configuration for the client node (only edit if you know what you are doing) | `""` | +| `config.overrideSSHClient` | Override default SSH cliient configuration with the content in this value | `""` | +| `config.existingSSHClientConfigMap` | Name of a ConfigMap containing the SSH client configuration | `""` | +| `config.defaultSSHServer` | Default SSH Server configuration for the worker nodes (only edit if you know what you are doing) | `""` | +| `config.overrideSSHServer` | Overidde SSH Server configuration with the content in this value | `""` | +| `config.existingSSHServerConfigMap` | Name of a ConfigMap with with the SSH Server configuration | `""` | +| `config.sshPrivateKey` | Private key for the client node to connect to the worker nodes | `""` | +| `config.existingSSHKeySecret` | Name of a secret containing the ssh private key | `""` | ### Client Deployment Parameters @@ -307,50 +311,53 @@ The command removes all the Kubernetes components associated with the chart and ### Deepspeed Worker persistence paramaters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `worker.persistence.enabled` | Use a PVC to persist data | `false` | -| `worker.persistence.storageClass` | discourse & sidekiq data Persistent Volume Storage Class | `""` | -| `worker.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `worker.persistence.mountPath` | Path to mount the volume at | `/bitnami/deepspeed/data` | -| `worker.persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` | -| `worker.persistence.selector` | Selector to match an existing Persistent Volume for the worker data PVC | `{}` | -| `worker.persistence.dataSource` | Custom PVC data source | `{}` | -| `worker.persistence.size` | Size of data volume | `8Gi` | -| `worker.persistence.labels` | Persistent Volume labels | `{}` | -| `worker.persistence.annotations` | Persistent Volume annotations | `{}` | -| `gitImage.registry` | Git image registry | `docker.io` | -| `gitImage.repository` | Git image repository | `bitnami/git` | -| `gitImage.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | -| `gitImage.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `gitImage.pullPolicy` | Git image pull policy | `IfNotPresent` | -| `gitImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `worker.persistence.enabled` | Use a PVC to persist data | `false` | +| `worker.persistence.storageClass` | discourse & sidekiq data Persistent Volume Storage Class | `""` | +| `worker.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `worker.persistence.mountPath` | Path to mount the volume at | `/bitnami/deepspeed/data` | +| `worker.persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` | +| `worker.persistence.selector` | Selector to match an existing Persistent Volume for the worker data PVC | `{}` | +| `worker.persistence.dataSource` | Custom PVC data source | `{}` | +| `worker.persistence.size` | Size of data volume | `8Gi` | +| `worker.persistence.labels` | Persistent Volume labels | `{}` | +| `worker.persistence.annotations` | Persistent Volume annotations | `{}` | +| `gitImage.registry` | Git image registry | `REGISTRY_NAME` | +| `gitImage.repository` | Git image repository | `REPOSITORY_NAME/git` | +| `gitImage.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | +| `gitImage.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `gitImage.pullPolicy` | Git image pull policy | `IfNotPresent` | +| `gitImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set worker.replicaCount=4 \ - oci://registry-1.docker.io/bitnamicharts/deepspeed + oci://REGISTRY_NAME/REPOSITORY_NAME/deepspeed ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command create 4 pods for DeepSpeed workers. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/deepspeed +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/deepspeed ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -383,7 +390,7 @@ Finally, if you want to clone a git repository you can use those parameters: ```console source.type=git -source.git.repository=https://github.com/my-user/oci://registry-1.docker.io/bitnamicharts +source.git.repository=https://github.com/my-user/oci://REGISTRY_NAME/REPOSITORY_NAME source.git.revision=master ``` diff --git a/bitnami/deepspeed/values.yaml b/bitnami/deepspeed/values.yaml index 7fdd3b138e610c..0c833d9c2d900b 100644 --- a/bitnami/deepspeed/values.yaml +++ b/bitnami/deepspeed/values.yaml @@ -64,8 +64,8 @@ diagnosticMode: ## Bitnami Deepspeed image version ## ref: https://hub.docker.com/r/bitnami/deepspeed/tags/ -## @param image.registry Deepspeed image registry -## @param image.repository Deepspeed image repository +## @param image.registry [default: REGISTRY_NAME] Deepspeed image registry +## @param image.repository [default: REPOSITORY_NAME/deepspeed] Deepspeed image repository ## @param image.tag Deepspeed image tag (immutable tags are recommended) ## @param image.digest Deepspeed image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Deepspeed image pull policy @@ -967,8 +967,8 @@ worker: ## Bitnami git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ -## @param gitImage.registry Git image registry -## @param gitImage.repository Git image repository +## @param gitImage.registry [default: REGISTRY_NAME] Git image registry +## @param gitImage.repository [default: REPOSITORY_NAME/git] Git image repository ## @param gitImage.tag Git image tag (immutable tags are recommended) ## @param gitImage.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param gitImage.pullPolicy Git image pull policy @@ -995,8 +995,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/discourse/README.md b/bitnami/discourse/README.md index 4c431c887244ef..d5e34e099724c3 100644 --- a/bitnami/discourse/README.md +++ b/bitnami/discourse/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/discourse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Discourse](https://www.discourse.org/) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Discoursereg; in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/discourse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Discourse on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,53 +84,53 @@ The command removes all the Kubernetes components associated with the chart and ### Discourse Common parameters -| Name | Description | Value | -| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | -| `image.registry` | Discourse image registry | `docker.io` | -| `image.repository` | Discourse image repository | `bitnami/discourse` | -| `image.tag` | Discourse image tag | `3.1.2-debian-11-r0` | -| `image.digest` | Discourse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Discourse image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Discourse image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `auth.email` | Discourse admin user email | `user@example.com` | -| `auth.username` | Discourse admin user | `user` | -| `auth.password` | Discourse admin password. WARNING: Minimum length of 10 characters | `""` | -| `auth.existingSecret` | Name of an existing secret to use for Discourse credentials | `""` | -| `host` | Hostname to create application URLs (include the port if =/= 80) | `""` | -| `siteName` | Discourse site name | `My Site!` | -| `smtp.enabled` | Enable/disable SMTP | `false` | -| `smtp.host` | SMTP host name | `""` | -| `smtp.port` | SMTP port number | `""` | -| `smtp.user` | SMTP account user name | `""` | -| `smtp.password` | SMTP account password | `""` | -| `smtp.protocol` | SMTP protocol (Allowed values: tls, ssl) | `""` | -| `smtp.auth` | SMTP authentication method | `""` | -| `smtp.existingSecret` | Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` | `""` | -| `replicaCount` | Number of Discourse & Sidekiq replicas | `1` | -| `podSecurityContext.enabled` | Enabled Discourse pods' Security Context | `false` | -| `podSecurityContext.fsGroup` | Set Discourse pod's Security Context fsGroup | `0` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `podAnnotations` | Additional pod annotations | `{}` | -| `podLabels` | Additional pod labels | `{}` | -| `podAffinityPreset` | Pod affinity preset. Allowed values: soft, hard | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. | `{}` | -| `tolerations` | Tolerations for pod assignment. | `[]` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `priorityClassName` | Priority Class Name | `""` | -| `schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `terminationGracePeriodSeconds` | Seconds Discourse pod needs to terminate gracefully | `""` | -| `updateStrategy.type` | Discourse deployment strategy type | `RollingUpdate` | -| `updateStrategy.rollingUpdate` | Discourse deployment rolling update configuration parameters | `{}` | -| `sidecars` | Add additional sidecar containers to the Discourse pods | `[]` | -| `initContainers` | Add additional init containers to the Discourse pods | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Discourse pods | `[]` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the Discourse pods | `[]` | +| Name | Description | Value | +| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- | +| `image.registry` | Discourse image registry | `REGISTRY_NAME` | +| `image.repository` | Discourse image repository | `REPOSITORY_NAME/discourse` | +| `image.tag` | Discourse image tag | `3.1.2-debian-11-r0` | +| `image.digest` | Discourse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Discourse image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Discourse image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `auth.email` | Discourse admin user email | `user@example.com` | +| `auth.username` | Discourse admin user | `user` | +| `auth.password` | Discourse admin password. WARNING: Minimum length of 10 characters | `""` | +| `auth.existingSecret` | Name of an existing secret to use for Discourse credentials | `""` | +| `host` | Hostname to create application URLs (include the port if =/= 80) | `""` | +| `siteName` | Discourse site name | `My Site!` | +| `smtp.enabled` | Enable/disable SMTP | `false` | +| `smtp.host` | SMTP host name | `""` | +| `smtp.port` | SMTP port number | `""` | +| `smtp.user` | SMTP account user name | `""` | +| `smtp.password` | SMTP account password | `""` | +| `smtp.protocol` | SMTP protocol (Allowed values: tls, ssl) | `""` | +| `smtp.auth` | SMTP authentication method | `""` | +| `smtp.existingSecret` | Name of an existing Kubernetes secret. The secret must have the following key configured: `smtp-password` | `""` | +| `replicaCount` | Number of Discourse & Sidekiq replicas | `1` | +| `podSecurityContext.enabled` | Enabled Discourse pods' Security Context | `false` | +| `podSecurityContext.fsGroup` | Set Discourse pod's Security Context fsGroup | `0` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `podAnnotations` | Additional pod annotations | `{}` | +| `podLabels` | Additional pod labels | `{}` | +| `podAffinityPreset` | Pod affinity preset. Allowed values: soft, hard | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. | `{}` | +| `tolerations` | Tolerations for pod assignment. | `[]` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `priorityClassName` | Priority Class Name | `""` | +| `schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `terminationGracePeriodSeconds` | Seconds Discourse pod needs to terminate gracefully | `""` | +| `updateStrategy.type` | Discourse deployment strategy type | `RollingUpdate` | +| `updateStrategy.rollingUpdate` | Discourse deployment rolling update configuration parameters | `{}` | +| `sidecars` | Add additional sidecar containers to the Discourse pods | `[]` | +| `initContainers` | Add additional init containers to the Discourse pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Discourse pods | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the Discourse pods | `[]` | ### Discourse container parameters @@ -247,18 +251,18 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Other Parameters @@ -332,9 +336,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.username=admin,auth.password=password \ - oci://registry-1.docker.io/bitnamicharts/discourse + oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Discourse administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -342,9 +348,10 @@ The above command sets the Discourse administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/discourse +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -364,10 +371,12 @@ By default, this Chart only deploys a single pod running Discourse. Should you w 1. Create a conventional release, that will be scaled later: ```console - helm install my-release oci://registry-1.docker.io/bitnamicharts/discourse + helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ... ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + 2. Wait for the release to complete and Discourse to be running successfully. ```console @@ -381,9 +390,11 @@ By default, this Chart only deploys a single pod running Discourse. Should you w 3. Perform an upgrade specifying the number of replicas and the credentials used. ```console - helm upgrade my-release --set replicaCount=2,discourse.skipInstall=true oci://registry-1.docker.io/bitnamicharts/discourse + helm upgrade my-release --set replicaCount=2,discourse.skipInstall=true oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Note that for this to work properly, you need to provide ReadWriteMany PVCs. If you don't have a provisioner for this type of storage, we recommend that you install the NFS provisioner chart (with the correct parameters, such as `persistence.enabled=true` and `persistence.size=10Gi`) and map it to a RWO volume. Then you can deploy Discourse chart using the proper parameters: diff --git a/bitnami/discourse/values.yaml b/bitnami/discourse/values.yaml index d301219be23c64..cb6f9ccb822c1d 100644 --- a/bitnami/discourse/values.yaml +++ b/bitnami/discourse/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Discourse image version ## ref: https://hub.docker.com/r/bitnami/discourse/tags/ -## @param image.registry Discourse image registry -## @param image.repository Discourse image repository +## @param image.registry [default: REGISTRY_NAME] Discourse image registry +## @param image.repository [default: REPOSITORY_NAME/discourse] Discourse image repository ## @param image.tag Discourse image tag ## @param image.digest Discourse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Discourse image pull policy @@ -667,8 +667,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/dokuwiki/README.md b/bitnami/dokuwiki/README.md index 117492e07362af..90e69a4363f7b0 100644 --- a/bitnami/dokuwiki/README.md +++ b/bitnami/dokuwiki/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/dokuwiki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/dokuwiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [DokuWiki](https://github.com/bitnami/containers/tree/main/bitnami/dokuwiki) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use DokuWiki in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/dokuwiki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/dokuwiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys DokuWiki on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,8 +81,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `image.registry` | DokuWiki image registry | `docker.io` | -| `image.repository` | DokuWiki image repository | `bitnami/dokuwiki` | +| `image.registry` | DokuWiki image registry | `REGISTRY_NAME` | +| `image.repository` | DokuWiki image repository | `REPOSITORY_NAME/dokuwiki` | | `image.tag` | DokuWiki image tag | `20230404.1.0-debian-11-r102` | | `image.digest` | DokuWiki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | @@ -187,31 +191,31 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a exporter side-car | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image name | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a exporter side-car | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image name | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | ### Certificate injection parameters @@ -229,8 +233,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | | `certificates.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -243,9 +247,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set dokuwikiUsername=admin,dokuwikiPassword=password \ - oci://registry-1.docker.io/bitnamicharts/dokuwiki + oci://REGISTRY_NAME/REPOSITORY_NAME/dokuwiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the DokuWiki administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -253,9 +259,10 @@ The above command sets the DokuWiki administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/dokuwiki +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/dokuwiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/dokuwiki/values.yaml b/bitnami/dokuwiki/values.yaml index d83a05aec00740..7e75b882a4bbb8 100644 --- a/bitnami/dokuwiki/values.yaml +++ b/bitnami/dokuwiki/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] ## Bitnami DokuWiki image version ## ref: https://hub.docker.com/r/bitnami/dokuwiki/tags/ -## @param image.registry DokuWiki image registry -## @param image.repository DokuWiki image repository +## @param image.registry [default: REGISTRY_NAME] DokuWiki image registry +## @param image.repository [default: REPOSITORY_NAME/dokuwiki] DokuWiki image repository ## @param image.tag DokuWiki image tag ## @param image.digest DokuWiki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Image pull policy @@ -514,8 +514,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -565,8 +565,8 @@ metrics: ## @param metrics.enabled Start a exporter side-car ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image name + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image name ## @param metrics.image.tag Apache exporter image tag ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -638,8 +638,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image ## @param certificates.image.tag Container sidecar image tag ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/drupal/README.md b/bitnami/drupal/README.md index e4aaed3b4968d6..a0b101670c21a5 100644 --- a/bitnami/drupal/README.md +++ b/bitnami/drupal/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/drupal +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Drupal](https://github.com/bitnami/containers/tree/main/bitnami/drupal) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Drupal in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/drupal +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Drupal on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,97 +81,97 @@ The command removes all the Kubernetes components associated with the chart and ### Drupal parameters -| Name | Description | Value | -| --------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Drupal image registry | `docker.io` | -| `image.repository` | Drupal Image name | `bitnami/drupal` | -| `image.tag` | Drupal Image tag | `10.1.5-debian-11-r3` | -| `image.digest` | Drupal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Drupal image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of Drupal Pods to run (requires ReadWriteMany PVC support) | `1` | -| `drupalProfile` | Drupal installation profile | `standard` | -| `drupalSkipInstall` | Skip Drupal installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `drupalUsername` | User of the application | `user` | -| `drupalPassword` | Application password | `""` | -| `drupalEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Drupal pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `serviceAccount.create` | Specifies whether a service account should be created | `true` | -| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | -| `serviceAccount.annotations` | Add annotations | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `sessionAffinity` | Control where client requests go, to the same pod or round-robin. Values: ClientIP or None | `None` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for Drupal volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Drupal volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Drupal volume | `8Gi` | -| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | -| `persistence.hostPath` | If defined, the drupal-data volume will mount to the specified hostPath. | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.limits` | The resources limits for Matomo containers | `{}` | -| `resources.requests` | The requested resources for Matomo containers | `{}` | -| `podSecurityContext.enabled` | Enable Drupal pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Drupal pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Drupal containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Drupal containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/user/login` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/user/login` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/user/login` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | Drupal image registry | `REGISTRY_NAME` | +| `image.repository` | Drupal Image name | `REPOSITORY_NAME/drupal` | +| `image.tag` | Drupal Image tag | `10.1.5-debian-11-r3` | +| `image.digest` | Drupal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Drupal image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of Drupal Pods to run (requires ReadWriteMany PVC support) | `1` | +| `drupalProfile` | Drupal installation profile | `standard` | +| `drupalSkipInstall` | Skip Drupal installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `drupalUsername` | User of the application | `user` | +| `drupalPassword` | Application password | `""` | +| `drupalEmail` | Admin email | `user@example.com` | +| `allowEmptyPassword` | Allow DB blank passwords | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | Drupal pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `serviceAccount.create` | Specifies whether a service account should be created | `true` | +| `serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `serviceAccount.annotations` | Add annotations | `{}` | +| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts` | Container ports | `{}` | +| `sessionAffinity` | Control where client requests go, to the same pod or round-robin. Values: ClientIP or None | `None` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for Drupal volume | `""` | +| `persistence.accessModes` | PVC Access Mode for Drupal volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Drupal volume | `8Gi` | +| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | +| `persistence.hostPath` | If defined, the drupal-data volume will mount to the specified hostPath. | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.limits` | The resources limits for Matomo containers | `{}` | +| `resources.requests` | The requested resources for Matomo containers | `{}` | +| `podSecurityContext.enabled` | Enable Drupal pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Drupal pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Drupal containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Drupal containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/user/login` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/user/login` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/user/login` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -224,50 +228,50 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a exporter side-car | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.service.type` | Drupal exporter service type | `ClusterIP` | -| `metrics.service.ports.metrics` | Drupal exporter service port | `9117` | -| `metrics.service.externalTrafficPolicy` | Drupal exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Drupal exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Drupal exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Drupal exporter service | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a exporter side-car | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.service.type` | Drupal exporter service type | `ClusterIP` | +| `metrics.service.ports.metrics` | Drupal exporter service port | `9117` | +| `metrics.service.externalTrafficPolicy` | Drupal exporter service external traffic policy | `Cluster` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.service.loadBalancerIP` | Drupal exporter service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Drupal exporter service Load Balancer sources | `[]` | +| `metrics.service.annotations` | Additional custom annotations for Drupal exporter service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | +| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | ### Certificate injection parameters @@ -285,8 +289,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | | `certificates.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -319,9 +323,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set drupalUsername=admin,drupalPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/drupal + oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Drupal administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -329,9 +335,10 @@ The above command sets the Drupal administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/drupal +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -380,9 +387,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/drupal +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -396,9 +405,11 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry- 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/drupal + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/drupal ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `drupal-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the Drupal file directory permissions yourself and disable or clear Drupal cache. See Drupal Core's [INSTALL.txt](http://cgit.drupalcode.org/drupal/tree/core/INSTALL.txt?h=8.3.x#n152) for setting file permissions, and see [Drupal handbook page](https://www.drupal.org/node/2598914) to disable the cache, or [Drush handbook](https://drushcommands.com/drush-8x/cache/cache-rebuild/) to clear cache. @@ -482,15 +493,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=dru Upgrade your release (maintaining the version) disabling MariaDB and scaling Drupal replicas to 0: ```console -helm upgrade drupal oci://registry-1.docker.io/bitnamicharts/drupal --set drupalPassword=$DRUPAL_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.2.1 +helm upgrade drupal oci://REGISTRY_NAME/REPOSITORY_NAME/drupal --set drupalPassword=$DRUPAL_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.2.1 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 9.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade drupal oci://registry-1.docker.io/bitnamicharts/drupal --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set drupalPassword=$DRUPAL_PASSWORD +helm upgrade drupal oci://REGISTRY_NAME/REPOSITORY_NAME/drupal --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set drupalPassword=$DRUPAL_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/drupal/values.yaml b/bitnami/drupal/values.yaml index 70dcc0a474f11e..b02a8dc88e5c50 100644 --- a/bitnami/drupal/values.yaml +++ b/bitnami/drupal/values.yaml @@ -48,8 +48,8 @@ extraDeploy: [] ## Bitnami Drupal image version ## ref: https://hub.docker.com/r/bitnami/drupal/tags/ -## @param image.registry Drupal image registry -## @param image.repository Drupal Image name +## @param image.registry [default: REGISTRY_NAME] Drupal image registry +## @param image.repository [default: REPOSITORY_NAME/drupal] Drupal Image name ## @param image.tag Drupal Image tag ## @param image.digest Drupal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Drupal image pull policy @@ -639,8 +639,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -689,8 +689,8 @@ metrics: ## @param metrics.enabled Start a exporter side-car ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -845,8 +845,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image ## @param certificates.image.tag Container sidecar image tag ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/ejbca/README.md b/bitnami/ejbca/README.md index b13d99fe992801..abe2ff95e98362 100644 --- a/bitnami/ejbca/README.md +++ b/bitnami/ejbca/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/ejbca +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/ejbca ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [EJBCA](https://www.ejbca.org/) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,9 +37,11 @@ Looking to use EJBCA in production? Try [VMware Application Catalog](https://bit To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/ejbca +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/ejbca ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys EJBCA on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -79,85 +83,85 @@ The command removes all the Kubernetes components associated with the chart and ### EJBCA parameters -| Name | Description | Value | -| --------------------------------------- | ----------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | EJBCA image registry | `docker.io` | -| `image.repository` | EJBCA image name | `bitnami/ejbca` | -| `image.tag` | EJBCA image tag | `8.0.0-debian-11-r7` | -| `image.digest` | EJBCA image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | EJBCA image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `replicaCount` | Number of EJBCA replicas to deploy | `1` | -| `extraVolumeMounts` | Additional volume mounts (used along with `extraVolumes`) | `[]` | -| `extraVolumes` | Array of extra volumes to be added deployment. Requires setting `extraVolumeMounts` | `[]` | -| `podAnnotations` | Additional pod annotations | `{}` | -| `podLabels` | Additional pod labels | `{}` | -| `podSecurityContext.enabled` | Enable security context for EJBCA container | `true` | -| `podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `updateStrategy.type` | EJBCA deployment strategy type. | `RollingUpdate` | -| `persistence.enabled` | Whether to enable persistence based on Persistent Volume Claims | `true` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Size of the PVC to request | `2Gi` | -| `persistence.storageClass` | PVC Storage Class | `""` | -| `persistence.existingClaim` | Name of an existing PVC to reuse | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `sidecars` | Attach additional sidecar containers to the pod | `[]` | -| `initContainers` | Additional init containers to add to the pods | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `priorityClassName` | EJBCA pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `ejbcaAdminUsername` | EJBCA administrator username | `bitnami` | -| `ejbcaAdminPassword` | Password for the administrator account | `""` | -| `existingSecret` | Alternatively, you can provide the name of an existing secret containing | `""` | -| `ejbcaJavaOpts` | Options used to launch the WildFly server | `""` | -| `ejbcaCA.name` | Name of the CA EJBCA will instantiate by default | `ManagementCA` | -| `ejbcaCA.baseDN` | Base DomainName of the CA EJBCA will instantiate by default | `""` | -| `ejbcaKeystoreExistingSecret` | Name of an existing Secret containing a Keystore object | `""` | -| `extraEnvVars` | Array with extra environment variables to add to EJBCA nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for EJBCA nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for EJBCA nodes | `""` | -| `command` | Custom command to override image cmd | `[]` | -| `args` | Custom args for the custom command | `[]` | -| `lifecycleHooks` | for the EJBCA container(s) to automate configuration before or after startup | `{}` | -| `resources.requests` | The requested resources for the init container | `{}` | -| `resources.limits` | The resources limits for the init container | `{}` | -| `resources.limits` | The resources limits for Ejbca containers | `{}` | -| `resources.requests` | The requested resources for Ejbca containers | `{}` | -| `containerSecurityContext.enabled` | Enabled EJBCA containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set EJBCA containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set EJBCA container's Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable/disable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `500` | -| `startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `livenessProbe.enabled` | Enable/disable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `500` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `readinessProbe.enabled` | Enable/disable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `500` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `customStartupProbe` | Custom startup probe to execute (when the main one is disabled) | `{}` | -| `customLivenessProbe` | Custom liveness probe to execute (when the main one is disabled) | `{}` | -| `customReadinessProbe` | Custom readiness probe to execute (when the main one is disabled) | `{}` | -| `containerPorts` | EJBCA Container ports to open | `{}` | +| Name | Description | Value | +| --------------------------------------- | ----------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | EJBCA image registry | `REGISTRY_NAME` | +| `image.repository` | EJBCA image name | `REPOSITORY_NAME/ejbca` | +| `image.tag` | EJBCA image tag | `8.0.0-debian-11-r7` | +| `image.digest` | EJBCA image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | EJBCA image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `replicaCount` | Number of EJBCA replicas to deploy | `1` | +| `extraVolumeMounts` | Additional volume mounts (used along with `extraVolumes`) | `[]` | +| `extraVolumes` | Array of extra volumes to be added deployment. Requires setting `extraVolumeMounts` | `[]` | +| `podAnnotations` | Additional pod annotations | `{}` | +| `podLabels` | Additional pod labels | `{}` | +| `podSecurityContext.enabled` | Enable security context for EJBCA container | `true` | +| `podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `updateStrategy.type` | EJBCA deployment strategy type. | `RollingUpdate` | +| `persistence.enabled` | Whether to enable persistence based on Persistent Volume Claims | `true` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Size of the PVC to request | `2Gi` | +| `persistence.storageClass` | PVC Storage Class | `""` | +| `persistence.existingClaim` | Name of an existing PVC to reuse | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `sidecars` | Attach additional sidecar containers to the pod | `[]` | +| `initContainers` | Additional init containers to add to the pods | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `priorityClassName` | EJBCA pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `ejbcaAdminUsername` | EJBCA administrator username | `bitnami` | +| `ejbcaAdminPassword` | Password for the administrator account | `""` | +| `existingSecret` | Alternatively, you can provide the name of an existing secret containing | `""` | +| `ejbcaJavaOpts` | Options used to launch the WildFly server | `""` | +| `ejbcaCA.name` | Name of the CA EJBCA will instantiate by default | `ManagementCA` | +| `ejbcaCA.baseDN` | Base DomainName of the CA EJBCA will instantiate by default | `""` | +| `ejbcaKeystoreExistingSecret` | Name of an existing Secret containing a Keystore object | `""` | +| `extraEnvVars` | Array with extra environment variables to add to EJBCA nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for EJBCA nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for EJBCA nodes | `""` | +| `command` | Custom command to override image cmd | `[]` | +| `args` | Custom args for the custom command | `[]` | +| `lifecycleHooks` | for the EJBCA container(s) to automate configuration before or after startup | `{}` | +| `resources.requests` | The requested resources for the init container | `{}` | +| `resources.limits` | The resources limits for the init container | `{}` | +| `resources.limits` | The resources limits for Ejbca containers | `{}` | +| `resources.requests` | The requested resources for Ejbca containers | `{}` | +| `containerSecurityContext.enabled` | Enabled EJBCA containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set EJBCA containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set EJBCA container's Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable/disable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `500` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `livenessProbe.enabled` | Enable/disable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `500` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `readinessProbe.enabled` | Enable/disable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `500` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `customStartupProbe` | Custom startup probe to execute (when the main one is disabled) | `{}` | +| `customLivenessProbe` | Custom liveness probe to execute (when the main one is disabled) | `{}` | +| `customReadinessProbe` | Custom readiness probe to execute (when the main one is disabled) | `{}` | +| `containerPorts` | EJBCA Container ports to open | `{}` | ### Service parameters @@ -243,9 +247,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set ejbcaAdminUsername=admin,ejbcaAdminPassword=password,mariadb.auth.password=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/discourse + oci://REGISTRY_NAME/REPOSITORY_NAME/discourse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the EJBCA administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `bn_ejbca` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -253,9 +259,10 @@ The above command sets the EJBCA administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/ejbca +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/ejbca ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -374,15 +381,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=ejb Upgrade your release (maintaining the version) disabling MariaDB and scaling EJBCA replicas to 0: ```console -helm upgrade ejbca oci://registry-1.docker.io/bitnamicharts/ejbca --set ejbcaAdminPassword=$EJBCA_ADMIN_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 0.4.0 +helm upgrade ejbca oci://REGISTRY_NAME/REPOSITORY_NAME/ejbca --set ejbcaAdminPassword=$EJBCA_ADMIN_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 0.4.0 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 1.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade ejbca oci://registry-1.docker.io/bitnamicharts/ejbca --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set ejbcaAdminPassword=$EJBCA_ADMIN_PASSWORD +helm upgrade ejbca oci://REGISTRY_NAME/REPOSITORY_NAME/ejbca --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set ejbcaAdminPassword=$EJBCA_ADMIN_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/ejbca/values.yaml b/bitnami/ejbca/values.yaml index da0a2f7feb0e9f..2254a3f9c51ca4 100644 --- a/bitnami/ejbca/values.yaml +++ b/bitnami/ejbca/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami EJBCA image version ## ref: https://hub.docker.com/r/bitnami/ejbca/tags/ -## @param image.registry EJBCA image registry -## @param image.repository EJBCA image name +## @param image.registry [default: REGISTRY_NAME] EJBCA image registry +## @param image.repository [default: REPOSITORY_NAME/ejbca] EJBCA image name ## @param image.tag EJBCA image tag ## @param image.digest EJBCA image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy EJBCA image pull policy diff --git a/bitnami/elasticsearch/README.md b/bitnami/elasticsearch/README.md index 487cd6056a2432..2182139a0888a9 100644 --- a/bitnami/elasticsearch/README.md +++ b/bitnami/elasticsearch/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/elasticsearch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Elasticsearch](https://github.com/bitnami/containers/tree/main/bitnami/elasticsearch) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Elasticsearch in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/elasticsearch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Elasticsearch on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -85,55 +89,55 @@ helm delete --purge my-release ### Elasticsearch cluster Parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | -| `clusterName` | Elasticsearch cluster name | `elastic` | -| `containerPorts.restAPI` | Elasticsearch REST API port | `9200` | -| `containerPorts.transport` | Elasticsearch Transport port | `9300` | -| `plugins` | Comma, semi-colon or space separated list of plugins to install at initialization | `""` | -| `snapshotRepoPath` | File System snapshot repository path | `""` | -| `config` | Override elasticsearch configuration | `{}` | -| `extraConfig` | Append extra configuration to the elasticsearch node configuration | `{}` | -| `extraHosts` | A list of external hosts which are part of this cluster | `[]` | -| `extraVolumes` | A list of volumes to be added to the pod | `[]` | -| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | -| `initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` | -| `initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` | -| `initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` | -| `extraEnvVars` | Array containing extra env vars to be added to all pods (evaluated as a template) | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all pods (evaluated as a template) | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all pods (evaluated as a template) | `""` | -| `sidecars` | Add additional sidecar containers to the all elasticsearch node pod(s) | `[]` | -| `initContainers` | Add additional init containers to the all elasticsearch node pod(s) | `[]` | -| `useIstioLabels` | Use this variable to add Istio labels to all pods | `true` | -| `image.registry` | Elasticsearch image registry | `docker.io` | -| `image.repository` | Elasticsearch image repository | `bitnami/elasticsearch` | -| `image.tag` | Elasticsearch image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | -| `image.digest` | Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Elasticsearch image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Elasticsearch image pull secrets | `[]` | -| `image.debug` | Enable Elasticsearch image debug mode | `false` | -| `security.enabled` | Enable X-Pack Security settings | `false` | -| `security.elasticPassword` | Password for 'elastic' user | `""` | -| `security.existingSecret` | Name of the existing secret containing the Elasticsearch password and | `""` | -| `security.fipsMode` | Configure elasticsearch with FIPS 140 compliant mode | `false` | -| `security.tls.restEncryption` | Enable SSL/TLS encryption for Elasticsearch REST API. | `true` | -| `security.tls.autoGenerated` | Create self-signed TLS certificates. | `false` | -| `security.tls.verificationMode` | Verification mode for SSL communications. | `full` | -| `security.tls.master.existingSecret` | Existing secret containing the certificates for the master nodes | `""` | -| `security.tls.data.existingSecret` | Existing secret containing the certificates for the data nodes | `""` | -| `security.tls.ingest.existingSecret` | Existing secret containing the certificates for the ingest nodes | `""` | -| `security.tls.coordinating.existingSecret` | Existing secret containing the certificates for the coordinating nodes | `""` | -| `security.tls.keystoreFilename` | Name of the keystore file | `elasticsearch.keystore.jks` | -| `security.tls.truststoreFilename` | Name of the truststore | `elasticsearch.truststore.jks` | -| `security.tls.usePemCerts` | Use this variable if your secrets contain PEM certificates instead of JKS/PKCS12 | `false` | -| `security.tls.passwordsSecret` | Existing secret containing the Keystore and Truststore passwords, or key password if PEM certs are used | `""` | -| `security.tls.keystorePassword` | Password to access the JKS/PKCS12 keystore or PEM key when they are password-protected. | `""` | -| `security.tls.truststorePassword` | Password to access the JKS/PKCS12 truststore when they are password-protected. | `""` | -| `security.tls.keyPassword` | Password to access the PEM key when they are password-protected. | `""` | -| `security.tls.secretKeystoreKey` | Name of the secret key containing the Keystore password | `""` | -| `security.tls.secretTruststoreKey` | Name of the secret key containing the Truststore password | `""` | -| `security.tls.secretKey` | Name of the secret key containing the PEM key password | `""` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `clusterName` | Elasticsearch cluster name | `elastic` | +| `containerPorts.restAPI` | Elasticsearch REST API port | `9200` | +| `containerPorts.transport` | Elasticsearch Transport port | `9300` | +| `plugins` | Comma, semi-colon or space separated list of plugins to install at initialization | `""` | +| `snapshotRepoPath` | File System snapshot repository path | `""` | +| `config` | Override elasticsearch configuration | `{}` | +| `extraConfig` | Append extra configuration to the elasticsearch node configuration | `{}` | +| `extraHosts` | A list of external hosts which are part of this cluster | `[]` | +| `extraVolumes` | A list of volumes to be added to the pod | `[]` | +| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | +| `initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` | +| `initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` | +| `initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` | +| `extraEnvVars` | Array containing extra env vars to be added to all pods (evaluated as a template) | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all pods (evaluated as a template) | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all pods (evaluated as a template) | `""` | +| `sidecars` | Add additional sidecar containers to the all elasticsearch node pod(s) | `[]` | +| `initContainers` | Add additional init containers to the all elasticsearch node pod(s) | `[]` | +| `useIstioLabels` | Use this variable to add Istio labels to all pods | `true` | +| `image.registry` | Elasticsearch image registry | `REGISTRY_NAME` | +| `image.repository` | Elasticsearch image repository | `REPOSITORY_NAME/elasticsearch` | +| `image.tag` | Elasticsearch image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | +| `image.digest` | Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Elasticsearch image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Elasticsearch image pull secrets | `[]` | +| `image.debug` | Enable Elasticsearch image debug mode | `false` | +| `security.enabled` | Enable X-Pack Security settings | `false` | +| `security.elasticPassword` | Password for 'elastic' user | `""` | +| `security.existingSecret` | Name of the existing secret containing the Elasticsearch password and | `""` | +| `security.fipsMode` | Configure elasticsearch with FIPS 140 compliant mode | `false` | +| `security.tls.restEncryption` | Enable SSL/TLS encryption for Elasticsearch REST API. | `true` | +| `security.tls.autoGenerated` | Create self-signed TLS certificates. | `false` | +| `security.tls.verificationMode` | Verification mode for SSL communications. | `full` | +| `security.tls.master.existingSecret` | Existing secret containing the certificates for the master nodes | `""` | +| `security.tls.data.existingSecret` | Existing secret containing the certificates for the data nodes | `""` | +| `security.tls.ingest.existingSecret` | Existing secret containing the certificates for the ingest nodes | `""` | +| `security.tls.coordinating.existingSecret` | Existing secret containing the certificates for the coordinating nodes | `""` | +| `security.tls.keystoreFilename` | Name of the keystore file | `elasticsearch.keystore.jks` | +| `security.tls.truststoreFilename` | Name of the truststore | `elasticsearch.truststore.jks` | +| `security.tls.usePemCerts` | Use this variable if your secrets contain PEM certificates instead of JKS/PKCS12 | `false` | +| `security.tls.passwordsSecret` | Existing secret containing the Keystore and Truststore passwords, or key password if PEM certs are used | `""` | +| `security.tls.keystorePassword` | Password to access the JKS/PKCS12 keystore or PEM key when they are password-protected. | `""` | +| `security.tls.truststorePassword` | Password to access the JKS/PKCS12 truststore when they are password-protected. | `""` | +| `security.tls.keyPassword` | Password to access the PEM key when they are password-protected. | `""` | +| `security.tls.secretKeystoreKey` | Name of the secret key containing the Keystore password | `""` | +| `security.tls.secretTruststoreKey` | Name of the secret key containing the Truststore password | `""` | +| `security.tls.secretKey` | Name of the secret key containing the PEM key password | `""` | ### Traffic Exposure Parameters @@ -533,110 +537,110 @@ helm delete --purge my-release ### Metrics parameters -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------------------------- | -| `metrics.enabled` | Enable prometheus exporter | `false` | -| `metrics.nameOverride` | Metrics pod name | `""` | -| `metrics.fullnameOverride` | String to fully override common.names.fullname | `""` | -| `metrics.image.registry` | Metrics exporter image registry | `docker.io` | -| `metrics.image.repository` | Metrics exporter image repository | `bitnami/elasticsearch-exporter` | -| `metrics.image.tag` | Metrics exporter image tag | `1.6.0-debian-11-r95` | -| `metrics.image.digest` | Metrics exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Metrics exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Metrics exporter image pull secrets | `[]` | -| `metrics.annotations` | Annotations for metrics | `{}` | -| `metrics.extraArgs` | Extra arguments to add to the default exporter command | `[]` | -| `metrics.hostAliases` | Add deployment host aliases | `[]` | -| `metrics.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `metrics.priorityClassName` | Elasticsearch metrics exporter pods' priorityClassName | `""` | -| `metrics.service.type` | Metrics exporter endpoint service type | `ClusterIP` | -| `metrics.service.port` | Metrics exporter endpoint service port | `9114` | -| `metrics.service.annotations` | Provide any additional annotations which may be required. | `{}` | -| `metrics.podAffinityPreset` | Metrics Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.podAntiAffinityPreset` | Metrics Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.nodeAffinityPreset.type` | Metrics Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.nodeAffinityPreset.key` | Metrics Node label key to match Ignored if `affinity` is set. | `""` | -| `metrics.nodeAffinityPreset.values` | Metrics Node label values to match. Ignored if `affinity` is set. | `[]` | -| `metrics.affinity` | Metrics Affinity for pod assignment | `{}` | -| `metrics.nodeSelector` | Metrics Node labels for pod assignment | `{}` | -| `metrics.tolerations` | Metrics Tolerations for pod assignment | `[]` | -| `metrics.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.livenessProbe.enabled` | Enable/disable the liveness probe (metrics pod) | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (metrics pod) | `60` | -| `metrics.livenessProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | -| `metrics.livenessProbe.timeoutSeconds` | When the probe times out (metrics pod) | `5` | -| `metrics.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | -| `metrics.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | -| `metrics.readinessProbe.enabled` | Enable/disable the readiness probe (metrics pod) | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (metrics pod) | `5` | -| `metrics.readinessProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | -| `metrics.readinessProbe.timeoutSeconds` | When the probe times out (metrics pod) | `1` | -| `metrics.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | -| `metrics.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | -| `metrics.startupProbe.enabled` | Enable/disable the startup probe (metrics pod) | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (metrics pod) | `5` | -| `metrics.startupProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | -| `metrics.startupProbe.timeoutSeconds` | When the probe times out (metrics pod) | `1` | -| `metrics.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | -| `metrics.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | -| `metrics.customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `metrics.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `metrics.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | -| `metrics.podLabels` | Extra labels to add to Pod | `{}` | -| `metrics.podSecurityContext.enabled` | Enabled Elasticsearch metrics exporter pods' Security Context | `true` | -| `metrics.podSecurityContext.fsGroup` | Set Elasticsearch metrics exporter pod's Security Context fsGroup | `1001` | -| `metrics.containerSecurityContext.enabled` | Enabled Elasticsearch metrics exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Elasticsearch metrics exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Elasticsearch metrics exporter container's Security Context runAsNonRoot | `true` | -| `metrics.command` | Override default container command (useful when using custom images) | `[]` | -| `metrics.args` | Override default container args (useful when using custom images) | `[]` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Elasticsearch metrics exporter nodes | `[]` | -| `metrics.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Elasticsearch metrics exporter nodes | `""` | -| `metrics.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Elasticsearch metrics exporter nodes | `""` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Elasticsearch metrics exporter pod(s) | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Elasticsearch metrics exporter container(s) | `[]` | -| `metrics.sidecars` | Add additional sidecar containers to the Elasticsearch metrics exporter pod(s) | `[]` | -| `metrics.initContainers` | Add additional init containers to the Elasticsearch metrics exporter pod(s) | `[]` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.prometheusRule.enabled` | Creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------- | +| `metrics.enabled` | Enable prometheus exporter | `false` | +| `metrics.nameOverride` | Metrics pod name | `""` | +| `metrics.fullnameOverride` | String to fully override common.names.fullname | `""` | +| `metrics.image.registry` | Metrics exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Metrics exporter image repository | `REPOSITORY_NAME/elasticsearch-exporter` | +| `metrics.image.tag` | Metrics exporter image tag | `1.6.0-debian-11-r95` | +| `metrics.image.digest` | Metrics exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Metrics exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Metrics exporter image pull secrets | `[]` | +| `metrics.annotations` | Annotations for metrics | `{}` | +| `metrics.extraArgs` | Extra arguments to add to the default exporter command | `[]` | +| `metrics.hostAliases` | Add deployment host aliases | `[]` | +| `metrics.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `metrics.priorityClassName` | Elasticsearch metrics exporter pods' priorityClassName | `""` | +| `metrics.service.type` | Metrics exporter endpoint service type | `ClusterIP` | +| `metrics.service.port` | Metrics exporter endpoint service port | `9114` | +| `metrics.service.annotations` | Provide any additional annotations which may be required. | `{}` | +| `metrics.podAffinityPreset` | Metrics Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.podAntiAffinityPreset` | Metrics Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.nodeAffinityPreset.type` | Metrics Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.nodeAffinityPreset.key` | Metrics Node label key to match Ignored if `affinity` is set. | `""` | +| `metrics.nodeAffinityPreset.values` | Metrics Node label values to match. Ignored if `affinity` is set. | `[]` | +| `metrics.affinity` | Metrics Affinity for pod assignment | `{}` | +| `metrics.nodeSelector` | Metrics Node labels for pod assignment | `{}` | +| `metrics.tolerations` | Metrics Tolerations for pod assignment | `[]` | +| `metrics.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.livenessProbe.enabled` | Enable/disable the liveness probe (metrics pod) | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (metrics pod) | `60` | +| `metrics.livenessProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | +| `metrics.livenessProbe.timeoutSeconds` | When the probe times out (metrics pod) | `5` | +| `metrics.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | +| `metrics.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | +| `metrics.readinessProbe.enabled` | Enable/disable the readiness probe (metrics pod) | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (metrics pod) | `5` | +| `metrics.readinessProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | +| `metrics.readinessProbe.timeoutSeconds` | When the probe times out (metrics pod) | `1` | +| `metrics.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | +| `metrics.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | +| `metrics.startupProbe.enabled` | Enable/disable the startup probe (metrics pod) | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (metrics pod) | `5` | +| `metrics.startupProbe.periodSeconds` | How often to perform the probe (metrics pod) | `10` | +| `metrics.startupProbe.timeoutSeconds` | When the probe times out (metrics pod) | `1` | +| `metrics.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | +| `metrics.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (metrics pod) | `1` | +| `metrics.customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `metrics.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `metrics.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| `metrics.podLabels` | Extra labels to add to Pod | `{}` | +| `metrics.podSecurityContext.enabled` | Enabled Elasticsearch metrics exporter pods' Security Context | `true` | +| `metrics.podSecurityContext.fsGroup` | Set Elasticsearch metrics exporter pod's Security Context fsGroup | `1001` | +| `metrics.containerSecurityContext.enabled` | Enabled Elasticsearch metrics exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Elasticsearch metrics exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Elasticsearch metrics exporter container's Security Context runAsNonRoot | `true` | +| `metrics.command` | Override default container command (useful when using custom images) | `[]` | +| `metrics.args` | Override default container args (useful when using custom images) | `[]` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Elasticsearch metrics exporter nodes | `[]` | +| `metrics.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Elasticsearch metrics exporter nodes | `""` | +| `metrics.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Elasticsearch metrics exporter nodes | `""` | +| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Elasticsearch metrics exporter pod(s) | `[]` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Elasticsearch metrics exporter container(s) | `[]` | +| `metrics.sidecars` | Add additional sidecar containers to the Elasticsearch metrics exporter pod(s) | `[]` | +| `metrics.initContainers` | Add additional init containers to the Elasticsearch metrics exporter pod(s) | `[]` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.prometheusRule.enabled` | Creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | ### Init Container Parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | -| `sysctlImage.enabled` | Enable kernel settings modifier image | `true` | -| `sysctlImage.registry` | Kernel settings modifier image registry | `docker.io` | -| `sysctlImage.repository` | Kernel settings modifier image repository | `bitnami/os-shell` | -| `sysctlImage.tag` | Kernel settings modifier image tag | `11-debian-11-r90` | -| `sysctlImage.digest` | Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctlImage.pullPolicy` | Kernel settings modifier image pull policy | `IfNotPresent` | -| `sysctlImage.pullSecrets` | Kernel settings modifier image pull secrets | `[]` | -| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | -| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| `sysctlImage.enabled` | Enable kernel settings modifier image | `true` | +| `sysctlImage.registry` | Kernel settings modifier image registry | `REGISTRY_NAME` | +| `sysctlImage.repository` | Kernel settings modifier image repository | `REPOSITORY_NAME/os-shell` | +| `sysctlImage.tag` | Kernel settings modifier image tag | `11-debian-11-r90` | +| `sysctlImage.digest` | Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctlImage.pullPolicy` | Kernel settings modifier image pull policy | `IfNotPresent` | +| `sysctlImage.pullSecrets` | Kernel settings modifier image pull secrets | `[]` | +| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | +| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | ### Kibana Parameters @@ -650,17 +654,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set name=my-elastic,client.service.port=8080 \ - oci://registry-1.docker.io/bitnamicharts/elasticsearch + oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Elasticsearch cluster name to `my-elastic` and REST port number to `8080`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/elasticsearch +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml). ## Configuration and installation details @@ -759,9 +766,11 @@ If you want to scale up to more replicas, make sure you refresh the configuratio ```console kubectl scale statefulset -master --replicas=0 -helm upgrade oci://registry-1.docker.io/bitnamicharts/elasticsearch --reset-values --set master.masterOnly=false +helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch --reset-values --set master.masterOnly=false ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Please note that the master nodes should continue assuming all the roles (`master.masterOnly: false`) since there is shard data on the first replica. ### Adding extra environment variables @@ -958,9 +967,11 @@ The field `podManagementPolicy` can't be updated in a StatefulSet, so you need t ```console kubectl delete statefulset elasticsearch-master -helm upgrade oci://registry-1.docker.io/bitnamicharts/elasticsearch +helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/elasticsearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### TO 10.0.0 In this version, Kibana was added as dependent chart. More info about how to enable and work with this bundled Kibana in the ["Enable bundled Kibana"](#enable-bundled-kibana) section. diff --git a/bitnami/elasticsearch/values.yaml b/bitnami/elasticsearch/values.yaml index 2e3570540b1227..906d052ffaf61e 100644 --- a/bitnami/elasticsearch/values.yaml +++ b/bitnami/elasticsearch/values.yaml @@ -178,8 +178,8 @@ initContainers: [] useIstioLabels: true ## Bitnami Elasticsearch image -## @param image.registry Elasticsearch image registry -## @param image.repository Elasticsearch image repository +## @param image.registry [default: REGISTRY_NAME] Elasticsearch image registry +## @param image.repository [default: REPOSITORY_NAME/elasticsearch] Elasticsearch image repository ## @param image.tag Elasticsearch image tag (immutable tags are recommended) ## @param image.digest Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Elasticsearch image pull policy @@ -1829,8 +1829,8 @@ metrics: ## @param metrics.fullnameOverride String to fully override common.names.fullname ## fullnameOverride: "" - ## @param metrics.image.registry Metrics exporter image registry - ## @param metrics.image.repository Metrics exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Metrics exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/elasticsearch-exporter] Metrics exporter image repository ## @param metrics.image.tag Metrics exporter image tag ## @param metrics.image.digest Metrics exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Metrics exporter image pull policy @@ -2162,8 +2162,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -2210,8 +2210,8 @@ sysctlImage: ## @param sysctlImage.enabled Enable kernel settings modifier image ## enabled: true - ## @param sysctlImage.registry Kernel settings modifier image registry - ## @param sysctlImage.repository Kernel settings modifier image repository + ## @param sysctlImage.registry [default: REGISTRY_NAME] Kernel settings modifier image registry + ## @param sysctlImage.repository [default: REPOSITORY_NAME/os-shell] Kernel settings modifier image repository ## @param sysctlImage.tag Kernel settings modifier image tag ## @param sysctlImage.digest Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctlImage.pullPolicy Kernel settings modifier image pull policy diff --git a/bitnami/etcd/README.md b/bitnami/etcd/README.md index 1cd025dfc07a5e..8fc521654f3590 100644 --- a/bitnami/etcd/README.md +++ b/bitnami/etcd/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/etcd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/etcd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [etcd](https://github.com/bitnami/containers/tree/main/bitnami/etcd) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Etcd in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/etcd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/etcd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy etcd on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -79,8 +83,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | -------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | etcd image registry | `docker.io` | -| `image.repository` | etcd image name | `bitnami/etcd` | +| `image.registry` | etcd image registry | `REGISTRY_NAME` | +| `image.repository` | etcd image name | `REPOSITORY_NAME/etcd` | | `image.tag` | etcd image tag | `3.5.9-debian-11-r148` | | `image.digest` | etcd image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | etcd image pull policy | `IfNotPresent` | @@ -233,17 +237,17 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | ### Network Policy parameters @@ -320,9 +324,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set auth.rbac.rootPassword=secretpassword oci://registry-1.docker.io/bitnamicharts/etcd + --set auth.rbac.rootPassword=secretpassword oci://REGISTRY_NAME/REPOSITORY_NAME/etcd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the etcd `root` account password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -330,9 +336,10 @@ The above command sets the etcd `root` account password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/etcd +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/etcd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -470,9 +477,11 @@ This version adds a new label `app.kubernetes.io/component=etcd` to the Stateful 3. Upgrade your cluster: ```console - helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/etcd --set auth.rbac.rootPassword=$ETCD_ROOT_PASSWORD + helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/etcd --set auth.rbac.rootPassword=$ETCD_ROOT_PASSWORD ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 8.0.0 This version reverts the change in the previous major bump ([7.0.0](https://github.com/bitnami/charts/tree/main/bitnami/etcd#to-700)). Now the default `etcd` branch is `3.5` again once confirmed by the [etcd developers](https://github.com/etcd-io/etcd/tree/main/CHANGELOG#production-recommendation) that this version is production-ready once solved the data corruption issue. @@ -535,7 +544,7 @@ To upgrade from previous charts versions, create a snapshot of the keyspace and You can use the command below to upgrade your chart by starting a new cluster using an existing snapshot, available in an existing PVC, to initialize the members: ```console -helm install new-release oci://registry-1.docker.io/bitnamicharts/etcd \ +helm install new-release oci://REGISTRY_NAME/REPOSITORY_NAME/etcd \ --set statefulset.replicaCount=3 \ --set persistence.enabled=true \ --set persistence.size=8Gi \ @@ -544,6 +553,8 @@ helm install new-release oci://registry-1.docker.io/bitnamicharts/etcd \ --set startFromSnapshot.snapshotFilename=my-snapshot.db ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/etcd/values.yaml b/bitnami/etcd/values.yaml index 4725dddf89662f..700ce9ae6bee7b 100644 --- a/bitnami/etcd/values.yaml +++ b/bitnami/etcd/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami etcd image version ## ref: https://hub.docker.com/r/bitnami/etcd/tags/ -## @param image.registry etcd image registry -## @param image.repository etcd image name +## @param image.registry [default: REGISTRY_NAME] etcd image registry +## @param image.repository [default: REPOSITORY_NAME/etcd] etcd image name ## @param image.tag etcd image tag ## @param image.digest etcd image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -637,8 +637,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/external-dns/README.md b/bitnami/external-dns/README.md index eda985b7d09876..bb3810c00a3418 100755 --- a/bitnami/external-dns/README.md +++ b/bitnami/external-dns/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/external-dns +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [ExternalDNS](https://github.com/bitnami/containers/tree/main/bitnami/external-dns) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use ExternalDNS in production? Try [VMware Application Catalog](https To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/external-dns +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys ExternalDNS on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -74,295 +78,298 @@ The command removes all the Kubernetes components associated with the chart and ### external-dns parameters -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- | -| `image.registry` | ExternalDNS image registry | `docker.io` | -| `image.repository` | ExternalDNS image repository | `bitnami/external-dns` | -| `image.tag` | ExternalDNS Image tag (immutable tags are recommended) | `0.13.6-debian-11-r30` | -| `image.digest` | ExternalDNS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | ExternalDNS image pull policy | `IfNotPresent` | -| `image.pullSecrets` | ExternalDNS image pull secrets | `[]` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `updateStrategy` | update strategy type | `{}` | -| `command` | Override kiam default command | `[]` | -| `args` | Override kiam default args | `[]` | -| `sources` | K8s resources type to be observed for new DNS entries by ExternalDNS | `[]` | -| `provider` | DNS provider where the DNS records will be created. | `aws` | -| `initContainers` | Attach additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `namespace` | Limit sources of endpoints to a specific namespace (default: all namespaces) | `""` | -| `fqdnTemplates` | Templated strings that are used to generate DNS names from sources that don't define a hostname themselves | `[]` | -| `containerPorts.http` | HTTP Container port | `7979` | -| `combineFQDNAnnotation` | Combine FQDN template and annotations instead of overwriting | `false` | -| `ignoreHostnameAnnotation` | Ignore hostname annotation when generating DNS names, valid only when fqdn-template is set | `false` | -| `publishInternalServices` | Allow external-dns to publish DNS records for ClusterIP services | `false` | -| `publishHostIP` | Allow external-dns to publish host-ip for headless services | `false` | -| `serviceTypeFilter` | The service types to take care about (default: all, options: ClusterIP, NodePort, LoadBalancer, ExternalName) | `[]` | -| `akamai.host` | Hostname to use for EdgeGrid auth | `""` | -| `akamai.accessToken` | Access Token to use for EdgeGrid auth | `""` | -| `akamai.clientToken` | Client Token to use for EdgeGrid auth | `""` | -| `akamai.clientSecret` | When using the Akamai provider, `AKAMAI_CLIENT_SECRET` to set (optional) | `""` | -| `akamai.secretName` | Use an existing secret with key "akamai_api_seret" defined. | `""` | -| `alibabacloud.accessKeyId` | When using the Alibaba Cloud provider, set `accessKeyId` in the Alibaba Cloud configuration file (optional) | `""` | -| `alibabacloud.accessKeySecret` | When using the Alibaba Cloud provider, set `accessKeySecret` in the Alibaba Cloud configuration file (optional) | `""` | -| `alibabacloud.regionId` | When using the Alibaba Cloud provider, set `regionId` in the Alibaba Cloud configuration file (optional) | `""` | -| `alibabacloud.vpcId` | Alibaba Cloud VPC Id | `""` | -| `alibabacloud.secretName` | Use an existing secret with key "alibaba-cloud.json" defined. | `""` | -| `alibabacloud.zoneType` | Zone Filter. Available values are: public, private, or no value for both | `""` | -| `aws.credentials.secretKey` | When using the AWS provider, set `aws_secret_access_key` in the AWS credentials (optional) | `""` | -| `aws.credentials.accessKey` | When using the AWS provider, set `aws_access_key_id` in the AWS credentials (optional) | `""` | -| `aws.credentials.mountPath` | When using the AWS provider, determine `mountPath` for `credentials` secret | `/.aws` | -| `aws.credentials.secretName` | Use an existing secret with key "credentials" defined. | `""` | -| `aws.credentials.accessKeyIDSecretRef.name` | Define the name of the secret that stores aws_access_key_id. | `""` | -| `aws.credentials.accessKeyIDSecretRef.key` | Define the key of the secret that stores aws_access_key_id. | `""` | -| `aws.credentials.secretAccessKeySecretRef.name` | Define the name of the secret that stores aws_secret_access_key | `""` | -| `aws.credentials.secretAccessKeySecretRef.key` | Define the key of the secret that stores aws_secret_access_key | `""` | -| `aws.region` | When using the AWS provider, `AWS_DEFAULT_REGION` to set in the environment (optional) | `us-east-1` | -| `aws.zoneType` | When using the AWS provider, filter for zones of this type (optional, options: public, private) | `""` | -| `aws.assumeRoleArn` | When using the AWS provider, assume role by specifying --aws-assume-role to the external-dns daemon | `""` | -| `aws.roleArn` | Specify role ARN to the external-dns daemon | `""` | -| `aws.apiRetries` | Maximum number of retries for AWS API calls before giving up | `3` | -| `aws.batchChangeSize` | When using the AWS provider, set the maximum number of changes that will be applied in each batch | `1000` | -| `aws.zonesCacheDuration` | If the list of Route53 zones managed by ExternalDNS doesn't change frequently, cache it by setting a TTL | `0` | -| `aws.zoneTags` | When using the AWS provider, filter for zones with these tags | `[]` | -| `aws.preferCNAME` | When using the AWS provider, replaces Alias records with CNAME (options: true, false) | `""` | -| `aws.evaluateTargetHealth` | When using the AWS provider, sets the evaluate target health flag (options: true, false) | `""` | -| `aws.dynamodbTable` | When using the AWS provider, sets the DynamoDB table name to use for dynamodb registry | `""` | -| `aws.dynamodbRegion` | When using the AWS provider, sets the DynamoDB table region to use for dynamodb registry | `""` | -| `azure.secretName` | When using the Azure provider, set the secret containing the `azure.json` file | `""` | -| `azure.cloud` | When using the Azure provider, set the Azure Cloud | `""` | -| `azure.resourceGroup` | When using the Azure provider, set the Azure Resource Group | `""` | -| `azure.tenantId` | When using the Azure provider, set the Azure Tenant ID | `""` | -| `azure.subscriptionId` | When using the Azure provider, set the Azure Subscription ID | `""` | -| `azure.aadClientId` | When using the Azure provider, set the Azure AAD Client ID | `""` | -| `azure.aadClientSecret` | When using the Azure provider, set the Azure AAD Client Secret | `""` | -| `azure.useWorkloadIdentityExtension` | When using the Azure provider, set if you use Workload Identity extension. | `false` | -| `azure.useManagedIdentityExtension` | When using the Azure provider, set if you use Azure MSI | `false` | -| `azure.userAssignedIdentityID` | When using the Azure provider with Azure MSI, set Client ID of Azure user-assigned managed identity (optional, otherwise system-assigned managed identity is used) | `""` | -| `cloudflare.apiToken` | When using the Cloudflare provider, `CF_API_TOKEN` to set (optional) | `""` | -| `cloudflare.apiKey` | When using the Cloudflare provider, `CF_API_KEY` to set (optional) | `""` | -| `cloudflare.secretName` | When using the Cloudflare provider, it's the name of the secret containing cloudflare_api_token or cloudflare_api_key. | `""` | -| `cloudflare.email` | When using the Cloudflare provider, `CF_API_EMAIL` to set (optional). Needed when using CF_API_KEY | `""` | -| `cloudflare.proxied` | When using the Cloudflare provider, enable the proxy feature (DDOS protection, CDN...) (optional) | `true` | -| `coredns.etcdEndpoints` | When using the CoreDNS provider, set etcd backend endpoints (comma-separated list) | `http://etcd-extdns:2379` | -| `coredns.etcdTLS.enabled` | When using the CoreDNS provider, enable secure communication with etcd | `false` | -| `coredns.etcdTLS.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `coredns.etcdTLS.secretName` | When using the CoreDNS provider, specify a name of existing Secret with etcd certs and keys | `etcd-client-certs` | -| `coredns.etcdTLS.mountPath` | When using the CoreDNS provider, set destination dir to mount data from `coredns.etcdTLS.secretName` to | `/etc/coredns/tls/etcd` | -| `coredns.etcdTLS.caFilename` | When using the CoreDNS provider, specify CA PEM file name from the `coredns.etcdTLS.secretName` | `ca.crt` | -| `coredns.etcdTLS.certFilename` | When using the CoreDNS provider, specify cert PEM file name from the `coredns.etcdTLS.secretName` | `cert.pem` | -| `coredns.etcdTLS.keyFilename` | When using the CoreDNS provider, specify private key PEM file name from the `coredns.etcdTLS.secretName` | `key.pem` | -| `designate.username` | When using the Designate provider, specify the OpenStack authentication username. (optional) | `""` | -| `designate.password` | When using the Designate provider, specify the OpenStack authentication password. (optional) | `""` | -| `designate.applicationCredentialId` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.username`. (optional) | `""` | -| `designate.applicationCredentialSecret` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.password`. (optional) | `""` | -| `designate.authUrl` | When using the Designate provider, specify the OpenStack authentication Url. (optional) | `""` | -| `designate.regionName` | When using the Designate provider, specify the OpenStack region name. (optional) | `""` | -| `designate.userDomainName` | When using the Designate provider, specify the OpenStack user domain name. (optional) | `""` | -| `designate.projectName` | When using the Designate provider, specify the OpenStack project name. (optional) | `""` | -| `designate.authType` | When using the Designate provider, specify the OpenStack auth type. (optional) | `""` | -| `designate.customCAHostPath` | When using the Designate provider, use a CA file already on the host to validate Openstack APIs. This conflicts with `designate.customCA.enabled` | `""` | -| `designate.customCA.enabled` | When using the Designate provider, enable a custom CA (optional) | `false` | -| `designate.customCA.content` | When using the Designate provider, set the content of the custom CA | `""` | -| `designate.customCA.mountPath` | When using the Designate provider, set the mountPath in which to mount the custom CA configuration | `/config/designate` | -| `designate.customCA.filename` | When using the Designate provider, set the custom CA configuration filename | `designate-ca.pem` | -| `exoscale.apiKey` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APIKEY` to set (optional) | `""` | -| `exoscale.apiToken` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APISECRET` to set (optional) | `""` | -| `exoscale.secretName` | Use an existing secret with keys "exoscale_api_key" and "exoscale_api_token" defined. | `""` | -| `digitalocean.apiToken` | When using the DigitalOcean provider, `DO_TOKEN` to set (optional) | `""` | -| `digitalocean.secretName` | Use an existing secret with key "digitalocean_api_token" defined. | `""` | -| `google.project` | When using the Google provider, specify the Google project (required when provider=google) | `""` | -| `google.batchChangeSize` | When using the google provider, set the maximum number of changes that will be applied in each batch | `1000` | -| `google.serviceAccountSecret` | When using the Google provider, specify the existing secret which contains credentials.json (optional) | `""` | -| `google.serviceAccountSecretKey` | When using the Google provider with an existing secret, specify the key name (optional) | `credentials.json` | -| `google.serviceAccountKey` | When using the Google provider, specify the service account key JSON file. In this case a new secret will be created holding this service account (optional) | `""` | -| `google.zoneVisibility` | When using the Google provider, fiter for zones of a specific visibility (private or public) | `""` | -| `hetzner.token` | When using the Hetzner provider, specify your token here. (required when `hetzner.secretName` is not provided. In this case a new secret will be created holding the token.) | `""` | -| `hetzner.secretName` | When using the Hetzner provider, specify the existing secret which contains your token. Disables the usage of `hetzner.token` (optional) | `""` | -| `hetzner.secretKey` | When using the Hetzner provider with an existing secret, specify the key name (optional) | `hetzner_token` | -| `infoblox.wapiUsername` | When using the Infoblox provider, specify the Infoblox WAPI username | `admin` | -| `infoblox.wapiPassword` | When using the Infoblox provider, specify the Infoblox WAPI password (required when provider=infoblox) | `""` | -| `infoblox.gridHost` | When using the Infoblox provider, specify the Infoblox Grid host (required when provider=infoblox) | `""` | -| `infoblox.view` | Infoblox view | `""` | -| `infoblox.secretName` | Existing secret name, when in place wapiUsername and wapiPassword are not required | `""` | -| `infoblox.domainFilter` | When using the Infoblox provider, specify the domain (optional) | `""` | -| `infoblox.nameRegex` | When using the Infoblox provider, specify the name regex filter (optional) | `""` | -| `infoblox.noSslVerify` | When using the Infoblox provider, disable SSL verification (optional) | `false` | -| `infoblox.wapiPort` | When using the Infoblox provider, specify the Infoblox WAPI port (optional) | `""` | -| `infoblox.wapiVersion` | When using the Infoblox provider, specify the Infoblox WAPI version (optional) | `""` | -| `infoblox.wapiConnectionPoolSize` | When using the Infoblox provider, specify the Infoblox WAPI request connection pool size (optional) | `""` | -| `infoblox.wapiHttpTimeout` | When using the Infoblox provider, specify the Infoblox WAPI request timeout in seconds (optional) | `""` | -| `infoblox.maxResults` | When using the Infoblox provider, specify the Infoblox Max Results (optional) | `""` | -| `linode.apiToken` | When using the Linode provider, `LINODE_TOKEN` to set (optional) | `""` | -| `linode.secretName` | Use an existing secret with key "linode_api_token" defined. | `""` | -| `ns1.minTTL` | When using the ns1 provider, specify minimal TTL, as an integer, for records | `10` | -| `ns1.apiKey` | When using the ns1 provider, specify the API key to use | `""` | -| `ns1.secretName` | Use an existing secret with key "ns1-api-key" defined. | `""` | -| `oci.region` | When using the OCI provider, specify the region, where your zone is located in. | `""` | -| `oci.tenancyOCID` | When using the OCI provider, specify your Tenancy OCID | `""` | -| `oci.userOCID` | When using the OCI provider, specify your User OCID | `""` | -| `oci.compartmentOCID` | When using the OCI provider, specify your Compartment OCID where your DNS Zone is located in. | `""` | -| `oci.privateKey` | When using the OCI provider, paste in your RSA private key file for the Oracle API | `""` | -| `oci.privateKeyFingerprint` | When using the OCI provider, put in the fingerprint of your privateKey | `""` | -| `oci.privateKeyPassphrase` | When using the OCI provider and your privateKey has a passphrase, put it in here. (optional) | `""` | -| `oci.secretName` | When using the OCI provider, it's the name of the secret containing `oci.yaml` file. | `""` | -| `ovh.consumerKey` | When using the OVH provider, specify the existing consumer key. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | -| `ovh.applicationKey` | When using the OVH provider with an existing application, specify the application key. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | -| `ovh.applicationSecret` | When using the OVH provider with an existing application, specify the application secret. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | -| `ovh.secretName` | When using the OVH provider, it's the name of the secret containing `ovh_consumer_key`, `ovh_application_key` and `ovh_application_secret`. Disables usage of other `ovh`. | `""` | -| `scaleway.scwAccessKey` | When using the Scaleway provider, specify an existing access key. (required when provider=scaleway) | `""` | -| `scaleway.scwSecretKey` | When using the Scaleway provider, specify an existing secret key. (required when provider=scaleway) | `""` | -| `rfc2136.host` | When using the rfc2136 provider, specify the RFC2136 host (required when provider=rfc2136) | `""` | -| `rfc2136.port` | When using the rfc2136 provider, specify the RFC2136 port (optional) | `53` | -| `rfc2136.zone` | When using the rfc2136 provider, specify the zone (required when provider=rfc2136) | `""` | -| `rfc2136.tsigSecret` | When using the rfc2136 provider, specify the tsig secret to enable security. (do not specify if `rfc2136.secretName` is provided.) (optional) | `""` | -| `rfc2136.secretName` | When using the rfc2136 provider, specify the existing secret which contains your tsig secret in the key "rfc2136_tsig_secret". Disables the usage of `rfc2136.tsigSecret` (optional) | `""` | -| `rfc2136.tsigSecretAlg` | When using the rfc2136 provider, specify the tsig secret to enable security (optional) | `hmac-sha256` | -| `rfc2136.tsigKeyname` | When using the rfc2136 provider, specify the tsig keyname to enable security (optional) | `rfc2136_tsig_secret` | -| `rfc2136.tsigAxfr` | When using the rfc2136 provider, enable AFXR to enable security (optional) | `true` | -| `rfc2136.minTTL` | When using the rfc2136 provider, specify minimal TTL (in duration format) for records[ns, us, ms, s, m, h], see more | `0s` | -| `rfc2136.rfc3645Enabled` | When using the rfc2136 provider, extend using RFC3645 to support secure updates over Kerberos with GSS-TSIG | `false` | -| `rfc2136.kerberosConfig` | When using the rfc2136 provider with rfc3645Enabled, the contents of a configuration file for krb5 (optional) | `""` | -| `rfc2136.kerberosUsername` | When using the rfc2136 provider with rfc3645Enabled, specify the username to authenticate with (optional) | `""` | -| `rfc2136.kerberosPassword` | When using the rfc2136 provider with rfc3645Enabled, specify the password to authenticate with (optional) | `""` | -| `rfc2136.kerberosRealm` | When using the rfc2136 provider with rfc3645Enabled, specify the realm to authenticate to (required when provider=rfc2136 and rfc2136.rfc3645Enabled=true) | `""` | -| `pdns.apiUrl` | When using the PowerDNS provider, specify the API URL of the server. | `""` | -| `pdns.apiPort` | When using the PowerDNS provider, specify the API port of the server. | `8081` | -| `pdns.apiKey` | When using the PowerDNS provider, specify the API key of the server. | `""` | -| `pdns.secretName` | When using the PowerDNS provider, specify as secret name containing the API Key | `""` | -| `transip.account` | When using the TransIP provider, specify the account name. | `""` | -| `transip.apiKey` | When using the TransIP provider, specify the API key to use. | `""` | -| `vinyldns.host` | When using the VinylDNS provider, specify the VinylDNS API host. | `""` | -| `vinyldns.accessKey` | When using the VinylDNS provider, specify the Access Key to use. | `""` | -| `vinyldns.secretKey` | When using the VinylDNS provider, specify the Secret key to use. | `""` | -| `domainFilters` | Limit possible target zones by domain suffixes (optional) | `[]` | -| `excludeDomains` | Exclude subdomains (optional) | `[]` | -| `regexDomainFilter` | Limit possible target zones by regex domain suffixes (optional) | `""` | -| `regexDomainExclusion` | Exclude subdomains by using regex pattern (optional) | `""` | -| `zoneNameFilters` | Filter target zones by zone domain (optional) | `[]` | -| `zoneIdFilters` | Limit possible target zones by zone id (optional) | `[]` | -| `annotationFilter` | Filter sources managed by external-dns via annotation using label selector (optional) | `""` | -| `labelFilter` | Select sources managed by external-dns using label selector (optional) | `""` | -| `ingressClassFilters` | Filter sources managed by external-dns via IngressClass (optional) | `[]` | -| `managedRecordTypesFilters` | Filter record types managed by external-dns (optional) | `[]` | -| `dryRun` | When enabled, prints DNS record changes rather than actually performing them (optional) | `false` | -| `triggerLoopOnEvent` | When enabled, triggers run loop on create/update/delete events in addition to regular interval (optional) | `false` | -| `interval` | Interval update period to use | `1m` | -| `logLevel` | Verbosity of the logs (options: panic, debug, info, warning, error, fatal, trace) | `info` | -| `logFormat` | Which format to output logs in (options: text, json) | `text` | -| `policy` | Modify how DNS records are synchronized between sources and providers (options: sync, upsert-only ) | `upsert-only` | -| `registry` | Registry method to use (options: txt, aws-sd, dynamodb, noop) | `txt` | -| `txtPrefix` | When using the TXT registry, a prefix for ownership records that avoids collision with CNAME entries (optional) (Mutual exclusive with txt-suffix) | `""` | -| `txtSuffix` | When using the TXT registry, a suffix for ownership records that avoids collision with CNAME entries (optional).suffix (Mutual exclusive with txt-prefix) | `""` | -| `txtOwnerId` | A name that identifies this instance of ExternalDNS. Currently used by registry types: txt & aws-sd (optional) | `""` | -| `forceTxtOwnerId` | (backward compatibility) When using the non-TXT registry, it will pass the value defined by `txtOwnerId` down to the application (optional) | `false` | -| `extraArgs` | Extra arguments to be passed to external-dns | `{}` | -| `extraEnvVars` | An array to add extra env vars | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `lifecycleHooks` | Override default etcd container hooks | `{}` | -| `schedulerName` | Alternative scheduler | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `replicaCount` | Desired number of ExternalDNS replicas | `1` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `podAnnotations` | Additional annotations to apply to the pod. | `{}` | -| `podLabels` | Additional labels to be added to pods | `{}` | -| `priorityClassName` | priorityClassName | `""` | -| `secretAnnotations` | Additional annotations to apply to the secret | `{}` | -| `crd.create` | Install and use the integrated DNSEndpoint CRD | `false` | -| `crd.apiversion` | Sets the API version for the CRD to watch | `""` | -| `crd.kind` | Sets the kind for the CRD to watch | `""` | -| `service.enabled` | Whether to create Service resource or not | `true` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.ports.http` | ExternalDNS client port | `7979` | -| `service.nodePorts.http` | Port to bind to for NodePort service type (client port) | `""` | -| `service.clusterIP` | IP address to assign to service | `""` | -| `service.externalIPs` | Service external IP addresses | `[]` | -| `service.externalName` | Service external name | `""` | -| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | -| `service.loadBalancerSourceRanges` | List of IP CIDRs allowed access to load balancer (if supported) | `[]` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Annotations to add to service | `{}` | -| `service.labels` | Provide any additional labels which may be required. | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `serviceAccount.create` | Determine whether a Service Account should be created or it should reuse a exiting one. | `true` | -| `serviceAccount.name` | ServiceAccount to use. A name is generated using the external-dns.fullname template if it is not set | `""` | -| `serviceAccount.annotations` | Additional Service Account annotations | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | -| `serviceAccount.labels` | Additional labels to be included on the service account | `{}` | -| `rbac.create` | Whether to create & use RBAC resources or not | `true` | -| `rbac.clusterRole` | Whether to create Cluster Role. When set to false creates a Role in `namespace` | `true` | -| `rbac.apiVersion` | Version of the RBAC API | `v1` | -| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | -| `containerSecurityContext` | Security context for the container | `{}` | -| `podSecurityContext.enabled` | Enable pod security context | `true` | -| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | -| `podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `2` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `extraVolumes` | A list of volumes to be added to the pod | `[]` | -| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | -| `podDisruptionBudget` | Configure PodDisruptionBudget | `{}` | -| `metrics.enabled` | Enable prometheus to access external-dns metrics endpoint | `false` | -| `metrics.podAnnotations` | Annotations for enabling prometheus to access the metrics endpoint | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor object | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | Additional labels for ServiceMonitor object | `{}` | -| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | -| `metrics.serviceMonitor.relabelings` | Prometheus relabeling rules | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.labels` | Used to pass Labels that are required by the installed Prometheus Operator | `{}` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.googlePodMonitor.enabled` | Create Google Managed Prometheus PodMonitoring object | `false` | -| `metrics.googlePodMonitor.namespace` | Namespace in which PodMonitoring created | `""` | -| `metrics.googlePodMonitor.interval` | Interval at which metrics should be scraped by Google Managed Prometheus | `60s` | -| `metrics.googlePodMonitor.endpoint` | The endpoint for Google Managed Prometheus scraping the metrics | `/metrics` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------ | +| `image.registry` | ExternalDNS image registry | `REGISTRY_NAME` | +| `image.repository` | ExternalDNS image repository | `REPOSITORY_NAME/external-dns` | +| `image.tag` | ExternalDNS Image tag (immutable tags are recommended) | `0.13.6-debian-11-r30` | +| `image.digest` | ExternalDNS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | ExternalDNS image pull policy | `IfNotPresent` | +| `image.pullSecrets` | ExternalDNS image pull secrets | `[]` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `updateStrategy` | update strategy type | `{}` | +| `command` | Override kiam default command | `[]` | +| `args` | Override kiam default args | `[]` | +| `sources` | K8s resources type to be observed for new DNS entries by ExternalDNS | `[]` | +| `provider` | DNS provider where the DNS records will be created. | `aws` | +| `initContainers` | Attach additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `namespace` | Limit sources of endpoints to a specific namespace (default: all namespaces) | `""` | +| `fqdnTemplates` | Templated strings that are used to generate DNS names from sources that don't define a hostname themselves | `[]` | +| `containerPorts.http` | HTTP Container port | `7979` | +| `combineFQDNAnnotation` | Combine FQDN template and annotations instead of overwriting | `false` | +| `ignoreHostnameAnnotation` | Ignore hostname annotation when generating DNS names, valid only when fqdn-template is set | `false` | +| `publishInternalServices` | Allow external-dns to publish DNS records for ClusterIP services | `false` | +| `publishHostIP` | Allow external-dns to publish host-ip for headless services | `false` | +| `serviceTypeFilter` | The service types to take care about (default: all, options: ClusterIP, NodePort, LoadBalancer, ExternalName) | `[]` | +| `akamai.host` | Hostname to use for EdgeGrid auth | `""` | +| `akamai.accessToken` | Access Token to use for EdgeGrid auth | `""` | +| `akamai.clientToken` | Client Token to use for EdgeGrid auth | `""` | +| `akamai.clientSecret` | When using the Akamai provider, `AKAMAI_CLIENT_SECRET` to set (optional) | `""` | +| `akamai.secretName` | Use an existing secret with key "akamai_api_seret" defined. | `""` | +| `alibabacloud.accessKeyId` | When using the Alibaba Cloud provider, set `accessKeyId` in the Alibaba Cloud configuration file (optional) | `""` | +| `alibabacloud.accessKeySecret` | When using the Alibaba Cloud provider, set `accessKeySecret` in the Alibaba Cloud configuration file (optional) | `""` | +| `alibabacloud.regionId` | When using the Alibaba Cloud provider, set `regionId` in the Alibaba Cloud configuration file (optional) | `""` | +| `alibabacloud.vpcId` | Alibaba Cloud VPC Id | `""` | +| `alibabacloud.secretName` | Use an existing secret with key "alibaba-cloud.json" defined. | `""` | +| `alibabacloud.zoneType` | Zone Filter. Available values are: public, private, or no value for both | `""` | +| `aws.credentials.secretKey` | When using the AWS provider, set `aws_secret_access_key` in the AWS credentials (optional) | `""` | +| `aws.credentials.accessKey` | When using the AWS provider, set `aws_access_key_id` in the AWS credentials (optional) | `""` | +| `aws.credentials.mountPath` | When using the AWS provider, determine `mountPath` for `credentials` secret | `/.aws` | +| `aws.credentials.secretName` | Use an existing secret with key "credentials" defined. | `""` | +| `aws.credentials.accessKeyIDSecretRef.name` | Define the name of the secret that stores aws_access_key_id. | `""` | +| `aws.credentials.accessKeyIDSecretRef.key` | Define the key of the secret that stores aws_access_key_id. | `""` | +| `aws.credentials.secretAccessKeySecretRef.name` | Define the name of the secret that stores aws_secret_access_key | `""` | +| `aws.credentials.secretAccessKeySecretRef.key` | Define the key of the secret that stores aws_secret_access_key | `""` | +| `aws.region` | When using the AWS provider, `AWS_DEFAULT_REGION` to set in the environment (optional) | `us-east-1` | +| `aws.zoneType` | When using the AWS provider, filter for zones of this type (optional, options: public, private) | `""` | +| `aws.assumeRoleArn` | When using the AWS provider, assume role by specifying --aws-assume-role to the external-dns daemon | `""` | +| `aws.roleArn` | Specify role ARN to the external-dns daemon | `""` | +| `aws.apiRetries` | Maximum number of retries for AWS API calls before giving up | `3` | +| `aws.batchChangeSize` | When using the AWS provider, set the maximum number of changes that will be applied in each batch | `1000` | +| `aws.zonesCacheDuration` | If the list of Route53 zones managed by ExternalDNS doesn't change frequently, cache it by setting a TTL | `0` | +| `aws.zoneTags` | When using the AWS provider, filter for zones with these tags | `[]` | +| `aws.preferCNAME` | When using the AWS provider, replaces Alias records with CNAME (options: true, false) | `""` | +| `aws.evaluateTargetHealth` | When using the AWS provider, sets the evaluate target health flag (options: true, false) | `""` | +| `aws.dynamodbTable` | When using the AWS provider, sets the DynamoDB table name to use for dynamodb registry | `""` | +| `aws.dynamodbRegion` | When using the AWS provider, sets the DynamoDB table region to use for dynamodb registry | `""` | +| `azure.secretName` | When using the Azure provider, set the secret containing the `azure.json` file | `""` | +| `azure.cloud` | When using the Azure provider, set the Azure Cloud | `""` | +| `azure.resourceGroup` | When using the Azure provider, set the Azure Resource Group | `""` | +| `azure.tenantId` | When using the Azure provider, set the Azure Tenant ID | `""` | +| `azure.subscriptionId` | When using the Azure provider, set the Azure Subscription ID | `""` | +| `azure.aadClientId` | When using the Azure provider, set the Azure AAD Client ID | `""` | +| `azure.aadClientSecret` | When using the Azure provider, set the Azure AAD Client Secret | `""` | +| `azure.useWorkloadIdentityExtension` | When using the Azure provider, set if you use Workload Identity extension. | `false` | +| `azure.useManagedIdentityExtension` | When using the Azure provider, set if you use Azure MSI | `false` | +| `azure.userAssignedIdentityID` | When using the Azure provider with Azure MSI, set Client ID of Azure user-assigned managed identity (optional, otherwise system-assigned managed identity is used) | `""` | +| `cloudflare.apiToken` | When using the Cloudflare provider, `CF_API_TOKEN` to set (optional) | `""` | +| `cloudflare.apiKey` | When using the Cloudflare provider, `CF_API_KEY` to set (optional) | `""` | +| `cloudflare.secretName` | When using the Cloudflare provider, it's the name of the secret containing cloudflare_api_token or cloudflare_api_key. | `""` | +| `cloudflare.email` | When using the Cloudflare provider, `CF_API_EMAIL` to set (optional). Needed when using CF_API_KEY | `""` | +| `cloudflare.proxied` | When using the Cloudflare provider, enable the proxy feature (DDOS protection, CDN...) (optional) | `true` | +| `coredns.etcdEndpoints` | When using the CoreDNS provider, set etcd backend endpoints (comma-separated list) | `http://etcd-extdns:2379` | +| `coredns.etcdTLS.enabled` | When using the CoreDNS provider, enable secure communication with etcd | `false` | +| `coredns.etcdTLS.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | +| `coredns.etcdTLS.secretName` | When using the CoreDNS provider, specify a name of existing Secret with etcd certs and keys | `etcd-client-certs` | +| `coredns.etcdTLS.mountPath` | When using the CoreDNS provider, set destination dir to mount data from `coredns.etcdTLS.secretName` to | `/etc/coredns/tls/etcd` | +| `coredns.etcdTLS.caFilename` | When using the CoreDNS provider, specify CA PEM file name from the `coredns.etcdTLS.secretName` | `ca.crt` | +| `coredns.etcdTLS.certFilename` | When using the CoreDNS provider, specify cert PEM file name from the `coredns.etcdTLS.secretName` | `cert.pem` | +| `coredns.etcdTLS.keyFilename` | When using the CoreDNS provider, specify private key PEM file name from the `coredns.etcdTLS.secretName` | `key.pem` | +| `designate.username` | When using the Designate provider, specify the OpenStack authentication username. (optional) | `""` | +| `designate.password` | When using the Designate provider, specify the OpenStack authentication password. (optional) | `""` | +| `designate.applicationCredentialId` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.username`. (optional) | `""` | +| `designate.applicationCredentialSecret` | When using the Designate provider, specify the OpenStack authentication application credential ID. This conflicts with `designate.password`. (optional) | `""` | +| `designate.authUrl` | When using the Designate provider, specify the OpenStack authentication Url. (optional) | `""` | +| `designate.regionName` | When using the Designate provider, specify the OpenStack region name. (optional) | `""` | +| `designate.userDomainName` | When using the Designate provider, specify the OpenStack user domain name. (optional) | `""` | +| `designate.projectName` | When using the Designate provider, specify the OpenStack project name. (optional) | `""` | +| `designate.authType` | When using the Designate provider, specify the OpenStack auth type. (optional) | `""` | +| `designate.customCAHostPath` | When using the Designate provider, use a CA file already on the host to validate Openstack APIs. This conflicts with `designate.customCA.enabled` | `""` | +| `designate.customCA.enabled` | When using the Designate provider, enable a custom CA (optional) | `false` | +| `designate.customCA.content` | When using the Designate provider, set the content of the custom CA | `""` | +| `designate.customCA.mountPath` | When using the Designate provider, set the mountPath in which to mount the custom CA configuration | `/config/designate` | +| `designate.customCA.filename` | When using the Designate provider, set the custom CA configuration filename | `designate-ca.pem` | +| `exoscale.apiKey` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APIKEY` to set (optional) | `""` | +| `exoscale.apiToken` | When using the Exoscale provider, `EXTERNAL_DNS_EXOSCALE_APISECRET` to set (optional) | `""` | +| `exoscale.secretName` | Use an existing secret with keys "exoscale_api_key" and "exoscale_api_token" defined. | `""` | +| `digitalocean.apiToken` | When using the DigitalOcean provider, `DO_TOKEN` to set (optional) | `""` | +| `digitalocean.secretName` | Use an existing secret with key "digitalocean_api_token" defined. | `""` | +| `google.project` | When using the Google provider, specify the Google project (required when provider=google) | `""` | +| `google.batchChangeSize` | When using the google provider, set the maximum number of changes that will be applied in each batch | `1000` | +| `google.serviceAccountSecret` | When using the Google provider, specify the existing secret which contains credentials.json (optional) | `""` | +| `google.serviceAccountSecretKey` | When using the Google provider with an existing secret, specify the key name (optional) | `credentials.json` | +| `google.serviceAccountKey` | When using the Google provider, specify the service account key JSON file. In this case a new secret will be created holding this service account (optional) | `""` | +| `google.zoneVisibility` | When using the Google provider, fiter for zones of a specific visibility (private or public) | `""` | +| `hetzner.token` | When using the Hetzner provider, specify your token here. (required when `hetzner.secretName` is not provided. In this case a new secret will be created holding the token.) | `""` | +| `hetzner.secretName` | When using the Hetzner provider, specify the existing secret which contains your token. Disables the usage of `hetzner.token` (optional) | `""` | +| `hetzner.secretKey` | When using the Hetzner provider with an existing secret, specify the key name (optional) | `hetzner_token` | +| `infoblox.wapiUsername` | When using the Infoblox provider, specify the Infoblox WAPI username | `admin` | +| `infoblox.wapiPassword` | When using the Infoblox provider, specify the Infoblox WAPI password (required when provider=infoblox) | `""` | +| `infoblox.gridHost` | When using the Infoblox provider, specify the Infoblox Grid host (required when provider=infoblox) | `""` | +| `infoblox.view` | Infoblox view | `""` | +| `infoblox.secretName` | Existing secret name, when in place wapiUsername and wapiPassword are not required | `""` | +| `infoblox.domainFilter` | When using the Infoblox provider, specify the domain (optional) | `""` | +| `infoblox.nameRegex` | When using the Infoblox provider, specify the name regex filter (optional) | `""` | +| `infoblox.noSslVerify` | When using the Infoblox provider, disable SSL verification (optional) | `false` | +| `infoblox.wapiPort` | When using the Infoblox provider, specify the Infoblox WAPI port (optional) | `""` | +| `infoblox.wapiVersion` | When using the Infoblox provider, specify the Infoblox WAPI version (optional) | `""` | +| `infoblox.wapiConnectionPoolSize` | When using the Infoblox provider, specify the Infoblox WAPI request connection pool size (optional) | `""` | +| `infoblox.wapiHttpTimeout` | When using the Infoblox provider, specify the Infoblox WAPI request timeout in seconds (optional) | `""` | +| `infoblox.maxResults` | When using the Infoblox provider, specify the Infoblox Max Results (optional) | `""` | +| `linode.apiToken` | When using the Linode provider, `LINODE_TOKEN` to set (optional) | `""` | +| `linode.secretName` | Use an existing secret with key "linode_api_token" defined. | `""` | +| `ns1.minTTL` | When using the ns1 provider, specify minimal TTL, as an integer, for records | `10` | +| `ns1.apiKey` | When using the ns1 provider, specify the API key to use | `""` | +| `ns1.secretName` | Use an existing secret with key "ns1-api-key" defined. | `""` | +| `oci.region` | When using the OCI provider, specify the region, where your zone is located in. | `""` | +| `oci.tenancyOCID` | When using the OCI provider, specify your Tenancy OCID | `""` | +| `oci.userOCID` | When using the OCI provider, specify your User OCID | `""` | +| `oci.compartmentOCID` | When using the OCI provider, specify your Compartment OCID where your DNS Zone is located in. | `""` | +| `oci.privateKey` | When using the OCI provider, paste in your RSA private key file for the Oracle API | `""` | +| `oci.privateKeyFingerprint` | When using the OCI provider, put in the fingerprint of your privateKey | `""` | +| `oci.privateKeyPassphrase` | When using the OCI provider and your privateKey has a passphrase, put it in here. (optional) | `""` | +| `oci.secretName` | When using the OCI provider, it's the name of the secret containing `oci.yaml` file. | `""` | +| `ovh.consumerKey` | When using the OVH provider, specify the existing consumer key. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | +| `ovh.applicationKey` | When using the OVH provider with an existing application, specify the application key. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | +| `ovh.applicationSecret` | When using the OVH provider with an existing application, specify the application secret. (required when provider=ovh and `ovh.secretName` is not provided.) | `""` | +| `ovh.secretName` | When using the OVH provider, it's the name of the secret containing `ovh_consumer_key`, `ovh_application_key` and `ovh_application_secret`. Disables usage of other `ovh`. | `""` | +| `scaleway.scwAccessKey` | When using the Scaleway provider, specify an existing access key. (required when provider=scaleway) | `""` | +| `scaleway.scwSecretKey` | When using the Scaleway provider, specify an existing secret key. (required when provider=scaleway) | `""` | +| `rfc2136.host` | When using the rfc2136 provider, specify the RFC2136 host (required when provider=rfc2136) | `""` | +| `rfc2136.port` | When using the rfc2136 provider, specify the RFC2136 port (optional) | `53` | +| `rfc2136.zone` | When using the rfc2136 provider, specify the zone (required when provider=rfc2136) | `""` | +| `rfc2136.tsigSecret` | When using the rfc2136 provider, specify the tsig secret to enable security. (do not specify if `rfc2136.secretName` is provided.) (optional) | `""` | +| `rfc2136.secretName` | When using the rfc2136 provider, specify the existing secret which contains your tsig secret in the key "rfc2136_tsig_secret". Disables the usage of `rfc2136.tsigSecret` (optional) | `""` | +| `rfc2136.tsigSecretAlg` | When using the rfc2136 provider, specify the tsig secret to enable security (optional) | `hmac-sha256` | +| `rfc2136.tsigKeyname` | When using the rfc2136 provider, specify the tsig keyname to enable security (optional) | `rfc2136_tsig_secret` | +| `rfc2136.tsigAxfr` | When using the rfc2136 provider, enable AFXR to enable security (optional) | `true` | +| `rfc2136.minTTL` | When using the rfc2136 provider, specify minimal TTL (in duration format) for records[ns, us, ms, s, m, h], see more | `0s` | +| `rfc2136.rfc3645Enabled` | When using the rfc2136 provider, extend using RFC3645 to support secure updates over Kerberos with GSS-TSIG | `false` | +| `rfc2136.kerberosConfig` | When using the rfc2136 provider with rfc3645Enabled, the contents of a configuration file for krb5 (optional) | `""` | +| `rfc2136.kerberosUsername` | When using the rfc2136 provider with rfc3645Enabled, specify the username to authenticate with (optional) | `""` | +| `rfc2136.kerberosPassword` | When using the rfc2136 provider with rfc3645Enabled, specify the password to authenticate with (optional) | `""` | +| `rfc2136.kerberosRealm` | When using the rfc2136 provider with rfc3645Enabled, specify the realm to authenticate to (required when provider=rfc2136 and rfc2136.rfc3645Enabled=true) | `""` | +| `pdns.apiUrl` | When using the PowerDNS provider, specify the API URL of the server. | `""` | +| `pdns.apiPort` | When using the PowerDNS provider, specify the API port of the server. | `8081` | +| `pdns.apiKey` | When using the PowerDNS provider, specify the API key of the server. | `""` | +| `pdns.secretName` | When using the PowerDNS provider, specify as secret name containing the API Key | `""` | +| `transip.account` | When using the TransIP provider, specify the account name. | `""` | +| `transip.apiKey` | When using the TransIP provider, specify the API key to use. | `""` | +| `vinyldns.host` | When using the VinylDNS provider, specify the VinylDNS API host. | `""` | +| `vinyldns.accessKey` | When using the VinylDNS provider, specify the Access Key to use. | `""` | +| `vinyldns.secretKey` | When using the VinylDNS provider, specify the Secret key to use. | `""` | +| `domainFilters` | Limit possible target zones by domain suffixes (optional) | `[]` | +| `excludeDomains` | Exclude subdomains (optional) | `[]` | +| `regexDomainFilter` | Limit possible target zones by regex domain suffixes (optional) | `""` | +| `regexDomainExclusion` | Exclude subdomains by using regex pattern (optional) | `""` | +| `zoneNameFilters` | Filter target zones by zone domain (optional) | `[]` | +| `zoneIdFilters` | Limit possible target zones by zone id (optional) | `[]` | +| `annotationFilter` | Filter sources managed by external-dns via annotation using label selector (optional) | `""` | +| `labelFilter` | Select sources managed by external-dns using label selector (optional) | `""` | +| `ingressClassFilters` | Filter sources managed by external-dns via IngressClass (optional) | `[]` | +| `managedRecordTypesFilters` | Filter record types managed by external-dns (optional) | `[]` | +| `dryRun` | When enabled, prints DNS record changes rather than actually performing them (optional) | `false` | +| `triggerLoopOnEvent` | When enabled, triggers run loop on create/update/delete events in addition to regular interval (optional) | `false` | +| `interval` | Interval update period to use | `1m` | +| `logLevel` | Verbosity of the logs (options: panic, debug, info, warning, error, fatal, trace) | `info` | +| `logFormat` | Which format to output logs in (options: text, json) | `text` | +| `policy` | Modify how DNS records are synchronized between sources and providers (options: sync, upsert-only ) | `upsert-only` | +| `registry` | Registry method to use (options: txt, aws-sd, dynamodb, noop) | `txt` | +| `txtPrefix` | When using the TXT registry, a prefix for ownership records that avoids collision with CNAME entries (optional) (Mutual exclusive with txt-suffix) | `""` | +| `txtSuffix` | When using the TXT registry, a suffix for ownership records that avoids collision with CNAME entries (optional).suffix (Mutual exclusive with txt-prefix) | `""` | +| `txtOwnerId` | A name that identifies this instance of ExternalDNS. Currently used by registry types: txt & aws-sd (optional) | `""` | +| `forceTxtOwnerId` | (backward compatibility) When using the non-TXT registry, it will pass the value defined by `txtOwnerId` down to the application (optional) | `false` | +| `extraArgs` | Extra arguments to be passed to external-dns | `{}` | +| `extraEnvVars` | An array to add extra env vars | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `lifecycleHooks` | Override default etcd container hooks | `{}` | +| `schedulerName` | Alternative scheduler | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `replicaCount` | Desired number of ExternalDNS replicas | `1` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `podAnnotations` | Additional annotations to apply to the pod. | `{}` | +| `podLabels` | Additional labels to be added to pods | `{}` | +| `priorityClassName` | priorityClassName | `""` | +| `secretAnnotations` | Additional annotations to apply to the secret | `{}` | +| `crd.create` | Install and use the integrated DNSEndpoint CRD | `false` | +| `crd.apiversion` | Sets the API version for the CRD to watch | `""` | +| `crd.kind` | Sets the kind for the CRD to watch | `""` | +| `service.enabled` | Whether to create Service resource or not | `true` | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.ports.http` | ExternalDNS client port | `7979` | +| `service.nodePorts.http` | Port to bind to for NodePort service type (client port) | `""` | +| `service.clusterIP` | IP address to assign to service | `""` | +| `service.externalIPs` | Service external IP addresses | `[]` | +| `service.externalName` | Service external name | `""` | +| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | +| `service.loadBalancerSourceRanges` | List of IP CIDRs allowed access to load balancer (if supported) | `[]` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Annotations to add to service | `{}` | +| `service.labels` | Provide any additional labels which may be required. | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `serviceAccount.create` | Determine whether a Service Account should be created or it should reuse a exiting one. | `true` | +| `serviceAccount.name` | ServiceAccount to use. A name is generated using the external-dns.fullname template if it is not set | `""` | +| `serviceAccount.annotations` | Additional Service Account annotations | `{}` | +| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | +| `serviceAccount.labels` | Additional labels to be included on the service account | `{}` | +| `rbac.create` | Whether to create & use RBAC resources or not | `true` | +| `rbac.clusterRole` | Whether to create Cluster Role. When set to false creates a Role in `namespace` | `true` | +| `rbac.apiVersion` | Version of the RBAC API | `v1` | +| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | +| `containerSecurityContext` | Security context for the container | `{}` | +| `podSecurityContext.enabled` | Enable pod security context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | +| `podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `2` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `extraVolumes` | A list of volumes to be added to the pod | `[]` | +| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | +| `podDisruptionBudget` | Configure PodDisruptionBudget | `{}` | +| `metrics.enabled` | Enable prometheus to access external-dns metrics endpoint | `false` | +| `metrics.podAnnotations` | Annotations for enabling prometheus to access the metrics endpoint | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor object | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | Additional labels for ServiceMonitor object | `{}` | +| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | +| `metrics.serviceMonitor.relabelings` | Prometheus relabeling rules | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.labels` | Used to pass Labels that are required by the installed Prometheus Operator | `{}` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.googlePodMonitor.enabled` | Create Google Managed Prometheus PodMonitoring object | `false` | +| `metrics.googlePodMonitor.namespace` | Namespace in which PodMonitoring created | `""` | +| `metrics.googlePodMonitor.interval` | Interval at which metrics should be scraped by Google Managed Prometheus | `60s` | +| `metrics.googlePodMonitor.endpoint` | The endpoint for Google Managed Prometheus scraping the metrics | `/metrics` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ - --set provider=aws oci://registry-1.docker.io/bitnamicharts/external-dns + --set provider=aws oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/external-dns +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -408,9 +415,11 @@ helm install my-release \ --set aws.zoneType=public \ --set txtOwnerId=HOSTED_ZONE_IDENTIFIER \ --set domainFilters[0]=HOSTED_ZONE_NAME \ - oci://registry-1.docker.io/bitnamicharts/external-dns + oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Troubleshooting Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). @@ -475,9 +484,11 @@ Use the workaround below to upgrade from versions previous to 1.0.0. The followi ```console kubectl delete deployment my-release-external-dns -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/external-dns +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/external-dns ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Other mayor changes included in this major version are: - Default image changes from `registry.opensource.zalan.do/teapot/external-dns` to `bitnami/external-dns`. diff --git a/bitnami/external-dns/values.yaml b/bitnami/external-dns/values.yaml index dfa2784557d361..895cd912e2efe8 100644 --- a/bitnami/external-dns/values.yaml +++ b/bitnami/external-dns/values.yaml @@ -57,8 +57,8 @@ useDaemonset: false ## Bitnami external-dns image version ## ref: https://hub.docker.com/r/bitnami/external-dns/tags/ -## @param image.registry ExternalDNS image registry -## @param image.repository ExternalDNS image repository +## @param image.registry [default: REGISTRY_NAME] ExternalDNS image registry +## @param image.repository [default: REPOSITORY_NAME/external-dns] ExternalDNS image repository ## @param image.tag ExternalDNS Image tag (immutable tags are recommended) ## @param image.digest ExternalDNS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy ExternalDNS image pull policy diff --git a/bitnami/flink/README.md b/bitnami/flink/README.md index 6f741a910f3404..0fe582e3e73b9f 100644 --- a/bitnami/flink/README.md +++ b/bitnami/flink/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/flink +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flink ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [flink](https://github.com/bitnami/containers/tree/main/bitnami/flink) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Apache Flink in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/flink +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flink ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy flink on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -79,8 +83,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------- | ------------------------------------------------------------------------------------------------------------ | ----------------------- | -| `image.registry` | Apache Flink image registry | `docker.io` | -| `image.repository` | Apache Flink image repository | `bitnami/flink` | +| `image.registry` | Apache Flink image registry | `REGISTRY_NAME` | +| `image.repository` | Apache Flink image repository | `REPOSITORY_NAME/flink` | | `image.tag` | Apache Flink image tag (immutable tags are recommended) | `1.17.1-debian-11-r120` | | `image.digest` | Apache Flink image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | image pull policy | `IfNotPresent` | diff --git a/bitnami/flink/values.yaml b/bitnami/flink/values.yaml index f89f02c8576f1a..41d2283aac2565 100644 --- a/bitnami/flink/values.yaml +++ b/bitnami/flink/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Apache Flink image ## ref: https://hub.docker.com/r/bitnami/flink/tags/ -## @param image.registry Apache Flink image registry -## @param image.repository Apache Flink image repository +## @param image.registry [default: REGISTRY_NAME] Apache Flink image registry +## @param image.repository [default: REPOSITORY_NAME/flink] Apache Flink image repository ## @param image.tag Apache Flink image tag (immutable tags are recommended) ## @param image.digest Apache Flink image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy diff --git a/bitnami/fluent-bit/README.md b/bitnami/fluent-bit/README.md index 688453f2edb6c7..6b017c532a34a4 100644 --- a/bitnami/fluent-bit/README.md +++ b/bitnami/fluent-bit/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/fluent-bit +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/fluent-bit ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [fluent-bit](https://github.com/bitnami/containers/tree/main/bitnami/fluent-bit) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Fluent Bit in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/fluent-bit +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/fluent-bit ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy fluent-bit on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,15 +80,15 @@ The command removes all the Kubernetes components associated with the chart and ### Fluent Bit parameters -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Fluent Bit image registry | `docker.io` | -| `image.repository` | Fluent Bit image repository | `bitnami/fluent-bit` | -| `image.tag` | Fluent Bit image tag (immutable tags are recommended) | `2.1.10-debian-11-r0` | -| `image.digest` | Fluent Bit image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Fluent Bit image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | Fluent Bit image registry | `REGISTRY_NAME` | +| `image.repository` | Fluent Bit image repository | `REPOSITORY_NAME/fluent-bit` | +| `image.tag` | Fluent Bit image tag (immutable tags are recommended) | `2.1.10-debian-11-r0` | +| `image.digest` | Fluent Bit image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Fluent Bit image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Fluent Bit daemonset configuration diff --git a/bitnami/fluent-bit/values.yaml b/bitnami/fluent-bit/values.yaml index a6684419c4ece2..3902d356f32119 100644 --- a/bitnami/fluent-bit/values.yaml +++ b/bitnami/fluent-bit/values.yaml @@ -58,8 +58,8 @@ diagnosticMode: ## Bitnami Fluent Bit image ## ref: https://hub.docker.com/r/bitnami/fluent-bit/tags/ -## @param image.registry Fluent Bit image registry -## @param image.repository Fluent Bit image repository +## @param image.registry [default: REGISTRY_NAME] Fluent Bit image registry +## @param image.repository [default: REPOSITORY_NAME/fluent-bit] Fluent Bit image repository ## @param image.tag Fluent Bit image tag (immutable tags are recommended) ## @param image.digest Fluent Bit image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy diff --git a/bitnami/fluentd/README.md b/bitnami/fluentd/README.md index 09e13237afae79..73e8a33bd4f739 100644 --- a/bitnami/fluentd/README.md +++ b/bitnami/fluentd/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/fluentd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/fluentd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Fluentd](https://github.com/bitnami/containers/tree/main/bitnami/fluentd) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,9 +37,11 @@ Looking to use Fluentd in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/fluentd +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/fluentd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Fluentd on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,8 +85,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------- | -| `image.registry` | Fluentd image registry | `docker.io` | -| `image.repository` | Fluentd image repository | `bitnami/fluentd` | +| `image.registry` | Fluentd image registry | `REGISTRY_NAME` | +| `image.repository` | Fluentd image repository | `REPOSITORY_NAME/fluentd` | | `image.tag` | Fluentd image tag (immutable tags are recommended) | `1.16.2-debian-11-r72` | | `image.pullPolicy` | Fluentd image pull policy | `IfNotPresent` | | `image.pullSecrets` | Fluentd image pull secrets | `[]` | @@ -333,17 +337,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set aggregator.port=24444 oci://registry-1.docker.io/bitnamicharts/fluentd + --set aggregator.port=24444 oci://REGISTRY_NAME/REPOSITORY_NAME/fluentd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the aggregators to listen on port 24444. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/fluentd +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/fluentd ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/fluentd/values.yaml b/bitnami/fluentd/values.yaml index dc2908d79cc70d..f30df44225c94e 100644 --- a/bitnami/fluentd/values.yaml +++ b/bitnami/fluentd/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Fluentd image version ## ref: https://hub.docker.com/r/bitnami/fluentd/tags/ -## @param image.registry Fluentd image registry -## @param image.repository Fluentd image repository +## @param image.registry [default: REGISTRY_NAME] Fluentd image registry +## @param image.repository [default: REPOSITORY_NAME/fluentd] Fluentd image repository ## @param image.tag Fluentd image tag (immutable tags are recommended) ## @param image.pullPolicy Fluentd image pull policy ## @param image.pullSecrets Fluentd image pull secrets @@ -94,8 +94,8 @@ forwarder: ## @param forwarder.enabled Enable forwarder daemonset ## enabled: true - ## @param forwarder.image.registry Fluentd forwarder image registry override - ## @param forwarder.image.repository Fluentd forwarder image repository override + ## @param forwarder.image.registry [default: ""] Fluentd forwarder image registry override + ## @param forwarder.image.repository [default: ""] Fluentd forwarder image repository override ## @param forwarder.image.tag Fluentd forwarder image tag override (immutable tags are recommended) image: registry: "" @@ -641,8 +641,8 @@ aggregator: ## @param aggregator.enabled Enable Fluentd aggregator statefulset ## enabled: true - ## @param aggregator.image.registry Fluentd aggregator image registry override - ## @param aggregator.image.repository Fluentd aggregator image repository override + ## @param aggregator.image.registry [default: ""] Fluentd aggregator image registry override + ## @param aggregator.image.repository [default: ""] Fluentd aggregator image repository override ## @param aggregator.image.tag Fluentd aggregator image tag override (immutable tags are recommended) image: registry: "" diff --git a/bitnami/flux/README.md b/bitnami/flux/README.md index 5eceb1f2a9a4fd..f9f43a3a5171fa 100644 --- a/bitnami/flux/README.md +++ b/bitnami/flux/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/flux +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flux ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Flux](https://github.com/bitnami/containers/tree/main/bitnami/fluxcd-kustomize-controller) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Flux in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/flux +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flux ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys flux on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,85 +81,85 @@ The command removes all the Kubernetes components associated with the chart and ### Kustomize Controller Parameters -| Name | Description | Value | -| ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | -| `kustomizeController.enabled` | Enable Kustomize Controller | `true` | -| `kustomizeController.image.registry` | Kustomize Controller image registry | `docker.io` | -| `kustomizeController.image.repository` | Kustomize Controller image repository | `bitnami/fluxcd-kustomize-controller` | -| `kustomizeController.image.tag` | Kustomize Controller image tag (immutable tags are recommended) | `1.1.1-debian-11-r0` | -| `kustomizeController.image.digest` | Kustomize Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `kustomizeController.image.pullPolicy` | Kustomize Controller image pull policy | `IfNotPresent` | -| `kustomizeController.image.pullSecrets` | Kustomize Controller image pull secrets | `[]` | -| `kustomizeController.image.debug` | Enable Kustomize Controller image debug mode | `false` | -| `kustomizeController.replicaCount` | Number of Kustomize Controller replicas to deploy | `1` | -| `kustomizeController.containerPorts.metrics` | Kustomize Controller metrics container port | `8080` | -| `kustomizeController.containerPorts.health` | Kustomize Controller health container port | `9440` | -| `kustomizeController.livenessProbe.enabled` | Enable livenessProbe on Kustomize Controller containers | `true` | -| `kustomizeController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `kustomizeController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `kustomizeController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `kustomizeController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `kustomizeController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `kustomizeController.readinessProbe.enabled` | Enable readinessProbe on Kustomize Controller containers | `true` | -| `kustomizeController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `kustomizeController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `kustomizeController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `kustomizeController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `kustomizeController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `kustomizeController.startupProbe.enabled` | Enable startupProbe on Kustomize Controller containers | `false` | -| `kustomizeController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `kustomizeController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `kustomizeController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `kustomizeController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `kustomizeController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `kustomizeController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `kustomizeController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `kustomizeController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `kustomizeController.resources.limits` | The resources limits for the Kustomize Controller containers | `{}` | -| `kustomizeController.resources.requests` | The requested resources for the Kustomize Controller containers | `{}` | -| `kustomizeController.podSecurityContext.enabled` | Enabled Kustomize Controller pods' Security Context | `true` | -| `kustomizeController.podSecurityContext.fsGroup` | Set Kustomize Controller pod's Security Context fsGroup | `1001` | -| `kustomizeController.podSecurityContext.seccompProfile.type` | Set Kustomize Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `kustomizeController.containerSecurityContext.enabled` | Enabled Kustomize Controller containers' Security Context | `true` | -| `kustomizeController.containerSecurityContext.runAsUser` | Set Kustomize Controller containers' Security Context runAsUser | `1001` | -| `kustomizeController.containerSecurityContext.runAsNonRoot` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | -| `kustomizeController.containerSecurityContext.readOnlyRootFilesystem` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | -| `kustomizeController.containerSecurityContext.allowPrivilegeEscalation` | Set Kustomize Controller container's privilege escalation | `false` | -| `kustomizeController.containerSecurityContext.capabilities.drop` | Set Kustomize Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `kustomizeController.command` | Override default container command (useful when using custom images) | `[]` | -| `kustomizeController.args` | Override default container args (useful when using custom images) | `[]` | -| `kustomizeController.hostAliases` | Kustomize Controller pods host aliases | `[]` | -| `kustomizeController.podLabels` | Extra labels for Kustomize Controller pods | `{}` | -| `kustomizeController.podAnnotations` | Annotations for Kustomize Controller pods | `{}` | -| `kustomizeController.podAffinityPreset` | Pod affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `kustomizeController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `kustomizeController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `kustomizeController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `kustomizeController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `kustomizeController.autoscaling.enabled` | Enable autoscaling for kustomizeController | `false` | -| `kustomizeController.autoscaling.minReplicas` | Minimum number of kustomizeController replicas | `""` | -| `kustomizeController.autoscaling.maxReplicas` | Maximum number of kustomizeController replicas | `""` | -| `kustomizeController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `kustomizeController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `kustomizeController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `kustomizeController.nodeAffinityPreset.key` | Node label key to match. Ignored if `kustomizeController.affinity` is set | `""` | -| `kustomizeController.nodeAffinityPreset.values` | Node label values to match. Ignored if `kustomizeController.affinity` is set | `[]` | -| `kustomizeController.affinity` | Affinity for Kustomize Controller pods assignment | `{}` | -| `kustomizeController.nodeSelector` | Node labels for Kustomize Controller pods assignment | `{}` | -| `kustomizeController.tolerations` | Tolerations for Kustomize Controller pods assignment | `[]` | -| `kustomizeController.updateStrategy.type` | Kustomize Controller statefulset strategy type | `RollingUpdate` | -| `kustomizeController.priorityClassName` | Kustomize Controller pods' priorityClassName | `""` | -| `kustomizeController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `kustomizeController.schedulerName` | Name of the k8s scheduler (other than default) for Kustomize Controller pods | `""` | -| `kustomizeController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `kustomizeController.lifecycleHooks` | for the Kustomize Controller container(s) to automate configuration before or after startup | `{}` | -| `kustomizeController.extraEnvVars` | Array with extra environment variables to add to Kustomize Controller nodes | `[]` | -| `kustomizeController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Kustomize Controller nodes | `""` | -| `kustomizeController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Kustomize Controller nodes | `""` | -| `kustomizeController.extraVolumes` | Optionally specify extra list of additional volumes for the Kustomize Controller pod(s) | `[]` | -| `kustomizeController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kustomize Controller container(s) | `[]` | -| `kustomizeController.sidecars` | Add additional sidecar containers to the Kustomize Controller pod(s) | `[]` | -| `kustomizeController.initContainers` | Add additional init containers to the Kustomize Controller pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- | +| `kustomizeController.enabled` | Enable Kustomize Controller | `true` | +| `kustomizeController.image.registry` | Kustomize Controller image registry | `REGISTRY_NAME` | +| `kustomizeController.image.repository` | Kustomize Controller image repository | `REPOSITORY_NAME/fluxcd-kustomize-controller` | +| `kustomizeController.image.tag` | Kustomize Controller image tag (immutable tags are recommended) | `1.1.1-debian-11-r0` | +| `kustomizeController.image.digest` | Kustomize Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `kustomizeController.image.pullPolicy` | Kustomize Controller image pull policy | `IfNotPresent` | +| `kustomizeController.image.pullSecrets` | Kustomize Controller image pull secrets | `[]` | +| `kustomizeController.image.debug` | Enable Kustomize Controller image debug mode | `false` | +| `kustomizeController.replicaCount` | Number of Kustomize Controller replicas to deploy | `1` | +| `kustomizeController.containerPorts.metrics` | Kustomize Controller metrics container port | `8080` | +| `kustomizeController.containerPorts.health` | Kustomize Controller health container port | `9440` | +| `kustomizeController.livenessProbe.enabled` | Enable livenessProbe on Kustomize Controller containers | `true` | +| `kustomizeController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `kustomizeController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `kustomizeController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `kustomizeController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `kustomizeController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `kustomizeController.readinessProbe.enabled` | Enable readinessProbe on Kustomize Controller containers | `true` | +| `kustomizeController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `kustomizeController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `kustomizeController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `kustomizeController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `kustomizeController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `kustomizeController.startupProbe.enabled` | Enable startupProbe on Kustomize Controller containers | `false` | +| `kustomizeController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `kustomizeController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `kustomizeController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `kustomizeController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `kustomizeController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `kustomizeController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `kustomizeController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `kustomizeController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `kustomizeController.resources.limits` | The resources limits for the Kustomize Controller containers | `{}` | +| `kustomizeController.resources.requests` | The requested resources for the Kustomize Controller containers | `{}` | +| `kustomizeController.podSecurityContext.enabled` | Enabled Kustomize Controller pods' Security Context | `true` | +| `kustomizeController.podSecurityContext.fsGroup` | Set Kustomize Controller pod's Security Context fsGroup | `1001` | +| `kustomizeController.podSecurityContext.seccompProfile.type` | Set Kustomize Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `kustomizeController.containerSecurityContext.enabled` | Enabled Kustomize Controller containers' Security Context | `true` | +| `kustomizeController.containerSecurityContext.runAsUser` | Set Kustomize Controller containers' Security Context runAsUser | `1001` | +| `kustomizeController.containerSecurityContext.runAsNonRoot` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | +| `kustomizeController.containerSecurityContext.readOnlyRootFilesystem` | Set Kustomize Controller containers' Security Context runAsNonRoot | `true` | +| `kustomizeController.containerSecurityContext.allowPrivilegeEscalation` | Set Kustomize Controller container's privilege escalation | `false` | +| `kustomizeController.containerSecurityContext.capabilities.drop` | Set Kustomize Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `kustomizeController.command` | Override default container command (useful when using custom images) | `[]` | +| `kustomizeController.args` | Override default container args (useful when using custom images) | `[]` | +| `kustomizeController.hostAliases` | Kustomize Controller pods host aliases | `[]` | +| `kustomizeController.podLabels` | Extra labels for Kustomize Controller pods | `{}` | +| `kustomizeController.podAnnotations` | Annotations for Kustomize Controller pods | `{}` | +| `kustomizeController.podAffinityPreset` | Pod affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `kustomizeController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `kustomizeController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `kustomizeController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `kustomizeController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `kustomizeController.autoscaling.enabled` | Enable autoscaling for kustomizeController | `false` | +| `kustomizeController.autoscaling.minReplicas` | Minimum number of kustomizeController replicas | `""` | +| `kustomizeController.autoscaling.maxReplicas` | Maximum number of kustomizeController replicas | `""` | +| `kustomizeController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `kustomizeController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `kustomizeController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `kustomizeController.nodeAffinityPreset.key` | Node label key to match. Ignored if `kustomizeController.affinity` is set | `""` | +| `kustomizeController.nodeAffinityPreset.values` | Node label values to match. Ignored if `kustomizeController.affinity` is set | `[]` | +| `kustomizeController.affinity` | Affinity for Kustomize Controller pods assignment | `{}` | +| `kustomizeController.nodeSelector` | Node labels for Kustomize Controller pods assignment | `{}` | +| `kustomizeController.tolerations` | Tolerations for Kustomize Controller pods assignment | `[]` | +| `kustomizeController.updateStrategy.type` | Kustomize Controller statefulset strategy type | `RollingUpdate` | +| `kustomizeController.priorityClassName` | Kustomize Controller pods' priorityClassName | `""` | +| `kustomizeController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `kustomizeController.schedulerName` | Name of the k8s scheduler (other than default) for Kustomize Controller pods | `""` | +| `kustomizeController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `kustomizeController.lifecycleHooks` | for the Kustomize Controller container(s) to automate configuration before or after startup | `{}` | +| `kustomizeController.extraEnvVars` | Array with extra environment variables to add to Kustomize Controller nodes | `[]` | +| `kustomizeController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Kustomize Controller nodes | `""` | +| `kustomizeController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Kustomize Controller nodes | `""` | +| `kustomizeController.extraVolumes` | Optionally specify extra list of additional volumes for the Kustomize Controller pod(s) | `[]` | +| `kustomizeController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kustomize Controller container(s) | `[]` | +| `kustomizeController.sidecars` | Add additional sidecar containers to the Kustomize Controller pod(s) | `[]` | +| `kustomizeController.initContainers` | Add additional init containers to the Kustomize Controller pod(s) | `[]` | ### Kustomize Controller RBAC Parameters @@ -198,85 +202,85 @@ The command removes all the Kubernetes components associated with the chart and ### Helm Controller Parameters -| Name | Description | Value | -| ------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `helmController.enabled` | Enable Helm Controller | `true` | -| `helmController.image.registry` | Helm Controller image registry | `docker.io` | -| `helmController.image.repository` | Helm Controller image repository | `bitnami/fluxcd-helm-controller` | -| `helmController.image.tag` | Helm Controller image tag (immutable tags are recommended) | `0.36.2-debian-11-r0` | -| `helmController.image.digest` | Helm Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `helmController.image.pullPolicy` | Helm Controller image pull policy | `IfNotPresent` | -| `helmController.image.pullSecrets` | Helm Controller image pull secrets | `[]` | -| `helmController.image.debug` | Enable Helm Controller image debug mode | `false` | -| `helmController.replicaCount` | Number of Helm Controller replicas to deploy | `1` | -| `helmController.containerPorts.metrics` | Helm Controller metrics container port | `8080` | -| `helmController.containerPorts.health` | Helm Controller health container port | `9440` | -| `helmController.livenessProbe.enabled` | Enable livenessProbe on Helm Controller containers | `true` | -| `helmController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `helmController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `helmController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `helmController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `helmController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `helmController.readinessProbe.enabled` | Enable readinessProbe on Helm Controller containers | `true` | -| `helmController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `helmController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `helmController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `helmController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `helmController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `helmController.startupProbe.enabled` | Enable startupProbe on Helm Controller containers | `false` | -| `helmController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `helmController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `helmController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `helmController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `helmController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `helmController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `helmController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `helmController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `helmController.resources.limits` | The resources limits for the Helm Controller containers | `{}` | -| `helmController.resources.requests` | The requested resources for the Helm Controller containers | `{}` | -| `helmController.podSecurityContext.enabled` | Enabled Helm Controller pods' Security Context | `true` | -| `helmController.podSecurityContext.fsGroup` | Set Helm Controller pod's Security Context fsGroup | `1001` | -| `helmController.podSecurityContext.seccompProfile.type` | Set Helm Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `helmController.containerSecurityContext.enabled` | Enabled Helm Controller containers' Security Context | `true` | -| `helmController.containerSecurityContext.runAsUser` | Set Helm Controller containers' Security Context runAsUser | `1001` | -| `helmController.containerSecurityContext.runAsNonRoot` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | -| `helmController.containerSecurityContext.readOnlyRootFilesystem` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | -| `helmController.containerSecurityContext.allowPrivilegeEscalation` | Set Helm Controller container's privilege escalation | `false` | -| `helmController.containerSecurityContext.capabilities.drop` | Set Helm Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `helmController.command` | Override default container command (useful when using custom images) | `[]` | -| `helmController.args` | Override default container args (useful when using custom images) | `[]` | -| `helmController.hostAliases` | Helm Controller pods host aliases | `[]` | -| `helmController.podLabels` | Extra labels for Helm Controller pods | `{}` | -| `helmController.podAnnotations` | Annotations for Helm Controller pods | `{}` | -| `helmController.podAffinityPreset` | Pod affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `helmController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `helmController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `helmController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `helmController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `helmController.autoscaling.enabled` | Enable autoscaling for helmController | `false` | -| `helmController.autoscaling.minReplicas` | Minimum number of helmController replicas | `""` | -| `helmController.autoscaling.maxReplicas` | Maximum number of helmController replicas | `""` | -| `helmController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `helmController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `helmController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `helmController.nodeAffinityPreset.key` | Node label key to match. Ignored if `helmController.affinity` is set | `""` | -| `helmController.nodeAffinityPreset.values` | Node label values to match. Ignored if `helmController.affinity` is set | `[]` | -| `helmController.affinity` | Affinity for Helm Controller pods assignment | `{}` | -| `helmController.nodeSelector` | Node labels for Helm Controller pods assignment | `{}` | -| `helmController.tolerations` | Tolerations for Helm Controller pods assignment | `[]` | -| `helmController.updateStrategy.type` | Helm Controller statefulset strategy type | `RollingUpdate` | -| `helmController.priorityClassName` | Helm Controller pods' priorityClassName | `""` | -| `helmController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `helmController.schedulerName` | Name of the k8s scheduler (other than default) for Helm Controller pods | `""` | -| `helmController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `helmController.lifecycleHooks` | for the Helm Controller container(s) to automate configuration before or after startup | `{}` | -| `helmController.extraEnvVars` | Array with extra environment variables to add to Helm Controller nodes | `[]` | -| `helmController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Helm Controller nodes | `""` | -| `helmController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Helm Controller nodes | `""` | -| `helmController.extraVolumes` | Optionally specify extra list of additional volumes for the Helm Controller pod(s) | `[]` | -| `helmController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Helm Controller container(s) | `[]` | -| `helmController.sidecars` | Add additional sidecar containers to the Helm Controller pod(s) | `[]` | -| `helmController.initContainers` | Add additional init containers to the Helm Controller pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | +| `helmController.enabled` | Enable Helm Controller | `true` | +| `helmController.image.registry` | Helm Controller image registry | `REGISTRY_NAME` | +| `helmController.image.repository` | Helm Controller image repository | `REPOSITORY_NAME/fluxcd-helm-controller` | +| `helmController.image.tag` | Helm Controller image tag (immutable tags are recommended) | `0.36.2-debian-11-r0` | +| `helmController.image.digest` | Helm Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `helmController.image.pullPolicy` | Helm Controller image pull policy | `IfNotPresent` | +| `helmController.image.pullSecrets` | Helm Controller image pull secrets | `[]` | +| `helmController.image.debug` | Enable Helm Controller image debug mode | `false` | +| `helmController.replicaCount` | Number of Helm Controller replicas to deploy | `1` | +| `helmController.containerPorts.metrics` | Helm Controller metrics container port | `8080` | +| `helmController.containerPorts.health` | Helm Controller health container port | `9440` | +| `helmController.livenessProbe.enabled` | Enable livenessProbe on Helm Controller containers | `true` | +| `helmController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `helmController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `helmController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `helmController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `helmController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `helmController.readinessProbe.enabled` | Enable readinessProbe on Helm Controller containers | `true` | +| `helmController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `helmController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `helmController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `helmController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `helmController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `helmController.startupProbe.enabled` | Enable startupProbe on Helm Controller containers | `false` | +| `helmController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `helmController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `helmController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `helmController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `helmController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `helmController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `helmController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `helmController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `helmController.resources.limits` | The resources limits for the Helm Controller containers | `{}` | +| `helmController.resources.requests` | The requested resources for the Helm Controller containers | `{}` | +| `helmController.podSecurityContext.enabled` | Enabled Helm Controller pods' Security Context | `true` | +| `helmController.podSecurityContext.fsGroup` | Set Helm Controller pod's Security Context fsGroup | `1001` | +| `helmController.podSecurityContext.seccompProfile.type` | Set Helm Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `helmController.containerSecurityContext.enabled` | Enabled Helm Controller containers' Security Context | `true` | +| `helmController.containerSecurityContext.runAsUser` | Set Helm Controller containers' Security Context runAsUser | `1001` | +| `helmController.containerSecurityContext.runAsNonRoot` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | +| `helmController.containerSecurityContext.readOnlyRootFilesystem` | Set Helm Controller containers' Security Context runAsNonRoot | `true` | +| `helmController.containerSecurityContext.allowPrivilegeEscalation` | Set Helm Controller container's privilege escalation | `false` | +| `helmController.containerSecurityContext.capabilities.drop` | Set Helm Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `helmController.command` | Override default container command (useful when using custom images) | `[]` | +| `helmController.args` | Override default container args (useful when using custom images) | `[]` | +| `helmController.hostAliases` | Helm Controller pods host aliases | `[]` | +| `helmController.podLabels` | Extra labels for Helm Controller pods | `{}` | +| `helmController.podAnnotations` | Annotations for Helm Controller pods | `{}` | +| `helmController.podAffinityPreset` | Pod affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `helmController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `helmController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `helmController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `helmController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `helmController.autoscaling.enabled` | Enable autoscaling for helmController | `false` | +| `helmController.autoscaling.minReplicas` | Minimum number of helmController replicas | `""` | +| `helmController.autoscaling.maxReplicas` | Maximum number of helmController replicas | `""` | +| `helmController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `helmController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `helmController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `helmController.nodeAffinityPreset.key` | Node label key to match. Ignored if `helmController.affinity` is set | `""` | +| `helmController.nodeAffinityPreset.values` | Node label values to match. Ignored if `helmController.affinity` is set | `[]` | +| `helmController.affinity` | Affinity for Helm Controller pods assignment | `{}` | +| `helmController.nodeSelector` | Node labels for Helm Controller pods assignment | `{}` | +| `helmController.tolerations` | Tolerations for Helm Controller pods assignment | `[]` | +| `helmController.updateStrategy.type` | Helm Controller statefulset strategy type | `RollingUpdate` | +| `helmController.priorityClassName` | Helm Controller pods' priorityClassName | `""` | +| `helmController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `helmController.schedulerName` | Name of the k8s scheduler (other than default) for Helm Controller pods | `""` | +| `helmController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `helmController.lifecycleHooks` | for the Helm Controller container(s) to automate configuration before or after startup | `{}` | +| `helmController.extraEnvVars` | Array with extra environment variables to add to Helm Controller nodes | `[]` | +| `helmController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Helm Controller nodes | `""` | +| `helmController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Helm Controller nodes | `""` | +| `helmController.extraVolumes` | Optionally specify extra list of additional volumes for the Helm Controller pod(s) | `[]` | +| `helmController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Helm Controller container(s) | `[]` | +| `helmController.sidecars` | Add additional sidecar containers to the Helm Controller pod(s) | `[]` | +| `helmController.initContainers` | Add additional init containers to the Helm Controller pod(s) | `[]` | ### Helm Controller RBAC Parameters @@ -319,86 +323,86 @@ The command removes all the Kubernetes components associated with the chart and ### Source Controller Parameters -| Name | Description | Value | -| -------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------- | -| `sourceController.enabled` | Enable Source Controller | `true` | -| `sourceController.image.registry` | Source Controller image registry | `docker.io` | -| `sourceController.image.repository` | Source Controller image repository | `bitnami/fluxcd-source-controller` | -| `sourceController.image.tag` | Source Controller image tag (immutable tags are recommended) | `1.1.2-debian-11-r0` | -| `sourceController.image.digest` | Source Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `sourceController.image.pullPolicy` | Source Controller image pull policy | `IfNotPresent` | -| `sourceController.image.pullSecrets` | Source Controller image pull secrets | `[]` | -| `sourceController.image.debug` | Enable Source Controller image debug mode | `false` | -| `sourceController.replicaCount` | Number of Source Controller replicas to deploy | `1` | -| `sourceController.containerPorts.http` | Source Controller http container port | `9090` | -| `sourceController.containerPorts.metrics` | Source Controller metrics container port | `8080` | -| `sourceController.containerPorts.health` | Source Controller health container port | `9440` | -| `sourceController.livenessProbe.enabled` | Enable livenessProbe on Source Controller containers | `true` | -| `sourceController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `sourceController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `sourceController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `sourceController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `sourceController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `sourceController.readinessProbe.enabled` | Enable readinessProbe on Source Controller containers | `true` | -| `sourceController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `sourceController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `sourceController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `sourceController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `sourceController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `sourceController.startupProbe.enabled` | Enable startupProbe on Source Controller containers | `false` | -| `sourceController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `sourceController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `sourceController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `sourceController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `sourceController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `sourceController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `sourceController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `sourceController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `sourceController.resources.limits` | The resources limits for the Source Controller containers | `{}` | -| `sourceController.resources.requests` | The requested resources for the Source Controller containers | `{}` | -| `sourceController.podSecurityContext.enabled` | Enabled Source Controller pods' Security Context | `true` | -| `sourceController.podSecurityContext.fsGroup` | Set Source Controller pod's Security Context fsGroup | `1001` | -| `sourceController.podSecurityContext.seccompProfile.type` | Set Source Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `sourceController.containerSecurityContext.enabled` | Enabled Source Controller containers' Security Context | `true` | -| `sourceController.containerSecurityContext.runAsUser` | Set Source Controller containers' Security Context runAsUser | `1001` | -| `sourceController.containerSecurityContext.runAsNonRoot` | Set Source Controller containers' Security Context runAsNonRoot | `true` | -| `sourceController.containerSecurityContext.readOnlyRootFilesystem` | Set Source Controller containers' Security Context runAsNonRoot | `true` | -| `sourceController.containerSecurityContext.allowPrivilegeEscalation` | Set Source Controller container's privilege escalation | `false` | -| `sourceController.containerSecurityContext.capabilities.drop` | Set Source Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `sourceController.command` | Override default container command (useful when using custom images) | `[]` | -| `sourceController.args` | Override default container args (useful when using custom images) | `[]` | -| `sourceController.hostAliases` | Source Controller pods host aliases | `[]` | -| `sourceController.podLabels` | Extra labels for Source Controller pods | `{}` | -| `sourceController.podAnnotations` | Annotations for Source Controller pods | `{}` | -| `sourceController.podAffinityPreset` | Pod affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `sourceController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `sourceController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `sourceController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `sourceController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `sourceController.autoscaling.enabled` | Enable autoscaling for sourceController | `false` | -| `sourceController.autoscaling.minReplicas` | Minimum number of sourceController replicas | `""` | -| `sourceController.autoscaling.maxReplicas` | Maximum number of sourceController replicas | `""` | -| `sourceController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `sourceController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `sourceController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `sourceController.nodeAffinityPreset.key` | Node label key to match. Ignored if `sourceController.affinity` is set | `""` | -| `sourceController.nodeAffinityPreset.values` | Node label values to match. Ignored if `sourceController.affinity` is set | `[]` | -| `sourceController.affinity` | Affinity for Source Controller pods assignment | `{}` | -| `sourceController.nodeSelector` | Node labels for Source Controller pods assignment | `{}` | -| `sourceController.tolerations` | Tolerations for Source Controller pods assignment | `[]` | -| `sourceController.updateStrategy.type` | Source Controller statefulset strategy type | `RollingUpdate` | -| `sourceController.priorityClassName` | Source Controller pods' priorityClassName | `""` | -| `sourceController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `sourceController.schedulerName` | Name of the k8s scheduler (other than default) for Source Controller pods | `""` | -| `sourceController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `sourceController.lifecycleHooks` | for the Source Controller container(s) to automate configuration before or after startup | `{}` | -| `sourceController.extraEnvVars` | Array with extra environment variables to add to Source Controller nodes | `[]` | -| `sourceController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Source Controller nodes | `""` | -| `sourceController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Source Controller nodes | `""` | -| `sourceController.extraVolumes` | Optionally specify extra list of additional volumes for the Source Controller pod(s) | `[]` | -| `sourceController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Source Controller container(s) | `[]` | -| `sourceController.sidecars` | Add additional sidecar containers to the Source Controller pod(s) | `[]` | -| `sourceController.initContainers` | Add additional init containers to the Source Controller pod(s) | `[]` | +| Name | Description | Value | +| -------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------ | +| `sourceController.enabled` | Enable Source Controller | `true` | +| `sourceController.image.registry` | Source Controller image registry | `REGISTRY_NAME` | +| `sourceController.image.repository` | Source Controller image repository | `REPOSITORY_NAME/fluxcd-source-controller` | +| `sourceController.image.tag` | Source Controller image tag (immutable tags are recommended) | `1.1.2-debian-11-r0` | +| `sourceController.image.digest` | Source Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `sourceController.image.pullPolicy` | Source Controller image pull policy | `IfNotPresent` | +| `sourceController.image.pullSecrets` | Source Controller image pull secrets | `[]` | +| `sourceController.image.debug` | Enable Source Controller image debug mode | `false` | +| `sourceController.replicaCount` | Number of Source Controller replicas to deploy | `1` | +| `sourceController.containerPorts.http` | Source Controller http container port | `9090` | +| `sourceController.containerPorts.metrics` | Source Controller metrics container port | `8080` | +| `sourceController.containerPorts.health` | Source Controller health container port | `9440` | +| `sourceController.livenessProbe.enabled` | Enable livenessProbe on Source Controller containers | `true` | +| `sourceController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `sourceController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `sourceController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `sourceController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `sourceController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `sourceController.readinessProbe.enabled` | Enable readinessProbe on Source Controller containers | `true` | +| `sourceController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `sourceController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `sourceController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `sourceController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `sourceController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `sourceController.startupProbe.enabled` | Enable startupProbe on Source Controller containers | `false` | +| `sourceController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `sourceController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `sourceController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `sourceController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `sourceController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `sourceController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `sourceController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `sourceController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `sourceController.resources.limits` | The resources limits for the Source Controller containers | `{}` | +| `sourceController.resources.requests` | The requested resources for the Source Controller containers | `{}` | +| `sourceController.podSecurityContext.enabled` | Enabled Source Controller pods' Security Context | `true` | +| `sourceController.podSecurityContext.fsGroup` | Set Source Controller pod's Security Context fsGroup | `1001` | +| `sourceController.podSecurityContext.seccompProfile.type` | Set Source Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `sourceController.containerSecurityContext.enabled` | Enabled Source Controller containers' Security Context | `true` | +| `sourceController.containerSecurityContext.runAsUser` | Set Source Controller containers' Security Context runAsUser | `1001` | +| `sourceController.containerSecurityContext.runAsNonRoot` | Set Source Controller containers' Security Context runAsNonRoot | `true` | +| `sourceController.containerSecurityContext.readOnlyRootFilesystem` | Set Source Controller containers' Security Context runAsNonRoot | `true` | +| `sourceController.containerSecurityContext.allowPrivilegeEscalation` | Set Source Controller container's privilege escalation | `false` | +| `sourceController.containerSecurityContext.capabilities.drop` | Set Source Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `sourceController.command` | Override default container command (useful when using custom images) | `[]` | +| `sourceController.args` | Override default container args (useful when using custom images) | `[]` | +| `sourceController.hostAliases` | Source Controller pods host aliases | `[]` | +| `sourceController.podLabels` | Extra labels for Source Controller pods | `{}` | +| `sourceController.podAnnotations` | Annotations for Source Controller pods | `{}` | +| `sourceController.podAffinityPreset` | Pod affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `sourceController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `sourceController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `sourceController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `sourceController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `sourceController.autoscaling.enabled` | Enable autoscaling for sourceController | `false` | +| `sourceController.autoscaling.minReplicas` | Minimum number of sourceController replicas | `""` | +| `sourceController.autoscaling.maxReplicas` | Maximum number of sourceController replicas | `""` | +| `sourceController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `sourceController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `sourceController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `sourceController.nodeAffinityPreset.key` | Node label key to match. Ignored if `sourceController.affinity` is set | `""` | +| `sourceController.nodeAffinityPreset.values` | Node label values to match. Ignored if `sourceController.affinity` is set | `[]` | +| `sourceController.affinity` | Affinity for Source Controller pods assignment | `{}` | +| `sourceController.nodeSelector` | Node labels for Source Controller pods assignment | `{}` | +| `sourceController.tolerations` | Tolerations for Source Controller pods assignment | `[]` | +| `sourceController.updateStrategy.type` | Source Controller statefulset strategy type | `RollingUpdate` | +| `sourceController.priorityClassName` | Source Controller pods' priorityClassName | `""` | +| `sourceController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `sourceController.schedulerName` | Name of the k8s scheduler (other than default) for Source Controller pods | `""` | +| `sourceController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `sourceController.lifecycleHooks` | for the Source Controller container(s) to automate configuration before or after startup | `{}` | +| `sourceController.extraEnvVars` | Array with extra environment variables to add to Source Controller nodes | `[]` | +| `sourceController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Source Controller nodes | `""` | +| `sourceController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Source Controller nodes | `""` | +| `sourceController.extraVolumes` | Optionally specify extra list of additional volumes for the Source Controller pod(s) | `[]` | +| `sourceController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Source Controller container(s) | `[]` | +| `sourceController.sidecars` | Add additional sidecar containers to the Source Controller pod(s) | `[]` | +| `sourceController.initContainers` | Add additional init containers to the Source Controller pod(s) | `[]` | ### Source Controller service parameters @@ -479,85 +483,85 @@ The command removes all the Kubernetes components associated with the chart and ### Notification Controller Parameters -| Name | Description | Value | -| -------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------- | -| `notificationController.enabled` | Enable Notification Controller | `true` | -| `notificationController.image.registry` | Notification Controller image registry | `docker.io` | -| `notificationController.image.repository` | Notification Controller image repository | `bitnami/fluxcd-notification-controller` | -| `notificationController.image.tag` | Notification Controller image tag (immutable tags are recommended) | `1.1.0-debian-11-r29` | -| `notificationController.image.digest` | Notification Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `notificationController.image.pullPolicy` | Notification Controller image pull policy | `IfNotPresent` | -| `notificationController.image.pullSecrets` | Notification Controller image pull secrets | `[]` | -| `notificationController.image.debug` | Enable Notification Controller image debug mode | `false` | -| `notificationController.replicaCount` | Number of Notification Controller replicas to deploy | `1` | -| `notificationController.containerPorts.metrics` | Notification Controller metrics container port | `8080` | -| `notificationController.containerPorts.health` | Notification Controller health container port | `9440` | -| `notificationController.livenessProbe.enabled` | Enable livenessProbe on Notification Controller containers | `true` | -| `notificationController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `notificationController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `notificationController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `notificationController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `notificationController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `notificationController.readinessProbe.enabled` | Enable readinessProbe on Notification Controller containers | `true` | -| `notificationController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `notificationController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `notificationController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `notificationController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `notificationController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `notificationController.startupProbe.enabled` | Enable startupProbe on Notification Controller containers | `false` | -| `notificationController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `notificationController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `notificationController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `notificationController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `notificationController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `notificationController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `notificationController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `notificationController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `notificationController.resources.limits` | The resources limits for the Notification Controller containers | `{}` | -| `notificationController.resources.requests` | The requested resources for the Notification Controller containers | `{}` | -| `notificationController.podSecurityContext.enabled` | Enabled Notification Controller pods' Security Context | `true` | -| `notificationController.podSecurityContext.fsGroup` | Set Notification Controller pod's Security Context fsGroup | `1001` | -| `notificationController.podSecurityContext.seccompProfile.type` | Set Notification Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `notificationController.containerSecurityContext.enabled` | Enabled Notification Controller containers' Security Context | `true` | -| `notificationController.containerSecurityContext.runAsUser` | Set Notification Controller containers' Security Context runAsUser | `1001` | -| `notificationController.containerSecurityContext.runAsNonRoot` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | -| `notificationController.containerSecurityContext.readOnlyRootFilesystem` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | -| `notificationController.containerSecurityContext.allowPrivilegeEscalation` | Set Notification Controller container's privilege escalation | `false` | -| `notificationController.containerSecurityContext.capabilities.drop` | Set Notification Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `notificationController.command` | Override default container command (useful when using custom images) | `[]` | -| `notificationController.args` | Override default container args (useful when using custom images) | `[]` | -| `notificationController.hostAliases` | Notification Controller pods host aliases | `[]` | -| `notificationController.podLabels` | Extra labels for Notification Controller pods | `{}` | -| `notificationController.podAnnotations` | Annotations for Notification Controller pods | `{}` | -| `notificationController.podAffinityPreset` | Pod affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `notificationController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `notificationController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `notificationController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `notificationController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `notificationController.autoscaling.enabled` | Enable autoscaling for notificationController | `false` | -| `notificationController.autoscaling.minReplicas` | Minimum number of notificationController replicas | `""` | -| `notificationController.autoscaling.maxReplicas` | Maximum number of notificationController replicas | `""` | -| `notificationController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `notificationController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `notificationController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `notificationController.nodeAffinityPreset.key` | Node label key to match. Ignored if `notificationController.affinity` is set | `""` | -| `notificationController.nodeAffinityPreset.values` | Node label values to match. Ignored if `notificationController.affinity` is set | `[]` | -| `notificationController.affinity` | Affinity for Notification Controller pods assignment | `{}` | -| `notificationController.nodeSelector` | Node labels for Notification Controller pods assignment | `{}` | -| `notificationController.tolerations` | Tolerations for Notification Controller pods assignment | `[]` | -| `notificationController.updateStrategy.type` | Notification Controller statefulset strategy type | `RollingUpdate` | -| `notificationController.priorityClassName` | Notification Controller pods' priorityClassName | `""` | -| `notificationController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `notificationController.schedulerName` | Name of the k8s scheduler (other than default) for Notification Controller pods | `""` | -| `notificationController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `notificationController.lifecycleHooks` | for the Notification Controller container(s) to automate configuration before or after startup | `{}` | -| `notificationController.extraEnvVars` | Array with extra environment variables to add to Notification Controller nodes | `[]` | -| `notificationController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Notification Controller nodes | `""` | -| `notificationController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Notification Controller nodes | `""` | -| `notificationController.extraVolumes` | Optionally specify extra list of additional volumes for the Notification Controller pod(s) | `[]` | -| `notificationController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Notification Controller container(s) | `[]` | -| `notificationController.sidecars` | Add additional sidecar containers to the Notification Controller pod(s) | `[]` | -| `notificationController.initContainers` | Add additional init containers to the Notification Controller pod(s) | `[]` | +| Name | Description | Value | +| -------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------ | +| `notificationController.enabled` | Enable Notification Controller | `true` | +| `notificationController.image.registry` | Notification Controller image registry | `REGISTRY_NAME` | +| `notificationController.image.repository` | Notification Controller image repository | `REPOSITORY_NAME/fluxcd-notification-controller` | +| `notificationController.image.tag` | Notification Controller image tag (immutable tags are recommended) | `1.1.0-debian-11-r29` | +| `notificationController.image.digest` | Notification Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `notificationController.image.pullPolicy` | Notification Controller image pull policy | `IfNotPresent` | +| `notificationController.image.pullSecrets` | Notification Controller image pull secrets | `[]` | +| `notificationController.image.debug` | Enable Notification Controller image debug mode | `false` | +| `notificationController.replicaCount` | Number of Notification Controller replicas to deploy | `1` | +| `notificationController.containerPorts.metrics` | Notification Controller metrics container port | `8080` | +| `notificationController.containerPorts.health` | Notification Controller health container port | `9440` | +| `notificationController.livenessProbe.enabled` | Enable livenessProbe on Notification Controller containers | `true` | +| `notificationController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `notificationController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `notificationController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `notificationController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `notificationController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `notificationController.readinessProbe.enabled` | Enable readinessProbe on Notification Controller containers | `true` | +| `notificationController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `notificationController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `notificationController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `notificationController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `notificationController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `notificationController.startupProbe.enabled` | Enable startupProbe on Notification Controller containers | `false` | +| `notificationController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `notificationController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `notificationController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `notificationController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `notificationController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `notificationController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `notificationController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `notificationController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `notificationController.resources.limits` | The resources limits for the Notification Controller containers | `{}` | +| `notificationController.resources.requests` | The requested resources for the Notification Controller containers | `{}` | +| `notificationController.podSecurityContext.enabled` | Enabled Notification Controller pods' Security Context | `true` | +| `notificationController.podSecurityContext.fsGroup` | Set Notification Controller pod's Security Context fsGroup | `1001` | +| `notificationController.podSecurityContext.seccompProfile.type` | Set Notification Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `notificationController.containerSecurityContext.enabled` | Enabled Notification Controller containers' Security Context | `true` | +| `notificationController.containerSecurityContext.runAsUser` | Set Notification Controller containers' Security Context runAsUser | `1001` | +| `notificationController.containerSecurityContext.runAsNonRoot` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | +| `notificationController.containerSecurityContext.readOnlyRootFilesystem` | Set Notification Controller containers' Security Context runAsNonRoot | `true` | +| `notificationController.containerSecurityContext.allowPrivilegeEscalation` | Set Notification Controller container's privilege escalation | `false` | +| `notificationController.containerSecurityContext.capabilities.drop` | Set Notification Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `notificationController.command` | Override default container command (useful when using custom images) | `[]` | +| `notificationController.args` | Override default container args (useful when using custom images) | `[]` | +| `notificationController.hostAliases` | Notification Controller pods host aliases | `[]` | +| `notificationController.podLabels` | Extra labels for Notification Controller pods | `{}` | +| `notificationController.podAnnotations` | Annotations for Notification Controller pods | `{}` | +| `notificationController.podAffinityPreset` | Pod affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `notificationController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `notificationController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `notificationController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `notificationController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `notificationController.autoscaling.enabled` | Enable autoscaling for notificationController | `false` | +| `notificationController.autoscaling.minReplicas` | Minimum number of notificationController replicas | `""` | +| `notificationController.autoscaling.maxReplicas` | Maximum number of notificationController replicas | `""` | +| `notificationController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `notificationController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `notificationController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `notificationController.nodeAffinityPreset.key` | Node label key to match. Ignored if `notificationController.affinity` is set | `""` | +| `notificationController.nodeAffinityPreset.values` | Node label values to match. Ignored if `notificationController.affinity` is set | `[]` | +| `notificationController.affinity` | Affinity for Notification Controller pods assignment | `{}` | +| `notificationController.nodeSelector` | Node labels for Notification Controller pods assignment | `{}` | +| `notificationController.tolerations` | Tolerations for Notification Controller pods assignment | `[]` | +| `notificationController.updateStrategy.type` | Notification Controller statefulset strategy type | `RollingUpdate` | +| `notificationController.priorityClassName` | Notification Controller pods' priorityClassName | `""` | +| `notificationController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `notificationController.schedulerName` | Name of the k8s scheduler (other than default) for Notification Controller pods | `""` | +| `notificationController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `notificationController.lifecycleHooks` | for the Notification Controller container(s) to automate configuration before or after startup | `{}` | +| `notificationController.extraEnvVars` | Array with extra environment variables to add to Notification Controller nodes | `[]` | +| `notificationController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Notification Controller nodes | `""` | +| `notificationController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Notification Controller nodes | `""` | +| `notificationController.extraVolumes` | Optionally specify extra list of additional volumes for the Notification Controller pod(s) | `[]` | +| `notificationController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Notification Controller container(s) | `[]` | +| `notificationController.sidecars` | Add additional sidecar containers to the Notification Controller pod(s) | `[]` | +| `notificationController.initContainers` | Add additional init containers to the Notification Controller pod(s) | `[]` | ### Notification Controller RBAC Parameters @@ -600,85 +604,85 @@ The command removes all the Kubernetes components associated with the chart and ### Image Automation Controller Parameters -| Name | Description | Value | -| ----------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------- | -| `imageAutomationController.enabled` | Enable Image Automation Controller | `true` | -| `imageAutomationController.image.registry` | Image Automation Controller image registry | `docker.io` | -| `imageAutomationController.image.repository` | Image Automation Controller image repository | `bitnami/fluxcd-image-automation-controller` | -| `imageAutomationController.image.tag` | Image Automation Controller image tag (immutable tags are recommended) | `0.36.1-debian-11-r6` | -| `imageAutomationController.image.digest` | Image Automation Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `imageAutomationController.image.pullPolicy` | Image Automation Controller image pull policy | `IfNotPresent` | -| `imageAutomationController.image.pullSecrets` | Image Automation Controller image pull secrets | `[]` | -| `imageAutomationController.image.debug` | Enable Image Automation Controller image debug mode | `false` | -| `imageAutomationController.replicaCount` | Number of Image Automation Controller replicas to deploy | `1` | -| `imageAutomationController.containerPorts.metrics` | Image Automation Controller metrics container port | `8080` | -| `imageAutomationController.containerPorts.health` | Image Automation Controller health container port | `9440` | -| `imageAutomationController.livenessProbe.enabled` | Enable livenessProbe on Image Automation Controller containers | `true` | -| `imageAutomationController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `imageAutomationController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `imageAutomationController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `imageAutomationController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `imageAutomationController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `imageAutomationController.readinessProbe.enabled` | Enable readinessProbe on Image Automation Controller containers | `true` | -| `imageAutomationController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `imageAutomationController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `imageAutomationController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `imageAutomationController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `imageAutomationController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `imageAutomationController.startupProbe.enabled` | Enable startupProbe on Image Automation Controller containers | `false` | -| `imageAutomationController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `imageAutomationController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `imageAutomationController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `imageAutomationController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `imageAutomationController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `imageAutomationController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `imageAutomationController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `imageAutomationController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `imageAutomationController.resources.limits` | The resources limits for the Image Automation Controller containers | `{}` | -| `imageAutomationController.resources.requests` | The requested resources for the Image Automation Controller containers | `{}` | -| `imageAutomationController.podSecurityContext.enabled` | Enabled Image Automation Controller pods' Security Context | `true` | -| `imageAutomationController.podSecurityContext.fsGroup` | Set Image Automation Controller pod's Security Context fsGroup | `1001` | -| `imageAutomationController.podSecurityContext.seccompProfile.type` | Set Image Automation Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `imageAutomationController.containerSecurityContext.enabled` | Enabled Image Automation Controller containers' Security Context | `true` | -| `imageAutomationController.containerSecurityContext.runAsUser` | Set Image Automation Controller containers' Security Context runAsUser | `1001` | -| `imageAutomationController.containerSecurityContext.runAsNonRoot` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | -| `imageAutomationController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | -| `imageAutomationController.containerSecurityContext.allowPrivilegeEscalation` | Set Image Automation Controller container's privilege escalation | `false` | -| `imageAutomationController.containerSecurityContext.capabilities.drop` | Set Image Automation Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `imageAutomationController.command` | Override default container command (useful when using custom images) | `[]` | -| `imageAutomationController.args` | Override default container args (useful when using custom images) | `[]` | -| `imageAutomationController.hostAliases` | Image Automation Controller pods host aliases | `[]` | -| `imageAutomationController.podLabels` | Extra labels for Image Automation Controller pods | `{}` | -| `imageAutomationController.podAnnotations` | Annotations for Image Automation Controller pods | `{}` | -| `imageAutomationController.podAffinityPreset` | Pod affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageAutomationController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `imageAutomationController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `imageAutomationController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `imageAutomationController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `imageAutomationController.autoscaling.enabled` | Enable autoscaling for imageAutomationController | `false` | -| `imageAutomationController.autoscaling.minReplicas` | Minimum number of imageAutomationController replicas | `""` | -| `imageAutomationController.autoscaling.maxReplicas` | Maximum number of imageAutomationController replicas | `""` | -| `imageAutomationController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `imageAutomationController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `imageAutomationController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageAutomationController.nodeAffinityPreset.key` | Node label key to match. Ignored if `imageAutomationController.affinity` is set | `""` | -| `imageAutomationController.nodeAffinityPreset.values` | Node label values to match. Ignored if `imageAutomationController.affinity` is set | `[]` | -| `imageAutomationController.affinity` | Affinity for Image Automation Controller pods assignment | `{}` | -| `imageAutomationController.nodeSelector` | Node labels for Image Automation Controller pods assignment | `{}` | -| `imageAutomationController.tolerations` | Tolerations for Image Automation Controller pods assignment | `[]` | -| `imageAutomationController.updateStrategy.type` | Image Automation Controller statefulset strategy type | `RollingUpdate` | -| `imageAutomationController.priorityClassName` | Image Automation Controller pods' priorityClassName | `""` | -| `imageAutomationController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `imageAutomationController.schedulerName` | Name of the k8s scheduler (other than default) for Image Automation Controller pods | `""` | -| `imageAutomationController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `imageAutomationController.lifecycleHooks` | for the Image Automation Controller container(s) to automate configuration before or after startup | `{}` | -| `imageAutomationController.extraEnvVars` | Array with extra environment variables to add to Image Automation Controller nodes | `[]` | -| `imageAutomationController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Image Automation Controller nodes | `""` | -| `imageAutomationController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Image Automation Controller nodes | `""` | -| `imageAutomationController.extraVolumes` | Optionally specify extra list of additional volumes for the Image Automation Controller pod(s) | `[]` | -| `imageAutomationController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Image Automation Controller container(s) | `[]` | -| `imageAutomationController.sidecars` | Add additional sidecar containers to the Image Automation Controller pod(s) | `[]` | -| `imageAutomationController.initContainers` | Add additional init containers to the Image Automation Controller pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- | +| `imageAutomationController.enabled` | Enable Image Automation Controller | `true` | +| `imageAutomationController.image.registry` | Image Automation Controller image registry | `REGISTRY_NAME` | +| `imageAutomationController.image.repository` | Image Automation Controller image repository | `REPOSITORY_NAME/fluxcd-image-automation-controller` | +| `imageAutomationController.image.tag` | Image Automation Controller image tag (immutable tags are recommended) | `0.36.1-debian-11-r6` | +| `imageAutomationController.image.digest` | Image Automation Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `imageAutomationController.image.pullPolicy` | Image Automation Controller image pull policy | `IfNotPresent` | +| `imageAutomationController.image.pullSecrets` | Image Automation Controller image pull secrets | `[]` | +| `imageAutomationController.image.debug` | Enable Image Automation Controller image debug mode | `false` | +| `imageAutomationController.replicaCount` | Number of Image Automation Controller replicas to deploy | `1` | +| `imageAutomationController.containerPorts.metrics` | Image Automation Controller metrics container port | `8080` | +| `imageAutomationController.containerPorts.health` | Image Automation Controller health container port | `9440` | +| `imageAutomationController.livenessProbe.enabled` | Enable livenessProbe on Image Automation Controller containers | `true` | +| `imageAutomationController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `imageAutomationController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `imageAutomationController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `imageAutomationController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `imageAutomationController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `imageAutomationController.readinessProbe.enabled` | Enable readinessProbe on Image Automation Controller containers | `true` | +| `imageAutomationController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `imageAutomationController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `imageAutomationController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `imageAutomationController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `imageAutomationController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `imageAutomationController.startupProbe.enabled` | Enable startupProbe on Image Automation Controller containers | `false` | +| `imageAutomationController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `imageAutomationController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `imageAutomationController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `imageAutomationController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `imageAutomationController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `imageAutomationController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `imageAutomationController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `imageAutomationController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `imageAutomationController.resources.limits` | The resources limits for the Image Automation Controller containers | `{}` | +| `imageAutomationController.resources.requests` | The requested resources for the Image Automation Controller containers | `{}` | +| `imageAutomationController.podSecurityContext.enabled` | Enabled Image Automation Controller pods' Security Context | `true` | +| `imageAutomationController.podSecurityContext.fsGroup` | Set Image Automation Controller pod's Security Context fsGroup | `1001` | +| `imageAutomationController.podSecurityContext.seccompProfile.type` | Set Image Automation Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `imageAutomationController.containerSecurityContext.enabled` | Enabled Image Automation Controller containers' Security Context | `true` | +| `imageAutomationController.containerSecurityContext.runAsUser` | Set Image Automation Controller containers' Security Context runAsUser | `1001` | +| `imageAutomationController.containerSecurityContext.runAsNonRoot` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | +| `imageAutomationController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Automation Controller containers' Security Context runAsNonRoot | `true` | +| `imageAutomationController.containerSecurityContext.allowPrivilegeEscalation` | Set Image Automation Controller container's privilege escalation | `false` | +| `imageAutomationController.containerSecurityContext.capabilities.drop` | Set Image Automation Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `imageAutomationController.command` | Override default container command (useful when using custom images) | `[]` | +| `imageAutomationController.args` | Override default container args (useful when using custom images) | `[]` | +| `imageAutomationController.hostAliases` | Image Automation Controller pods host aliases | `[]` | +| `imageAutomationController.podLabels` | Extra labels for Image Automation Controller pods | `{}` | +| `imageAutomationController.podAnnotations` | Annotations for Image Automation Controller pods | `{}` | +| `imageAutomationController.podAffinityPreset` | Pod affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageAutomationController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `imageAutomationController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `imageAutomationController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `imageAutomationController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `imageAutomationController.autoscaling.enabled` | Enable autoscaling for imageAutomationController | `false` | +| `imageAutomationController.autoscaling.minReplicas` | Minimum number of imageAutomationController replicas | `""` | +| `imageAutomationController.autoscaling.maxReplicas` | Maximum number of imageAutomationController replicas | `""` | +| `imageAutomationController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `imageAutomationController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `imageAutomationController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageAutomationController.nodeAffinityPreset.key` | Node label key to match. Ignored if `imageAutomationController.affinity` is set | `""` | +| `imageAutomationController.nodeAffinityPreset.values` | Node label values to match. Ignored if `imageAutomationController.affinity` is set | `[]` | +| `imageAutomationController.affinity` | Affinity for Image Automation Controller pods assignment | `{}` | +| `imageAutomationController.nodeSelector` | Node labels for Image Automation Controller pods assignment | `{}` | +| `imageAutomationController.tolerations` | Tolerations for Image Automation Controller pods assignment | `[]` | +| `imageAutomationController.updateStrategy.type` | Image Automation Controller statefulset strategy type | `RollingUpdate` | +| `imageAutomationController.priorityClassName` | Image Automation Controller pods' priorityClassName | `""` | +| `imageAutomationController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `imageAutomationController.schedulerName` | Name of the k8s scheduler (other than default) for Image Automation Controller pods | `""` | +| `imageAutomationController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `imageAutomationController.lifecycleHooks` | for the Image Automation Controller container(s) to automate configuration before or after startup | `{}` | +| `imageAutomationController.extraEnvVars` | Array with extra environment variables to add to Image Automation Controller nodes | `[]` | +| `imageAutomationController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Image Automation Controller nodes | `""` | +| `imageAutomationController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Image Automation Controller nodes | `""` | +| `imageAutomationController.extraVolumes` | Optionally specify extra list of additional volumes for the Image Automation Controller pod(s) | `[]` | +| `imageAutomationController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Image Automation Controller container(s) | `[]` | +| `imageAutomationController.sidecars` | Add additional sidecar containers to the Image Automation Controller pod(s) | `[]` | +| `imageAutomationController.initContainers` | Add additional init containers to the Image Automation Controller pod(s) | `[]` | ### Image Automation Controller RBAC Parameters @@ -721,85 +725,85 @@ The command removes all the Kubernetes components associated with the chart and ### Image Reflector Controller Parameters -| Name | Description | Value | -| ---------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | -| `imageReflectorController.enabled` | Enable Image Reflector Controller | `true` | -| `imageReflectorController.image.registry` | Image Reflector Controller image registry | `docker.io` | -| `imageReflectorController.image.repository` | Image Reflector Controller image repository | `bitnami/fluxcd-image-reflector-controller` | -| `imageReflectorController.image.tag` | Image Reflector Controller image tag (immutable tags are recommended) | `0.30.0-debian-11-r43` | -| `imageReflectorController.image.digest` | Image Reflector Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `imageReflectorController.image.pullPolicy` | Image Reflector Controller image pull policy | `IfNotPresent` | -| `imageReflectorController.image.pullSecrets` | Image Reflector Controller image pull secrets | `[]` | -| `imageReflectorController.image.debug` | Enable Image Reflector Controller image debug mode | `false` | -| `imageReflectorController.replicaCount` | Number of Image Reflector Controller replicas to deploy | `1` | -| `imageReflectorController.containerPorts.metrics` | Image Reflector Controller metrics container port | `8080` | -| `imageReflectorController.containerPorts.health` | Image Reflector Controller health container port | `9440` | -| `imageReflectorController.livenessProbe.enabled` | Enable livenessProbe on Image Reflector Controller containers | `true` | -| `imageReflectorController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `imageReflectorController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `imageReflectorController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `imageReflectorController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `imageReflectorController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `imageReflectorController.readinessProbe.enabled` | Enable readinessProbe on Image Reflector Controller containers | `true` | -| `imageReflectorController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `imageReflectorController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `imageReflectorController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `imageReflectorController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `imageReflectorController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `imageReflectorController.startupProbe.enabled` | Enable startupProbe on Image Reflector Controller containers | `false` | -| `imageReflectorController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `imageReflectorController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `imageReflectorController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `imageReflectorController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `imageReflectorController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `imageReflectorController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `imageReflectorController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `imageReflectorController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `imageReflectorController.resources.limits` | The resources limits for the Image Reflector Controller containers | `{}` | -| `imageReflectorController.resources.requests` | The requested resources for the Image Reflector Controller containers | `{}` | -| `imageReflectorController.podSecurityContext.enabled` | Enabled Image Reflector Controller pods' Security Context | `true` | -| `imageReflectorController.podSecurityContext.fsGroup` | Set Image Reflector Controller pod's Security Context fsGroup | `1001` | -| `imageReflectorController.podSecurityContext.seccompProfile.type` | Set Image Reflector Controller container's Security Context seccomp profile | `RuntimeDefault` | -| `imageReflectorController.containerSecurityContext.enabled` | Enabled Image Reflector Controller containers' Security Context | `true` | -| `imageReflectorController.containerSecurityContext.runAsUser` | Set Image Reflector Controller containers' Security Context runAsUser | `1001` | -| `imageReflectorController.containerSecurityContext.runAsNonRoot` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | -| `imageReflectorController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | -| `imageReflectorController.containerSecurityContext.allowPrivilegeEscalation` | Set Image Reflector Controller container's privilege escalation | `false` | -| `imageReflectorController.containerSecurityContext.capabilities.drop` | Set Image Reflector Controller container's Security Context runAsNonRoot | `["ALL"]` | -| `imageReflectorController.command` | Override default container command (useful when using custom images) | `[]` | -| `imageReflectorController.args` | Override default container args (useful when using custom images) | `[]` | -| `imageReflectorController.hostAliases` | Image Reflector Controller pods host aliases | `[]` | -| `imageReflectorController.podLabels` | Extra labels for Image Reflector Controller pods | `{}` | -| `imageReflectorController.podAnnotations` | Annotations for Image Reflector Controller pods | `{}` | -| `imageReflectorController.podAffinityPreset` | Pod affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageReflectorController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `imageReflectorController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `imageReflectorController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `imageReflectorController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `imageReflectorController.autoscaling.enabled` | Enable autoscaling for imageReflectorController | `false` | -| `imageReflectorController.autoscaling.minReplicas` | Minimum number of imageReflectorController replicas | `""` | -| `imageReflectorController.autoscaling.maxReplicas` | Maximum number of imageReflectorController replicas | `""` | -| `imageReflectorController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `imageReflectorController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `imageReflectorController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageReflectorController.nodeAffinityPreset.key` | Node label key to match. Ignored if `imageReflectorController.affinity` is set | `""` | -| `imageReflectorController.nodeAffinityPreset.values` | Node label values to match. Ignored if `imageReflectorController.affinity` is set | `[]` | -| `imageReflectorController.affinity` | Affinity for Image Reflector Controller pods assignment | `{}` | -| `imageReflectorController.nodeSelector` | Node labels for Image Reflector Controller pods assignment | `{}` | -| `imageReflectorController.tolerations` | Tolerations for Image Reflector Controller pods assignment | `[]` | -| `imageReflectorController.updateStrategy.type` | Image Reflector Controller statefulset strategy type | `RollingUpdate` | -| `imageReflectorController.priorityClassName` | Image Reflector Controller pods' priorityClassName | `""` | -| `imageReflectorController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `imageReflectorController.schedulerName` | Name of the k8s scheduler (other than default) for Image Reflector Controller pods | `""` | -| `imageReflectorController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `imageReflectorController.lifecycleHooks` | for the Image Reflector Controller container(s) to automate configuration before or after startup | `{}` | -| `imageReflectorController.extraEnvVars` | Array with extra environment variables to add to Image Reflector Controller nodes | `[]` | -| `imageReflectorController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Image Reflector Controller nodes | `""` | -| `imageReflectorController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Image Reflector Controller nodes | `""` | -| `imageReflectorController.extraVolumes` | Optionally specify extra list of additional volumes for the Image Reflector Controller pod(s) | `[]` | -| `imageReflectorController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Image Reflector Controller container(s) | `[]` | -| `imageReflectorController.sidecars` | Add additional sidecar containers to the Image Reflector Controller pod(s) | `[]` | -| `imageReflectorController.initContainers` | Add additional init containers to the Image Reflector Controller pod(s) | `[]` | +| Name | Description | Value | +| ---------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------- | +| `imageReflectorController.enabled` | Enable Image Reflector Controller | `true` | +| `imageReflectorController.image.registry` | Image Reflector Controller image registry | `REGISTRY_NAME` | +| `imageReflectorController.image.repository` | Image Reflector Controller image repository | `REPOSITORY_NAME/fluxcd-image-reflector-controller` | +| `imageReflectorController.image.tag` | Image Reflector Controller image tag (immutable tags are recommended) | `0.30.0-debian-11-r43` | +| `imageReflectorController.image.digest` | Image Reflector Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `imageReflectorController.image.pullPolicy` | Image Reflector Controller image pull policy | `IfNotPresent` | +| `imageReflectorController.image.pullSecrets` | Image Reflector Controller image pull secrets | `[]` | +| `imageReflectorController.image.debug` | Enable Image Reflector Controller image debug mode | `false` | +| `imageReflectorController.replicaCount` | Number of Image Reflector Controller replicas to deploy | `1` | +| `imageReflectorController.containerPorts.metrics` | Image Reflector Controller metrics container port | `8080` | +| `imageReflectorController.containerPorts.health` | Image Reflector Controller health container port | `9440` | +| `imageReflectorController.livenessProbe.enabled` | Enable livenessProbe on Image Reflector Controller containers | `true` | +| `imageReflectorController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `imageReflectorController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `imageReflectorController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `imageReflectorController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `imageReflectorController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `imageReflectorController.readinessProbe.enabled` | Enable readinessProbe on Image Reflector Controller containers | `true` | +| `imageReflectorController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `imageReflectorController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `imageReflectorController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `imageReflectorController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `imageReflectorController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `imageReflectorController.startupProbe.enabled` | Enable startupProbe on Image Reflector Controller containers | `false` | +| `imageReflectorController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `imageReflectorController.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `imageReflectorController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `imageReflectorController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `imageReflectorController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `imageReflectorController.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `imageReflectorController.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `imageReflectorController.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `imageReflectorController.resources.limits` | The resources limits for the Image Reflector Controller containers | `{}` | +| `imageReflectorController.resources.requests` | The requested resources for the Image Reflector Controller containers | `{}` | +| `imageReflectorController.podSecurityContext.enabled` | Enabled Image Reflector Controller pods' Security Context | `true` | +| `imageReflectorController.podSecurityContext.fsGroup` | Set Image Reflector Controller pod's Security Context fsGroup | `1001` | +| `imageReflectorController.podSecurityContext.seccompProfile.type` | Set Image Reflector Controller container's Security Context seccomp profile | `RuntimeDefault` | +| `imageReflectorController.containerSecurityContext.enabled` | Enabled Image Reflector Controller containers' Security Context | `true` | +| `imageReflectorController.containerSecurityContext.runAsUser` | Set Image Reflector Controller containers' Security Context runAsUser | `1001` | +| `imageReflectorController.containerSecurityContext.runAsNonRoot` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | +| `imageReflectorController.containerSecurityContext.readOnlyRootFilesystem` | Set Image Reflector Controller containers' Security Context runAsNonRoot | `true` | +| `imageReflectorController.containerSecurityContext.allowPrivilegeEscalation` | Set Image Reflector Controller container's privilege escalation | `false` | +| `imageReflectorController.containerSecurityContext.capabilities.drop` | Set Image Reflector Controller container's Security Context runAsNonRoot | `["ALL"]` | +| `imageReflectorController.command` | Override default container command (useful when using custom images) | `[]` | +| `imageReflectorController.args` | Override default container args (useful when using custom images) | `[]` | +| `imageReflectorController.hostAliases` | Image Reflector Controller pods host aliases | `[]` | +| `imageReflectorController.podLabels` | Extra labels for Image Reflector Controller pods | `{}` | +| `imageReflectorController.podAnnotations` | Annotations for Image Reflector Controller pods | `{}` | +| `imageReflectorController.podAffinityPreset` | Pod affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageReflectorController.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `imageReflectorController.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `imageReflectorController.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `imageReflectorController.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `imageReflectorController.autoscaling.enabled` | Enable autoscaling for imageReflectorController | `false` | +| `imageReflectorController.autoscaling.minReplicas` | Minimum number of imageReflectorController replicas | `""` | +| `imageReflectorController.autoscaling.maxReplicas` | Maximum number of imageReflectorController replicas | `""` | +| `imageReflectorController.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `imageReflectorController.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `imageReflectorController.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageReflectorController.nodeAffinityPreset.key` | Node label key to match. Ignored if `imageReflectorController.affinity` is set | `""` | +| `imageReflectorController.nodeAffinityPreset.values` | Node label values to match. Ignored if `imageReflectorController.affinity` is set | `[]` | +| `imageReflectorController.affinity` | Affinity for Image Reflector Controller pods assignment | `{}` | +| `imageReflectorController.nodeSelector` | Node labels for Image Reflector Controller pods assignment | `{}` | +| `imageReflectorController.tolerations` | Tolerations for Image Reflector Controller pods assignment | `[]` | +| `imageReflectorController.updateStrategy.type` | Image Reflector Controller statefulset strategy type | `RollingUpdate` | +| `imageReflectorController.priorityClassName` | Image Reflector Controller pods' priorityClassName | `""` | +| `imageReflectorController.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `imageReflectorController.schedulerName` | Name of the k8s scheduler (other than default) for Image Reflector Controller pods | `""` | +| `imageReflectorController.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `imageReflectorController.lifecycleHooks` | for the Image Reflector Controller container(s) to automate configuration before or after startup | `{}` | +| `imageReflectorController.extraEnvVars` | Array with extra environment variables to add to Image Reflector Controller nodes | `[]` | +| `imageReflectorController.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Image Reflector Controller nodes | `""` | +| `imageReflectorController.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Image Reflector Controller nodes | `""` | +| `imageReflectorController.extraVolumes` | Optionally specify extra list of additional volumes for the Image Reflector Controller pod(s) | `[]` | +| `imageReflectorController.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Image Reflector Controller container(s) | `[]` | +| `imageReflectorController.sidecars` | Add additional sidecar containers to the Image Reflector Controller pod(s) | `[]` | +| `imageReflectorController.initContainers` | Add additional init containers to the Image Reflector Controller pod(s) | `[]` | ### Image Reflector Conttroller Persistence Parameters @@ -829,42 +833,42 @@ The command removes all the Kubernetes components associated with the chart and ### Image Reflector Controller Metrics Parameters -| Name | Description | Value | -| ------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `imageReflectorController.metrics.enabled` | Enable the export of Prometheus metrics | `true` | -| `imageReflectorController.metrics.service.type` | Image Reflector Controller service type | `ClusterIP` | -| `imageReflectorController.metrics.service.ports.metrics` | Image Reflector Controller service metrics port | `80` | -| `imageReflectorController.metrics.service.nodePorts.metrics` | Node port for HTTP | `""` | -| `imageReflectorController.metrics.service.clusterIP` | Image Reflector Controller service Cluster IP | `""` | -| `imageReflectorController.metrics.service.loadBalancerIP` | Image Reflector Controller service Load Balancer IP | `""` | -| `imageReflectorController.metrics.service.loadBalancerSourceRanges` | Image Reflector Controller service Load Balancer sources | `[]` | -| `imageReflectorController.metrics.service.externalTrafficPolicy` | Image Reflector Controller service external traffic policy | `Cluster` | -| `imageReflectorController.metrics.service.annotations` | Additional custom annotations for Image Reflector Controller service | `{}` | -| `imageReflectorController.metrics.service.extraPorts` | Extra ports to expose in Image Reflector Controller service (normally used with the `sidecars` value) | `[]` | -| `imageReflectorController.metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `imageReflectorController.metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `imageReflectorController.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `imageReflectorController.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `imageReflectorController.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | -| `imageReflectorController.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `imageReflectorController.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | -| `imageReflectorController.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `imageReflectorController.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `imageReflectorController.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `imageReflectorController.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | -| `imageReflectorController.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | -| `imageReflectorController.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Enable init container's Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `imageReflectorController.metrics.enabled` | Enable the export of Prometheus metrics | `true` | +| `imageReflectorController.metrics.service.type` | Image Reflector Controller service type | `ClusterIP` | +| `imageReflectorController.metrics.service.ports.metrics` | Image Reflector Controller service metrics port | `80` | +| `imageReflectorController.metrics.service.nodePorts.metrics` | Node port for HTTP | `""` | +| `imageReflectorController.metrics.service.clusterIP` | Image Reflector Controller service Cluster IP | `""` | +| `imageReflectorController.metrics.service.loadBalancerIP` | Image Reflector Controller service Load Balancer IP | `""` | +| `imageReflectorController.metrics.service.loadBalancerSourceRanges` | Image Reflector Controller service Load Balancer sources | `[]` | +| `imageReflectorController.metrics.service.externalTrafficPolicy` | Image Reflector Controller service external traffic policy | `Cluster` | +| `imageReflectorController.metrics.service.annotations` | Additional custom annotations for Image Reflector Controller service | `{}` | +| `imageReflectorController.metrics.service.extraPorts` | Extra ports to expose in Image Reflector Controller service (normally used with the `sidecars` value) | `[]` | +| `imageReflectorController.metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `imageReflectorController.metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `imageReflectorController.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `imageReflectorController.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `imageReflectorController.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` | +| `imageReflectorController.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `imageReflectorController.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `imageReflectorController.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `imageReflectorController.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `imageReflectorController.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `imageReflectorController.metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `imageReflectorController.metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `imageReflectorController.metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enable init container's Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | There are cases where you may want to deploy extra objects, such as HelmRelease, Kustomization, amongst others. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter. The following example would activate a plugin at deployment time. diff --git a/bitnami/flux/values.yaml b/bitnami/flux/values.yaml index 96ebe34ac6d919..1915f29858c59d 100644 --- a/bitnami/flux/values.yaml +++ b/bitnami/flux/values.yaml @@ -71,8 +71,8 @@ kustomizeController: enabled: true ## Bitnami Kustomize Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-kustomize-controller/tags/ - ## @param kustomizeController.image.registry Kustomize Controller image registry - ## @param kustomizeController.image.repository Kustomize Controller image repository + ## @param kustomizeController.image.registry [default: REGISTRY_NAME] Kustomize Controller image registry + ## @param kustomizeController.image.repository [default: REPOSITORY_NAME/fluxcd-kustomize-controller] Kustomize Controller image repository ## @param kustomizeController.image.tag Kustomize Controller image tag (immutable tags are recommended) ## @param kustomizeController.image.digest Kustomize Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param kustomizeController.image.pullPolicy Kustomize Controller image pull policy @@ -504,8 +504,8 @@ helmController: enabled: true ## Bitnami Helm Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-helm-controller/tags/ - ## @param helmController.image.registry Helm Controller image registry - ## @param helmController.image.repository Helm Controller image repository + ## @param helmController.image.registry [default: REGISTRY_NAME] Helm Controller image registry + ## @param helmController.image.repository [default: REPOSITORY_NAME/fluxcd-helm-controller] Helm Controller image repository ## @param helmController.image.tag Helm Controller image tag (immutable tags are recommended) ## @param helmController.image.digest Helm Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param helmController.image.pullPolicy Helm Controller image pull policy @@ -937,8 +937,8 @@ sourceController: enabled: true ## Bitnami Source Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-helm-controller/tags/ - ## @param sourceController.image.registry Source Controller image registry - ## @param sourceController.image.repository Source Controller image repository + ## @param sourceController.image.registry [default: REGISTRY_NAME] Source Controller image registry + ## @param sourceController.image.repository [default: REPOSITORY_NAME/fluxcd-source-controller] Source Controller image repository ## @param sourceController.image.tag Source Controller image tag (immutable tags are recommended) ## @param sourceController.image.digest Source Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param sourceController.image.pullPolicy Source Controller image pull policy @@ -1530,8 +1530,8 @@ notificationController: enabled: true ## Bitnami Notification Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-notification-controller/tags/ - ## @param notificationController.image.registry Notification Controller image registry - ## @param notificationController.image.repository Notification Controller image repository + ## @param notificationController.image.registry [default: REGISTRY_NAME] Notification Controller image registry + ## @param notificationController.image.repository [default: REPOSITORY_NAME/fluxcd-notification-controller] Notification Controller image repository ## @param notificationController.image.tag Notification Controller image tag (immutable tags are recommended) ## @param notificationController.image.digest Notification Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param notificationController.image.pullPolicy Notification Controller image pull policy @@ -1963,8 +1963,8 @@ imageAutomationController: enabled: true ## Bitnami Image Automation Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-image-automation-controller/tags/ - ## @param imageAutomationController.image.registry Image Automation Controller image registry - ## @param imageAutomationController.image.repository Image Automation Controller image repository + ## @param imageAutomationController.image.registry [default: REGISTRY_NAME] Image Automation Controller image registry + ## @param imageAutomationController.image.repository [default: REPOSITORY_NAME/fluxcd-image-automation-controller] Image Automation Controller image repository ## @param imageAutomationController.image.tag Image Automation Controller image tag (immutable tags are recommended) ## @param imageAutomationController.image.digest Image Automation Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param imageAutomationController.image.pullPolicy Image Automation Controller image pull policy @@ -2396,8 +2396,8 @@ imageReflectorController: enabled: true ## Bitnami Image Reflector Controller image ## ref: https://hub.docker.com/r/bitnami/fluxcd-helm-controller/tags/ - ## @param imageReflectorController.image.registry Image Reflector Controller image registry - ## @param imageReflectorController.image.repository Image Reflector Controller image repository + ## @param imageReflectorController.image.registry [default: REGISTRY_NAME] Image Reflector Controller image registry + ## @param imageReflectorController.image.repository [default: REPOSITORY_NAME/fluxcd-image-reflector-controller] Image Reflector Controller image repository ## @param imageReflectorController.image.tag Image Reflector Controller image tag (immutable tags are recommended) ## @param imageReflectorController.image.digest Image Reflector Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param imageReflectorController.image.pullPolicy Image Reflector Controller image pull policy @@ -2874,8 +2874,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/ghost/README.md b/bitnami/ghost/README.md index 2fea3e1ccb3b66..eb16f3741e531e 100644 --- a/bitnami/ghost/README.md +++ b/bitnami/ghost/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/ghost +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/ghost ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Ghost](https://github.com/bitnami/containers/tree/main/bitnami/ghost) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Ghost in production? Try [VMware Application Catalog](https://bit To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/ghost +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/ghost ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Ghost on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,15 +84,15 @@ The command removes all the Kubernetes components associated with the chart and ### Ghost Image parameters -| Name | Description | Value | -| ------------------- | ----------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Ghost image registry | `docker.io` | -| `image.repository` | Ghost image repository | `bitnami/ghost` | -| `image.tag` | Ghost image tag (immutable tags are recommended) | `5.69.3-debian-11-r0` | -| `image.digest` | Ghost image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Ghost image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Ghost image registry | `REGISTRY_NAME` | +| `image.repository` | Ghost image repository | `REPOSITORY_NAME/ghost` | +| `image.tag` | Ghost image tag (immutable tags are recommended) | `5.69.3-debian-11-r0` | +| `image.digest` | Ghost image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Ghost image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Ghost Configuration parameters @@ -206,25 +210,25 @@ The command removes all the Kubernetes components associated with the chart and ### Persistence Parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Persistent Volume size | `8Gi` | -| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | -| `persistence.subPath` | The name of a volume's sub path to mount for persistence | `""` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Persistent Volume size | `8Gi` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.subPath` | The name of a volume's sub path to mount for persistence | `""` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Database Parameters @@ -292,9 +296,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set ghostUsername=admin,ghostPassword=password,mysql.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/ghost + oci://REGISTRY_NAME/REPOSITORY_NAME/ghost ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Ghost administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MySQL `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -302,9 +308,10 @@ The above command sets the Ghost administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/ghost +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/ghost ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -473,9 +480,11 @@ Delete the Ghost deployment and delete the MariaDB statefulset. Notice the optio Upgrade you release to 11.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade ghost oci://registry-1.docker.io/bitnamicharts/ghost --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set ghostPassword=$GHOST_PASSWORD --set ghostHost=$GHOST_HOST +helm upgrade ghost oci://REGISTRY_NAME/REPOSITORY_NAME/ghost --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set ghostPassword=$GHOST_PASSWORD --set ghostHost=$GHOST_HOST ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You will need to kill the existing MariaDB pod now as the new statefulset is going to create a new one: ```console diff --git a/bitnami/ghost/values.yaml b/bitnami/ghost/values.yaml index 70f81e8e6dfed2..4b5ac9873d0bcb 100644 --- a/bitnami/ghost/values.yaml +++ b/bitnami/ghost/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Ghost image ## ref: https://hub.docker.com/r/bitnami/ghost/tags/ -## @param image.registry Ghost image registry -## @param image.repository Ghost image repository +## @param image.registry [default: REGISTRY_NAME] Ghost image registry +## @param image.repository [default: REPOSITORY_NAME/ghost] Ghost image repository ## @param image.tag Ghost image tag (immutable tags are recommended) ## @param image.digest Ghost image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Ghost image pull policy @@ -575,8 +575,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/gitea/README.md b/bitnami/gitea/README.md index c8995244534a67..f9dbd000067e29 100644 --- a/bitnami/gitea/README.md +++ b/bitnami/gitea/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/gitea +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Gitea](https://github.com/bitnami/containers/tree/main/bitnami/gitea) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Gitea in production? Try [VMware Application Catalog](https://bit To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/gitea +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Gitea on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,96 +81,96 @@ The command removes all the Kubernetes components associated with the chart and ### Gitea parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Gitea image registry | `docker.io` | -| `image.repository` | Gitea Image name | `bitnami/gitea` | -| `image.tag` | Gitea Image tag | `1.20.5-debian-11-r6` | -| `image.digest` | Gitea image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Gitea image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of Gitea Pods to run (requires ReadWriteMany PVC support) | `1` | -| `adminUsername` | User of the application | `bn_user` | -| `adminPassword` | Application password | `""` | -| `adminEmail` | Admin email | `user@example.com` | -| `appName` | Gitea application name | `example` | -| `runMode` | Gitea application host | `prod` | -| `exposeSSH` | Make the SSH server accesible | `true` | -| `rootURL` | UI Root URL (for link generation) | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Gitea pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `existingSecretKey` | Key inside the existing secret containing the password | `admin-password` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | -| `containerPorts` | Container ports | `{}` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for Gitea volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Gitea volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Gitea volume | `8Gi` | -| `persistence.dataSource` | Custom PVC data source | `{}` | -| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | -| `persistence.hostPath` | If defined, the gitea-data volume will mount to the specified hostPath. | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `persistence.selector` | Selector to match an existing Persistent Volume for Gitea data PVC | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the init container | `{}` | -| `resources.limits` | The resources limits for the init container | `{}` | -| `podSecurityContext.enabled` | Enable Gitea pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Gitea pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Gitea containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Gitea containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Gitea image registry | `REGISTRY_NAME` | +| `image.repository` | Gitea Image name | `REPOSITORY_NAME/gitea` | +| `image.tag` | Gitea Image tag | `1.20.5-debian-11-r6` | +| `image.digest` | Gitea image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Gitea image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of Gitea Pods to run (requires ReadWriteMany PVC support) | `1` | +| `adminUsername` | User of the application | `bn_user` | +| `adminPassword` | Application password | `""` | +| `adminEmail` | Admin email | `user@example.com` | +| `appName` | Gitea application name | `example` | +| `runMode` | Gitea application host | `prod` | +| `exposeSSH` | Make the SSH server accesible | `true` | +| `rootURL` | UI Root URL (for link generation) | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | Gitea pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `existingSecretKey` | Key inside the existing secret containing the password | `admin-password` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `containerPorts` | Container ports | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for Gitea volume | `""` | +| `persistence.accessModes` | PVC Access Mode for Gitea volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Gitea volume | `8Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | +| `persistence.hostPath` | If defined, the gitea-data volume will mount to the specified hostPath. | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.selector` | Selector to match an existing Persistent Volume for Gitea data PVC | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the init container | `{}` | +| `resources.limits` | The resources limits for the init container | `{}` | +| `podSecurityContext.enabled` | Enable Gitea pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Gitea pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Gitea containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Gitea containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -229,26 +233,28 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set adminUsername=user,giteaPassword=password,postgresql.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/gitea + oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Gitea administrator account username and password to `user` and `password` respectively. Additionally, it sets the PostgreSQL `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -256,9 +262,10 @@ The above command sets the Gitea administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/gitea +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -307,9 +314,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/gitea +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -323,9 +332,11 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry- 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/gitea + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/gitea ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `gitea-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the Gitea file directory permissions yourself diff --git a/bitnami/gitea/values.yaml b/bitnami/gitea/values.yaml index 15221c817ef06f..802c3c74f81330 100644 --- a/bitnami/gitea/values.yaml +++ b/bitnami/gitea/values.yaml @@ -51,8 +51,8 @@ extraDeploy: [] ## Bitnami Gitea image version ## ref: https://hub.docker.com/r/bitnami/gitea/tags/ -## @param image.registry Gitea image registry -## @param image.repository Gitea Image name +## @param image.registry [default: REGISTRY_NAME] Gitea image registry +## @param image.repository [default: REPOSITORY_NAME/gitea] Gitea Image name ## @param image.tag Gitea Image tag ## @param image.digest Gitea image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Gitea image pull policy @@ -628,8 +628,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/grafana-loki/README.md b/bitnami/grafana-loki/README.md index 577850d4f29cde..8700f5fed7def9 100644 --- a/bitnami/grafana-loki/README.md +++ b/bitnami/grafana-loki/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-loki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-loki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Grafana Loki in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-loki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-loki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys grafana-loki on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,23 +85,23 @@ The command removes all the Kubernetes components associated with the chart and ### Common Grafana Loki Parameters -| Name | Description | Value | -| ------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ----------------------- | -| `loki.image.registry` | Grafana Loki image registry | `docker.io` | -| `loki.image.repository` | Grafana Loki image repository | `bitnami/grafana-loki` | -| `loki.image.tag` | Grafana Loki image tag (immutable tags are recommended) | `2.9.2-debian-11-r0` | -| `loki.image.digest` | Grafana Loki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `loki.image.pullPolicy` | Grafana Loki image pull policy | `IfNotPresent` | -| `loki.image.pullSecrets` | Grafana Loki image pull secrets | `[]` | -| `loki.configuration` | Loki components configuration | `""` | -| `loki.overrideConfiguration` | Loki components configuration override. Values defined here takes precedence over loki.configuration | `{}` | -| `loki.existingConfigmap` | Name of a ConfigMap with the Loki configuration | `""` | -| `loki.dataDir` | path to the Loki data directory | `/bitnami/grafana-loki` | -| `loki.containerPorts.http` | Loki components web container port | `3100` | -| `loki.containerPorts.grpc` | Loki components GRPC container port | `9095` | -| `loki.containerPorts.gossipRing` | Loki components Gossip Ring container port | `7946` | -| `loki.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | -| `loki.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | +| Name | Description | Value | +| ------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------ | +| `loki.image.registry` | Grafana Loki image registry | `REGISTRY_NAME` | +| `loki.image.repository` | Grafana Loki image repository | `REPOSITORY_NAME/grafana-loki` | +| `loki.image.tag` | Grafana Loki image tag (immutable tags are recommended) | `2.9.2-debian-11-r0` | +| `loki.image.digest` | Grafana Loki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `loki.image.pullPolicy` | Grafana Loki image pull policy | `IfNotPresent` | +| `loki.image.pullSecrets` | Grafana Loki image pull secrets | `[]` | +| `loki.configuration` | Loki components configuration | `""` | +| `loki.overrideConfiguration` | Loki components configuration override. Values defined here takes precedence over loki.configuration | `{}` | +| `loki.existingConfigmap` | Name of a ConfigMap with the Loki configuration | `""` | +| `loki.dataDir` | path to the Loki data directory | `/bitnami/grafana-loki` | +| `loki.containerPorts.http` | Loki components web container port | `3100` | +| `loki.containerPorts.grpc` | Loki components GRPC container port | `9095` | +| `loki.containerPorts.gossipRing` | Loki components Gossip Ring container port | `7946` | +| `loki.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | +| `loki.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | ### Compactor Deployment Parameters @@ -187,78 +191,78 @@ The command removes all the Kubernetes components associated with the chart and ### Gateway Deployment Parameters -| Name | Description | Value | -| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ---------------------- | -| `gateway.enabled` | Enable Gateway deployment | `true` | -| `gateway.image.registry` | Nginx image registry | `docker.io` | -| `gateway.image.repository` | Nginx image repository | `bitnami/nginx` | -| `gateway.image.tag` | Nginx image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `gateway.image.digest` | Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `gateway.image.pullPolicy` | Nginx image pull policy | `IfNotPresent` | -| `gateway.image.pullSecrets` | Nginx image pull secrets | `[]` | -| `gateway.image.debug` | Enable debugging in the initialization process | `false` | -| `gateway.extraEnvVars` | Array with extra environment variables to add to gateway nodes | `[]` | -| `gateway.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for gateway nodes | `""` | -| `gateway.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for gateway nodes | `""` | -| `gateway.command` | Override default container command (useful when using custom images) | `[]` | -| `gateway.args` | Override default container args (useful when using custom images) | `[]` | -| `gateway.extraArgs` | Additional container args (will be concatenated to args, unless diagnosticMode is enabled) | `[]` | -| `gateway.verboseLogging` | Show the gateway access_log | `false` | -| `gateway.replicaCount` | Number of Gateway replicas to deploy | `1` | -| `gateway.auth.enabled` | Enable basic auth | `false` | -| `gateway.auth.username` | Basic auth username | `user` | -| `gateway.auth.password` | Basic auth password | `""` | -| `gateway.auth.existingSecret` | Name of a secret containing the Basic auth password | `""` | -| `gateway.livenessProbe.enabled` | Enable livenessProbe on Gateway nodes | `true` | -| `gateway.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `gateway.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `gateway.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `gateway.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `gateway.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `gateway.readinessProbe.enabled` | Enable readinessProbe on Gateway nodes | `true` | -| `gateway.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `gateway.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `gateway.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `gateway.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `gateway.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `gateway.startupProbe.enabled` | Enable startupProbe on Gateway containers | `false` | -| `gateway.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `gateway.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `gateway.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `gateway.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `gateway.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `gateway.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `gateway.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `gateway.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `gateway.containerPorts.http` | Gateway HTTP port | `8080` | -| `gateway.resources.limits` | The resources limits for the gateway containers | `{}` | -| `gateway.resources.requests` | The requested resources for the gateway containers | `{}` | -| `gateway.podSecurityContext.enabled` | Enabled Gateway pods' Security Context | `true` | -| `gateway.podSecurityContext.fsGroup` | Set Gateway pod's Security Context fsGroup | `1001` | -| `gateway.containerSecurityContext.enabled` | Enabled Gateway containers' Security Context | `true` | -| `gateway.containerSecurityContext.runAsUser` | Set Gateway containers' Security Context runAsUser | `1001` | -| `gateway.containerSecurityContext.runAsNonRoot` | Set Gateway containers' Security Context runAsNonRoot | `true` | -| `gateway.lifecycleHooks` | for the gateway container(s) to automate configuration before or after startup | `{}` | -| `gateway.hostAliases` | gateway pods host aliases | `[]` | -| `gateway.podLabels` | Extra labels for gateway pods | `{}` | -| `gateway.podAnnotations` | Annotations for gateway pods | `{}` | -| `gateway.podAffinityPreset` | Pod affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `gateway.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `gateway.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `gateway.nodeAffinityPreset.key` | Node label key to match. Ignored if `gateway.affinity` is set | `""` | -| `gateway.nodeAffinityPreset.values` | Node label values to match. Ignored if `gateway.affinity` is set | `[]` | -| `gateway.affinity` | Affinity for Gateway pods assignment | `{}` | -| `gateway.nodeSelector` | Node labels for Gateway pods assignment | `{}` | -| `gateway.tolerations` | Tolerations for Gateway pods assignment | `[]` | -| `gateway.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `gateway.priorityClassName` | Gateway pods' priorityClassName | `""` | -| `gateway.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `gateway.updateStrategy.type` | Gateway statefulset strategy type | `RollingUpdate` | -| `gateway.updateStrategy.rollingUpdate` | Gateway statefulset rolling update configuration parameters | `{}` | -| `gateway.extraVolumes` | Optionally specify extra list of additional volumes for the Gateway pod(s) | `[]` | -| `gateway.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Gateway container(s) | `[]` | -| `gateway.sidecars` | Add additional sidecar containers to the Gateway pod(s) | `[]` | -| `gateway.initContainers` | Add additional init containers to the Gateway pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `gateway.enabled` | Enable Gateway deployment | `true` | +| `gateway.image.registry` | Nginx image registry | `REGISTRY_NAME` | +| `gateway.image.repository` | Nginx image repository | `REPOSITORY_NAME/nginx` | +| `gateway.image.tag` | Nginx image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `gateway.image.digest` | Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `gateway.image.pullPolicy` | Nginx image pull policy | `IfNotPresent` | +| `gateway.image.pullSecrets` | Nginx image pull secrets | `[]` | +| `gateway.image.debug` | Enable debugging in the initialization process | `false` | +| `gateway.extraEnvVars` | Array with extra environment variables to add to gateway nodes | `[]` | +| `gateway.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for gateway nodes | `""` | +| `gateway.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for gateway nodes | `""` | +| `gateway.command` | Override default container command (useful when using custom images) | `[]` | +| `gateway.args` | Override default container args (useful when using custom images) | `[]` | +| `gateway.extraArgs` | Additional container args (will be concatenated to args, unless diagnosticMode is enabled) | `[]` | +| `gateway.verboseLogging` | Show the gateway access_log | `false` | +| `gateway.replicaCount` | Number of Gateway replicas to deploy | `1` | +| `gateway.auth.enabled` | Enable basic auth | `false` | +| `gateway.auth.username` | Basic auth username | `user` | +| `gateway.auth.password` | Basic auth password | `""` | +| `gateway.auth.existingSecret` | Name of a secret containing the Basic auth password | `""` | +| `gateway.livenessProbe.enabled` | Enable livenessProbe on Gateway nodes | `true` | +| `gateway.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `gateway.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `gateway.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `gateway.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `gateway.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `gateway.readinessProbe.enabled` | Enable readinessProbe on Gateway nodes | `true` | +| `gateway.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `gateway.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `gateway.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `gateway.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `gateway.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `gateway.startupProbe.enabled` | Enable startupProbe on Gateway containers | `false` | +| `gateway.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `gateway.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `gateway.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `gateway.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `gateway.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `gateway.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `gateway.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `gateway.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `gateway.containerPorts.http` | Gateway HTTP port | `8080` | +| `gateway.resources.limits` | The resources limits for the gateway containers | `{}` | +| `gateway.resources.requests` | The requested resources for the gateway containers | `{}` | +| `gateway.podSecurityContext.enabled` | Enabled Gateway pods' Security Context | `true` | +| `gateway.podSecurityContext.fsGroup` | Set Gateway pod's Security Context fsGroup | `1001` | +| `gateway.containerSecurityContext.enabled` | Enabled Gateway containers' Security Context | `true` | +| `gateway.containerSecurityContext.runAsUser` | Set Gateway containers' Security Context runAsUser | `1001` | +| `gateway.containerSecurityContext.runAsNonRoot` | Set Gateway containers' Security Context runAsNonRoot | `true` | +| `gateway.lifecycleHooks` | for the gateway container(s) to automate configuration before or after startup | `{}` | +| `gateway.hostAliases` | gateway pods host aliases | `[]` | +| `gateway.podLabels` | Extra labels for gateway pods | `{}` | +| `gateway.podAnnotations` | Annotations for gateway pods | `{}` | +| `gateway.podAffinityPreset` | Pod affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `gateway.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `gateway.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `gateway.nodeAffinityPreset.key` | Node label key to match. Ignored if `gateway.affinity` is set | `""` | +| `gateway.nodeAffinityPreset.values` | Node label values to match. Ignored if `gateway.affinity` is set | `[]` | +| `gateway.affinity` | Affinity for Gateway pods assignment | `{}` | +| `gateway.nodeSelector` | Node labels for Gateway pods assignment | `{}` | +| `gateway.tolerations` | Tolerations for Gateway pods assignment | `[]` | +| `gateway.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `gateway.priorityClassName` | Gateway pods' priorityClassName | `""` | +| `gateway.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `gateway.updateStrategy.type` | Gateway statefulset strategy type | `RollingUpdate` | +| `gateway.updateStrategy.rollingUpdate` | Gateway statefulset rolling update configuration parameters | `{}` | +| `gateway.extraVolumes` | Optionally specify extra list of additional volumes for the Gateway pod(s) | `[]` | +| `gateway.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Gateway container(s) | `[]` | +| `gateway.sidecars` | Add additional sidecar containers to the Gateway pod(s) | `[]` | +| `gateway.initContainers` | Add additional init containers to the Gateway pod(s) | `[]` | ### Gateway Traffic Exposure Parameters @@ -968,74 +972,74 @@ The command removes all the Kubernetes components associated with the chart and ### Promtail Deployment Parameters -| Name | Description | Value | -| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------- | -------------------- | -| `promtail.enabled` | Deploy promtail | `true` | -| `promtail.image.registry` | Grafana Promtail image registry | `docker.io` | -| `promtail.image.repository` | Grafana Promtail image repository | `bitnami/promtail` | -| `promtail.image.tag` | Grafana Promtail image tag (immutable tags are recommended) | `2.9.1-debian-11-r7` | -| `promtail.image.digest` | Grafana Promtail image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `promtail.image.pullPolicy` | Grafana Promtail image pull policy | `IfNotPresent` | -| `promtail.image.pullSecrets` | Grafana Promtail image pull secrets | `[]` | -| `promtail.extraEnvVars` | Array with extra environment variables to add to promtail nodes | `[]` | -| `promtail.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for promtail nodes | `""` | -| `promtail.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for promtail nodes | `""` | -| `promtail.command` | Override default container command (useful when using custom images) | `[]` | -| `promtail.args` | Override default container args (useful when using custom images) | `[]` | -| `promtail.extraArgs` | Additional container args (will be concatenated to args, unless diagnosticMode is enabled) | `[]` | -| `promtail.containerPorts.http` | Promtail HTTP port | `8080` | -| `promtail.livenessProbe.enabled` | Enable livenessProbe on Promtail nodes | `true` | -| `promtail.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `promtail.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `promtail.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `promtail.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `promtail.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `promtail.readinessProbe.enabled` | Enable readinessProbe on Promtail nodes | `true` | -| `promtail.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `promtail.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `promtail.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `promtail.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `promtail.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `promtail.startupProbe.enabled` | Enable startupProbe on Promtail containers | `false` | -| `promtail.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `promtail.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `promtail.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `promtail.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `promtail.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `promtail.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `promtail.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `promtail.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `promtail.lifecycleHooks` | for the promtail container(s) to automate configuration before or after startup | `{}` | -| `promtail.resources.limits` | The resources limits for the Promtail containers | `{}` | -| `promtail.resources.requests` | The requested resources for the Promtail containers | `{}` | -| `promtail.podSecurityContext.enabled` | Enabled Promtail pods' Security Context | `true` | -| `promtail.podSecurityContext.fsGroup` | Set Promtail pod's Security Context fsGroup | `0` | -| `promtail.containerSecurityContext.enabled` | Enabled Promtail containers' Security Context | `true` | -| `promtail.containerSecurityContext.runAsUser` | Set Promtail containers' Security Context runAsUser | `0` | -| `promtail.containerSecurityContext.runAsNonRoot` | Set Promtail containers' Security Context runAsNonRoot | `false` | -| `promtail.hostAliases` | promtail pods host aliases | `[]` | -| `promtail.podLabels` | Extra labels for promtail pods | `{}` | -| `promtail.podAnnotations` | Annotations for promtail pods | `{}` | -| `promtail.podAffinityPreset` | Pod affinity preset. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `promtail.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `promtail.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `promtail.nodeAffinityPreset.key` | Node label key to match. Ignored if `promtail.affinity` is set | `""` | -| `promtail.nodeAffinityPreset.values` | Node label values to match. Ignored if `promtail.affinity` is set | `[]` | -| `promtail.affinity` | Affinity for promtail pods assignment | `{}` | -| `promtail.nodeSelector` | Node labels for Promtail pods assignment | `{}` | -| `promtail.tolerations` | Tolerations for Promtail pods assignment | `[]` | -| `promtail.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `promtail.priorityClassName` | Promtail pods' priorityClassName | `""` | -| `promtail.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `promtail.updateStrategy.type` | Promtail statefulset strategy type | `RollingUpdate` | -| `promtail.updateStrategy.rollingUpdate` | Promtail statefulset rolling update configuration parameters | `{}` | -| `promtail.extraVolumes` | Optionally specify extra list of additional volumes for the Promtail pod(s) | `[]` | -| `promtail.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the promtail container(s) | `[]` | -| `promtail.sidecars` | Add additional sidecar containers to the Promtail pod(s) | `[]` | -| `promtail.initContainers` | Add additional init containers to the Promtail pod(s) | `[]` | -| `promtail.configuration` | Promtail configuration | `""` | -| `promtail.existingSecret` | Name of a Secret that contains the Promtail configuration | `""` | -| `promtail.logLevel` | Promtail logging level | `info` | +| Name | Description | Value | +| ------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `promtail.enabled` | Deploy promtail | `true` | +| `promtail.image.registry` | Grafana Promtail image registry | `REGISTRY_NAME` | +| `promtail.image.repository` | Grafana Promtail image repository | `REPOSITORY_NAME/promtail` | +| `promtail.image.tag` | Grafana Promtail image tag (immutable tags are recommended) | `2.9.1-debian-11-r7` | +| `promtail.image.digest` | Grafana Promtail image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `promtail.image.pullPolicy` | Grafana Promtail image pull policy | `IfNotPresent` | +| `promtail.image.pullSecrets` | Grafana Promtail image pull secrets | `[]` | +| `promtail.extraEnvVars` | Array with extra environment variables to add to promtail nodes | `[]` | +| `promtail.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for promtail nodes | `""` | +| `promtail.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for promtail nodes | `""` | +| `promtail.command` | Override default container command (useful when using custom images) | `[]` | +| `promtail.args` | Override default container args (useful when using custom images) | `[]` | +| `promtail.extraArgs` | Additional container args (will be concatenated to args, unless diagnosticMode is enabled) | `[]` | +| `promtail.containerPorts.http` | Promtail HTTP port | `8080` | +| `promtail.livenessProbe.enabled` | Enable livenessProbe on Promtail nodes | `true` | +| `promtail.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `promtail.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `promtail.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `promtail.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `promtail.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `promtail.readinessProbe.enabled` | Enable readinessProbe on Promtail nodes | `true` | +| `promtail.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `promtail.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `promtail.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `promtail.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `promtail.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `promtail.startupProbe.enabled` | Enable startupProbe on Promtail containers | `false` | +| `promtail.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `promtail.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `promtail.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `promtail.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `promtail.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `promtail.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `promtail.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `promtail.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `promtail.lifecycleHooks` | for the promtail container(s) to automate configuration before or after startup | `{}` | +| `promtail.resources.limits` | The resources limits for the Promtail containers | `{}` | +| `promtail.resources.requests` | The requested resources for the Promtail containers | `{}` | +| `promtail.podSecurityContext.enabled` | Enabled Promtail pods' Security Context | `true` | +| `promtail.podSecurityContext.fsGroup` | Set Promtail pod's Security Context fsGroup | `0` | +| `promtail.containerSecurityContext.enabled` | Enabled Promtail containers' Security Context | `true` | +| `promtail.containerSecurityContext.runAsUser` | Set Promtail containers' Security Context runAsUser | `0` | +| `promtail.containerSecurityContext.runAsNonRoot` | Set Promtail containers' Security Context runAsNonRoot | `false` | +| `promtail.hostAliases` | promtail pods host aliases | `[]` | +| `promtail.podLabels` | Extra labels for promtail pods | `{}` | +| `promtail.podAnnotations` | Annotations for promtail pods | `{}` | +| `promtail.podAffinityPreset` | Pod affinity preset. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `promtail.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `promtail.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `promtail.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `promtail.nodeAffinityPreset.key` | Node label key to match. Ignored if `promtail.affinity` is set | `""` | +| `promtail.nodeAffinityPreset.values` | Node label values to match. Ignored if `promtail.affinity` is set | `[]` | +| `promtail.affinity` | Affinity for promtail pods assignment | `{}` | +| `promtail.nodeSelector` | Node labels for Promtail pods assignment | `{}` | +| `promtail.tolerations` | Tolerations for Promtail pods assignment | `[]` | +| `promtail.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `promtail.priorityClassName` | Promtail pods' priorityClassName | `""` | +| `promtail.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `promtail.updateStrategy.type` | Promtail statefulset strategy type | `RollingUpdate` | +| `promtail.updateStrategy.rollingUpdate` | Promtail statefulset rolling update configuration parameters | `{}` | +| `promtail.extraVolumes` | Optionally specify extra list of additional volumes for the Promtail pod(s) | `[]` | +| `promtail.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the promtail container(s) | `[]` | +| `promtail.sidecars` | Add additional sidecar containers to the Promtail pod(s) | `[]` | +| `promtail.initContainers` | Add additional init containers to the Promtail pod(s) | `[]` | +| `promtail.configuration` | Promtail configuration | `""` | +| `promtail.existingSecret` | Name of a Secret that contains the Promtail configuration | `""` | +| `promtail.logLevel` | Promtail logging level | `info` | ### Promtail Traffic Exposure Parameters @@ -1060,18 +1064,18 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -1107,16 +1111,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Chunks) -| Name | Description | Value | -| ----------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedchunks.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedchunks.image.registry` | Memcached image registry | `docker.io` | -| `memcachedchunks.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedchunks.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedchunks.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedchunks.nameOverride` | override the subchart name | `""` | -| `memcachedchunks.architecture` | Memcached architecture | `high-availability` | -| `memcachedchunks.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ----------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedchunks.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedchunks.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedchunks.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedchunks.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedchunks.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedchunks.nameOverride` | override the subchart name | `""` | +| `memcachedchunks.architecture` | Memcached architecture | `high-availability` | +| `memcachedchunks.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (Frontend) Parameters @@ -1127,16 +1131,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Frontend) -| Name | Description | Value | -| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedfrontend.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedfrontend.image.registry` | Memcached image registry | `docker.io` | -| `memcachedfrontend.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedfrontend.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedfrontend.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedfrontend.architecture` | Memcached architecture | `high-availability` | -| `memcachedfrontend.nameOverride` | override the subchart name | `""` | -| `memcachedfrontend.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedfrontend.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedfrontend.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedfrontend.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedfrontend.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedfrontend.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedfrontend.architecture` | Memcached architecture | `high-availability` | +| `memcachedfrontend.nameOverride` | override the subchart name | `""` | +| `memcachedfrontend.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (Index-Queries) Parameters @@ -1147,16 +1151,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Index-Queries) -| Name | Description | Value | -| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedindexqueries.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedindexqueries.image.registry` | Memcached image registry | `docker.io` | -| `memcachedindexqueries.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedindexqueries.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedindexqueries.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedindexqueries.architecture` | Memcached architecture | `high-availability` | -| `memcachedindexqueries.nameOverride` | override the subchart name | `""` | -| `memcachedindexqueries.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedindexqueries.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedindexqueries.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedindexqueries.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedindexqueries.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedindexqueries.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedindexqueries.architecture` | Memcached architecture | `high-availability` | +| `memcachedindexqueries.nameOverride` | override the subchart name | `""` | +| `memcachedindexqueries.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (IndexWrites) Parameters @@ -1167,16 +1171,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Index-Writes) -| Name | Description | Value | -| ---------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedindexwrites.enabled` | Deploy memcached sub-chart | `false` | -| `memcachedindexwrites.image.registry` | Memcached image registry | `docker.io` | -| `memcachedindexwrites.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedindexwrites.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedindexwrites.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedindexwrites.architecture` | Memcached architecture | `high-availability` | -| `memcachedindexwrites.nameOverride` | override the subchart name | `""` | -| `memcachedindexwrites.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ---------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedindexwrites.enabled` | Deploy memcached sub-chart | `false` | +| `memcachedindexwrites.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedindexwrites.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedindexwrites.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedindexwrites.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedindexwrites.architecture` | Memcached architecture | `high-availability` | +| `memcachedindexwrites.nameOverride` | override the subchart name | `""` | +| `memcachedindexwrites.service.ports.memcached` | Memcached service port | `11211` | See to create the table. @@ -1187,17 +1191,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set loki.traces.jaeger.grpc=true \ - oci://registry-1.docker.io/bitnamicharts/grafana-loki + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-loki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables the Jaeger GRPC traces. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/grafana-loki +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-loki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/grafana-loki/values.yaml b/bitnami/grafana-loki/values.yaml index e514df352155fd..35b4841eac9ac9 100644 --- a/bitnami/grafana-loki/values.yaml +++ b/bitnami/grafana-loki/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: loki: ## Bitnami Grafana Loki image ## ref: https://hub.docker.com/r/bitnami/grafana-loki/tags/ - ## @param loki.image.registry Grafana Loki image registry - ## @param loki.image.repository Grafana Loki image repository + ## @param loki.image.registry [default: REGISTRY_NAME] Grafana Loki image registry + ## @param loki.image.repository [default: REPOSITORY_NAME/grafana-loki] Grafana Loki image repository ## @param loki.image.tag Grafana Loki image tag (immutable tags are recommended) ## @param loki.image.digest Grafana Loki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param loki.image.pullPolicy Grafana Loki image pull policy @@ -584,8 +584,8 @@ gateway: ## Bitnami Nginx image ## ref: https://hub.docker.com/r/bitnami/grafana-nginx/tags/ - ## @param gateway.image.registry Nginx image registry - ## @param gateway.image.repository Nginx image repository + ## @param gateway.image.registry [default: REGISTRY_NAME] Nginx image registry + ## @param gateway.image.repository [default: REPOSITORY_NAME/nginx] Nginx image repository ## @param gateway.image.tag Nginx image tag (immutable tags are recommended) ## @param gateway.image.digest Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param gateway.image.pullPolicy Nginx image pull policy @@ -3282,8 +3282,8 @@ promtail: enabled: true ## Bitnami Promtail image ## ref: https://hub.docker.com/r/bitnami/grafana-promtail/tags/ - ## @param promtail.image.registry Grafana Promtail image registry - ## @param promtail.image.repository Grafana Promtail image repository + ## @param promtail.image.registry [default: REGISTRY_NAME] Grafana Promtail image registry + ## @param promtail.image.repository [default: REPOSITORY_NAME/promtail] Grafana Promtail image repository ## @param promtail.image.tag Grafana Promtail image tag (immutable tags are recommended) ## @param promtail.image.digest Grafana Promtail image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param promtail.image.pullPolicy Grafana Promtail image pull policy @@ -3700,8 +3700,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -3824,8 +3824,8 @@ memcachedchunks: enabled: true ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedchunks.image.registry Memcached image registry - ## @param memcachedchunks.image.repository Memcached image repository + ## @param memcachedchunks.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedchunks.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedchunks.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedchunks.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -3865,8 +3865,8 @@ memcachedfrontend: enabled: true ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedfrontend.image.registry Memcached image registry - ## @param memcachedfrontend.image.repository Memcached image repository + ## @param memcachedfrontend.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedfrontend.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedfrontend.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedfrontend.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -3907,8 +3907,8 @@ memcachedindexqueries: ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedindexqueries.image.registry Memcached image registry - ## @param memcachedindexqueries.image.repository Memcached image repository + ## @param memcachedindexqueries.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedindexqueries.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedindexqueries.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedindexqueries.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -3948,8 +3948,8 @@ memcachedindexwrites: enabled: false ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedindexwrites.image.registry Memcached image registry - ## @param memcachedindexwrites.image.repository Memcached image repository + ## @param memcachedindexwrites.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedindexwrites.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedindexwrites.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedindexwrites.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/grafana-mimir/README.md b/bitnami/grafana-mimir/README.md index 0400fd24920412..df1a7cdc70013e 100644 --- a/bitnami/grafana-mimir/README.md +++ b/bitnami/grafana-mimir/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-mimir +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-mimir ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Grafana Mimir in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-mimir +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-mimir ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys grafana-mimir on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -82,27 +86,27 @@ The command removes all the Kubernetes components associated with the chart and ### Common Grafana Mimir Parameters -| Name | Description | Value | -| -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `mimir.image.registry` | Grafana Mimir image registry | `docker.io` | -| `mimir.image.repository` | Grafana Mimir image repository | `bitnami/grafana-mimir` | -| `mimir.image.tag` | Grafana Mimir image tag (immutable tags are recommended) | `2.10.3-debian-11-r0` | -| `mimir.image.digest` | Grafana Mimir image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `mimir.image.pullPolicy` | Grafana Mimir image pull policy | `IfNotPresent` | -| `mimir.image.pullSecrets` | Grafana Mimir image pull secrets | `[]` | -| `mimir.dataDir` | path to the Mimir data directory | `/bitnami/grafana-mimir` | -| `mimir.configuration` | Mimir components configuration | `""` | -| `mimir.overrideConfiguration` | Mimir components configuration override. Values defined here takes precedence over mimir.configuration | `{}` | -| `mimir.existingConfigmap` | Name of a ConfigMap with the Mimir configuration | `""` | -| `mimir.httpPrefix.prometheus` | HTTP URL path under which the Prometheus api will be served. | `/prometheus` | -| `mimir.httpPrefix.alertmanager` | HTTP URL path under which the Alertmanager ui and api will be served. | `/alertmanager` | -| `mimir.containerPorts.http` | Grafana Mimir HTTP container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimir components. | `8080` | -| `mimir.containerPorts.grpc` | Grafana Mimir GRPC container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimircomponents. | `9095` | -| `mimir.containerPorts.gossipRing` | Grafana Mimir memberlist container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimir components. | `7946` | -| `mimir.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | -| `mimir.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | -| `mimir.blockStorage.backend` | Backend storage to use. NOTE: if minio.enable == true, this configuration will be ignored. | `s3` | -| `mimir.blockStorage.config` | Configures connection to the backend store. NOTE: if minio.enable == true, this configuration will be ignored. | `{}` | +| Name | Description | Value | +| -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `mimir.image.registry` | Grafana Mimir image registry | `REGISTRY_NAME` | +| `mimir.image.repository` | Grafana Mimir image repository | `REPOSITORY_NAME/grafana-mimir` | +| `mimir.image.tag` | Grafana Mimir image tag (immutable tags are recommended) | `2.10.3-debian-11-r0` | +| `mimir.image.digest` | Grafana Mimir image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `mimir.image.pullPolicy` | Grafana Mimir image pull policy | `IfNotPresent` | +| `mimir.image.pullSecrets` | Grafana Mimir image pull secrets | `[]` | +| `mimir.dataDir` | path to the Mimir data directory | `/bitnami/grafana-mimir` | +| `mimir.configuration` | Mimir components configuration | `""` | +| `mimir.overrideConfiguration` | Mimir components configuration override. Values defined here takes precedence over mimir.configuration | `{}` | +| `mimir.existingConfigmap` | Name of a ConfigMap with the Mimir configuration | `""` | +| `mimir.httpPrefix.prometheus` | HTTP URL path under which the Prometheus api will be served. | `/prometheus` | +| `mimir.httpPrefix.alertmanager` | HTTP URL path under which the Alertmanager ui and api will be served. | `/alertmanager` | +| `mimir.containerPorts.http` | Grafana Mimir HTTP container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimir components. | `8080` | +| `mimir.containerPorts.grpc` | Grafana Mimir GRPC container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimircomponents. | `9095` | +| `mimir.containerPorts.gossipRing` | Grafana Mimir memberlist container port. This configuration is set mimir.yaml config file and is common for all Grafana Mimir components. | `7946` | +| `mimir.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | +| `mimir.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | +| `mimir.blockStorage.backend` | Backend storage to use. NOTE: if minio.enable == true, this configuration will be ignored. | `s3` | +| `mimir.blockStorage.config` | Configures connection to the backend store. NOTE: if minio.enable == true, this configuration will be ignored. | `{}` | ### Alertmanager Deployment Parameters @@ -376,77 +380,77 @@ The command removes all the Kubernetes components associated with the chart and ### Gateway Deployment Parameters -| Name | Description | Value | -| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ---------------------- | -| `gateway.enabled` | Enable Gateway deployment | `true` | -| `gateway.image.registry` | Nginx image registry | `docker.io` | -| `gateway.image.repository` | Nginx image repository | `bitnami/nginx` | -| `gateway.image.tag` | Nginx image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `gateway.image.digest` | Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `gateway.image.pullPolicy` | Nginx image pull policy | `IfNotPresent` | -| `gateway.image.pullSecrets` | Nginx image pull secrets | `[]` | -| `gateway.image.debug` | Enable debugging in the initialization process | `false` | -| `gateway.extraEnvVars` | Array with extra environment variables to add to gateway nodes | `[]` | -| `gateway.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for gateway nodes | `""` | -| `gateway.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for gateway nodes | `""` | -| `gateway.command` | Override default container command (useful when using custom images) | `[]` | -| `gateway.args` | Override default container args (useful when using custom images) | `[]` | -| `gateway.verboseLogging` | Show the gateway access_log | `false` | -| `gateway.replicaCount` | Number of Gateway replicas to deploy | `1` | -| `gateway.auth.enabled` | Enable basic auth | `false` | -| `gateway.auth.username` | Basic auth username | `user` | -| `gateway.auth.password` | Basic auth password | `""` | -| `gateway.auth.existingSecret` | Name of a secret containing the Basic auth password | `""` | -| `gateway.livenessProbe.enabled` | Enable livenessProbe on Gateway nodes | `true` | -| `gateway.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `gateway.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `gateway.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `gateway.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `gateway.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `gateway.readinessProbe.enabled` | Enable readinessProbe on Gateway nodes | `true` | -| `gateway.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `gateway.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `gateway.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `gateway.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `gateway.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `gateway.startupProbe.enabled` | Enable startupProbe on Gateway containers | `false` | -| `gateway.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `gateway.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `gateway.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `gateway.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `gateway.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `gateway.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `gateway.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `gateway.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `gateway.containerPorts.http` | Gateway HTTP port | `8080` | -| `gateway.resources.limits` | The resources limits for the gateway containers | `{}` | -| `gateway.resources.requests` | The requested resources for the gateway containers | `{}` | -| `gateway.podSecurityContext.enabled` | Enabled Gateway pods' Security Context | `true` | -| `gateway.podSecurityContext.fsGroup` | Set Gateway pod's Security Context fsGroup | `1001` | -| `gateway.containerSecurityContext.enabled` | Enabled Gateway containers' Security Context | `true` | -| `gateway.containerSecurityContext.runAsUser` | Set Gateway containers' Security Context runAsUser | `1001` | -| `gateway.containerSecurityContext.runAsNonRoot` | Set Gateway containers' Security Context runAsNonRoot | `true` | -| `gateway.lifecycleHooks` | for the gateway container(s) to automate configuration before or after startup | `{}` | -| `gateway.hostAliases` | gateway pods host aliases | `[]` | -| `gateway.podLabels` | Extra labels for gateway pods | `{}` | -| `gateway.podAnnotations` | Annotations for gateway pods | `{}` | -| `gateway.podAffinityPreset` | Pod affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `gateway.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `gateway.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `gateway.nodeAffinityPreset.key` | Node label key to match. Ignored if `gateway.affinity` is set | `""` | -| `gateway.nodeAffinityPreset.values` | Node label values to match. Ignored if `gateway.affinity` is set | `[]` | -| `gateway.affinity` | Affinity for Gateway pods assignment | `{}` | -| `gateway.nodeSelector` | Node labels for Gateway pods assignment | `{}` | -| `gateway.tolerations` | Tolerations for Gateway pods assignment | `[]` | -| `gateway.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `gateway.priorityClassName` | Gateway pods' priorityClassName | `""` | -| `gateway.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `gateway.updateStrategy.type` | Gateway statefulset strategy type | `RollingUpdate` | -| `gateway.updateStrategy.rollingUpdate` | Gateway statefulset rolling update configuration parameters | `{}` | -| `gateway.extraVolumes` | Optionally specify extra list of additional volumes for the Gateway pod(s) | `[]` | -| `gateway.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Gateway container(s) | `[]` | -| `gateway.sidecars` | Add additional sidecar containers to the Gateway pod(s) | `[]` | -| `gateway.initContainers` | Add additional init containers to the Gateway pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `gateway.enabled` | Enable Gateway deployment | `true` | +| `gateway.image.registry` | Nginx image registry | `REGISTRY_NAME` | +| `gateway.image.repository` | Nginx image repository | `REPOSITORY_NAME/nginx` | +| `gateway.image.tag` | Nginx image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `gateway.image.digest` | Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `gateway.image.pullPolicy` | Nginx image pull policy | `IfNotPresent` | +| `gateway.image.pullSecrets` | Nginx image pull secrets | `[]` | +| `gateway.image.debug` | Enable debugging in the initialization process | `false` | +| `gateway.extraEnvVars` | Array with extra environment variables to add to gateway nodes | `[]` | +| `gateway.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for gateway nodes | `""` | +| `gateway.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for gateway nodes | `""` | +| `gateway.command` | Override default container command (useful when using custom images) | `[]` | +| `gateway.args` | Override default container args (useful when using custom images) | `[]` | +| `gateway.verboseLogging` | Show the gateway access_log | `false` | +| `gateway.replicaCount` | Number of Gateway replicas to deploy | `1` | +| `gateway.auth.enabled` | Enable basic auth | `false` | +| `gateway.auth.username` | Basic auth username | `user` | +| `gateway.auth.password` | Basic auth password | `""` | +| `gateway.auth.existingSecret` | Name of a secret containing the Basic auth password | `""` | +| `gateway.livenessProbe.enabled` | Enable livenessProbe on Gateway nodes | `true` | +| `gateway.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `gateway.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `gateway.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `gateway.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `gateway.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `gateway.readinessProbe.enabled` | Enable readinessProbe on Gateway nodes | `true` | +| `gateway.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `gateway.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `gateway.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `gateway.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `gateway.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `gateway.startupProbe.enabled` | Enable startupProbe on Gateway containers | `false` | +| `gateway.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `gateway.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `gateway.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `gateway.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `gateway.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `gateway.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `gateway.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `gateway.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `gateway.containerPorts.http` | Gateway HTTP port | `8080` | +| `gateway.resources.limits` | The resources limits for the gateway containers | `{}` | +| `gateway.resources.requests` | The requested resources for the gateway containers | `{}` | +| `gateway.podSecurityContext.enabled` | Enabled Gateway pods' Security Context | `true` | +| `gateway.podSecurityContext.fsGroup` | Set Gateway pod's Security Context fsGroup | `1001` | +| `gateway.containerSecurityContext.enabled` | Enabled Gateway containers' Security Context | `true` | +| `gateway.containerSecurityContext.runAsUser` | Set Gateway containers' Security Context runAsUser | `1001` | +| `gateway.containerSecurityContext.runAsNonRoot` | Set Gateway containers' Security Context runAsNonRoot | `true` | +| `gateway.lifecycleHooks` | for the gateway container(s) to automate configuration before or after startup | `{}` | +| `gateway.hostAliases` | gateway pods host aliases | `[]` | +| `gateway.podLabels` | Extra labels for gateway pods | `{}` | +| `gateway.podAnnotations` | Annotations for gateway pods | `{}` | +| `gateway.podAffinityPreset` | Pod affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `gateway.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `gateway.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `gateway.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `gateway.nodeAffinityPreset.key` | Node label key to match. Ignored if `gateway.affinity` is set | `""` | +| `gateway.nodeAffinityPreset.values` | Node label values to match. Ignored if `gateway.affinity` is set | `[]` | +| `gateway.affinity` | Affinity for Gateway pods assignment | `{}` | +| `gateway.nodeSelector` | Node labels for Gateway pods assignment | `{}` | +| `gateway.tolerations` | Tolerations for Gateway pods assignment | `[]` | +| `gateway.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `gateway.priorityClassName` | Gateway pods' priorityClassName | `""` | +| `gateway.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `gateway.updateStrategy.type` | Gateway statefulset strategy type | `RollingUpdate` | +| `gateway.updateStrategy.rollingUpdate` | Gateway statefulset rolling update configuration parameters | `{}` | +| `gateway.extraVolumes` | Optionally specify extra list of additional volumes for the Gateway pod(s) | `[]` | +| `gateway.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Gateway container(s) | `[]` | +| `gateway.sidecars` | Add additional sidecar containers to the Gateway pod(s) | `[]` | +| `gateway.initContainers` | Add additional init containers to the Gateway pod(s) | `[]` | ### Gateway Traffic Exposure Parameters @@ -1093,17 +1097,17 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -1149,16 +1153,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Chunks) -| Name | Description | Value | -| ----------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedchunks.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedchunks.image.registry` | Memcached image registry | `docker.io` | -| `memcachedchunks.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedchunks.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedchunks.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedchunks.nameOverride` | override the subchart name | `""` | -| `memcachedchunks.architecture` | Memcached architecture | `high-availability` | -| `memcachedchunks.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ----------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedchunks.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedchunks.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedchunks.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedchunks.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedchunks.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedchunks.nameOverride` | override the subchart name | `""` | +| `memcachedchunks.architecture` | Memcached architecture | `high-availability` | +| `memcachedchunks.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (Frontend) Parameters @@ -1169,16 +1173,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Frontend) -| Name | Description | Value | -| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedfrontend.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedfrontend.image.registry` | Memcached image registry | `docker.io` | -| `memcachedfrontend.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedfrontend.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedfrontend.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedfrontend.architecture` | Memcached architecture | `high-availability` | -| `memcachedfrontend.nameOverride` | override the subchart name | `""` | -| `memcachedfrontend.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedfrontend.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedfrontend.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedfrontend.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedfrontend.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedfrontend.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedfrontend.architecture` | Memcached architecture | `high-availability` | +| `memcachedfrontend.nameOverride` | override the subchart name | `""` | +| `memcachedfrontend.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (Index) Parameters @@ -1189,16 +1193,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Index) -| Name | Description | Value | -| ---------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedindex.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedindex.image.registry` | Memcached image registry | `docker.io` | -| `memcachedindex.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedindex.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedindex.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedindex.architecture` | Memcached architecture | `high-availability` | -| `memcachedindex.nameOverride` | override the subchart name | `""` | -| `memcachedindex.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ---------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedindex.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedindex.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedindex.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedindex.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedindex.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedindex.architecture` | Memcached architecture | `high-availability` | +| `memcachedindex.nameOverride` | override the subchart name | `""` | +| `memcachedindex.service.ports.memcached` | Memcached service port | `11211` | ### External Memcached (Metadata) Parameters @@ -1209,16 +1213,16 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached Sub-chart Parameters (Metadata) -| Name | Description | Value | -| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `memcachedmetadata.enabled` | Deploy memcached sub-chart | `true` | -| `memcachedmetadata.image.registry` | Memcached image registry | `docker.io` | -| `memcachedmetadata.image.repository` | Memcached image repository | `bitnami/memcached` | -| `memcachedmetadata.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `memcachedmetadata.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `memcachedmetadata.architecture` | Memcached architecture | `high-availability` | -| `memcachedmetadata.nameOverride` | override the subchart name | `""` | -| `memcachedmetadata.service.ports.memcached` | Memcached service port | `11211` | +| Name | Description | Value | +| ------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `memcachedmetadata.enabled` | Deploy memcached sub-chart | `true` | +| `memcachedmetadata.image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `memcachedmetadata.image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `memcachedmetadata.image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `memcachedmetadata.image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `memcachedmetadata.architecture` | Memcached architecture | `high-availability` | +| `memcachedmetadata.nameOverride` | override the subchart name | `""` | +| `memcachedmetadata.service.ports.memcached` | Memcached service port | `11211` | See to create the table @@ -1227,17 +1231,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set mimir.image.debug=true \ - oci://registry-1.docker.io/bitnamicharts/grafana-mimir + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-mimir ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables the debug mode in the image. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/grafana-mimir +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-mimir ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) as starting point. Once the chart is installed the remote write endpoints for Prometheus or Grafana Agent and the read address to be used as datasource in Grafana will be printed. Example: diff --git a/bitnami/grafana-mimir/values.yaml b/bitnami/grafana-mimir/values.yaml index 50217302490c51..6c005216e89345 100644 --- a/bitnami/grafana-mimir/values.yaml +++ b/bitnami/grafana-mimir/values.yaml @@ -69,8 +69,8 @@ diagnosticMode: mimir: ## Bitnami Grafana Mimir image ## ref: https://hub.docker.com/r/bitnami/grafana-mimir/tags/ - ## @param mimir.image.registry Grafana Mimir image registry - ## @param mimir.image.repository Grafana Mimir image repository + ## @param mimir.image.registry [default: REGISTRY_NAME] Grafana Mimir image registry + ## @param mimir.image.repository [default: REPOSITORY_NAME/grafana-mimir] Grafana Mimir image repository ## @param mimir.image.tag Grafana Mimir image tag (immutable tags are recommended) ## @param mimir.image.digest Grafana Mimir image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param mimir.image.pullPolicy Grafana Mimir image pull policy @@ -1305,8 +1305,8 @@ gateway: ## Bitnami Nginx image ## ref: https://hub.docker.com/r/bitnami/grafana-nginx/tags/ - ## @param gateway.image.registry Nginx image registry - ## @param gateway.image.repository Nginx image repository + ## @param gateway.image.registry [default: REGISTRY_NAME] Nginx image registry + ## @param gateway.image.repository [default: REPOSITORY_NAME/nginx] Nginx image repository ## @param gateway.image.tag Nginx image tag (immutable tags are recommended) ## @param gateway.image.digest Nginx image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param gateway.image.pullPolicy Nginx image pull policy @@ -3899,8 +3899,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets @@ -4095,8 +4095,8 @@ memcachedchunks: enabled: true ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedchunks.image.registry Memcached image registry - ## @param memcachedchunks.image.repository Memcached image repository + ## @param memcachedchunks.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedchunks.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedchunks.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedchunks.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -4136,8 +4136,8 @@ memcachedfrontend: enabled: true ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedfrontend.image.registry Memcached image registry - ## @param memcachedfrontend.image.repository Memcached image repository + ## @param memcachedfrontend.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedfrontend.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedfrontend.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedfrontend.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -4178,8 +4178,8 @@ memcachedindex: ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedindex.image.registry Memcached image registry - ## @param memcachedindex.image.repository Memcached image repository + ## @param memcachedindex.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedindex.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedindex.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedindex.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -4219,8 +4219,8 @@ memcachedmetadata: enabled: true ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ - ## @param memcachedmetadata.image.registry Memcached image registry - ## @param memcachedmetadata.image.repository Memcached image repository + ## @param memcachedmetadata.image.registry [default: REGISTRY_NAME] Memcached image registry + ## @param memcachedmetadata.image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param memcachedmetadata.image.tag Memcached image tag (immutable tags are recommended) ## @param memcachedmetadata.image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/grafana-operator/README.md b/bitnami/grafana-operator/README.md index df5ff4ab5d7f36..8b9d7a0a31c0fc 100644 --- a/bitnami/grafana-operator/README.md +++ b/bitnami/grafana-operator/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-operator +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -34,9 +36,11 @@ Looking to use Grafana Operator in production? Try [VMware Application Catalog]( To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-operator +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy grafana-operator on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -87,196 +91,200 @@ For more information, refer to the [documentation on the differences between the ### Grafana Operator parameters -| Name | Description | Value | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `operator.enabled` | Enable the deployment of the Grafana Operator | `true` | -| `operator.command` | Default container command (useful when using custom images) | `[]` | -| `operator.args` | Default container args (useful when using custom images) | `[]` | -| `operator.schedulerName` | Alternative scheduler | `""` | -| `operator.lifecycleHooks` | for the grafana-operator container to automate configuration before or after startup | `{}` | -| `operator.replicaCount` | Number of grafana-operator Pod replicas | `1` | -| `operator.customLivenessProbe` | Override default liveness probe | `{}` | -| `operator.customReadinessProbe` | Override default readiness probe | `{}` | -| `operator.customStartupProbe` | Override default startup probe | `{}` | -| `operator.extraVolumes` | Optionally specify extra list of additional volumes for Grafana Operator pods | `[]` | -| `operator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Grafana Operator container(s) | `[]` | -| `operator.initContainers` | Add additional init containers to the Grafana Operator pods | `[]` | -| `operator.sidecars` | Add additional sidecar containers to the Grafana Operator pods | `[]` | -| `operator.namespaceScope` | If the operator should run in namespace-scope mode or not, | `false` | -| `operator.watchNamespace` | Override the namespace to watch | `""` | -| `operator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `operator.priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | -| `operator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `operator.updateStrategy.type` | Set up update strategy for Grafana Operator installation. | `Recreate` | -| `operator.image.registry` | Grafana Operator image registry | `docker.io` | -| `operator.image.repository` | Grafana Operator image name | `bitnami/grafana-operator` | -| `operator.image.tag` | Grafana Operator image tag | `5.4.1-debian-11-r24` | -| `operator.image.digest` | Grafana Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `operator.image.pullPolicy` | Grafana Operator image pull policy | `IfNotPresent` | -| `operator.image.pullSecrets` | Grafana Operator image pull secrets | `[]` | -| `operator.leaderElect` | Enables or disables the operator leader Election. | `true` | -| `operator.zapDevel` | Enable zap development mode (changes defaults to console encoder, debug log level, disables sampling and stacktrace from 'warning' level) | `false` | -| `operator.zapEncoder` | Zap log encoding ('json' or 'console') | `""` | -| `operator.zapLevel` | Zap log level (one of 'debug', 'info', 'error' or any integer value > 0) (default info) | `""` | -| `operator.zapSample` | Enable zap log sampling. Sampling will be disabled for integer log levels > 1 | `""` | -| `operator.zapStacktraceLevel` | Set the minimum log level that triggers stacktrace generation (default error) | `""` | -| `operator.zapTimeEncoding` | Sets the zap time format ('epoch', 'millis', 'nano', or 'iso8601') (default ) | `""` | -| `operator.extraArgs` | Extra arguments for the grafana operator (Evaluated as a template) | `[]` | -| `operator.rbac.create` | Create specifies whether to install and use RBAC rules | `true` | -| `operator.serviceAccount.create` | Specifies whether a service account should be created | `true` | -| `operator.serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | -| `operator.serviceAccount.annotations` | Add annotations | `{}` | -| `operator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | -| `operator.podSecurityContext.enabled` | Enable pods security context | `true` | -| `operator.podSecurityContext.runAsUser` | User ID for the pods | `1001` | -| `operator.podSecurityContext.runAsGroup` | User ID for the pods | `1001` | -| `operator.podSecurityContext.runAsNonRoot` | Grafana Operator must run as nonRoot | `true` | -| `operator.podSecurityContext.fsGroup` | Group ID for the pods | `1001` | -| `operator.podSecurityContext.supplementalGroups` | Which group IDs containers add | `[]` | -| `operator.containerSecurityContext.enabled` | Enable container security context | `true` | -| `operator.containerSecurityContext.runAsUser` | User ID for the operator container | `1001` | -| `operator.containerSecurityContext.runAsGroup` | User ID for the operator container | `1001` | -| `operator.containerSecurityContext.runAsNonRoot` | Force the container to be run as non-root | `true` | -| `operator.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | -| `operator.containerSecurityContext.readOnlyRootFilesystem` | ReadOnlyRootFilesystem fot the operator container | `false` | -| `operator.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation for the operator container | `false` | -| `operator.resources` | Container resource requests and limits | `{}` | -| `operator.containerPorts.metrics` | Grafana Operator container port (used for metrics) | `8080` | -| `operator.hostAliases` | Add deployment host aliases | `[]` | -| `operator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | -| `operator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `operator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `operator.podAntiAffinityPreset` | Pod anti-affinity preset. Allowed values: `soft` or `hard` | `soft` | -| `operator.nodeAffinityPreset.type` | Node affinity preset type. Allowed values: `soft` or `hard` | `""` | -| `operator.nodeAffinityPreset.key` | Set nodeAffinity preset key | `""` | -| `operator.nodeAffinityPreset.values` | Set nodeAffinity preset values | `[]` | -| `operator.podAnnotations` | Pod annotations | `{}` | -| `operator.podLabels` | Additional pod labels | `{}` | -| `operator.nodeSelector` | Node labels for pod assignment | `{}` | -| `operator.tolerations` | Tolerations for controller pod assignment | `[]` | -| `operator.affinity` | Affinity for controller pod assignment | `{}` | -| `operator.prometheus.serviceMonitor.enabled` | Specify if a ServiceMonitor will be deployed for prometheus-operator | `false` | -| `operator.prometheus.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `operator.prometheus.serviceMonitor.jobLabel` | Specify the jobLabel to use for the prometheus-operator | `app.kubernetes.io/name` | -| `operator.prometheus.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used | `""` | -| `operator.prometheus.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `operator.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | -| `operator.prometheus.serviceMonitor.relabelings` | Specify general relabeling | `[]` | -| `operator.prometheus.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `operator.prometheus.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `operator.prometheus.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `operator.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `operator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `operator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `operator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `operator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `operator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `operator.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `operator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `operator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `operator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `operator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `operator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `operator.startupProbe.enabled` | Enable startupProbe | `true` | -| `operator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `operator.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `operator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `operator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | -| `operator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `operator.enabled` | Enable the deployment of the Grafana Operator | `true` | +| `operator.command` | Default container command (useful when using custom images) | `[]` | +| `operator.args` | Default container args (useful when using custom images) | `[]` | +| `operator.schedulerName` | Alternative scheduler | `""` | +| `operator.lifecycleHooks` | for the grafana-operator container to automate configuration before or after startup | `{}` | +| `operator.replicaCount` | Number of grafana-operator Pod replicas | `1` | +| `operator.customLivenessProbe` | Override default liveness probe | `{}` | +| `operator.customReadinessProbe` | Override default readiness probe | `{}` | +| `operator.customStartupProbe` | Override default startup probe | `{}` | +| `operator.extraVolumes` | Optionally specify extra list of additional volumes for Grafana Operator pods | `[]` | +| `operator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Grafana Operator container(s) | `[]` | +| `operator.initContainers` | Add additional init containers to the Grafana Operator pods | `[]` | +| `operator.sidecars` | Add additional sidecar containers to the Grafana Operator pods | `[]` | +| `operator.namespaceScope` | If the operator should run in namespace-scope mode or not, | `false` | +| `operator.watchNamespace` | Override the namespace to watch | `""` | +| `operator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `operator.priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | +| `operator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `operator.updateStrategy.type` | Set up update strategy for Grafana Operator installation. | `Recreate` | +| `operator.image.registry` | Grafana Operator image registry | `REGISTRY_NAME` | +| `operator.image.repository` | Grafana Operator image name | `REPOSITORY_NAME/grafana-operator` | +| `operator.image.tag` | Grafana Operator image tag | `5.4.1-debian-11-r24` | +| `operator.image.digest` | Grafana Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `operator.image.pullPolicy` | Grafana Operator image pull policy | `IfNotPresent` | +| `operator.image.pullSecrets` | Grafana Operator image pull secrets | `[]` | +| `operator.leaderElect` | Enables or disables the operator leader Election. | `true` | +| `operator.zapDevel` | Enable zap development mode (changes defaults to console encoder, debug log level, disables sampling and stacktrace from 'warning' level) | `false` | +| `operator.zapEncoder` | Zap log encoding ('json' or 'console') | `""` | +| `operator.zapLevel` | Zap log level (one of 'debug', 'info', 'error' or any integer value > 0) (default info) | `""` | +| `operator.zapSample` | Enable zap log sampling. Sampling will be disabled for integer log levels > 1 | `""` | +| `operator.zapStacktraceLevel` | Set the minimum log level that triggers stacktrace generation (default error) | `""` | +| `operator.zapTimeEncoding` | Sets the zap time format ('epoch', 'millis', 'nano', or 'iso8601') (default ) | `""` | +| `operator.extraArgs` | Extra arguments for the grafana operator (Evaluated as a template) | `[]` | +| `operator.rbac.create` | Create specifies whether to install and use RBAC rules | `true` | +| `operator.serviceAccount.create` | Specifies whether a service account should be created | `true` | +| `operator.serviceAccount.name` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `operator.serviceAccount.annotations` | Add annotations | `{}` | +| `operator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | +| `operator.podSecurityContext.enabled` | Enable pods security context | `true` | +| `operator.podSecurityContext.runAsUser` | User ID for the pods | `1001` | +| `operator.podSecurityContext.runAsGroup` | User ID for the pods | `1001` | +| `operator.podSecurityContext.runAsNonRoot` | Grafana Operator must run as nonRoot | `true` | +| `operator.podSecurityContext.fsGroup` | Group ID for the pods | `1001` | +| `operator.podSecurityContext.supplementalGroups` | Which group IDs containers add | `[]` | +| `operator.containerSecurityContext.enabled` | Enable container security context | `true` | +| `operator.containerSecurityContext.runAsUser` | User ID for the operator container | `1001` | +| `operator.containerSecurityContext.runAsGroup` | User ID for the operator container | `1001` | +| `operator.containerSecurityContext.runAsNonRoot` | Force the container to be run as non-root | `true` | +| `operator.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | +| `operator.containerSecurityContext.readOnlyRootFilesystem` | ReadOnlyRootFilesystem fot the operator container | `false` | +| `operator.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation for the operator container | `false` | +| `operator.resources` | Container resource requests and limits | `{}` | +| `operator.containerPorts.metrics` | Grafana Operator container port (used for metrics) | `8080` | +| `operator.hostAliases` | Add deployment host aliases | `[]` | +| `operator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | +| `operator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `operator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `operator.podAntiAffinityPreset` | Pod anti-affinity preset. Allowed values: `soft` or `hard` | `soft` | +| `operator.nodeAffinityPreset.type` | Node affinity preset type. Allowed values: `soft` or `hard` | `""` | +| `operator.nodeAffinityPreset.key` | Set nodeAffinity preset key | `""` | +| `operator.nodeAffinityPreset.values` | Set nodeAffinity preset values | `[]` | +| `operator.podAnnotations` | Pod annotations | `{}` | +| `operator.podLabels` | Additional pod labels | `{}` | +| `operator.nodeSelector` | Node labels for pod assignment | `{}` | +| `operator.tolerations` | Tolerations for controller pod assignment | `[]` | +| `operator.affinity` | Affinity for controller pod assignment | `{}` | +| `operator.prometheus.serviceMonitor.enabled` | Specify if a ServiceMonitor will be deployed for prometheus-operator | `false` | +| `operator.prometheus.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `operator.prometheus.serviceMonitor.jobLabel` | Specify the jobLabel to use for the prometheus-operator | `app.kubernetes.io/name` | +| `operator.prometheus.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used | `""` | +| `operator.prometheus.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `operator.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `operator.prometheus.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `operator.prometheus.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `operator.prometheus.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `operator.prometheus.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `operator.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `operator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `operator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `operator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `operator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `operator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `operator.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `operator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `operator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `operator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `operator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `operator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `operator.startupProbe.enabled` | Enable startupProbe | `true` | +| `operator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `operator.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `operator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `operator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | +| `operator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | ### Grafana parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------ | -| `grafana.enabled` | Enabled the deployment of the Grafana CRD object into the cluster | `true` | -| `grafana.image.registry` | Grafana image registry | `docker.io` | -| `grafana.image.repository` | Grafana image name | `bitnami/grafana` | -| `grafana.image.tag` | Grafana image tag | `10.1.4-debian-11-r7` | -| `grafana.image.digest` | Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `grafana.image.pullPolicy` | Grafana image pull policy | `IfNotPresent` | -| `grafana.image.pullSecrets` | Grafana image pull secrets | `[]` | -| `grafana.serviceAccount` | Additional service account configuration | `{}` | -| `grafana.podSecurityContext.enabled` | Enable pods security context | `true` | -| `grafana.podSecurityContext.runAsUser` | User ID for the pods | `1001` | -| `grafana.podSecurityContext.runAsGroup` | User ID for the pods | `0` | -| `grafana.podSecurityContext.runAsNonRoot` | Grafana Operator must run as nonRoot | `true` | -| `grafana.podSecurityContext.fsGroup` | Group ID for the pods | `1001` | -| `grafana.podSecurityContext.supplementalGroups` | Which group IDs containers add | `[]` | -| `grafana.containerSecurityContext.enabled` | Enable containers security context | `true` | -| `grafana.containerSecurityContext.runAsUser` | User ID for the containers | `1001` | -| `grafana.containerSecurityContext.runAsGroup` | Group ID for the containers | `0` | -| `grafana.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | -| `grafana.containerSecurityContext.runAsNonRoot` | Force the container to run as non-root | `true` | -| `grafana.containerSecurityContext.allowPrivilegeEscalation` | Don't allow privilege escalation for the containers | `false` | -| `grafana.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | -| `grafana.resources.limits` | The resources limits for the container | `{}` | -| `grafana.resources.requests` | The requested resources for the container | `{}` | -| `grafana.replicaCount` | Specify the amount of replicas running | `1` | -| `grafana.podAffinityPreset` | Pod affinity preset | `""` | -| `grafana.podAntiAffinityPreset` | Pod anti-affinity preset | `soft` | -| `grafana.nodeAffinityPreset.type` | Set nodeAffinity preset type | `""` | -| `grafana.nodeAffinityPreset.key` | Set nodeAffinity preset key | `""` | -| `grafana.nodeAffinityPreset.values` | Set nodeAffinity preset values | `[]` | -| `grafana.affinity` | Affinity for controller pod assignment | `{}` | -| `grafana.nodeSelector` | Node labels for controller pod assignment | `{}` | -| `grafana.tolerations` | Tolerations for controller pod assignment | `[]` | -| `grafana.envFrom` | Extra environment variable to pass to the running container | `[]` | -| `grafana.client.timeout` | The timeout in seconds for the Grafana Rest API on that instance | `5` | -| `grafana.labels` | Add additional labels to the grafana deployment, service and ingress resources | `{}` | -| `grafana.service.type` | Kubernetes Service type | `ClusterIP` | -| `grafana.service.annotations` | Additional custom annotations for Grafana service | `{}` | -| `grafana.service.extraPorts` | Extra ports to expose in the Grafana service | `[]` | -| `grafana.ingress.enabled` | If an ingress or OpenShift Route should be created | `false` | -| `grafana.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `grafana.ingress.host` | The host under which the grafana instance should be reachable. If empty the parameter will not be set. | `grafana.local` | -| `grafana.ingress.path` | The path for the ingress instance to forward to the grafana app | `/` | -| `grafana.ingress.pathType` | The pathType for the ingress instance to forward to the grafana app | `ImplementationSpecific` | -| `grafana.ingress.labels` | Additional Labels for the ingress resource | `{}` | -| `grafana.ingress.annotations` | Additional Annotations for the ingress resource | `{}` | -| `grafana.ingress.tls` | This enables tls support for the ingress resource | `false` | -| `grafana.ingress.tlsSecret` | The name for the secret to use for the tls termination | `grafana.local-tls` | -| `grafana.persistence.enabled` | Enable persistent storage for the grafana deployment | `false` | -| `grafana.persistence.storageClass` | Define the storageClass for the persistent storage if not defined default is used | `""` | -| `grafana.persistence.existingVolume` | Define the existingVolume for the persistent storage provisioned outside this chart | `""` | -| `grafana.persistence.accessModes` | Define the accessModes for the persistent storage | `["ReadWriteOnce"]` | -| `grafana.persistence.annotations` | Add annotations to the persistent volume | `{}` | -| `grafana.persistence.size` | Define the size of the PersistentVolumeClaim to request for | `10Gi` | -| `grafana.config` | grafana.ini configuration for the instance for this to configure please look at upstream docs | `{}` | -| `grafana.jsonnetLibrarySelector` | Configuring the read for jsonnetLibraries to pull in. | `{}` | -| `grafana.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `grafana.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `grafana.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `grafana.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `grafana.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `grafana.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `grafana.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `grafana.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `grafana.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `grafana.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `grafana.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `grafana.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `grafana.updateStrategy` | Set up update strategy for Grafana installation. | `{}` | -| `grafana.extraVolumes` | Optionally specify extra list of additional volumes for the grafana pod(s) | `[]` | -| `grafana.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the grafana container | `[]` | -| `grafana.secrets` | Optionally specify a list of secrets to be mounted to the grafana pod(s) | `[]` | -| `grafana.sidecars` | Add additional sidecar containers to the grafana pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `grafana.enabled` | Enabled the deployment of the Grafana CRD object into the cluster | `true` | +| `grafana.image.registry` | Grafana image registry | `REGISTRY_NAME` | +| `grafana.image.repository` | Grafana image name | `REPOSITORY_NAME/grafana` | +| `grafana.image.tag` | Grafana image tag | `10.1.4-debian-11-r7` | +| `grafana.image.digest` | Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `grafana.image.pullPolicy` | Grafana image pull policy | `IfNotPresent` | +| `grafana.image.pullSecrets` | Grafana image pull secrets | `[]` | +| `grafana.serviceAccount` | Additional service account configuration | `{}` | +| `grafana.podSecurityContext.enabled` | Enable pods security context | `true` | +| `grafana.podSecurityContext.runAsUser` | User ID for the pods | `1001` | +| `grafana.podSecurityContext.runAsGroup` | User ID for the pods | `0` | +| `grafana.podSecurityContext.runAsNonRoot` | Grafana Operator must run as nonRoot | `true` | +| `grafana.podSecurityContext.fsGroup` | Group ID for the pods | `1001` | +| `grafana.podSecurityContext.supplementalGroups` | Which group IDs containers add | `[]` | +| `grafana.containerSecurityContext.enabled` | Enable containers security context | `true` | +| `grafana.containerSecurityContext.runAsUser` | User ID for the containers | `1001` | +| `grafana.containerSecurityContext.runAsGroup` | Group ID for the containers | `0` | +| `grafana.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | +| `grafana.containerSecurityContext.runAsNonRoot` | Force the container to run as non-root | `true` | +| `grafana.containerSecurityContext.allowPrivilegeEscalation` | Don't allow privilege escalation for the containers | `false` | +| `grafana.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | +| `grafana.resources.limits` | The resources limits for the container | `{}` | +| `grafana.resources.requests` | The requested resources for the container | `{}` | +| `grafana.replicaCount` | Specify the amount of replicas running | `1` | +| `grafana.podAffinityPreset` | Pod affinity preset | `""` | +| `grafana.podAntiAffinityPreset` | Pod anti-affinity preset | `soft` | +| `grafana.nodeAffinityPreset.type` | Set nodeAffinity preset type | `""` | +| `grafana.nodeAffinityPreset.key` | Set nodeAffinity preset key | `""` | +| `grafana.nodeAffinityPreset.values` | Set nodeAffinity preset values | `[]` | +| `grafana.affinity` | Affinity for controller pod assignment | `{}` | +| `grafana.nodeSelector` | Node labels for controller pod assignment | `{}` | +| `grafana.tolerations` | Tolerations for controller pod assignment | `[]` | +| `grafana.envFrom` | Extra environment variable to pass to the running container | `[]` | +| `grafana.client.timeout` | The timeout in seconds for the Grafana Rest API on that instance | `5` | +| `grafana.labels` | Add additional labels to the grafana deployment, service and ingress resources | `{}` | +| `grafana.service.type` | Kubernetes Service type | `ClusterIP` | +| `grafana.service.annotations` | Additional custom annotations for Grafana service | `{}` | +| `grafana.service.extraPorts` | Extra ports to expose in the Grafana service | `[]` | +| `grafana.ingress.enabled` | If an ingress or OpenShift Route should be created | `false` | +| `grafana.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `grafana.ingress.host` | The host under which the grafana instance should be reachable. If empty the parameter will not be set. | `grafana.local` | +| `grafana.ingress.path` | The path for the ingress instance to forward to the grafana app | `/` | +| `grafana.ingress.pathType` | The pathType for the ingress instance to forward to the grafana app | `ImplementationSpecific` | +| `grafana.ingress.labels` | Additional Labels for the ingress resource | `{}` | +| `grafana.ingress.annotations` | Additional Annotations for the ingress resource | `{}` | +| `grafana.ingress.tls` | This enables tls support for the ingress resource | `false` | +| `grafana.ingress.tlsSecret` | The name for the secret to use for the tls termination | `grafana.local-tls` | +| `grafana.persistence.enabled` | Enable persistent storage for the grafana deployment | `false` | +| `grafana.persistence.storageClass` | Define the storageClass for the persistent storage if not defined default is used | `""` | +| `grafana.persistence.existingVolume` | Define the existingVolume for the persistent storage provisioned outside this chart | `""` | +| `grafana.persistence.accessModes` | Define the accessModes for the persistent storage | `["ReadWriteOnce"]` | +| `grafana.persistence.annotations` | Add annotations to the persistent volume | `{}` | +| `grafana.persistence.size` | Define the size of the PersistentVolumeClaim to request for | `10Gi` | +| `grafana.config` | grafana.ini configuration for the instance for this to configure please look at upstream docs | `{}` | +| `grafana.jsonnetLibrarySelector` | Configuring the read for jsonnetLibraries to pull in. | `{}` | +| `grafana.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `grafana.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `grafana.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `grafana.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `grafana.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `grafana.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `grafana.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `grafana.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `grafana.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `grafana.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `grafana.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `grafana.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `grafana.updateStrategy` | Set up update strategy for Grafana installation. | `{}` | +| `grafana.extraVolumes` | Optionally specify extra list of additional volumes for the grafana pod(s) | `[]` | +| `grafana.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the grafana container | `[]` | +| `grafana.secrets` | Optionally specify a list of secrets to be mounted to the grafana pod(s) | `[]` | +| `grafana.sidecars` | Add additional sidecar containers to the grafana pod(s) | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set livenessProbe.successThreshold=5 \ - oci://registry-1.docker.io/bitnamicharts/grafana-operator + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `livenessProbe.successThreshold` to `5`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/grafana-operator +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Configuration and installation details ### [Rolling vs Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) @@ -304,9 +312,11 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/grafana-operator +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 3.0.0 In this version use different apiVersion in CRDs `integreatly.org/v1alpha1` -> `grafana.integreatly.org/v1beta1` diff --git a/bitnami/grafana-operator/values.yaml b/bitnami/grafana-operator/values.yaml index f347b929825881..9d2c4c9f777b14 100644 --- a/bitnami/grafana-operator/values.yaml +++ b/bitnami/grafana-operator/values.yaml @@ -141,8 +141,8 @@ operator: ## updateStrategy: type: Recreate - ## @param operator.image.registry Grafana Operator image registry - ## @param operator.image.repository Grafana Operator image name + ## @param operator.image.registry [default: REGISTRY_NAME] Grafana Operator image registry + ## @param operator.image.repository [default: REPOSITORY_NAME/grafana-operator] Grafana Operator image name ## @param operator.image.tag Grafana Operator image tag ## @param operator.image.digest Grafana Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param operator.image.pullPolicy Grafana Operator image pull policy @@ -414,8 +414,8 @@ grafana: ## @param grafana.enabled Enabled the deployment of the Grafana CRD object into the cluster ## enabled: true - ## @param grafana.image.registry Grafana image registry - ## @param grafana.image.repository Grafana image name + ## @param grafana.image.registry [default: REGISTRY_NAME] Grafana image registry + ## @param grafana.image.repository [default: REPOSITORY_NAME/grafana] Grafana image name ## @param grafana.image.tag Grafana image tag ## @param grafana.image.digest Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param grafana.image.pullPolicy Grafana image pull policy diff --git a/bitnami/grafana-tempo/README.md b/bitnami/grafana-tempo/README.md index 71b64013f3fa23..18e4ee9a4e9e6b 100644 --- a/bitnami/grafana-tempo/README.md +++ b/bitnami/grafana-tempo/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-tempo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-tempo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Grafana Tempo in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana-tempo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-tempo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys grafana-tempo on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,33 +85,33 @@ The command removes all the Kubernetes components associated with the chart and ### Common Grafana Tempo Parameters -| Name | Description | Value | -| -------------------------------------- | ------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `tempo.image.registry` | Grafana Tempo image registry | `docker.io` | -| `tempo.image.repository` | Grafana Tempo image repository | `bitnami/grafana-tempo` | -| `tempo.image.tag` | Grafana Tempo image tag (immutable tags are recommended) | `2.2.3-debian-11-r23` | -| `tempo.image.digest` | Grafana Tempo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `tempo.image.pullPolicy` | Grafana Tempo image pull policy | `IfNotPresent` | -| `tempo.image.pullSecrets` | Grafana Tempo image pull secrets | `[]` | -| `tempo.memBallastSizeMbs` | Tempo components memory ballast size in MB | `1024` | -| `tempo.dataDir` | Tempo components data directory | `/bitnami/grafana-tempo/data` | -| `tempo.traces.jaeger.grpc` | Enable Tempo to ingest Jaeger GRPC traces | `true` | -| `tempo.traces.jaeger.thriftBinary` | Enable Tempo to ingest Jaeger Thrift Binary traces | `false` | -| `tempo.traces.jaeger.thriftCompact` | Enable Tempo to ingest Jaeger Thrift Compact traces | `false` | -| `tempo.traces.jaeger.thriftHttp` | Enable Tempo to ingest Jaeger Thrift HTTP traces | `true` | -| `tempo.traces.otlp.http` | Enable Tempo to ingest Open Telemetry HTTP traces | `false` | -| `tempo.traces.otlp.grpc` | Enable Tempo to ingest Open Telemetry GRPC traces | `false` | -| `tempo.traces.opencensus` | Enable Tempo to ingest Open Census traces | `false` | -| `tempo.traces.zipkin` | Enable Tempo to ingest Zipkin traces | `false` | -| `tempo.configuration` | Tempo components configuration | `""` | -| `tempo.existingConfigmap` | Name of a ConfigMap with the Tempo configuration | `""` | -| `tempo.overridesConfiguration` | Tempo components overrides configuration settings | `""` | -| `tempo.existingOverridesConfigmap` | Name of a ConfigMap with the tempo overrides configuration | `""` | -| `tempo.containerPorts.web` | Tempo components web container port | `3200` | -| `tempo.containerPorts.grpc` | Tempo components GRPC container port | `9095` | -| `tempo.containerPorts.gossipRing` | Tempo components Gossip Ring container port | `7946` | -| `tempo.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | -| `tempo.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | +| Name | Description | Value | +| -------------------------------------- | ------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `tempo.image.registry` | Grafana Tempo image registry | `REGISTRY_NAME` | +| `tempo.image.repository` | Grafana Tempo image repository | `REPOSITORY_NAME/grafana-tempo` | +| `tempo.image.tag` | Grafana Tempo image tag (immutable tags are recommended) | `2.2.3-debian-11-r23` | +| `tempo.image.digest` | Grafana Tempo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `tempo.image.pullPolicy` | Grafana Tempo image pull policy | `IfNotPresent` | +| `tempo.image.pullSecrets` | Grafana Tempo image pull secrets | `[]` | +| `tempo.memBallastSizeMbs` | Tempo components memory ballast size in MB | `1024` | +| `tempo.dataDir` | Tempo components data directory | `/bitnami/grafana-tempo/data` | +| `tempo.traces.jaeger.grpc` | Enable Tempo to ingest Jaeger GRPC traces | `true` | +| `tempo.traces.jaeger.thriftBinary` | Enable Tempo to ingest Jaeger Thrift Binary traces | `false` | +| `tempo.traces.jaeger.thriftCompact` | Enable Tempo to ingest Jaeger Thrift Compact traces | `false` | +| `tempo.traces.jaeger.thriftHttp` | Enable Tempo to ingest Jaeger Thrift HTTP traces | `true` | +| `tempo.traces.otlp.http` | Enable Tempo to ingest Open Telemetry HTTP traces | `false` | +| `tempo.traces.otlp.grpc` | Enable Tempo to ingest Open Telemetry GRPC traces | `false` | +| `tempo.traces.opencensus` | Enable Tempo to ingest Open Census traces | `false` | +| `tempo.traces.zipkin` | Enable Tempo to ingest Zipkin traces | `false` | +| `tempo.configuration` | Tempo components configuration | `""` | +| `tempo.existingConfigmap` | Name of a ConfigMap with the Tempo configuration | `""` | +| `tempo.overridesConfiguration` | Tempo components overrides configuration settings | `""` | +| `tempo.existingOverridesConfigmap` | Name of a ConfigMap with the tempo overrides configuration | `""` | +| `tempo.containerPorts.web` | Tempo components web container port | `3200` | +| `tempo.containerPorts.grpc` | Tempo components GRPC container port | `9095` | +| `tempo.containerPorts.gossipRing` | Tempo components Gossip Ring container port | `7946` | +| `tempo.gossipRing.service.ports.http` | Gossip Ring HTTP headless service port | `7946` | +| `tempo.gossipRing.service.annotations` | Additional custom annotations for Gossip Ring headless service | `{}` | ### Compactor Deployment Parameters @@ -513,106 +517,106 @@ The command removes all the Kubernetes components associated with the chart and ### Query Frontend Deployment Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `queryFrontend.extraEnvVars` | Array with extra environment variables to add to queryFrontend nodes | `[]` | -| `queryFrontend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for queryFrontend nodes | `""` | -| `queryFrontend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for queryFrontend nodes | `""` | -| `queryFrontend.command` | Override default container command (useful when using custom images) | `[]` | -| `queryFrontend.args` | Override default container args (useful when using custom images) | `[]` | -| `queryFrontend.replicaCount` | Number of queryFrontend replicas to deploy | `1` | -| `queryFrontend.livenessProbe.enabled` | Enable livenessProbe on queryFrontend nodes | `true` | -| `queryFrontend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `queryFrontend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `queryFrontend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `queryFrontend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `queryFrontend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `queryFrontend.readinessProbe.enabled` | Enable readinessProbe on queryFrontend nodes | `true` | -| `queryFrontend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `queryFrontend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `queryFrontend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `queryFrontend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `queryFrontend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `queryFrontend.startupProbe.enabled` | Enable startupProbe on queryFrontend containers | `false` | -| `queryFrontend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `queryFrontend.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `queryFrontend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `queryFrontend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `queryFrontend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `queryFrontend.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `queryFrontend.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `queryFrontend.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `queryFrontend.resources.limits` | The resources limits for the queryFrontend containers | `{}` | -| `queryFrontend.resources.requests` | The requested resources for the queryFrontend containers | `{}` | -| `queryFrontend.podSecurityContext.enabled` | Enabled queryFrontend pods' Security Context | `true` | -| `queryFrontend.podSecurityContext.fsGroup` | Set queryFrontend pod's Security Context fsGroup | `1001` | -| `queryFrontend.containerSecurityContext.enabled` | Enabled queryFrontend containers' Security Context | `true` | -| `queryFrontend.containerSecurityContext.runAsUser` | Set queryFrontend containers' Security Context runAsUser | `1001` | -| `queryFrontend.containerSecurityContext.runAsNonRoot` | Set queryFrontend containers' Security Context runAsNonRoot | `true` | -| `queryFrontend.lifecycleHooks` | for the queryFrontend container(s) to automate configuration before or after startup | `{}` | -| `queryFrontend.hostAliases` | queryFrontend pods host aliases | `[]` | -| `queryFrontend.podLabels` | Extra labels for queryFrontend pods | `{}` | -| `queryFrontend.podAnnotations` | Annotations for queryFrontend pods | `{}` | -| `queryFrontend.podAffinityPreset` | Pod affinity preset. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `queryFrontend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `queryFrontend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `queryFrontend.nodeAffinityPreset.key` | Node label key to match. Ignored if `queryFrontend.affinity` is set | `""` | -| `queryFrontend.nodeAffinityPreset.values` | Node label values to match. Ignored if `queryFrontend.affinity` is set | `[]` | -| `queryFrontend.affinity` | Affinity for queryFrontend pods assignment | `{}` | -| `queryFrontend.nodeSelector` | Node labels for queryFrontend pods assignment | `{}` | -| `queryFrontend.tolerations` | Tolerations for queryFrontend pods assignment | `[]` | -| `queryFrontend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `queryFrontend.priorityClassName` | queryFrontend pods' priorityClassName | `""` | -| `queryFrontend.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `queryFrontend.updateStrategy.type` | queryFrontend statefulset strategy type | `RollingUpdate` | -| `queryFrontend.updateStrategy.rollingUpdate` | queryFrontend statefulset rolling update configuration parameters | `{}` | -| `queryFrontend.extraVolumes` | Optionally specify extra list of additional volumes for the queryFrontend pod(s) | `[]` | -| `queryFrontend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the queryFrontend container(s) | `[]` | -| `queryFrontend.sidecars` | Add additional sidecar containers to the queryFrontend pod(s) | `[]` | -| `queryFrontend.initContainers` | Add additional init containers to the queryFrontend pod(s) | `[]` | -| `queryFrontend.query.image.registry` | Grafana Tempo Query image registry | `docker.io` | -| `queryFrontend.query.image.repository` | Grafana Tempo Query image repository | `bitnami/grafana-tempo-query` | -| `queryFrontend.query.image.tag` | Grafana Tempo Query image tag (immutable tags are recommended) | `2.2.3-debian-11-r12` | -| `queryFrontend.query.image.digest` | Grafana Tempo Query image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `queryFrontend.query.image.pullPolicy` | Grafana Tempo Query image pull policy | `IfNotPresent` | -| `queryFrontend.query.image.pullSecrets` | Grafana Tempo Query image pull secrets | `[]` | -| `queryFrontend.query.configuration` | Query sidecar configuration | `""` | -| `queryFrontend.query.containerPorts.jaegerMetrics` | queryFrontend query sidecar Jaeger metrics container port | `16687` | -| `queryFrontend.query.containerPorts.jaegerUI` | queryFrontend query sidecar Jaeger UI container port | `16686` | -| `queryFrontend.query.existingConfigmap` | Name of a configmap with the query configuration | `""` | -| `queryFrontend.query.extraEnvVars` | Array with extra environment variables to add to queryFrontend nodes | `[]` | -| `queryFrontend.query.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for queryFrontend nodes | `""` | -| `queryFrontend.query.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for queryFrontend nodes | `""` | -| `queryFrontend.query.command` | Override default container command (useful when using custom images) | `[]` | -| `queryFrontend.query.args` | Override default container args (useful when using custom images) | `[]` | -| `queryFrontend.query.livenessProbe.enabled` | Enable livenessProbe on Query sidecar nodes | `true` | -| `queryFrontend.query.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `queryFrontend.query.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `queryFrontend.query.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `queryFrontend.query.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `queryFrontend.query.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `queryFrontend.query.readinessProbe.enabled` | Enable readinessProbe on Query sidecar nodes | `true` | -| `queryFrontend.query.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `queryFrontend.query.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `queryFrontend.query.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `queryFrontend.query.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `queryFrontend.query.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `queryFrontend.query.startupProbe.enabled` | Enable startupProbe on Query sidecar containers | `false` | -| `queryFrontend.query.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `queryFrontend.query.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `queryFrontend.query.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `queryFrontend.query.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `queryFrontend.query.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `queryFrontend.query.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `queryFrontend.query.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `queryFrontend.query.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `queryFrontend.query.lifecycleHooks` | for the query sidecar container(s) to automate configuration before or after startup | `{}` | -| `queryFrontend.query.containerSecurityContext.enabled` | Enabled queryFrontend query sidecar containers' Security Context | `true` | -| `queryFrontend.query.containerSecurityContext.runAsUser` | Set queryFrontend query sidecar containers' Security Context runAsUser | `1001` | -| `queryFrontend.query.containerSecurityContext.runAsNonRoot` | Set queryFrontend query sidecar containers' Security Context runAsNonRoot | `true` | -| `queryFrontend.query.resources.limits` | The resources limits for the query sidecar containers | `{}` | -| `queryFrontend.query.resources.requests` | The requested resources for the query sidecar containers | `{}` | -| `queryFrontend.query.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the queryFrontend container(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | +| `queryFrontend.extraEnvVars` | Array with extra environment variables to add to queryFrontend nodes | `[]` | +| `queryFrontend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for queryFrontend nodes | `""` | +| `queryFrontend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for queryFrontend nodes | `""` | +| `queryFrontend.command` | Override default container command (useful when using custom images) | `[]` | +| `queryFrontend.args` | Override default container args (useful when using custom images) | `[]` | +| `queryFrontend.replicaCount` | Number of queryFrontend replicas to deploy | `1` | +| `queryFrontend.livenessProbe.enabled` | Enable livenessProbe on queryFrontend nodes | `true` | +| `queryFrontend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `queryFrontend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `queryFrontend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `queryFrontend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `queryFrontend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `queryFrontend.readinessProbe.enabled` | Enable readinessProbe on queryFrontend nodes | `true` | +| `queryFrontend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `queryFrontend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `queryFrontend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `queryFrontend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `queryFrontend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `queryFrontend.startupProbe.enabled` | Enable startupProbe on queryFrontend containers | `false` | +| `queryFrontend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `queryFrontend.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `queryFrontend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `queryFrontend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `queryFrontend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `queryFrontend.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `queryFrontend.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `queryFrontend.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `queryFrontend.resources.limits` | The resources limits for the queryFrontend containers | `{}` | +| `queryFrontend.resources.requests` | The requested resources for the queryFrontend containers | `{}` | +| `queryFrontend.podSecurityContext.enabled` | Enabled queryFrontend pods' Security Context | `true` | +| `queryFrontend.podSecurityContext.fsGroup` | Set queryFrontend pod's Security Context fsGroup | `1001` | +| `queryFrontend.containerSecurityContext.enabled` | Enabled queryFrontend containers' Security Context | `true` | +| `queryFrontend.containerSecurityContext.runAsUser` | Set queryFrontend containers' Security Context runAsUser | `1001` | +| `queryFrontend.containerSecurityContext.runAsNonRoot` | Set queryFrontend containers' Security Context runAsNonRoot | `true` | +| `queryFrontend.lifecycleHooks` | for the queryFrontend container(s) to automate configuration before or after startup | `{}` | +| `queryFrontend.hostAliases` | queryFrontend pods host aliases | `[]` | +| `queryFrontend.podLabels` | Extra labels for queryFrontend pods | `{}` | +| `queryFrontend.podAnnotations` | Annotations for queryFrontend pods | `{}` | +| `queryFrontend.podAffinityPreset` | Pod affinity preset. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `queryFrontend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `queryFrontend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `queryFrontend.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `queryFrontend.nodeAffinityPreset.key` | Node label key to match. Ignored if `queryFrontend.affinity` is set | `""` | +| `queryFrontend.nodeAffinityPreset.values` | Node label values to match. Ignored if `queryFrontend.affinity` is set | `[]` | +| `queryFrontend.affinity` | Affinity for queryFrontend pods assignment | `{}` | +| `queryFrontend.nodeSelector` | Node labels for queryFrontend pods assignment | `{}` | +| `queryFrontend.tolerations` | Tolerations for queryFrontend pods assignment | `[]` | +| `queryFrontend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `queryFrontend.priorityClassName` | queryFrontend pods' priorityClassName | `""` | +| `queryFrontend.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `queryFrontend.updateStrategy.type` | queryFrontend statefulset strategy type | `RollingUpdate` | +| `queryFrontend.updateStrategy.rollingUpdate` | queryFrontend statefulset rolling update configuration parameters | `{}` | +| `queryFrontend.extraVolumes` | Optionally specify extra list of additional volumes for the queryFrontend pod(s) | `[]` | +| `queryFrontend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the queryFrontend container(s) | `[]` | +| `queryFrontend.sidecars` | Add additional sidecar containers to the queryFrontend pod(s) | `[]` | +| `queryFrontend.initContainers` | Add additional init containers to the queryFrontend pod(s) | `[]` | +| `queryFrontend.query.image.registry` | Grafana Tempo Query image registry | `REGISTRY_NAME` | +| `queryFrontend.query.image.repository` | Grafana Tempo Query image repository | `REPOSITORY_NAME/grafana-tempo-query` | +| `queryFrontend.query.image.tag` | Grafana Tempo Query image tag (immutable tags are recommended) | `2.2.3-debian-11-r12` | +| `queryFrontend.query.image.digest` | Grafana Tempo Query image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `queryFrontend.query.image.pullPolicy` | Grafana Tempo Query image pull policy | `IfNotPresent` | +| `queryFrontend.query.image.pullSecrets` | Grafana Tempo Query image pull secrets | `[]` | +| `queryFrontend.query.configuration` | Query sidecar configuration | `""` | +| `queryFrontend.query.containerPorts.jaegerMetrics` | queryFrontend query sidecar Jaeger metrics container port | `16687` | +| `queryFrontend.query.containerPorts.jaegerUI` | queryFrontend query sidecar Jaeger UI container port | `16686` | +| `queryFrontend.query.existingConfigmap` | Name of a configmap with the query configuration | `""` | +| `queryFrontend.query.extraEnvVars` | Array with extra environment variables to add to queryFrontend nodes | `[]` | +| `queryFrontend.query.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for queryFrontend nodes | `""` | +| `queryFrontend.query.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for queryFrontend nodes | `""` | +| `queryFrontend.query.command` | Override default container command (useful when using custom images) | `[]` | +| `queryFrontend.query.args` | Override default container args (useful when using custom images) | `[]` | +| `queryFrontend.query.livenessProbe.enabled` | Enable livenessProbe on Query sidecar nodes | `true` | +| `queryFrontend.query.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `queryFrontend.query.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `queryFrontend.query.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `queryFrontend.query.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `queryFrontend.query.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `queryFrontend.query.readinessProbe.enabled` | Enable readinessProbe on Query sidecar nodes | `true` | +| `queryFrontend.query.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `queryFrontend.query.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `queryFrontend.query.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `queryFrontend.query.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `queryFrontend.query.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `queryFrontend.query.startupProbe.enabled` | Enable startupProbe on Query sidecar containers | `false` | +| `queryFrontend.query.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `queryFrontend.query.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `queryFrontend.query.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `queryFrontend.query.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `queryFrontend.query.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `queryFrontend.query.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `queryFrontend.query.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `queryFrontend.query.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `queryFrontend.query.lifecycleHooks` | for the query sidecar container(s) to automate configuration before or after startup | `{}` | +| `queryFrontend.query.containerSecurityContext.enabled` | Enabled queryFrontend query sidecar containers' Security Context | `true` | +| `queryFrontend.query.containerSecurityContext.runAsUser` | Set queryFrontend query sidecar containers' Security Context runAsUser | `1001` | +| `queryFrontend.query.containerSecurityContext.runAsNonRoot` | Set queryFrontend query sidecar containers' Security Context runAsNonRoot | `true` | +| `queryFrontend.query.resources.limits` | The resources limits for the query sidecar containers | `{}` | +| `queryFrontend.query.resources.requests` | The requested resources for the query sidecar containers | `{}` | +| `queryFrontend.query.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the queryFrontend container(s) | `[]` | ### Query Frontend Traffic Exposure Parameters @@ -635,71 +639,71 @@ The command removes all the Kubernetes components associated with the chart and ### Vulture Deployment Parameters -| Name | Description | Value | -| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------------- | -| `vulture.enabled` | Enable vulture deployment | `true` | -| `vulture.image.registry` | Grafana Vulture image registry | `docker.io` | -| `vulture.image.repository` | Grafana Vulture image repository | `bitnami/grafana-tempo-vulture` | -| `vulture.image.tag` | Grafana Vulture image tag (immutable tags are recommended) | `2.2.3-debian-11-r10` | -| `vulture.image.digest` | Grafana Vulture image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `vulture.image.pullPolicy` | Grafana Vulture image pull policy | `IfNotPresent` | -| `vulture.image.pullSecrets` | Grafana Vulture image pull secrets | `[]` | -| `vulture.extraEnvVars` | Array with extra environment variables to add to vulture nodes | `[]` | -| `vulture.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for vulture nodes | `""` | -| `vulture.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for vulture nodes | `""` | -| `vulture.command` | Override default container command (useful when using custom images) | `[]` | -| `vulture.args` | Override default container args (useful when using custom images) | `[]` | -| `vulture.replicaCount` | Number of Vulture replicas to deploy | `1` | -| `vulture.livenessProbe.enabled` | Enable livenessProbe on Vulture nodes | `true` | -| `vulture.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `vulture.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `vulture.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `vulture.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `vulture.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `vulture.readinessProbe.enabled` | Enable readinessProbe on Vulture nodes | `true` | -| `vulture.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `vulture.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `vulture.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `vulture.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `vulture.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `vulture.startupProbe.enabled` | Enable startupProbe on Vulture containers | `false` | -| `vulture.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `vulture.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `vulture.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `vulture.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `vulture.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `vulture.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `vulture.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `vulture.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `vulture.resources.limits` | The resources limits for the Vulture containers | `{}` | -| `vulture.resources.requests` | The requested resources for the Vulture containers | `{}` | -| `vulture.podSecurityContext.enabled` | Enabled Vulture pods' Security Context | `true` | -| `vulture.podSecurityContext.fsGroup` | Set Vulture pod's Security Context fsGroup | `1001` | -| `vulture.containerSecurityContext.enabled` | Enabled Vulture containers' Security Context | `true` | -| `vulture.containerSecurityContext.runAsUser` | Set Vulture containers' Security Context runAsUser | `1001` | -| `vulture.containerSecurityContext.runAsNonRoot` | Set Vulture containers' Security Context runAsNonRoot | `true` | -| `vulture.lifecycleHooks` | for the vulture container(s) to automate configuration before or after startup | `{}` | -| `vulture.hostAliases` | vulture pods host aliases | `[]` | -| `vulture.podLabels` | Extra labels for vulture pods | `{}` | -| `vulture.podAnnotations` | Annotations for vulture pods | `{}` | -| `vulture.podAffinityPreset` | Pod affinity preset. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `vulture.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `vulture.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `vulture.nodeAffinityPreset.key` | Node label key to match. Ignored if `vulture.affinity` is set | `""` | -| `vulture.nodeAffinityPreset.values` | Node label values to match. Ignored if `vulture.affinity` is set | `[]` | -| `vulture.containerPorts.http` | Vulture components HTTP container port | `8080` | -| `vulture.affinity` | Affinity for Vulture pods assignment | `{}` | -| `vulture.nodeSelector` | Node labels for Vulture pods assignment | `{}` | -| `vulture.tolerations` | Tolerations for Vulture pods assignment | `[]` | -| `vulture.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `vulture.priorityClassName` | Vulture pods' priorityClassName | `""` | -| `vulture.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `vulture.updateStrategy.type` | Vulture statefulset strategy type | `RollingUpdate` | -| `vulture.updateStrategy.rollingUpdate` | Vulture statefulset rolling update configuration parameters | `{}` | -| `vulture.extraVolumes` | Optionally specify extra list of additional volumes for the Vulture pod(s) | `[]` | -| `vulture.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vulture container(s) | `[]` | -| `vulture.sidecars` | Add additional sidecar containers to the Vulture pod(s) | `[]` | -| `vulture.initContainers` | Add additional init containers to the Vulture pod(s) | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------------- | +| `vulture.enabled` | Enable vulture deployment | `true` | +| `vulture.image.registry` | Grafana Vulture image registry | `REGISTRY_NAME` | +| `vulture.image.repository` | Grafana Vulture image repository | `REPOSITORY_NAME/grafana-tempo-vulture` | +| `vulture.image.tag` | Grafana Vulture image tag (immutable tags are recommended) | `2.2.3-debian-11-r10` | +| `vulture.image.digest` | Grafana Vulture image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `vulture.image.pullPolicy` | Grafana Vulture image pull policy | `IfNotPresent` | +| `vulture.image.pullSecrets` | Grafana Vulture image pull secrets | `[]` | +| `vulture.extraEnvVars` | Array with extra environment variables to add to vulture nodes | `[]` | +| `vulture.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for vulture nodes | `""` | +| `vulture.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for vulture nodes | `""` | +| `vulture.command` | Override default container command (useful when using custom images) | `[]` | +| `vulture.args` | Override default container args (useful when using custom images) | `[]` | +| `vulture.replicaCount` | Number of Vulture replicas to deploy | `1` | +| `vulture.livenessProbe.enabled` | Enable livenessProbe on Vulture nodes | `true` | +| `vulture.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `vulture.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `vulture.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `vulture.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `vulture.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `vulture.readinessProbe.enabled` | Enable readinessProbe on Vulture nodes | `true` | +| `vulture.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `vulture.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `vulture.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `vulture.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `vulture.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `vulture.startupProbe.enabled` | Enable startupProbe on Vulture containers | `false` | +| `vulture.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `vulture.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `vulture.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `vulture.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `vulture.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `vulture.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `vulture.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `vulture.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `vulture.resources.limits` | The resources limits for the Vulture containers | `{}` | +| `vulture.resources.requests` | The requested resources for the Vulture containers | `{}` | +| `vulture.podSecurityContext.enabled` | Enabled Vulture pods' Security Context | `true` | +| `vulture.podSecurityContext.fsGroup` | Set Vulture pod's Security Context fsGroup | `1001` | +| `vulture.containerSecurityContext.enabled` | Enabled Vulture containers' Security Context | `true` | +| `vulture.containerSecurityContext.runAsUser` | Set Vulture containers' Security Context runAsUser | `1001` | +| `vulture.containerSecurityContext.runAsNonRoot` | Set Vulture containers' Security Context runAsNonRoot | `true` | +| `vulture.lifecycleHooks` | for the vulture container(s) to automate configuration before or after startup | `{}` | +| `vulture.hostAliases` | vulture pods host aliases | `[]` | +| `vulture.podLabels` | Extra labels for vulture pods | `{}` | +| `vulture.podAnnotations` | Annotations for vulture pods | `{}` | +| `vulture.podAffinityPreset` | Pod affinity preset. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vulture.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `vulture.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `vulture.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `vulture.nodeAffinityPreset.key` | Node label key to match. Ignored if `vulture.affinity` is set | `""` | +| `vulture.nodeAffinityPreset.values` | Node label values to match. Ignored if `vulture.affinity` is set | `[]` | +| `vulture.containerPorts.http` | Vulture components HTTP container port | `8080` | +| `vulture.affinity` | Affinity for Vulture pods assignment | `{}` | +| `vulture.nodeSelector` | Node labels for Vulture pods assignment | `{}` | +| `vulture.tolerations` | Tolerations for Vulture pods assignment | `[]` | +| `vulture.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `vulture.priorityClassName` | Vulture pods' priorityClassName | `""` | +| `vulture.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `vulture.updateStrategy.type` | Vulture statefulset strategy type | `RollingUpdate` | +| `vulture.updateStrategy.rollingUpdate` | Vulture statefulset rolling update configuration parameters | `{}` | +| `vulture.extraVolumes` | Optionally specify extra list of additional volumes for the Vulture pod(s) | `[]` | +| `vulture.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vulture container(s) | `[]` | +| `vulture.sidecars` | Add additional sidecar containers to the Vulture pod(s) | `[]` | +| `vulture.initContainers` | Add additional init containers to the Vulture pod(s) | `[]` | ### Vulture Traffic Exposure Parameters @@ -719,18 +723,18 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -779,17 +783,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set tempo.traces.jaeger.grpc=true \ - oci://registry-1.docker.io/bitnamicharts/grafana-tempo + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-tempo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables the Jaeger GRPC traces. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/grafana-tempo +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-tempo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/grafana-tempo/values.yaml b/bitnami/grafana-tempo/values.yaml index 31b1c4d8858424..282ce06e562450 100644 --- a/bitnami/grafana-tempo/values.yaml +++ b/bitnami/grafana-tempo/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: tempo: ## Bitnami Grafana Tempo image ## ref: https://hub.docker.com/r/bitnami/grafana-tempo/tags/ - ## @param tempo.image.registry Grafana Tempo image registry - ## @param tempo.image.repository Grafana Tempo image repository + ## @param tempo.image.registry [default: REGISTRY_NAME] Grafana Tempo image registry + ## @param tempo.image.repository [default: REPOSITORY_NAME/grafana-tempo] Grafana Tempo image repository ## @param tempo.image.tag Grafana Tempo image tag (immutable tags are recommended) ## @param tempo.image.digest Grafana Tempo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param tempo.image.pullPolicy Grafana Tempo image pull policy @@ -1812,8 +1812,8 @@ queryFrontend: query: ## Bitnami Grafana Tempo Query image ## ref: https://hub.docker.com/r/bitnami/grafana-tempo-query/tags/ - ## @param queryFrontend.query.image.registry Grafana Tempo Query image registry - ## @param queryFrontend.query.image.repository Grafana Tempo Query image repository + ## @param queryFrontend.query.image.registry [default: REGISTRY_NAME] Grafana Tempo Query image registry + ## @param queryFrontend.query.image.repository [default: REPOSITORY_NAME/grafana-tempo-query] Grafana Tempo Query image repository ## @param queryFrontend.query.image.tag Grafana Tempo Query image tag (immutable tags are recommended) ## @param queryFrontend.query.image.digest Grafana Tempo Query image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param queryFrontend.query.image.pullPolicy Grafana Tempo Query image pull policy @@ -2023,8 +2023,8 @@ vulture: enabled: true ## Bitnami Grafana Vulture image ## ref: https://hub.docker.com/r/bitnami/grafana-tempo-vulture/tags/ - ## @param vulture.image.registry Grafana Vulture image registry - ## @param vulture.image.repository Grafana Vulture image repository + ## @param vulture.image.registry [default: REGISTRY_NAME] Grafana Vulture image registry + ## @param vulture.image.repository [default: REPOSITORY_NAME/grafana-tempo-vulture] Grafana Vulture image repository ## @param vulture.image.tag Grafana Vulture image tag (immutable tags are recommended) ## @param vulture.image.digest Grafana Vulture image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param vulture.image.pullPolicy Grafana Vulture image pull policy @@ -2321,8 +2321,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/grafana/README.md b/bitnami/grafana/README.md index 740279d97b0481..c643a482519c0c 100644 --- a/bitnami/grafana/README.md +++ b/bitnami/grafana/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [grafana](https://github.com/bitnami/containers/tree/main/bitnami/grafana) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Grafana in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/grafana +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy grafana on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -160,8 +164,8 @@ This solution allows to easily deploy multiple Grafana instances compared to the | Name | Description | Value | | ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `image.registry` | Grafana image registry | `docker.io` | -| `image.repository` | Grafana image repository | `bitnami/grafana` | +| `image.registry` | Grafana image registry | `REGISTRY_NAME` | +| `image.repository` | Grafana image repository | `REPOSITORY_NAME/grafana` | | `image.tag` | Grafana image tag (immutable tags are recommended) | `10.1.5-debian-11-r0` | | `image.digest` | Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Grafana image pull policy | `IfNotPresent` | @@ -357,92 +361,92 @@ This solution allows to easily deploy multiple Grafana instances compared to the ### Grafana Image Renderer parameters -| Name | Description | Value | -| -------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `imageRenderer.enabled` | Enable using a remote rendering service to render PNG images | `false` | -| `imageRenderer.image.registry` | Grafana Image Renderer image registry | `docker.io` | -| `imageRenderer.image.repository` | Grafana Image Renderer image repository | `bitnami/grafana-image-renderer` | -| `imageRenderer.image.tag` | Grafana Image Renderer image tag (immutable tags are recommended) | `3.8.3-debian-11-r4` | -| `imageRenderer.image.digest` | Grafana Image Renderer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `imageRenderer.image.pullPolicy` | Grafana Image Renderer image pull policy | `IfNotPresent` | -| `imageRenderer.image.pullSecrets` | Grafana image Renderer pull secrets | `[]` | -| `imageRenderer.replicaCount` | Number of Grafana Image Renderer Pod replicas | `1` | -| `imageRenderer.updateStrategy.type` | Grafana Image Renderer deployment strategy type. | `RollingUpdate` | -| `imageRenderer.podAnnotations` | Grafana Image Renderer Pod annotations | `{}` | -| `imageRenderer.podLabels` | Extra labels for Grafana Image Renderer pods | `{}` | -| `imageRenderer.nodeSelector` | Node labels for pod assignment | `{}` | -| `imageRenderer.hostAliases` | Grafana Image Renderer pods host aliases | `[]` | -| `imageRenderer.tolerations` | Tolerations for pod assignment | `[]` | -| `imageRenderer.priorityClassName` | Grafana Image Renderer pods' priorityClassName | `""` | -| `imageRenderer.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `imageRenderer.terminationGracePeriodSeconds` | In seconds, time the given to the Grafana Image Renderer pod needs to terminate gracefully | `""` | -| `imageRenderer.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `imageRenderer.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageRenderer.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `imageRenderer.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `imageRenderer.nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `imageRenderer.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `imageRenderer.extraEnvVars` | Array containing extra env vars to configure Grafana | `[]` | -| `imageRenderer.affinity` | Affinity for pod assignment | `{}` | -| `imageRenderer.resources.limits` | The resources limits for Grafana containers | `{}` | -| `imageRenderer.resources.requests` | The requested resources for Grafana containers | `{}` | -| `imageRenderer.podSecurityContext.enabled` | Enable securityContext on for Grafana Image Renderer deployment | `true` | -| `imageRenderer.podSecurityContext.fsGroup` | Group to configure permissions for volumes | `1001` | -| `imageRenderer.podSecurityContext.runAsUser` | User for the security context | `1001` | -| `imageRenderer.podSecurityContext.runAsNonRoot` | Run containers as non-root users | `true` | -| `imageRenderer.containerSecurityContext.enabled` | Enabled Grafana Image Renderer containers' Security Context | `true` | -| `imageRenderer.containerSecurityContext.runAsUser` | Set Grafana Image Renderer containers' Security Context runAsUser | `1001` | -| `imageRenderer.service.type` | Kubernetes Service type | `ClusterIP` | -| `imageRenderer.service.clusterIP` | Grafana service Cluster IP | `""` | -| `imageRenderer.service.ports.imageRenderer` | Grafana Image Renderer metrics port | `8080` | -| `imageRenderer.service.nodePorts.grafana` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | -| `imageRenderer.service.loadBalancerIP` | loadBalancerIP if Grafana service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `imageRenderer.service.loadBalancerSourceRanges` | loadBalancerSourceRanges if Grafana service type is `LoadBalancer` (optional, cloud specific) | `[]` | -| `imageRenderer.service.annotations` | Provide any additional annotations which may be required. | `{}` | -| `imageRenderer.service.externalTrafficPolicy` | Grafana service external traffic policy | `Cluster` | -| `imageRenderer.service.extraPorts` | Extra port to expose on Grafana service | `[]` | -| `imageRenderer.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `imageRenderer.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `imageRenderer.metrics.enabled` | Enable the export of Prometheus metrics | `false` | -| `imageRenderer.metrics.annotations` | Annotations for Prometheus metrics service[object] Prometheus annotations | `{}` | -| `imageRenderer.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `imageRenderer.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `imageRenderer.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `imageRenderer.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `imageRenderer.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `imageRenderer.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `imageRenderer.metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `imageRenderer.metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `imageRenderer.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `imageRenderer.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `imageRenderer.metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `imageRenderer.metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `imageRenderer.metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `imageRenderer.metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | -| `imageRenderer.initContainers` | Add additional init containers to the Grafana Image Renderer pod(s) | `[]` | -| `imageRenderer.sidecars` | Add additional sidecar containers to the Grafana Image Renderer pod(s) | `[]` | -| `imageRenderer.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Grafana Image Renderer nodes | `""` | -| `imageRenderer.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Grafana Image Renderer nodes | `""` | -| `imageRenderer.extraVolumes` | Optionally specify extra list of additional volumes for the Grafana Image Renderer pod(s) | `[]` | -| `imageRenderer.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Grafana Image Renderer container(s) | `[]` | -| `imageRenderer.command` | Override default container command (useful when using custom images) | `[]` | -| `imageRenderer.args` | Override default container args (useful when using custom images) | `[]` | -| `imageRenderer.lifecycleHooks` | for the Grafana Image Renderer container(s) to automate configuration before or after startup | `{}` | +| Name | Description | Value | +| -------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | +| `imageRenderer.enabled` | Enable using a remote rendering service to render PNG images | `false` | +| `imageRenderer.image.registry` | Grafana Image Renderer image registry | `REGISTRY_NAME` | +| `imageRenderer.image.repository` | Grafana Image Renderer image repository | `REPOSITORY_NAME/grafana-image-renderer` | +| `imageRenderer.image.tag` | Grafana Image Renderer image tag (immutable tags are recommended) | `3.8.3-debian-11-r4` | +| `imageRenderer.image.digest` | Grafana Image Renderer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `imageRenderer.image.pullPolicy` | Grafana Image Renderer image pull policy | `IfNotPresent` | +| `imageRenderer.image.pullSecrets` | Grafana image Renderer pull secrets | `[]` | +| `imageRenderer.replicaCount` | Number of Grafana Image Renderer Pod replicas | `1` | +| `imageRenderer.updateStrategy.type` | Grafana Image Renderer deployment strategy type. | `RollingUpdate` | +| `imageRenderer.podAnnotations` | Grafana Image Renderer Pod annotations | `{}` | +| `imageRenderer.podLabels` | Extra labels for Grafana Image Renderer pods | `{}` | +| `imageRenderer.nodeSelector` | Node labels for pod assignment | `{}` | +| `imageRenderer.hostAliases` | Grafana Image Renderer pods host aliases | `[]` | +| `imageRenderer.tolerations` | Tolerations for pod assignment | `[]` | +| `imageRenderer.priorityClassName` | Grafana Image Renderer pods' priorityClassName | `""` | +| `imageRenderer.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `imageRenderer.terminationGracePeriodSeconds` | In seconds, time the given to the Grafana Image Renderer pod needs to terminate gracefully | `""` | +| `imageRenderer.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `imageRenderer.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageRenderer.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `imageRenderer.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `imageRenderer.nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `imageRenderer.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `imageRenderer.extraEnvVars` | Array containing extra env vars to configure Grafana | `[]` | +| `imageRenderer.affinity` | Affinity for pod assignment | `{}` | +| `imageRenderer.resources.limits` | The resources limits for Grafana containers | `{}` | +| `imageRenderer.resources.requests` | The requested resources for Grafana containers | `{}` | +| `imageRenderer.podSecurityContext.enabled` | Enable securityContext on for Grafana Image Renderer deployment | `true` | +| `imageRenderer.podSecurityContext.fsGroup` | Group to configure permissions for volumes | `1001` | +| `imageRenderer.podSecurityContext.runAsUser` | User for the security context | `1001` | +| `imageRenderer.podSecurityContext.runAsNonRoot` | Run containers as non-root users | `true` | +| `imageRenderer.containerSecurityContext.enabled` | Enabled Grafana Image Renderer containers' Security Context | `true` | +| `imageRenderer.containerSecurityContext.runAsUser` | Set Grafana Image Renderer containers' Security Context runAsUser | `1001` | +| `imageRenderer.service.type` | Kubernetes Service type | `ClusterIP` | +| `imageRenderer.service.clusterIP` | Grafana service Cluster IP | `""` | +| `imageRenderer.service.ports.imageRenderer` | Grafana Image Renderer metrics port | `8080` | +| `imageRenderer.service.nodePorts.grafana` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | +| `imageRenderer.service.loadBalancerIP` | loadBalancerIP if Grafana service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `imageRenderer.service.loadBalancerSourceRanges` | loadBalancerSourceRanges if Grafana service type is `LoadBalancer` (optional, cloud specific) | `[]` | +| `imageRenderer.service.annotations` | Provide any additional annotations which may be required. | `{}` | +| `imageRenderer.service.externalTrafficPolicy` | Grafana service external traffic policy | `Cluster` | +| `imageRenderer.service.extraPorts` | Extra port to expose on Grafana service | `[]` | +| `imageRenderer.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `imageRenderer.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `imageRenderer.metrics.enabled` | Enable the export of Prometheus metrics | `false` | +| `imageRenderer.metrics.annotations` | Annotations for Prometheus metrics service[object] Prometheus annotations | `{}` | +| `imageRenderer.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `imageRenderer.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `imageRenderer.metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `imageRenderer.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `imageRenderer.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `imageRenderer.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `imageRenderer.metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `imageRenderer.metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `imageRenderer.metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `imageRenderer.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `imageRenderer.metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `imageRenderer.metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `imageRenderer.metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `imageRenderer.metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| `imageRenderer.initContainers` | Add additional init containers to the Grafana Image Renderer pod(s) | `[]` | +| `imageRenderer.sidecars` | Add additional sidecar containers to the Grafana Image Renderer pod(s) | `[]` | +| `imageRenderer.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Grafana Image Renderer nodes | `""` | +| `imageRenderer.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Grafana Image Renderer nodes | `""` | +| `imageRenderer.extraVolumes` | Optionally specify extra list of additional volumes for the Grafana Image Renderer pod(s) | `[]` | +| `imageRenderer.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Grafana Image Renderer container(s) | `[]` | +| `imageRenderer.command` | Override default container command (useful when using custom images) | `[]` | +| `imageRenderer.args` | Override default container args (useful when using custom images) | `[]` | +| `imageRenderer.lifecycleHooks` | for the Grafana Image Renderer container(s) to automate configuration before or after startup | `{}` | ### Volume permissions init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Diagnostic Mode Parameters @@ -456,9 +460,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set admin.user=admin-user oci://registry-1.docker.io/bitnamicharts/grafana + --set admin.user=admin-user oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Grafana admin user to `admin-user`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -466,9 +472,10 @@ The above command sets the Grafana admin user to `admin-user`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/grafana +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -628,9 +635,11 @@ Since the volume access mode when persistence is enabled is `ReadWriteOnce` in o ```console kubectl delete deployment -helm upgrade oci://registry-1.docker.io/bitnamicharts/grafana +helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 4.1.0 This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. diff --git a/bitnami/grafana/values.yaml b/bitnami/grafana/values.yaml index 5af8da5e4cb33f..10a4bbe32ed053 100644 --- a/bitnami/grafana/values.yaml +++ b/bitnami/grafana/values.yaml @@ -47,8 +47,8 @@ commonAnnotations: {} ## Bitnami Grafana image version ## ref: https://hub.docker.com/r/bitnami/grafana/tags/ -## @param image.registry Grafana image registry -## @param image.repository Grafana image repository +## @param image.registry [default: REGISTRY_NAME] Grafana image registry +## @param image.repository [default: REPOSITORY_NAME/grafana] Grafana image repository ## @param image.tag Grafana image tag (immutable tags are recommended) ## @param image.digest Grafana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Grafana image pull policy @@ -828,8 +828,8 @@ imageRenderer: enabled: false ## Bitnami Grafana Image Renderer image ## ref: https://hub.docker.com/r/bitnami/grafana-image-renderer/tags/ - ## @param imageRenderer.image.registry Grafana Image Renderer image registry - ## @param imageRenderer.image.repository Grafana Image Renderer image repository + ## @param imageRenderer.image.registry [default: REGISTRY_NAME] Grafana Image Renderer image registry + ## @param imageRenderer.image.repository [default: REPOSITORY_NAME/grafana-image-renderer] Grafana Image Renderer image repository ## @param imageRenderer.image.tag Grafana Image Renderer image tag (immutable tags are recommended) ## @param imageRenderer.image.digest Grafana Image Renderer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param imageRenderer.image.pullPolicy Grafana Image Renderer image pull policy @@ -1167,8 +1167,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/haproxy/README.md b/bitnami/haproxy/README.md index 6d62c5062bf872..337e1949e69890 100644 --- a/bitnami/haproxy/README.md +++ b/bitnami/haproxy/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/haproxy +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/haproxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -36,9 +38,11 @@ Looking to use HAProxy in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/haproxy +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/haproxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys haproxy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -109,79 +113,79 @@ The command removes all the Kubernetes components associated with the chart and ### HAProxy Parameters -| Name | Description | Value | -| --------------------------------------- | ------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | HAProxy image registry | `docker.io` | -| `image.repository` | HAProxy image repository | `bitnami/haproxy` | -| `image.tag` | HAProxy image tag (immutable tags are recommended) | `2.8.3-debian-11-r29` | -| `image.digest` | HAProxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | HAProxy image pull policy | `IfNotPresent` | -| `image.pullSecrets` | HAProxy image pull secrets | `[]` | -| `replicaCount` | Number of haproxy replicas to deploy | `1` | -| `startupProbe.enabled` | Enable startupProbe on haproxy nodes | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `15` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe on haproxy nodes | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe on haproxy nodes | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `15` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `resources.limits` | The resources limits for the haproxy containers | `{}` | -| `resources.requests` | The requested resources for the haproxy containers | `{}` | -| `podSecurityContext.enabled` | Enabled haproxy pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set haproxy pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled haproxy containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set haproxy containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set haproxy container's Security Context runAsNonRoot | `true` | -| `pdb.create` | Enable a Pod Disruption Budget creation | `false` | -| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `autoscaling.enabled` | Enable Horizontal POD autoscaling for HAProxy | `false` | -| `autoscaling.minReplicas` | Minimum number of HAProxy replicas | `1` | -| `autoscaling.maxReplicas` | Maximum number of HAProxy replicas | `11` | -| `autoscaling.targetCPU` | Target CPU utilization percentage | `50` | -| `autoscaling.targetMemory` | Target Memory utilization percentage | `50` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `hostAliases` | haproxy pods host aliases | `[]` | -| `podLabels` | Extra labels for haproxy pods | `{}` | -| `podAnnotations` | Annotations for haproxy pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `configuration` | haproxy configuration | `""` | -| `containerPorts` | List of container ports to enable in the haproxy container | `[]` | -| `existingConfigmap` | configmap with HAProxy configuration | `""` | -| `affinity` | Affinity for haproxy pods assignment | `{}` | -| `nodeSelector` | Node labels for haproxy pods assignment | `{}` | -| `tolerations` | Tolerations for haproxy pods assignment | `[]` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `updateStrategy.type` | haproxy statefulset strategy type | `RollingUpdate` | -| `priorityClassName` | haproxy pods' priorityClassName | `""` | -| `lifecycleHooks` | for the haproxy container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to haproxy nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for haproxy nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for haproxy nodes | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the haproxy pod(s) | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the haproxy container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the haproxy pod(s) | `[]` | -| `initContainers` | Add additional init containers to the haproxy pod(s) | `[]` | +| Name | Description | Value | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | HAProxy image registry | `REGISTRY_NAME` | +| `image.repository` | HAProxy image repository | `REPOSITORY_NAME/haproxy` | +| `image.tag` | HAProxy image tag (immutable tags are recommended) | `2.8.3-debian-11-r29` | +| `image.digest` | HAProxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | HAProxy image pull policy | `IfNotPresent` | +| `image.pullSecrets` | HAProxy image pull secrets | `[]` | +| `replicaCount` | Number of haproxy replicas to deploy | `1` | +| `startupProbe.enabled` | Enable startupProbe on haproxy nodes | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `15` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe on haproxy nodes | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on haproxy nodes | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `15` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `resources.limits` | The resources limits for the haproxy containers | `{}` | +| `resources.requests` | The requested resources for the haproxy containers | `{}` | +| `podSecurityContext.enabled` | Enabled haproxy pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set haproxy pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled haproxy containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set haproxy containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set haproxy container's Security Context runAsNonRoot | `true` | +| `pdb.create` | Enable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `autoscaling.enabled` | Enable Horizontal POD autoscaling for HAProxy | `false` | +| `autoscaling.minReplicas` | Minimum number of HAProxy replicas | `1` | +| `autoscaling.maxReplicas` | Maximum number of HAProxy replicas | `11` | +| `autoscaling.targetCPU` | Target CPU utilization percentage | `50` | +| `autoscaling.targetMemory` | Target Memory utilization percentage | `50` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `hostAliases` | haproxy pods host aliases | `[]` | +| `podLabels` | Extra labels for haproxy pods | `{}` | +| `podAnnotations` | Annotations for haproxy pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `configuration` | haproxy configuration | `""` | +| `containerPorts` | List of container ports to enable in the haproxy container | `[]` | +| `existingConfigmap` | configmap with HAProxy configuration | `""` | +| `affinity` | Affinity for haproxy pods assignment | `{}` | +| `nodeSelector` | Node labels for haproxy pods assignment | `{}` | +| `tolerations` | Tolerations for haproxy pods assignment | `[]` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `updateStrategy.type` | haproxy statefulset strategy type | `RollingUpdate` | +| `priorityClassName` | haproxy pods' priorityClassName | `""` | +| `lifecycleHooks` | for the haproxy container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to haproxy nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for haproxy nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for haproxy nodes | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the haproxy pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the haproxy container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the haproxy pod(s) | `[]` | +| `initContainers` | Add additional init containers to the haproxy pod(s) | `[]` | ### Other Parameters @@ -199,9 +203,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set service.type=LoadBalancer \ - oci://registry-1.docker.io/bitnamicharts/haproxy + oci://REGISTRY_NAME/REPOSITORY_NAME/haproxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the HAProxy service type as LoadBalancer. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -209,9 +215,10 @@ The above command sets the HAProxy service type as LoadBalancer. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/haproxy +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/haproxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/haproxy/values.yaml b/bitnami/haproxy/values.yaml index 47d5d54dfc215f..55b6b810bea74a 100644 --- a/bitnami/haproxy/values.yaml +++ b/bitnami/haproxy/values.yaml @@ -228,8 +228,8 @@ ingress: ## @section HAProxy Parameters ## -## @param image.registry HAProxy image registry -## @param image.repository HAProxy image repository +## @param image.registry [default: REGISTRY_NAME] HAProxy image registry +## @param image.repository [default: REPOSITORY_NAME/haproxy] HAProxy image repository ## @param image.tag HAProxy image tag (immutable tags are recommended) ## @param image.digest HAProxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy HAProxy image pull policy diff --git a/bitnami/harbor/README.md b/bitnami/harbor/README.md index 9805a47be19f37..bce77700a1f06c 100644 --- a/bitnami/harbor/README.md +++ b/bitnami/harbor/README.md @@ -9,9 +9,11 @@ Harbor is an open source trusted cloud-native registry to store, sign, and scan ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/harbor +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/harbor ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This [Helm](https://github.com/kubernetes/helm) chart installs [Harbor](https://github.com/goharbor/harbor) in a Kubernetes cluster. Welcome to [contribute](https://github.com/bitnami/charts/blob/main/CONTRIBUTING.md) to Helm Chart for Harbor. @@ -44,9 +46,11 @@ Looking to use Harbor in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/harbor +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/harbor ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Uninstalling the Chart To uninstall/delete the `my-release` deployment: @@ -246,328 +250,328 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Enable init container Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enable init container Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### NGINX Parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------------- | -| `nginx.image.registry` | NGINX image registry | `docker.io` | -| `nginx.image.repository` | NGINX image repository | `bitnami/nginx` | -| `nginx.image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `nginx.image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `nginx.image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | -| `nginx.image.pullSecrets` | NGINX image pull secrets | `[]` | -| `nginx.image.debug` | Enable NGINX image debug mode | `false` | -| `nginx.tls.enabled` | Enable TLS termination | `true` | -| `nginx.tls.existingSecret` | Existing secret name containing your own TLS certificates. | `""` | -| `nginx.tls.commonName` | The common name used to generate the self-signed TLS certificates | `core.harbor.domain` | -| `nginx.behindReverseProxy` | If NGINX is behind another reverse proxy, set to true | `false` | -| `nginx.command` | Override default container command (useful when using custom images) | `[]` | -| `nginx.args` | Override default container args (useful when using custom images) | `[]` | -| `nginx.extraEnvVars` | Array with extra environment variables to add NGINX pods | `[]` | -| `nginx.extraEnvVarsCM` | ConfigMap containing extra environment variables for NGINX pods | `""` | -| `nginx.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for NGINX pods | `""` | -| `nginx.containerPorts.http` | NGINX HTTP container port | `8080` | -| `nginx.containerPorts.https` | NGINX HTTPS container port | `8443` | -| `nginx.replicaCount` | Number of NGINX replicas | `1` | -| `nginx.livenessProbe.enabled` | Enable livenessProbe on NGINX containers | `true` | -| `nginx.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `nginx.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `nginx.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `nginx.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `nginx.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `nginx.readinessProbe.enabled` | Enable readinessProbe on NGINX containers | `true` | -| `nginx.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `nginx.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `nginx.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `nginx.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `nginx.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `nginx.startupProbe.enabled` | Enable startupProbe on NGINX containers | `false` | -| `nginx.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `nginx.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `nginx.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `nginx.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `nginx.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `nginx.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `nginx.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `nginx.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `nginx.resources.limits` | The resources limits for the NGINX containers | `{}` | -| `nginx.resources.requests` | The requested resources for the NGINX containers | `{}` | -| `nginx.podSecurityContext.enabled` | Enabled NGINX pods' Security Context | `true` | -| `nginx.podSecurityContext.fsGroup` | Set NGINX pod's Security Context fsGroup | `1001` | -| `nginx.containerSecurityContext.enabled` | Enabled NGINX containers' Security Context | `true` | -| `nginx.containerSecurityContext.runAsUser` | Set NGINX containers' Security Context runAsUser | `1001` | -| `nginx.containerSecurityContext.runAsNonRoot` | Set NGINX containers' Security Context runAsNonRoot | `true` | -| `nginx.updateStrategy.type` | NGINX deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `nginx.lifecycleHooks` | LifecycleHook for the NGINX container(s) to automate configuration before or after startup | `{}` | -| `nginx.hostAliases` | NGINX pods host aliases | `[]` | -| `nginx.podLabels` | Add additional labels to the NGINX pods (evaluated as a template) | `{}` | -| `nginx.podAnnotations` | Annotations to add to the NGINX pods (evaluated as a template) | `{}` | -| `nginx.podAffinityPreset` | NGINX Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nginx.podAntiAffinityPreset` | NGINX Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nginx.nodeAffinityPreset.type` | NGINX Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nginx.nodeAffinityPreset.key` | NGINX Node label key to match Ignored if `affinity` is set. | `""` | -| `nginx.nodeAffinityPreset.values` | NGINX Node label values to match. Ignored if `affinity` is set. | `[]` | -| `nginx.affinity` | NGINX Affinity for pod assignment | `{}` | -| `nginx.nodeSelector` | NGINX Node labels for pod assignment | `{}` | -| `nginx.tolerations` | NGINX Tolerations for pod assignment | `[]` | -| `nginx.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `nginx.priorityClassName` | Priority Class Name | `""` | -| `nginx.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `nginx.sidecars` | Add additional sidecar containers to the NGINX pods | `[]` | -| `nginx.initContainers` | Add additional init containers to the NGINX pods | `[]` | -| `nginx.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the NGINX pods | `[]` | -| `nginx.extraVolumes` | Optionally specify extra list of additional volumes for the NGINX pods | `[]` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----------------------- | +| `nginx.image.registry` | NGINX image registry | `REGISTRY_NAME` | +| `nginx.image.repository` | NGINX image repository | `REPOSITORY_NAME/nginx` | +| `nginx.image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `nginx.image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `nginx.image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | +| `nginx.image.pullSecrets` | NGINX image pull secrets | `[]` | +| `nginx.image.debug` | Enable NGINX image debug mode | `false` | +| `nginx.tls.enabled` | Enable TLS termination | `true` | +| `nginx.tls.existingSecret` | Existing secret name containing your own TLS certificates. | `""` | +| `nginx.tls.commonName` | The common name used to generate the self-signed TLS certificates | `core.harbor.domain` | +| `nginx.behindReverseProxy` | If NGINX is behind another reverse proxy, set to true | `false` | +| `nginx.command` | Override default container command (useful when using custom images) | `[]` | +| `nginx.args` | Override default container args (useful when using custom images) | `[]` | +| `nginx.extraEnvVars` | Array with extra environment variables to add NGINX pods | `[]` | +| `nginx.extraEnvVarsCM` | ConfigMap containing extra environment variables for NGINX pods | `""` | +| `nginx.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for NGINX pods | `""` | +| `nginx.containerPorts.http` | NGINX HTTP container port | `8080` | +| `nginx.containerPorts.https` | NGINX HTTPS container port | `8443` | +| `nginx.replicaCount` | Number of NGINX replicas | `1` | +| `nginx.livenessProbe.enabled` | Enable livenessProbe on NGINX containers | `true` | +| `nginx.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `nginx.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `nginx.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `nginx.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `nginx.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `nginx.readinessProbe.enabled` | Enable readinessProbe on NGINX containers | `true` | +| `nginx.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `nginx.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `nginx.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `nginx.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `nginx.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `nginx.startupProbe.enabled` | Enable startupProbe on NGINX containers | `false` | +| `nginx.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `nginx.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `nginx.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `nginx.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `nginx.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `nginx.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `nginx.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `nginx.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `nginx.resources.limits` | The resources limits for the NGINX containers | `{}` | +| `nginx.resources.requests` | The requested resources for the NGINX containers | `{}` | +| `nginx.podSecurityContext.enabled` | Enabled NGINX pods' Security Context | `true` | +| `nginx.podSecurityContext.fsGroup` | Set NGINX pod's Security Context fsGroup | `1001` | +| `nginx.containerSecurityContext.enabled` | Enabled NGINX containers' Security Context | `true` | +| `nginx.containerSecurityContext.runAsUser` | Set NGINX containers' Security Context runAsUser | `1001` | +| `nginx.containerSecurityContext.runAsNonRoot` | Set NGINX containers' Security Context runAsNonRoot | `true` | +| `nginx.updateStrategy.type` | NGINX deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `nginx.lifecycleHooks` | LifecycleHook for the NGINX container(s) to automate configuration before or after startup | `{}` | +| `nginx.hostAliases` | NGINX pods host aliases | `[]` | +| `nginx.podLabels` | Add additional labels to the NGINX pods (evaluated as a template) | `{}` | +| `nginx.podAnnotations` | Annotations to add to the NGINX pods (evaluated as a template) | `{}` | +| `nginx.podAffinityPreset` | NGINX Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nginx.podAntiAffinityPreset` | NGINX Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nginx.nodeAffinityPreset.type` | NGINX Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nginx.nodeAffinityPreset.key` | NGINX Node label key to match Ignored if `affinity` is set. | `""` | +| `nginx.nodeAffinityPreset.values` | NGINX Node label values to match. Ignored if `affinity` is set. | `[]` | +| `nginx.affinity` | NGINX Affinity for pod assignment | `{}` | +| `nginx.nodeSelector` | NGINX Node labels for pod assignment | `{}` | +| `nginx.tolerations` | NGINX Tolerations for pod assignment | `[]` | +| `nginx.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `nginx.priorityClassName` | Priority Class Name | `""` | +| `nginx.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `nginx.sidecars` | Add additional sidecar containers to the NGINX pods | `[]` | +| `nginx.initContainers` | Add additional init containers to the NGINX pods | `[]` | +| `nginx.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the NGINX pods | `[]` | +| `nginx.extraVolumes` | Optionally specify extra list of additional volumes for the NGINX pods | `[]` | ### Harbor Portal Parameters -| Name | Description | Value | -| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----------------------- | -| `portal.image.registry` | Harbor Portal image registry | `docker.io` | -| `portal.image.repository` | Harbor Portal image repository | `bitnami/harbor-portal` | -| `portal.image.tag` | Harbor Portal image tag (immutable tags are recommended) | `2.9.0-debian-11-r37` | -| `portal.image.digest` | Harbor Portal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `portal.image.pullPolicy` | Harbor Portal image pull policy | `IfNotPresent` | -| `portal.image.pullSecrets` | Harbor Portal image pull secrets | `[]` | -| `portal.image.debug` | Enable Harbor Portal image debug mode | `false` | -| `portal.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | -| `portal.command` | Override default container command (useful when using custom images) | `[]` | -| `portal.args` | Override default container args (useful when using custom images) | `[]` | -| `portal.extraEnvVars` | Array with extra environment variables to add Harbor Portal pods | `[]` | -| `portal.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Portal pods | `""` | -| `portal.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Portal pods | `""` | -| `portal.containerPorts.http` | Harbor Portal HTTP container port | `8080` | -| `portal.containerPorts.https` | Harbor Portal HTTPS container port | `8443` | -| `portal.replicaCount` | Number of Harbor Portal replicas | `1` | -| `portal.livenessProbe.enabled` | Enable livenessProbe on Harbor Portal containers | `true` | -| `portal.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `portal.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `portal.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `portal.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `portal.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `portal.readinessProbe.enabled` | Enable readinessProbe on Harbor Portal containers | `true` | -| `portal.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `portal.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `portal.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `portal.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `portal.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `portal.startupProbe.enabled` | Enable startupProbe on Harbor Portal containers | `false` | -| `portal.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `portal.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `portal.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `portal.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `portal.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `portal.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `portal.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `portal.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `portal.resources.limits` | The resources limits for the Harbor Portal containers | `{}` | -| `portal.resources.requests` | The requested resources for the Harbor Portal containers | `{}` | -| `portal.podSecurityContext.enabled` | Enabled Harbor Portal pods' Security Context | `true` | -| `portal.podSecurityContext.fsGroup` | Set Harbor Portal pod's Security Context fsGroup | `1001` | -| `portal.containerSecurityContext.enabled` | Enabled Harbor Portal containers' Security Context | `true` | -| `portal.containerSecurityContext.runAsUser` | Set Harbor Portal containers' Security Context runAsUser | `1001` | -| `portal.containerSecurityContext.runAsNonRoot` | Set Harbor Portal containers' Security Context runAsNonRoot | `true` | -| `portal.updateStrategy.type` | Harbor Portal deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `portal.lifecycleHooks` | LifecycleHook for the Harbor Portal container(s) to automate configuration before or after startup | `{}` | -| `portal.hostAliases` | Harbor Portal pods host aliases | `[]` | -| `portal.podLabels` | Add additional labels to the Harbor Portal pods (evaluated as a template) | `{}` | -| `portal.podAnnotations` | Annotations to add to the Harbor Portal pods (evaluated as a template) | `{}` | -| `portal.podAffinityPreset` | Harbor Portal Pod affinity preset. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `portal.podAntiAffinityPreset` | Harbor Portal Pod anti-affinity preset. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `portal.nodeAffinityPreset.type` | Harbor Portal Node affinity preset type. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `portal.nodeAffinityPreset.key` | Harbor Portal Node label key to match Ignored if `portal.affinity` is set. | `""` | -| `portal.nodeAffinityPreset.values` | Harbor Portal Node label values to match. Ignored if `portal.affinity` is set. | `[]` | -| `portal.affinity` | Harbor Portal Affinity for pod assignment | `{}` | -| `portal.nodeSelector` | Harbor Portal Node labels for pod assignment | `{}` | -| `portal.tolerations` | Harbor Portal Tolerations for pod assignment | `[]` | -| `portal.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `portal.priorityClassName` | Priority Class Name | `""` | -| `portal.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `portal.sidecars` | Add additional sidecar containers to the Harbor Portal pods | `[]` | -| `portal.initContainers` | Add additional init containers to the Harbor Portal pods | `[]` | -| `portal.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Portal pods | `[]` | -| `portal.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Portal pods | `[]` | -| `portal.automountServiceAccountToken` | Automount service account token | `false` | -| `portal.service.ports.http` | Harbor Portal HTTP service port | `80` | -| `portal.service.ports.https` | Harbor Portal HTTPS service port | `443` | +| Name | Description | Value | +| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------------- | +| `portal.image.registry` | Harbor Portal image registry | `REGISTRY_NAME` | +| `portal.image.repository` | Harbor Portal image repository | `REPOSITORY_NAME/harbor-portal` | +| `portal.image.tag` | Harbor Portal image tag (immutable tags are recommended) | `2.9.0-debian-11-r37` | +| `portal.image.digest` | Harbor Portal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `portal.image.pullPolicy` | Harbor Portal image pull policy | `IfNotPresent` | +| `portal.image.pullSecrets` | Harbor Portal image pull secrets | `[]` | +| `portal.image.debug` | Enable Harbor Portal image debug mode | `false` | +| `portal.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | +| `portal.command` | Override default container command (useful when using custom images) | `[]` | +| `portal.args` | Override default container args (useful when using custom images) | `[]` | +| `portal.extraEnvVars` | Array with extra environment variables to add Harbor Portal pods | `[]` | +| `portal.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Portal pods | `""` | +| `portal.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Portal pods | `""` | +| `portal.containerPorts.http` | Harbor Portal HTTP container port | `8080` | +| `portal.containerPorts.https` | Harbor Portal HTTPS container port | `8443` | +| `portal.replicaCount` | Number of Harbor Portal replicas | `1` | +| `portal.livenessProbe.enabled` | Enable livenessProbe on Harbor Portal containers | `true` | +| `portal.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `portal.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `portal.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `portal.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `portal.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `portal.readinessProbe.enabled` | Enable readinessProbe on Harbor Portal containers | `true` | +| `portal.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `portal.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `portal.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `portal.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `portal.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `portal.startupProbe.enabled` | Enable startupProbe on Harbor Portal containers | `false` | +| `portal.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `portal.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `portal.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `portal.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `portal.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `portal.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `portal.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `portal.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `portal.resources.limits` | The resources limits for the Harbor Portal containers | `{}` | +| `portal.resources.requests` | The requested resources for the Harbor Portal containers | `{}` | +| `portal.podSecurityContext.enabled` | Enabled Harbor Portal pods' Security Context | `true` | +| `portal.podSecurityContext.fsGroup` | Set Harbor Portal pod's Security Context fsGroup | `1001` | +| `portal.containerSecurityContext.enabled` | Enabled Harbor Portal containers' Security Context | `true` | +| `portal.containerSecurityContext.runAsUser` | Set Harbor Portal containers' Security Context runAsUser | `1001` | +| `portal.containerSecurityContext.runAsNonRoot` | Set Harbor Portal containers' Security Context runAsNonRoot | `true` | +| `portal.updateStrategy.type` | Harbor Portal deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `portal.lifecycleHooks` | LifecycleHook for the Harbor Portal container(s) to automate configuration before or after startup | `{}` | +| `portal.hostAliases` | Harbor Portal pods host aliases | `[]` | +| `portal.podLabels` | Add additional labels to the Harbor Portal pods (evaluated as a template) | `{}` | +| `portal.podAnnotations` | Annotations to add to the Harbor Portal pods (evaluated as a template) | `{}` | +| `portal.podAffinityPreset` | Harbor Portal Pod affinity preset. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `portal.podAntiAffinityPreset` | Harbor Portal Pod anti-affinity preset. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `portal.nodeAffinityPreset.type` | Harbor Portal Node affinity preset type. Ignored if `portal.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `portal.nodeAffinityPreset.key` | Harbor Portal Node label key to match Ignored if `portal.affinity` is set. | `""` | +| `portal.nodeAffinityPreset.values` | Harbor Portal Node label values to match. Ignored if `portal.affinity` is set. | `[]` | +| `portal.affinity` | Harbor Portal Affinity for pod assignment | `{}` | +| `portal.nodeSelector` | Harbor Portal Node labels for pod assignment | `{}` | +| `portal.tolerations` | Harbor Portal Tolerations for pod assignment | `[]` | +| `portal.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `portal.priorityClassName` | Priority Class Name | `""` | +| `portal.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `portal.sidecars` | Add additional sidecar containers to the Harbor Portal pods | `[]` | +| `portal.initContainers` | Add additional init containers to the Harbor Portal pods | `[]` | +| `portal.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Portal pods | `[]` | +| `portal.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Portal pods | `[]` | +| `portal.automountServiceAccountToken` | Automount service account token | `false` | +| `portal.service.ports.http` | Harbor Portal HTTP service port | `80` | +| `portal.service.ports.https` | Harbor Portal HTTPS service port | `443` | ### Harbor Core Parameters -| Name | Description | Value | -| -------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `core.image.registry` | Harbor Core image registry | `docker.io` | -| `core.image.repository` | Harbor Core image repository | `bitnami/harbor-core` | -| `core.image.tag` | Harbor Core image tag (immutable tags are recommended) | `2.9.0-debian-11-r24` | -| `core.image.digest` | Harbor Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `core.image.pullPolicy` | Harbor Core image pull policy | `IfNotPresent` | -| `core.image.pullSecrets` | Harbor Core image pull secrets | `[]` | -| `core.image.debug` | Enable Harbor Core image debug mode | `false` | -| `core.sessionLifetime` | Explicitly set a session timeout (in seconds) overriding the backend default. | `""` | -| `core.uaaSecret` | If using external UAA auth which has a self signed cert, you can provide a pre-created secret containing it under the key `ca.crt`. | `""` | -| `core.secretKey` | The key used for encryption. Must be a string of 16 chars | `""` | -| `core.secret` | Secret used when the core server communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | `""` | -| `core.tokenKey` | Key of the certificate used for token encryption/decryption. | `""` | -| `core.tokenCert` | Certificate used for token encryption/decryption. | `""` | -| `core.secretName` | Fill the name of a kubernetes secret if you want to use your own TLS certificate and private key for token encryption/decryption. The secret must contain two keys named: `tls.crt` - the certificate and `tls.key` - the private key. The default key pair will be used if it isn't set | `""` | -| `core.existingSecret` | Existing secret for core | `""` | -| `core.existingEnvVarsSecret` | Existing secret for core envvars | `""` | -| `core.csrfKey` | The CSRF key. Will be generated automatically if it isn't specified | `""` | -| `core.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | -| `core.command` | Override default container command (useful when using custom images) | `[]` | -| `core.args` | Override default container args (useful when using custom images) | `[]` | -| `core.extraEnvVars` | Array with extra environment variables to add Harbor Core pods | `[]` | -| `core.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Core pods | `""` | -| `core.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Core pods | `""` | -| `core.configOverwriteJson` | String containing a JSON with configuration overrides | `""` | -| `core.configOverwriteJsonSecret` | Secret containing the JSON configuration overrides | `""` | -| `core.containerPorts.http` | Harbor Core HTTP container port | `8080` | -| `core.containerPorts.https` | Harbor Core HTTPS container port | `8443` | -| `core.containerPorts.metrics` | Harbor Core metrics container port | `8001` | -| `core.replicaCount` | Number of Harbor Core replicas | `1` | -| `core.livenessProbe.enabled` | Enable livenessProbe on Harbor Core containers | `true` | -| `core.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `core.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `core.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `core.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `core.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `core.readinessProbe.enabled` | Enable readinessProbe on Harbor Core containers | `true` | -| `core.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `core.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `core.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `core.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `core.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `core.startupProbe.enabled` | Enable startupProbe on Harbor Core containers | `false` | -| `core.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `core.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `core.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `core.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `core.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `core.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `core.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `core.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `core.resources.limits` | The resources limits for the Harbor Core containers | `{}` | -| `core.resources.requests` | The requested resources for the Harbor Core containers | `{}` | -| `core.podSecurityContext.enabled` | Enabled Harbor Core pods' Security Context | `true` | -| `core.podSecurityContext.fsGroup` | Set Harbor Core pod's Security Context fsGroup | `1001` | -| `core.containerSecurityContext.enabled` | Enabled Harbor Core containers' Security Context | `true` | -| `core.containerSecurityContext.runAsUser` | Set Harbor Core containers' Security Context runAsUser | `1001` | -| `core.containerSecurityContext.runAsNonRoot` | Set Harbor Core containers' Security Context runAsNonRoot | `true` | -| `core.updateStrategy.type` | Harbor Core deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `core.lifecycleHooks` | LifecycleHook for the Harbor Core container(s) to automate configuration before or after startup | `{}` | -| `core.hostAliases` | Harbor Core pods host aliases | `[]` | -| `core.podLabels` | Add additional labels to the Harbor Core pods (evaluated as a template) | `{}` | -| `core.podAnnotations` | Annotations to add to the Harbor Core pods (evaluated as a template) | `{}` | -| `core.podAffinityPreset` | Harbor Core Pod affinity preset. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `core.podAntiAffinityPreset` | Harbor Core Pod anti-affinity preset. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `core.nodeAffinityPreset.type` | Harbor Core Node affinity preset type. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `core.nodeAffinityPreset.key` | Harbor Core Node label key to match Ignored if `core.affinity` is set. | `""` | -| `core.nodeAffinityPreset.values` | Harbor Core Node label values to match. Ignored if `core.affinity` is set. | `[]` | -| `core.affinity` | Harbor Core Affinity for pod assignment | `{}` | -| `core.nodeSelector` | Harbor Core Node labels for pod assignment | `{}` | -| `core.tolerations` | Harbor Core Tolerations for pod assignment | `[]` | -| `core.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `core.priorityClassName` | Priority Class Name | `""` | -| `core.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `core.sidecars` | Add additional sidecar containers to the Harbor Core pods | `[]` | -| `core.initContainers` | Add additional init containers to the Harbor Core pods | `[]` | -| `core.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Core pods | `[]` | -| `core.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Core pods | `[]` | -| `core.automountServiceAccountToken` | Automount service account token | `false` | -| `core.service.ports.http` | Harbor Core HTTP service port | `80` | -| `core.service.ports.https` | Harbor Core HTTPS service port | `443` | -| `core.service.ports.metrics` | Harbor Core metrics service port | `8001` | +| Name | Description | Value | +| -------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | +| `core.image.registry` | Harbor Core image registry | `REGISTRY_NAME` | +| `core.image.repository` | Harbor Core image repository | `REPOSITORY_NAME/harbor-core` | +| `core.image.tag` | Harbor Core image tag (immutable tags are recommended) | `2.9.0-debian-11-r24` | +| `core.image.digest` | Harbor Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `core.image.pullPolicy` | Harbor Core image pull policy | `IfNotPresent` | +| `core.image.pullSecrets` | Harbor Core image pull secrets | `[]` | +| `core.image.debug` | Enable Harbor Core image debug mode | `false` | +| `core.sessionLifetime` | Explicitly set a session timeout (in seconds) overriding the backend default. | `""` | +| `core.uaaSecret` | If using external UAA auth which has a self signed cert, you can provide a pre-created secret containing it under the key `ca.crt`. | `""` | +| `core.secretKey` | The key used for encryption. Must be a string of 16 chars | `""` | +| `core.secret` | Secret used when the core server communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | `""` | +| `core.tokenKey` | Key of the certificate used for token encryption/decryption. | `""` | +| `core.tokenCert` | Certificate used for token encryption/decryption. | `""` | +| `core.secretName` | Fill the name of a kubernetes secret if you want to use your own TLS certificate and private key for token encryption/decryption. The secret must contain two keys named: `tls.crt` - the certificate and `tls.key` - the private key. The default key pair will be used if it isn't set | `""` | +| `core.existingSecret` | Existing secret for core | `""` | +| `core.existingEnvVarsSecret` | Existing secret for core envvars | `""` | +| `core.csrfKey` | The CSRF key. Will be generated automatically if it isn't specified | `""` | +| `core.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | +| `core.command` | Override default container command (useful when using custom images) | `[]` | +| `core.args` | Override default container args (useful when using custom images) | `[]` | +| `core.extraEnvVars` | Array with extra environment variables to add Harbor Core pods | `[]` | +| `core.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Core pods | `""` | +| `core.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Core pods | `""` | +| `core.configOverwriteJson` | String containing a JSON with configuration overrides | `""` | +| `core.configOverwriteJsonSecret` | Secret containing the JSON configuration overrides | `""` | +| `core.containerPorts.http` | Harbor Core HTTP container port | `8080` | +| `core.containerPorts.https` | Harbor Core HTTPS container port | `8443` | +| `core.containerPorts.metrics` | Harbor Core metrics container port | `8001` | +| `core.replicaCount` | Number of Harbor Core replicas | `1` | +| `core.livenessProbe.enabled` | Enable livenessProbe on Harbor Core containers | `true` | +| `core.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `core.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `core.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `core.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `core.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `core.readinessProbe.enabled` | Enable readinessProbe on Harbor Core containers | `true` | +| `core.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `core.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `core.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `core.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `core.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `core.startupProbe.enabled` | Enable startupProbe on Harbor Core containers | `false` | +| `core.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `core.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `core.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `core.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `core.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `core.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `core.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `core.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `core.resources.limits` | The resources limits for the Harbor Core containers | `{}` | +| `core.resources.requests` | The requested resources for the Harbor Core containers | `{}` | +| `core.podSecurityContext.enabled` | Enabled Harbor Core pods' Security Context | `true` | +| `core.podSecurityContext.fsGroup` | Set Harbor Core pod's Security Context fsGroup | `1001` | +| `core.containerSecurityContext.enabled` | Enabled Harbor Core containers' Security Context | `true` | +| `core.containerSecurityContext.runAsUser` | Set Harbor Core containers' Security Context runAsUser | `1001` | +| `core.containerSecurityContext.runAsNonRoot` | Set Harbor Core containers' Security Context runAsNonRoot | `true` | +| `core.updateStrategy.type` | Harbor Core deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `core.lifecycleHooks` | LifecycleHook for the Harbor Core container(s) to automate configuration before or after startup | `{}` | +| `core.hostAliases` | Harbor Core pods host aliases | `[]` | +| `core.podLabels` | Add additional labels to the Harbor Core pods (evaluated as a template) | `{}` | +| `core.podAnnotations` | Annotations to add to the Harbor Core pods (evaluated as a template) | `{}` | +| `core.podAffinityPreset` | Harbor Core Pod affinity preset. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `core.podAntiAffinityPreset` | Harbor Core Pod anti-affinity preset. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `core.nodeAffinityPreset.type` | Harbor Core Node affinity preset type. Ignored if `core.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `core.nodeAffinityPreset.key` | Harbor Core Node label key to match Ignored if `core.affinity` is set. | `""` | +| `core.nodeAffinityPreset.values` | Harbor Core Node label values to match. Ignored if `core.affinity` is set. | `[]` | +| `core.affinity` | Harbor Core Affinity for pod assignment | `{}` | +| `core.nodeSelector` | Harbor Core Node labels for pod assignment | `{}` | +| `core.tolerations` | Harbor Core Tolerations for pod assignment | `[]` | +| `core.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `core.priorityClassName` | Priority Class Name | `""` | +| `core.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `core.sidecars` | Add additional sidecar containers to the Harbor Core pods | `[]` | +| `core.initContainers` | Add additional init containers to the Harbor Core pods | `[]` | +| `core.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Core pods | `[]` | +| `core.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Core pods | `[]` | +| `core.automountServiceAccountToken` | Automount service account token | `false` | +| `core.service.ports.http` | Harbor Core HTTP service port | `80` | +| `core.service.ports.https` | Harbor Core HTTPS service port | `443` | +| `core.service.ports.metrics` | Harbor Core metrics service port | `8001` | ### Harbor Jobservice Parameters -| Name | Description | Value | -| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------ | -| `jobservice.image.registry` | Harbor Jobservice image registry | `docker.io` | -| `jobservice.image.repository` | Harbor Jobservice image repository | `bitnami/harbor-jobservice` | -| `jobservice.image.tag` | Harbor Jobservice image tag (immutable tags are recommended) | `2.9.0-debian-11-r26` | -| `jobservice.image.digest` | Harbor Jobservice image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `jobservice.image.pullPolicy` | Harbor Jobservice image pull policy | `IfNotPresent` | -| `jobservice.image.pullSecrets` | Harbor Jobservice image pull secrets | `[]` | -| `jobservice.image.debug` | Enable Harbor Jobservice image debug mode | `false` | -| `jobservice.maxJobWorkers` | The max job workers | `10` | -| `jobservice.redisNamespace` | Redis namespace for jobservice | `harbor_job_service_namespace` | -| `jobservice.jobLogger` | The logger for jobs: `file`, `database` or `stdout` | `file` | -| `jobservice.secret` | Secret used when the job service communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | `""` | -| `jobservice.existingSecret` | Existing secret for jobservice | `""` | -| `jobservice.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | -| `jobservice.command` | Override default container command (useful when using custom images) | `[]` | -| `jobservice.args` | Override default container args (useful when using custom images) | `[]` | -| `jobservice.extraEnvVars` | Array with extra environment variables to add Harbor Jobservice pods | `[]` | -| `jobservice.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Jobservice pods | `""` | -| `jobservice.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Jobservice pods | `""` | -| `jobservice.containerPorts.http` | Harbor Jobservice HTTP container port | `8080` | -| `jobservice.containerPorts.https` | Harbor Jobservice HTTPS container port | `8443` | -| `jobservice.containerPorts.metrics` | Harbor Jobservice metrics container port | `8001` | -| `jobservice.replicaCount` | Number of Harbor Jobservice replicas | `1` | -| `jobservice.livenessProbe.enabled` | Enable livenessProbe on Harbor Jobservice containers | `true` | -| `jobservice.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `jobservice.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `jobservice.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `jobservice.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `jobservice.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `jobservice.readinessProbe.enabled` | Enable readinessProbe on Harbor Jobservice containers | `true` | -| `jobservice.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `jobservice.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `jobservice.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `jobservice.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `jobservice.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `jobservice.startupProbe.enabled` | Enable startupProbe on Harbor Jobservice containers | `false` | -| `jobservice.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `jobservice.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `jobservice.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `jobservice.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `jobservice.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `jobservice.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `jobservice.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `jobservice.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `jobservice.resources.limits` | The resources limits for the Harbor Jobservice containers | `{}` | -| `jobservice.resources.requests` | The requested resources for the Harbor Jobservice containers | `{}` | -| `jobservice.podSecurityContext.enabled` | Enabled Harbor Jobservice pods' Security Context | `true` | -| `jobservice.podSecurityContext.fsGroup` | Set Harbor Jobservice pod's Security Context fsGroup | `1001` | -| `jobservice.containerSecurityContext.enabled` | Enabled Harbor Jobservice containers' Security Context | `true` | -| `jobservice.containerSecurityContext.runAsUser` | Set Harbor Jobservice containers' Security Context runAsUser | `1001` | -| `jobservice.containerSecurityContext.runAsNonRoot` | Set Harbor Jobservice containers' Security Context runAsNonRoot | `true` | -| `jobservice.updateStrategy.type` | Harbor Jobservice deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `jobservice.lifecycleHooks` | LifecycleHook for the Harbor Jobservice container(s) to automate configuration before or after startup | `{}` | -| `jobservice.hostAliases` | Harbor Jobservice pods host aliases | `[]` | -| `jobservice.podLabels` | Add additional labels to the Harbor Jobservice pods (evaluated as a template) | `{}` | -| `jobservice.podAnnotations` | Annotations to add to the Harbor Jobservice pods (evaluated as a template) | `{}` | -| `jobservice.podAffinityPreset` | Harbor Jobservice Pod affinity preset. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `jobservice.podAntiAffinityPreset` | Harbor Jobservice Pod anti-affinity preset. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `jobservice.nodeAffinityPreset.type` | Harbor Jobservice Node affinity preset type. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `jobservice.nodeAffinityPreset.key` | Harbor Jobservice Node label key to match Ignored if `jobservice.affinity` is set. | `""` | -| `jobservice.nodeAffinityPreset.values` | Harbor Jobservice Node label values to match. Ignored if `jobservice.affinity` is set. | `[]` | -| `jobservice.affinity` | Harbor Jobservice Affinity for pod assignment | `{}` | -| `jobservice.nodeSelector` | Harbor Jobservice Node labels for pod assignment | `{}` | -| `jobservice.tolerations` | Harbor Jobservice Tolerations for pod assignment | `[]` | -| `jobservice.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `jobservice.priorityClassName` | Priority Class Name | `""` | -| `jobservice.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `jobservice.sidecars` | Add additional sidecar containers to the Harbor Jobservice pods | `[]` | -| `jobservice.initContainers` | Add additional init containers to the Harbor Jobservice pods | `[]` | -| `jobservice.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Jobservice pods | `[]` | -| `jobservice.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Jobservice pods | `[]` | -| `jobservice.automountServiceAccountToken` | Automount service account token | `false` | -| `jobservice.service.ports.http` | Harbor Jobservice HTTP service port | `80` | -| `jobservice.service.ports.https` | Harbor Jobservice HTTPS service port | `443` | -| `jobservice.service.ports.metrics` | Harbor Jobservice HTTPS service port | `8001` | +| Name | Description | Value | +| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------- | +| `jobservice.image.registry` | Harbor Jobservice image registry | `REGISTRY_NAME` | +| `jobservice.image.repository` | Harbor Jobservice image repository | `REPOSITORY_NAME/harbor-jobservice` | +| `jobservice.image.tag` | Harbor Jobservice image tag (immutable tags are recommended) | `2.9.0-debian-11-r26` | +| `jobservice.image.digest` | Harbor Jobservice image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `jobservice.image.pullPolicy` | Harbor Jobservice image pull policy | `IfNotPresent` | +| `jobservice.image.pullSecrets` | Harbor Jobservice image pull secrets | `[]` | +| `jobservice.image.debug` | Enable Harbor Jobservice image debug mode | `false` | +| `jobservice.maxJobWorkers` | The max job workers | `10` | +| `jobservice.redisNamespace` | Redis namespace for jobservice | `harbor_job_service_namespace` | +| `jobservice.jobLogger` | The logger for jobs: `file`, `database` or `stdout` | `file` | +| `jobservice.secret` | Secret used when the job service communicates with other components. If a secret key is not specified, Helm will generate one. Must be a string of 16 chars. | `""` | +| `jobservice.existingSecret` | Existing secret for jobservice | `""` | +| `jobservice.tls.existingSecret` | Name of an existing secret with the certificates for internal TLS access | `""` | +| `jobservice.command` | Override default container command (useful when using custom images) | `[]` | +| `jobservice.args` | Override default container args (useful when using custom images) | `[]` | +| `jobservice.extraEnvVars` | Array with extra environment variables to add Harbor Jobservice pods | `[]` | +| `jobservice.extraEnvVarsCM` | ConfigMap containing extra environment variables for Harbor Jobservice pods | `""` | +| `jobservice.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Harbor Jobservice pods | `""` | +| `jobservice.containerPorts.http` | Harbor Jobservice HTTP container port | `8080` | +| `jobservice.containerPorts.https` | Harbor Jobservice HTTPS container port | `8443` | +| `jobservice.containerPorts.metrics` | Harbor Jobservice metrics container port | `8001` | +| `jobservice.replicaCount` | Number of Harbor Jobservice replicas | `1` | +| `jobservice.livenessProbe.enabled` | Enable livenessProbe on Harbor Jobservice containers | `true` | +| `jobservice.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `jobservice.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `jobservice.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `jobservice.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `jobservice.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `jobservice.readinessProbe.enabled` | Enable readinessProbe on Harbor Jobservice containers | `true` | +| `jobservice.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `jobservice.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `jobservice.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `jobservice.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `jobservice.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `jobservice.startupProbe.enabled` | Enable startupProbe on Harbor Jobservice containers | `false` | +| `jobservice.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `jobservice.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `jobservice.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `jobservice.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `jobservice.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `jobservice.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `jobservice.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `jobservice.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `jobservice.resources.limits` | The resources limits for the Harbor Jobservice containers | `{}` | +| `jobservice.resources.requests` | The requested resources for the Harbor Jobservice containers | `{}` | +| `jobservice.podSecurityContext.enabled` | Enabled Harbor Jobservice pods' Security Context | `true` | +| `jobservice.podSecurityContext.fsGroup` | Set Harbor Jobservice pod's Security Context fsGroup | `1001` | +| `jobservice.containerSecurityContext.enabled` | Enabled Harbor Jobservice containers' Security Context | `true` | +| `jobservice.containerSecurityContext.runAsUser` | Set Harbor Jobservice containers' Security Context runAsUser | `1001` | +| `jobservice.containerSecurityContext.runAsNonRoot` | Set Harbor Jobservice containers' Security Context runAsNonRoot | `true` | +| `jobservice.updateStrategy.type` | Harbor Jobservice deployment strategy type - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `jobservice.lifecycleHooks` | LifecycleHook for the Harbor Jobservice container(s) to automate configuration before or after startup | `{}` | +| `jobservice.hostAliases` | Harbor Jobservice pods host aliases | `[]` | +| `jobservice.podLabels` | Add additional labels to the Harbor Jobservice pods (evaluated as a template) | `{}` | +| `jobservice.podAnnotations` | Annotations to add to the Harbor Jobservice pods (evaluated as a template) | `{}` | +| `jobservice.podAffinityPreset` | Harbor Jobservice Pod affinity preset. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `jobservice.podAntiAffinityPreset` | Harbor Jobservice Pod anti-affinity preset. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `jobservice.nodeAffinityPreset.type` | Harbor Jobservice Node affinity preset type. Ignored if `jobservice.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `jobservice.nodeAffinityPreset.key` | Harbor Jobservice Node label key to match Ignored if `jobservice.affinity` is set. | `""` | +| `jobservice.nodeAffinityPreset.values` | Harbor Jobservice Node label values to match. Ignored if `jobservice.affinity` is set. | `[]` | +| `jobservice.affinity` | Harbor Jobservice Affinity for pod assignment | `{}` | +| `jobservice.nodeSelector` | Harbor Jobservice Node labels for pod assignment | `{}` | +| `jobservice.tolerations` | Harbor Jobservice Tolerations for pod assignment | `[]` | +| `jobservice.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `jobservice.priorityClassName` | Priority Class Name | `""` | +| `jobservice.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `jobservice.sidecars` | Add additional sidecar containers to the Harbor Jobservice pods | `[]` | +| `jobservice.initContainers` | Add additional init containers to the Harbor Jobservice pods | `[]` | +| `jobservice.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Harbor Jobservice pods | `[]` | +| `jobservice.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Jobservice pods | `[]` | +| `jobservice.automountServiceAccountToken` | Automount service account token | `false` | +| `jobservice.service.ports.http` | Harbor Jobservice HTTP service port | `80` | +| `jobservice.service.ports.https` | Harbor Jobservice HTTPS service port | `443` | +| `jobservice.service.ports.metrics` | Harbor Jobservice HTTPS service port | `8001` | ### Harbor Registry Parameters @@ -609,8 +613,8 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua | `registry.initContainers` | Add additional init containers to the Harbor Registry pods | `[]` | | `registry.extraVolumes` | Optionally specify extra list of additional volumes for the Harbor Registry pods | `[]` | | `registry.automountServiceAccountToken` | Automount service account token | `false` | -| `registry.server.image.registry` | Harbor Registry image registry | `docker.io` | -| `registry.server.image.repository` | Harbor Registry image repository | `bitnami/harbor-registry` | +| `registry.server.image.registry` | Harbor Registry image registry | `REGISTRY_NAME` | +| `registry.server.image.repository` | Harbor Registry image repository | `REPOSITORY_NAME/harbor-registry` | | `registry.server.image.tag` | Harbor Registry image tag (immutable tags are recommended) | `2.9.0-debian-11-r36` | | `registry.server.image.digest` | Harbor Registry image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `registry.server.image.pullPolicy` | Harbor Registry image pull policy | `IfNotPresent` | @@ -656,8 +660,8 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua | `registry.server.service.ports.http` | Harbor Registry HTTP service port | `5000` | | `registry.server.service.ports.https` | Harbor Registry HTTPS service port | `5443` | | `registry.server.service.ports.metrics` | Harbor Registry metrics service port | `8001` | -| `registry.controller.image.registry` | Harbor Registryctl image registry | `docker.io` | -| `registry.controller.image.repository` | Harbor Registryctl image repository | `bitnami/harbor-registryctl` | +| `registry.controller.image.registry` | Harbor Registryctl image registry | `REGISTRY_NAME` | +| `registry.controller.image.repository` | Harbor Registryctl image repository | `REPOSITORY_NAME/harbor-registryctl` | | `registry.controller.image.tag` | Harbor Registryctl image tag (immutable tags are recommended) | `2.9.0-debian-11-r24` | | `registry.controller.image.digest` | Harbor Registryctl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `registry.controller.image.pullPolicy` | Harbor Registryctl image pull policy | `IfNotPresent` | @@ -705,8 +709,8 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua | Name | Description | Value | | --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------------------------- | -| `trivy.image.registry` | Harbor Adapter Trivy image registry | `docker.io` | -| `trivy.image.repository` | Harbor Adapter Trivy image repository | `bitnami/harbor-adapter-trivy` | +| `trivy.image.registry` | Harbor Adapter Trivy image registry | `REGISTRY_NAME` | +| `trivy.image.repository` | Harbor Adapter Trivy image repository | `REPOSITORY_NAME/harbor-adapter-trivy` | | `trivy.image.tag` | Harbor Adapter Trivy image tag (immutable tags are recommended) | `2.9.0-debian-11-r27` | | `trivy.image.digest` | Harbor Adapter Trivy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `trivy.image.pullPolicy` | Harbor Adapter Trivy image pull policy | `IfNotPresent` | @@ -784,73 +788,73 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua ### Harbor Exporter Parameters -| Name | Description | Value | -| ------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `exporter.image.registry` | Harbor Exporter image registry | `docker.io` | -| `exporter.image.repository` | Harbor Exporter image repository | `bitnami/harbor-exporter` | -| `exporter.image.tag` | Harbor Exporter image tag | `2.9.0-debian-11-r24` | -| `exporter.image.digest` | Harbor Exporter image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `exporter.image.pullPolicy` | Harbor exporter image pull policy | `IfNotPresent` | -| `exporter.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `exporter.image.debug` | Specify if debug logs should be enabled | `false` | -| `exporter.command` | Override default container command (useful when using custom images) | `[]` | -| `exporter.args` | Override default container args (useful when using custom images) | `[]` | -| `exporter.extraEnvVars` | Array containing extra env vars | `[]` | -| `exporter.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `exporter.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `exporter.containerPorts.metrics` | Harbor Exporter HTTP container port | `8001` | -| `exporter.replicaCount` | The replica count | `1` | -| `exporter.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `exporter.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `exporter.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `exporter.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `exporter.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `exporter.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `exporter.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `exporter.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `exporter.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `exporter.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `exporter.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `exporter.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `exporter.startupProbe.enabled` | Enable startupProbe on Harbor Exporter containers | `false` | -| `exporter.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `exporter.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `exporter.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `exporter.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `exporter.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `exporter.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `exporter.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `exporter.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `exporter.resources.limits` | The resources limits for the Harbor Exporter containers | `{}` | -| `exporter.resources.requests` | The requested resources for the Harbor Exporter containers | `{}` | -| `exporter.podSecurityContext.enabled` | Enabled Exporter pods' Security Context | `true` | -| `exporter.podSecurityContext.fsGroup` | Set Exporter pod's Security Context fsGroup | `1001` | -| `exporter.containerSecurityContext.enabled` | Enabled Exporter containers' Security Context | `true` | -| `exporter.containerSecurityContext.runAsUser` | Set Exporter containers' Security Context runAsUser | `1001` | -| `exporter.containerSecurityContext.runAsNonRoot` | Set Exporter containers' Security Context runAsNonRoot | `true` | -| `exporter.updateStrategy.type` | The update strategy for deployments with persistent volumes: RollingUpdate or Recreate. Set it as Recreate when RWM for volumes isn't supported | `RollingUpdate` | -| `exporter.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | -| `exporter.hostAliases` | Exporter pods host aliases | `[]` | -| `exporter.podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | -| `exporter.podAnnotations` | Annotations to add to the exporter pod | `{}` | -| `exporter.podAffinityPreset` | Harbor Exporter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `exporter.podAntiAffinityPreset` | Harbor Exporter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `exporter.nodeAffinityPreset.type` | Harbor Exporter Node affinity preset type. Ignored if `exporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `exporter.nodeAffinityPreset.key` | Harbor Exporter Node label key to match Ignored if `exporter.affinity` is set. | `""` | -| `exporter.nodeAffinityPreset.values` | Harbor Exporter Node label values to match. Ignored if `exporter.affinity` is set. | `[]` | -| `exporter.affinity` | Harbor Exporter Affinity for pod assignment | `{}` | -| `exporter.priorityClassName` | Exporter pods Priority Class Name | `""` | -| `exporter.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `exporter.serviceAccountName` | Name of the serviceAccountName for Harbor Exporter pods | `""` | -| `exporter.nodeSelector` | Harbor Exporter Node labels for pod assignment | `{}` | -| `exporter.tolerations` | Harbor Exporter Tolerations for pod assignment | `[]` | -| `exporter.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `exporter.initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `exporter.extraVolumeMounts` | | `[]` | -| `exporter.extraVolumes` | | `[]` | -| `exporter.sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `exporter.automountServiceAccountToken` | Automount service account token | `false` | -| `exporter.service.ports.metrics` | Exporter HTTP service port | `8001` | +| Name | Description | Value | +| ------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `exporter.image.registry` | Harbor Exporter image registry | `REGISTRY_NAME` | +| `exporter.image.repository` | Harbor Exporter image repository | `REPOSITORY_NAME/harbor-exporter` | +| `exporter.image.tag` | Harbor Exporter image tag | `2.9.0-debian-11-r24` | +| `exporter.image.digest` | Harbor Exporter image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `exporter.image.pullPolicy` | Harbor exporter image pull policy | `IfNotPresent` | +| `exporter.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `exporter.image.debug` | Specify if debug logs should be enabled | `false` | +| `exporter.command` | Override default container command (useful when using custom images) | `[]` | +| `exporter.args` | Override default container args (useful when using custom images) | `[]` | +| `exporter.extraEnvVars` | Array containing extra env vars | `[]` | +| `exporter.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `exporter.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `exporter.containerPorts.metrics` | Harbor Exporter HTTP container port | `8001` | +| `exporter.replicaCount` | The replica count | `1` | +| `exporter.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `exporter.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `exporter.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `exporter.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `exporter.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `exporter.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `exporter.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `exporter.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `exporter.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `exporter.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `exporter.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `exporter.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `exporter.startupProbe.enabled` | Enable startupProbe on Harbor Exporter containers | `false` | +| `exporter.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `exporter.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `exporter.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `exporter.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `exporter.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `exporter.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `exporter.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `exporter.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `exporter.resources.limits` | The resources limits for the Harbor Exporter containers | `{}` | +| `exporter.resources.requests` | The requested resources for the Harbor Exporter containers | `{}` | +| `exporter.podSecurityContext.enabled` | Enabled Exporter pods' Security Context | `true` | +| `exporter.podSecurityContext.fsGroup` | Set Exporter pod's Security Context fsGroup | `1001` | +| `exporter.containerSecurityContext.enabled` | Enabled Exporter containers' Security Context | `true` | +| `exporter.containerSecurityContext.runAsUser` | Set Exporter containers' Security Context runAsUser | `1001` | +| `exporter.containerSecurityContext.runAsNonRoot` | Set Exporter containers' Security Context runAsNonRoot | `true` | +| `exporter.updateStrategy.type` | The update strategy for deployments with persistent volumes: RollingUpdate or Recreate. Set it as Recreate when RWM for volumes isn't supported | `RollingUpdate` | +| `exporter.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | +| `exporter.hostAliases` | Exporter pods host aliases | `[]` | +| `exporter.podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| `exporter.podAnnotations` | Annotations to add to the exporter pod | `{}` | +| `exporter.podAffinityPreset` | Harbor Exporter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `exporter.podAntiAffinityPreset` | Harbor Exporter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `exporter.nodeAffinityPreset.type` | Harbor Exporter Node affinity preset type. Ignored if `exporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `exporter.nodeAffinityPreset.key` | Harbor Exporter Node label key to match Ignored if `exporter.affinity` is set. | `""` | +| `exporter.nodeAffinityPreset.values` | Harbor Exporter Node label values to match. Ignored if `exporter.affinity` is set. | `[]` | +| `exporter.affinity` | Harbor Exporter Affinity for pod assignment | `{}` | +| `exporter.priorityClassName` | Exporter pods Priority Class Name | `""` | +| `exporter.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `exporter.serviceAccountName` | Name of the serviceAccountName for Harbor Exporter pods | `""` | +| `exporter.nodeSelector` | Harbor Exporter Node labels for pod assignment | `{}` | +| `exporter.tolerations` | Harbor Exporter Tolerations for pod assignment | `[]` | +| `exporter.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `exporter.initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `exporter.extraVolumeMounts` | | `[]` | +| `exporter.extraVolumes` | | `[]` | +| `exporter.sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `exporter.automountServiceAccountToken` | Automount service account token | `false` | +| `exporter.service.ports.metrics` | Exporter HTTP service port | `8001` | ### PostgreSQL Parameters @@ -864,8 +868,8 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua | `postgresql.primary.extendedConfiguration` | Extended PostgreSQL Primary configuration (appended to main or default configuration) | `max_connections = 1024 ` | | `postgresql.primary.initdb.scripts` | Initdb scripts to create Harbor databases | `{}` | -| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | -| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/postgresql` | +| `postgresql.image.registry` | PostgreSQL image registry | `REGISTRY_NAME` | +| `postgresql.image.repository` | PostgreSQL image repository | `REPOSITORY_NAME/postgresql` | | `postgresql.image.tag` | PostgreSQL image tag (immutable tags are recommended) | `13.12.0-debian-11-r57` | | `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `externalDatabase.host` | Database host | `localhost` | @@ -920,9 +924,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set adminPassword=password \ - oci://registry-1.docker.io/bitnamicharts/harbor + oci://REGISTRY_NAME/REPOSITORY_NAME/harbor ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Harbor administrator account password to `password`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -930,9 +936,11 @@ The above command sets the Harbor administrator account password to `password`. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/harbor +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/harbor ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Configuration and installation details ### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) diff --git a/bitnami/harbor/values.yaml b/bitnami/harbor/values.yaml index 196b511ab9c61d..04761731aa3420 100644 --- a/bitnami/harbor/values.yaml +++ b/bitnami/harbor/values.yaml @@ -605,8 +605,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -650,8 +650,8 @@ volumePermissions: nginx: ## Bitnami NGINX image ## ref: https://hub.docker.com/r/bitnami/nginx/tags/ - ## @param nginx.image.registry NGINX image registry - ## @param nginx.image.repository NGINX image repository + ## @param nginx.image.registry [default: REGISTRY_NAME] NGINX image registry + ## @param nginx.image.repository [default: REPOSITORY_NAME/nginx] NGINX image repository ## @param nginx.image.tag NGINX image tag (immutable tags are recommended) ## @param nginx.image.digest NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param nginx.image.pullPolicy NGINX image pull policy @@ -913,8 +913,8 @@ nginx: portal: ## Bitnami Harbor Portal image ## ref: https://hub.docker.com/r/bitnami/harbor-portal/tags/ - ## @param portal.image.registry Harbor Portal image registry - ## @param portal.image.repository Harbor Portal image repository + ## @param portal.image.registry [default: REGISTRY_NAME] Harbor Portal image registry + ## @param portal.image.repository [default: REPOSITORY_NAME/harbor-portal] Harbor Portal image repository ## @param portal.image.tag Harbor Portal image tag (immutable tags are recommended) ## @param portal.image.digest Harbor Portal image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param portal.image.pullPolicy Harbor Portal image pull policy @@ -1173,8 +1173,8 @@ portal: core: ## Bitnami Harbor Core image ## ref: https://hub.docker.com/r/bitnami/harbor-core/tags/ - ## @param core.image.registry Harbor Core image registry - ## @param core.image.repository Harbor Core image repository + ## @param core.image.registry [default: REGISTRY_NAME] Harbor Core image registry + ## @param core.image.repository [default: REPOSITORY_NAME/harbor-core] Harbor Core image repository ## @param core.image.tag Harbor Core image tag (immutable tags are recommended) ## @param core.image.digest Harbor Core image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param core.image.pullPolicy Harbor Core image pull policy @@ -1494,8 +1494,8 @@ core: jobservice: ## Bitnami Harbor Jobservice image ## ref: https://hub.docker.com/r/bitnami/harbor-jobservice/tags/ - ## @param jobservice.image.registry Harbor Jobservice image registry - ## @param jobservice.image.repository Harbor Jobservice image repository + ## @param jobservice.image.registry [default: REGISTRY_NAME] Harbor Jobservice image registry + ## @param jobservice.image.repository [default: REPOSITORY_NAME/harbor-jobservice] Harbor Jobservice image repository ## @param jobservice.image.tag Harbor Jobservice image tag (immutable tags are recommended) ## @param jobservice.image.digest Harbor Jobservice image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param jobservice.image.pullPolicy Harbor Jobservice image pull policy @@ -1949,8 +1949,8 @@ registry: server: ## Bitnami Harbor Registry image ## ref: https://hub.docker.com/r/bitnami/harbor-registry/tags/ - ## @param registry.server.image.registry Harbor Registry image registry - ## @param registry.server.image.repository Harbor Registry image repository + ## @param registry.server.image.registry [default: REGISTRY_NAME] Harbor Registry image registry + ## @param registry.server.image.repository [default: REPOSITORY_NAME/harbor-registry] Harbor Registry image repository ## @param registry.server.image.tag Harbor Registry image tag (immutable tags are recommended) ## @param registry.server.image.digest Harbor Registry image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param registry.server.image.pullPolicy Harbor Registry image pull policy @@ -2096,8 +2096,8 @@ registry: controller: ## Bitnami Harbor Registryctl image ## ref: https://hub.docker.com/r/bitnami/harbor-registryctl/tags/ - ## @param registry.controller.image.registry Harbor Registryctl image registry - ## @param registry.controller.image.repository Harbor Registryctl image repository + ## @param registry.controller.image.registry [default: REGISTRY_NAME] Harbor Registryctl image registry + ## @param registry.controller.image.repository [default: REPOSITORY_NAME/harbor-registryctl] Harbor Registryctl image repository ## @param registry.controller.image.tag Harbor Registryctl image tag (immutable tags are recommended) ## @param registry.controller.image.digest Harbor Registryctl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param registry.controller.image.pullPolicy Harbor Registryctl image pull policy @@ -2239,8 +2239,8 @@ registry: trivy: ## Bitnami Harbor Adapter Trivy image ## ref: https://hub.docker.com/r/bitnami/harbor-adapter-trivy/tags/ - ## @param trivy.image.registry Harbor Adapter Trivy image registry - ## @param trivy.image.repository Harbor Adapter Trivy image repository + ## @param trivy.image.registry [default: REGISTRY_NAME] Harbor Adapter Trivy image registry + ## @param trivy.image.repository [default: REPOSITORY_NAME/harbor-adapter-trivy] Harbor Adapter Trivy image repository ## @param trivy.image.tag Harbor Adapter Trivy image tag (immutable tags are recommended) ## @param trivy.image.digest Harbor Adapter Trivy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param trivy.image.pullPolicy Harbor Adapter Trivy image pull policy @@ -2547,8 +2547,8 @@ trivy: exporter: ## Bitnami Harbor Exporter image ## ref: https://hub.docker.com/r/bitnami/harbor-exporter/tags/ - ## @param exporter.image.registry Harbor Exporter image registry - ## @param exporter.image.repository Harbor Exporter image repository + ## @param exporter.image.registry [default: REGISTRY_NAME] Harbor Exporter image registry + ## @param exporter.image.repository [default: REPOSITORY_NAME/harbor-exporter] Harbor Exporter image repository ## @param exporter.image.tag Harbor Exporter image tag ## @param exporter.image.digest Harbor Exporter image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param exporter.image.pullPolicy Harbor exporter image pull policy @@ -2799,8 +2799,8 @@ postgresql: enabled: true ## Override PostgreSQL default image as 14.x is not supported https://goharbor.io/docs/2.4.0/install-config/ ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql - ## @param postgresql.image.registry PostgreSQL image registry - ## @param postgresql.image.repository PostgreSQL image repository + ## @param postgresql.image.registry [default: REGISTRY_NAME] PostgreSQL image registry + ## @param postgresql.image.repository [default: REPOSITORY_NAME/postgresql] PostgreSQL image repository ## @param postgresql.image.tag PostgreSQL image tag (immutable tags are recommended) ## @param postgresql.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/influxdb/README.md b/bitnami/influxdb/README.md index 59645b34b94e75..7f216a6bd97358 100644 --- a/bitnami/influxdb/README.md +++ b/bitnami/influxdb/README.md @@ -11,9 +11,11 @@ InfluxDB(TM) is a trademark owned by InfluxData, which is not affiliated with, a ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/influxdb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [influxdb](https://github.com/bitnami/containers/tree/main/bitnami/influxdb) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use InfluxDB## Prerequisitestrade; in production? Try [VMware Applica To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/influxdb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy influxdb on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,110 +82,110 @@ The command removes all the Kubernetes components associated with the chart and ### InfluxDB™ parameters -| Name | Description | Value | -| ------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | InfluxDB™ image registry | `docker.io` | -| `image.repository` | InfluxDB™ image repository | `bitnami/influxdb` | -| `image.tag` | InfluxDB™ image tag (immutable tags are recommended) | `2.7.3-debian-11-r0` | -| `image.digest` | InfluxDB™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | InfluxDB™ image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `auth.enabled` | Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) | `true` | -| `auth.usePasswordFiles` | Whether to use files to provide secrets instead of env vars. | `false` | -| `auth.admin.username` | InfluxDB™ admin user name | `admin` | -| `auth.admin.password` | InfluxDB™ admin user's password | `""` | -| `auth.admin.token` | InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 | `""` | -| `auth.admin.org` | InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 | `primary` | -| `auth.admin.bucket` | InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 | `primary` | -| `auth.admin.retention` | InfluxDB™ admin user's bucket retention. Only valid with InfluxDB™ v2 | `""` | -| `auth.createUserToken` | Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) | `false` | -| `auth.user.username` | Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` | `""` | -| `auth.user.password` | InfluxDB™ password for `user.name` user | `""` | -| `auth.user.org` | Org to be created on first run | `""` | -| `auth.user.bucket` | Bucket to be created on first run | `""` | -| `auth.readUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | -| `auth.readUser.password` | InfluxDB™ password for `auth.readUser.username` user | `""` | -| `auth.writeUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | -| `auth.writeUser.password` | InfluxDB™ password for `auth.writeUser.username` user | `""` | -| `auth.existingSecret` | Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) | `""` | -| `influxdb.configuration` | Specify content for influxdb.conf | `""` | -| `influxdb.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). | `""` | -| `influxdb.initdbScripts` | Dictionary of initdb scripts | `{}` | -| `influxdb.initdbScriptsCM` | Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). | `""` | -| `influxdb.initdbScriptsSecret` | Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) | `""` | -| `influxdb.podAffinityPreset` | InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `influxdb.podAntiAffinityPreset` | InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `influxdb.nodeAffinityPreset.type` | InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `influxdb.nodeAffinityPreset.key` | InfluxDB™ Node label key to match Ignored if `affinity` is set. | `""` | -| `influxdb.nodeAffinityPreset.values` | InfluxDB™ Node label values to match. Ignored if `affinity` is set. | `[]` | -| `influxdb.affinity` | InfluxDB™ Affinity for pod assignment | `{}` | -| `influxdb.nodeSelector` | InfluxDB™ Node labels for pod assignment | `{}` | -| `influxdb.tolerations` | InfluxDB™ Tolerations for pod assignment | `[]` | -| `influxdb.podAnnotations` | Annotations for InfluxDB™ pods | `{}` | -| `influxdb.podLabels` | Extra labels for InfluxDB™ pods | `{}` | -| `influxdb.hostAliases` | InfluxDB™ pods host aliases | `[]` | -| `influxdb.updateStrategy.type` | InfluxDB™ statefulset/deployment strategy type | `RollingUpdate` | -| `influxdb.priorityClassName` | InfluxDB™ pods' priorityClassName | `""` | -| `influxdb.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `influxdb.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `influxdb.podManagementPolicy` | podManagementPolicy to manage scaling operation of InfluxDB™ pods | `OrderedReady` | -| `influxdb.podSecurityContext.enabled` | Enabled InfluxDB™ pods' Security Context | `true` | -| `influxdb.podSecurityContext.fsGroup` | Set InfluxDB™ pod's Security Context fsGroup | `1001` | -| `influxdb.containerSecurityContext.enabled` | Enabled InfluxDB™ containers' Security Context | `true` | -| `influxdb.containerSecurityContext.runAsUser` | Set InfluxDB™ containers' Security Context runAsUser | `1001` | -| `influxdb.containerSecurityContext.runAsGroup` | Set InfluxDB™ containers' Security Context runAsGroup | `0` | -| `influxdb.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `influxdb.containerSecurityContext.allowPrivilegeEscalation` | Set Controller container's Security Context allowPrivilegeEscalation | `false` | -| `influxdb.containerSecurityContext.seccompProfile.type` | Set Controller container's Security Context seccompProfile | `RuntimeDefault` | -| `influxdb.containerSecurityContext.capabilities.drop` | Set Controller container's Security Context capabilities to drop | `["ALL"]` | -| `influxdb.resources.limits` | The resources limits for the container | `{}` | -| `influxdb.resources.requests` | The requested resources for the container | `{}` | -| `influxdb.command` | Override default container command (useful when using custom images) | `[]` | -| `influxdb.args` | Override default container args (useful when using custom images) | `[]` | -| `influxdb.lifecycleHooks` | for the InfluxDB™ container(s) to automate configuration before or after startup | `{}` | -| `influxdb.extraEnvVars` | Array containing extra env vars to configure InfluxDB™ | `[]` | -| `influxdb.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for InfluxDB™ nodes | `""` | -| `influxdb.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for InfluxDB™ nodes | `""` | -| `influxdb.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | -| `influxdb.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | -| `influxdb.containerPorts.http` | InfluxDB™ container HTTP port | `8086` | -| `influxdb.containerPorts.rpc` | InfluxDB™ container RPC port | `8088` | -| `influxdb.startupProbe.enabled` | Enable startupProbe | `false` | -| `influxdb.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `180` | -| `influxdb.startupProbe.periodSeconds` | Period seconds for startupProbe | `45` | -| `influxdb.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `30` | -| `influxdb.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `influxdb.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `influxdb.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `influxdb.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `influxdb.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `45` | -| `influxdb.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | -| `influxdb.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `influxdb.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `influxdb.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `influxdb.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | -| `influxdb.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `45` | -| `influxdb.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | -| `influxdb.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `influxdb.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `influxdb.customStartupProbe` | Override default startup probe | `{}` | -| `influxdb.customLivenessProbe` | Override default liveness probe | `{}` | -| `influxdb.customReadinessProbe` | Override default readiness probe | `{}` | -| `influxdb.sidecars` | Add additional sidecar containers to the InfluxDB™ pod(s) | `[]` | -| `influxdb.initContainers` | Add additional init containers to the InfluxDB™ pod(s) | `[]` | -| `influxdb.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `influxdb.service.ports.http` | InfluxDB™ HTTP port | `8086` | -| `influxdb.service.ports.rpc` | InfluxDB™ RPC port | `8088` | -| `influxdb.service.nodePorts` | Specify the nodePort(s) value for the LoadBalancer and NodePort service types. | `{}` | -| `influxdb.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `influxdb.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `influxdb.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `influxdb.service.externalTrafficPolicy` | InfluxDB™ service external traffic policy | `Cluster` | -| `influxdb.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `influxdb.service.annotations` | Annotations for InfluxDB™ service | `{}` | -| `influxdb.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `influxdb.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| ------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | InfluxDB™ image registry | `REGISTRY_NAME` | +| `image.repository` | InfluxDB™ image repository | `REPOSITORY_NAME/influxdb` | +| `image.tag` | InfluxDB™ image tag (immutable tags are recommended) | `2.7.3-debian-11-r0` | +| `image.digest` | InfluxDB™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | InfluxDB™ image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `auth.enabled` | Enable/disable authentication (Variable to keep compatibility with InfluxDB™ v1, in v2 it will be ignored) | `true` | +| `auth.usePasswordFiles` | Whether to use files to provide secrets instead of env vars. | `false` | +| `auth.admin.username` | InfluxDB™ admin user name | `admin` | +| `auth.admin.password` | InfluxDB™ admin user's password | `""` | +| `auth.admin.token` | InfluxDB™ admin user's token. Only valid with InfluxDB™ v2 | `""` | +| `auth.admin.org` | InfluxDB™ admin user's org. Only valid with InfluxDB™ v2 | `primary` | +| `auth.admin.bucket` | InfluxDB™ admin user's bucket. Only valid with InfluxDB™ v2 | `primary` | +| `auth.admin.retention` | InfluxDB™ admin user's bucket retention. Only valid with InfluxDB™ v2 | `""` | +| `auth.createUserToken` | Whether to create tokens for the different users. Take into account these tokens are going to be created by CLI randomly and they will not be accessible from a secret. See more influxdb 2.0 [auth ref](https://docs.influxdata.com/influxdb/v2.0/security/tokens/) | `false` | +| `auth.user.username` | Name for InfluxDB™ user with 'admin' privileges on the bucket specified at `auth.user.bucket` and `auth.user.org` or `auth.admin.org` | `""` | +| `auth.user.password` | InfluxDB™ password for `user.name` user | `""` | +| `auth.user.org` | Org to be created on first run | `""` | +| `auth.user.bucket` | Bucket to be created on first run | `""` | +| `auth.readUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | +| `auth.readUser.password` | InfluxDB™ password for `auth.readUser.username` user | `""` | +| `auth.writeUser.username` | Name for InfluxDB™ user with 'read' privileges on the bucket specified at `auth.user.bucket` | `""` | +| `auth.writeUser.password` | InfluxDB™ password for `auth.writeUser.username` user | `""` | +| `auth.existingSecret` | Name of existing Secret object with InfluxDB™ credentials (`auth.admin.password`, `auth.user.password`, `auth.readUser.password`, and `auth.writeUser.password` will be ignored and picked up from this secret) | `""` | +| `influxdb.configuration` | Specify content for influxdb.conf | `""` | +| `influxdb.existingConfiguration` | Name of existing ConfigMap object with the InfluxDB™ configuration (`influxdb.configuration` will be ignored). | `""` | +| `influxdb.initdbScripts` | Dictionary of initdb scripts | `{}` | +| `influxdb.initdbScriptsCM` | Name of existing ConfigMap object with the initdb scripts (`influxdb.initdbScripts` will be ignored). | `""` | +| `influxdb.initdbScriptsSecret` | Secret with initdb scripts that contain sensitive information (Note: can be used with `initdbScriptsConfigMap` or `initdbScripts`) | `""` | +| `influxdb.podAffinityPreset` | InfluxDB™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `influxdb.podAntiAffinityPreset` | InfluxDB™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `influxdb.nodeAffinityPreset.type` | InfluxDB™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `influxdb.nodeAffinityPreset.key` | InfluxDB™ Node label key to match Ignored if `affinity` is set. | `""` | +| `influxdb.nodeAffinityPreset.values` | InfluxDB™ Node label values to match. Ignored if `affinity` is set. | `[]` | +| `influxdb.affinity` | InfluxDB™ Affinity for pod assignment | `{}` | +| `influxdb.nodeSelector` | InfluxDB™ Node labels for pod assignment | `{}` | +| `influxdb.tolerations` | InfluxDB™ Tolerations for pod assignment | `[]` | +| `influxdb.podAnnotations` | Annotations for InfluxDB™ pods | `{}` | +| `influxdb.podLabels` | Extra labels for InfluxDB™ pods | `{}` | +| `influxdb.hostAliases` | InfluxDB™ pods host aliases | `[]` | +| `influxdb.updateStrategy.type` | InfluxDB™ statefulset/deployment strategy type | `RollingUpdate` | +| `influxdb.priorityClassName` | InfluxDB™ pods' priorityClassName | `""` | +| `influxdb.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `influxdb.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `influxdb.podManagementPolicy` | podManagementPolicy to manage scaling operation of InfluxDB™ pods | `OrderedReady` | +| `influxdb.podSecurityContext.enabled` | Enabled InfluxDB™ pods' Security Context | `true` | +| `influxdb.podSecurityContext.fsGroup` | Set InfluxDB™ pod's Security Context fsGroup | `1001` | +| `influxdb.containerSecurityContext.enabled` | Enabled InfluxDB™ containers' Security Context | `true` | +| `influxdb.containerSecurityContext.runAsUser` | Set InfluxDB™ containers' Security Context runAsUser | `1001` | +| `influxdb.containerSecurityContext.runAsGroup` | Set InfluxDB™ containers' Security Context runAsGroup | `0` | +| `influxdb.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `influxdb.containerSecurityContext.allowPrivilegeEscalation` | Set Controller container's Security Context allowPrivilegeEscalation | `false` | +| `influxdb.containerSecurityContext.seccompProfile.type` | Set Controller container's Security Context seccompProfile | `RuntimeDefault` | +| `influxdb.containerSecurityContext.capabilities.drop` | Set Controller container's Security Context capabilities to drop | `["ALL"]` | +| `influxdb.resources.limits` | The resources limits for the container | `{}` | +| `influxdb.resources.requests` | The requested resources for the container | `{}` | +| `influxdb.command` | Override default container command (useful when using custom images) | `[]` | +| `influxdb.args` | Override default container args (useful when using custom images) | `[]` | +| `influxdb.lifecycleHooks` | for the InfluxDB™ container(s) to automate configuration before or after startup | `{}` | +| `influxdb.extraEnvVars` | Array containing extra env vars to configure InfluxDB™ | `[]` | +| `influxdb.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for InfluxDB™ nodes | `""` | +| `influxdb.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for InfluxDB™ nodes | `""` | +| `influxdb.extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting extraVolumeMounts | `[]` | +| `influxdb.extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with extraVolumes. | `[]` | +| `influxdb.containerPorts.http` | InfluxDB™ container HTTP port | `8086` | +| `influxdb.containerPorts.rpc` | InfluxDB™ container RPC port | `8088` | +| `influxdb.startupProbe.enabled` | Enable startupProbe | `false` | +| `influxdb.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `180` | +| `influxdb.startupProbe.periodSeconds` | Period seconds for startupProbe | `45` | +| `influxdb.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `30` | +| `influxdb.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `influxdb.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `influxdb.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `influxdb.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `influxdb.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `45` | +| `influxdb.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `30` | +| `influxdb.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `influxdb.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `influxdb.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `influxdb.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | +| `influxdb.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `45` | +| `influxdb.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `30` | +| `influxdb.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `influxdb.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `influxdb.customStartupProbe` | Override default startup probe | `{}` | +| `influxdb.customLivenessProbe` | Override default liveness probe | `{}` | +| `influxdb.customReadinessProbe` | Override default readiness probe | `{}` | +| `influxdb.sidecars` | Add additional sidecar containers to the InfluxDB™ pod(s) | `[]` | +| `influxdb.initContainers` | Add additional init containers to the InfluxDB™ pod(s) | `[]` | +| `influxdb.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `influxdb.service.ports.http` | InfluxDB™ HTTP port | `8086` | +| `influxdb.service.ports.rpc` | InfluxDB™ RPC port | `8088` | +| `influxdb.service.nodePorts` | Specify the nodePort(s) value for the LoadBalancer and NodePort service types. | `{}` | +| `influxdb.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `influxdb.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `influxdb.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `influxdb.service.externalTrafficPolicy` | InfluxDB™ service external traffic policy | `Cluster` | +| `influxdb.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `influxdb.service.annotations` | Annotations for InfluxDB™ service | `{}` | +| `influxdb.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `influxdb.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### InfluxDB Collectd™ parameters @@ -259,79 +263,79 @@ The command removes all the Kubernetes components associated with the chart and ### Volume permissions parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.securityContext.runAsUser` | User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") | `0` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.securityContext.runAsUser` | User ID for the init container (when facing issues in OpenShift or uid unknown, try value "auto") | `0` | ### InfluxDB™ backup parameters -| Name | Description | Value | -| ------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `backup.enabled` | Enable InfluxDB™ backup | `false` | -| `backup.directory` | Directory where backups are stored | `/backups` | -| `backup.retentionDays` | Retention time in days for backups (older backups are deleted) | `10` | -| `backup.cronjob.schedule` | Schedule in Cron format to save snapshots | `0 2 * * *` | -| `backup.cronjob.historyLimit` | Number of successful finished jobs to retain | `1` | -| `backup.cronjob.podAnnotations` | Pod annotations | `{}` | -| `backup.cronjob.securityContext.enabled` | Enable security context for InfluxDB™ backup pods | `true` | -| `backup.cronjob.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | -| `backup.cronjob.securityContext.runAsUser` | User ID for the InfluxDB™ filesystem | `1001` | -| `backup.cronjob.securityContext.runAsGroup` | Group ID for the InfluxDB™ runAsGroup | `0` | -| `backup.cronjob.securityContext.runAsNonRoot` | Setting for the InfluxDB™ runAsNonRoot | `true` | -| `backup.cronjob.securityContext.seccompProfile.type` | Setting for the InfluxDB™ seccompProfile.type | `RuntimeDefault` | -| `backup.cronjob.containerSecurityContext.enabled` | Enable security context for InfluxDB™ backup containers | `true` | -| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem` | readOnlyRootFilesystem for InfluxDB™ | `true` | -| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | allowPrivilegeEscalation for InfluxDB™ | `false` | -| `backup.cronjob.containerSecurityContext.capabilities.drop` | Capabilities to drop for InfluxDB™ | `["ALL"]` | -| `backup.podAffinityPreset` | Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `backup.podAntiAffinityPreset` | Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `backup.nodeAffinityPreset.type` | Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `backup.nodeAffinityPreset.key` | Backup™ Node label key to match Ignored if `affinity` is set. | `""` | -| `backup.nodeAffinityPreset.values` | Backup™ Node label values to match. Ignored if `affinity` is set. | `[]` | -| `backup.affinity` | Backup™ Affinity for backup pod assignment | `{}` | -| `backup.nodeSelector` | Backup™ Node labels for backup pod assignment | `{}` | -| `backup.tolerations` | Backup™ Tolerations for backup pod assignment | `[]` | -| `backup.uploadProviders.google.enabled` | enable upload to google storage bucket | `false` | -| `backup.uploadProviders.google.secret` | json secret with serviceaccount data to access Google storage bucket | `""` | -| `backup.uploadProviders.google.secretKey` | service account secret key name | `key.json` | -| `backup.uploadProviders.google.existingSecret` | Name of existing secret object with Google serviceaccount json credentials | `""` | -| `backup.uploadProviders.google.bucketName` | google storage bucket name name | `gs://bucket/influxdb` | -| `backup.uploadProviders.google.image.registry` | Google Cloud SDK image registry | `docker.io` | -| `backup.uploadProviders.google.image.repository` | Google Cloud SDK image name | `bitnami/google-cloud-sdk` | -| `backup.uploadProviders.google.image.tag` | Google Cloud SDK image tag | `0.450.0-debian-11-r0` | -| `backup.uploadProviders.google.image.digest` | Google Cloud SDK image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `backup.uploadProviders.google.image.pullPolicy` | Google Cloud SDK image pull policy | `IfNotPresent` | -| `backup.uploadProviders.google.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `backup.uploadProviders.azure.enabled` | Enable upload to azure storage container | `false` | -| `backup.uploadProviders.azure.secret` | Secret with credentials to access Azure storage | `""` | -| `backup.uploadProviders.azure.secretKey` | Service account secret key name | `connection-string` | -| `backup.uploadProviders.azure.existingSecret` | Name of existing secret object | `""` | -| `backup.uploadProviders.azure.containerName` | Destination container | `influxdb-container` | -| `backup.uploadProviders.azure.image.registry` | Azure CLI image registry | `docker.io` | -| `backup.uploadProviders.azure.image.repository` | Azure CLI image repository | `bitnami/azure-cli` | -| `backup.uploadProviders.azure.image.tag` | Azure CLI image tag (immutable tags are recommended) | `2.53.0-debian-11-r10` | -| `backup.uploadProviders.azure.image.digest` | Azure CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `backup.uploadProviders.azure.image.pullPolicy` | Azure CLI image pull policy | `IfNotPresent` | -| `backup.uploadProviders.azure.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `backup.uploadProviders.aws.enabled` | Enable upload to aws s3 bucket | `false` | -| `backup.uploadProviders.aws.accessKeyID` | Access Key ID to access aws s3 | `""` | -| `backup.uploadProviders.aws.secretAccessKey` | Secret Access Key to access aws s3 | `""` | -| `backup.uploadProviders.aws.region` | Region of aws s3 bucket | `us-east-1` | -| `backup.uploadProviders.aws.existingSecret` | Name of existing secret object | `""` | -| `backup.uploadProviders.aws.bucketName` | aws s3 bucket name | `s3://bucket/influxdb` | -| `backup.uploadProviders.aws.image.registry` | AWS CLI image registry | `docker.io` | -| `backup.uploadProviders.aws.image.repository` | AWS CLI image repository | `bitnami/aws-cli` | -| `backup.uploadProviders.aws.image.tag` | AWS CLI image tag (immutable tags are recommended) | `2.13.20-debian-11-r15` | -| `backup.uploadProviders.aws.image.digest` | AWS CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `backup.uploadProviders.aws.image.pullPolicy` | AWS CLI image pull policy | `IfNotPresent` | -| `backup.uploadProviders.aws.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `backup.enabled` | Enable InfluxDB™ backup | `false` | +| `backup.directory` | Directory where backups are stored | `/backups` | +| `backup.retentionDays` | Retention time in days for backups (older backups are deleted) | `10` | +| `backup.cronjob.schedule` | Schedule in Cron format to save snapshots | `0 2 * * *` | +| `backup.cronjob.historyLimit` | Number of successful finished jobs to retain | `1` | +| `backup.cronjob.podAnnotations` | Pod annotations | `{}` | +| `backup.cronjob.securityContext.enabled` | Enable security context for InfluxDB™ backup pods | `true` | +| `backup.cronjob.securityContext.fsGroup` | Group ID for the InfluxDB™ filesystem | `1001` | +| `backup.cronjob.securityContext.runAsUser` | User ID for the InfluxDB™ filesystem | `1001` | +| `backup.cronjob.securityContext.runAsGroup` | Group ID for the InfluxDB™ runAsGroup | `0` | +| `backup.cronjob.securityContext.runAsNonRoot` | Setting for the InfluxDB™ runAsNonRoot | `true` | +| `backup.cronjob.securityContext.seccompProfile.type` | Setting for the InfluxDB™ seccompProfile.type | `RuntimeDefault` | +| `backup.cronjob.containerSecurityContext.enabled` | Enable security context for InfluxDB™ backup containers | `true` | +| `backup.cronjob.containerSecurityContext.readOnlyRootFilesystem` | readOnlyRootFilesystem for InfluxDB™ | `true` | +| `backup.cronjob.containerSecurityContext.allowPrivilegeEscalation` | allowPrivilegeEscalation for InfluxDB™ | `false` | +| `backup.cronjob.containerSecurityContext.capabilities.drop` | Capabilities to drop for InfluxDB™ | `["ALL"]` | +| `backup.podAffinityPreset` | Backup ™ Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `backup.podAntiAffinityPreset` | Backup™ Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `backup.nodeAffinityPreset.type` | Backup™ Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `backup.nodeAffinityPreset.key` | Backup™ Node label key to match Ignored if `affinity` is set. | `""` | +| `backup.nodeAffinityPreset.values` | Backup™ Node label values to match. Ignored if `affinity` is set. | `[]` | +| `backup.affinity` | Backup™ Affinity for backup pod assignment | `{}` | +| `backup.nodeSelector` | Backup™ Node labels for backup pod assignment | `{}` | +| `backup.tolerations` | Backup™ Tolerations for backup pod assignment | `[]` | +| `backup.uploadProviders.google.enabled` | enable upload to google storage bucket | `false` | +| `backup.uploadProviders.google.secret` | json secret with serviceaccount data to access Google storage bucket | `""` | +| `backup.uploadProviders.google.secretKey` | service account secret key name | `key.json` | +| `backup.uploadProviders.google.existingSecret` | Name of existing secret object with Google serviceaccount json credentials | `""` | +| `backup.uploadProviders.google.bucketName` | google storage bucket name name | `gs://bucket/influxdb` | +| `backup.uploadProviders.google.image.registry` | Google Cloud SDK image registry | `REGISTRY_NAME` | +| `backup.uploadProviders.google.image.repository` | Google Cloud SDK image name | `REPOSITORY_NAME/google-cloud-sdk` | +| `backup.uploadProviders.google.image.tag` | Google Cloud SDK image tag | `0.450.0-debian-11-r0` | +| `backup.uploadProviders.google.image.digest` | Google Cloud SDK image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `backup.uploadProviders.google.image.pullPolicy` | Google Cloud SDK image pull policy | `IfNotPresent` | +| `backup.uploadProviders.google.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `backup.uploadProviders.azure.enabled` | Enable upload to azure storage container | `false` | +| `backup.uploadProviders.azure.secret` | Secret with credentials to access Azure storage | `""` | +| `backup.uploadProviders.azure.secretKey` | Service account secret key name | `connection-string` | +| `backup.uploadProviders.azure.existingSecret` | Name of existing secret object | `""` | +| `backup.uploadProviders.azure.containerName` | Destination container | `influxdb-container` | +| `backup.uploadProviders.azure.image.registry` | Azure CLI image registry | `REGISTRY_NAME` | +| `backup.uploadProviders.azure.image.repository` | Azure CLI image repository | `REPOSITORY_NAME/azure-cli` | +| `backup.uploadProviders.azure.image.tag` | Azure CLI image tag (immutable tags are recommended) | `2.53.0-debian-11-r10` | +| `backup.uploadProviders.azure.image.digest` | Azure CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `backup.uploadProviders.azure.image.pullPolicy` | Azure CLI image pull policy | `IfNotPresent` | +| `backup.uploadProviders.azure.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `backup.uploadProviders.aws.enabled` | Enable upload to aws s3 bucket | `false` | +| `backup.uploadProviders.aws.accessKeyID` | Access Key ID to access aws s3 | `""` | +| `backup.uploadProviders.aws.secretAccessKey` | Secret Access Key to access aws s3 | `""` | +| `backup.uploadProviders.aws.region` | Region of aws s3 bucket | `us-east-1` | +| `backup.uploadProviders.aws.existingSecret` | Name of existing secret object | `""` | +| `backup.uploadProviders.aws.bucketName` | aws s3 bucket name | `s3://bucket/influxdb` | +| `backup.uploadProviders.aws.image.registry` | AWS CLI image registry | `REGISTRY_NAME` | +| `backup.uploadProviders.aws.image.repository` | AWS CLI image repository | `REPOSITORY_NAME/aws-cli` | +| `backup.uploadProviders.aws.image.tag` | AWS CLI image tag (immutable tags are recommended) | `2.13.20-debian-11-r15` | +| `backup.uploadProviders.aws.image.digest` | AWS CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `backup.uploadProviders.aws.image.pullPolicy` | AWS CLI image pull policy | `IfNotPresent` | +| `backup.uploadProviders.aws.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | ## RBAC Parameters @@ -347,9 +351,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set auth.admin.username=admin-user oci://registry-1.docker.io/bitnamicharts/influxdb + --set auth.admin.username=admin-user oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the InfluxDB™ admin user to `admin-user`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -357,9 +363,10 @@ The above command sets the InfluxDB™ admin user to `admin-user`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/influxdb +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -461,13 +468,14 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to specify the existing passwords while performing an upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `auth.admin.password`, `user.pwd`, `auth.readUser.password` and `auth.writeUser.password` parameters when upgrading the chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/influxdb \ +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb \ --set auth.admin.password=[ADMIN_USER_PASSWORD] \ --set auth.user.password=[USER_PASSWORD] \ --set auth.readUser.password=[READ_USER_PASSWORD] \ --set auth.writeUser.password=[WRITE_USER_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders _[ADMIN_USER_PASSWORD]_, _[USER_PASSWORD]_, _[READ_USER_PASSWORD]_, and _[WRITE_USER_PASSWORD]_ with the values obtained from instructions in the installation notes. ## Upgrading @@ -480,9 +488,11 @@ To update from the previous major, please follow this steps: ```console kubectl delete deployments.apps influxdb -helm upgrade influxdb oci://registry-1.docker.io/bitnamicharts/influxdb +helm upgrade influxdb oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 4.0.0 This major release completely removes support for InfluxDB™ branch 1.x.x. You can use images for versions ~1.x.x taking into account the chart may need some modification to run with them. @@ -511,9 +521,11 @@ However, you can use images for versions ~1.x.x taking into account the chart ma #### Installing InfluxDB™ v1 in chart v2 ```console -helm install oci://registry-1.docker.io/bitnamicharts/influxdb --set image.tag=1.8.3-debian-10-r88 +helm install oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb --set image.tag=1.8.3-debian-10-r88 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + As a consecuece some breaking changes have been included in this version. - Authentication values has been moved to `auth....`. @@ -537,9 +549,11 @@ We actually recommend to backup all the data form a previous helm release, insta Having an already existing chart release called `influxdb` and deployed like ```console -helm install influxdb oci://registry-1.docker.io/bitnamicharts/influxdb +helm install influxdb oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ##### Export secrets and required values to update ```console @@ -551,10 +565,12 @@ export INFLUXDB_ADMIN_PASSWORD=$(kubectl get secret --namespace default influxdb > NOTE: Please remember to migrate all the values to its new path following the above notes, e.g: `adminUser.pwd` -> `auth.admin.password`. ```console -helm upgrade influxdb oci://registry-1.docker.io/bitnamicharts/influxdb --set image.tag=1.8.3-debian-10-r99 \ +helm upgrade influxdb oci://REGISTRY_NAME/REPOSITORY_NAME/influxdb --set image.tag=1.8.3-debian-10-r99 \ --set auth.admin.password=${INFLUXDB_ADMIN_PASSWORD} ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.1.0 This version introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. diff --git a/bitnami/influxdb/values.yaml b/bitnami/influxdb/values.yaml index d3d003881ebbcd..fb5db526daaf9a 100644 --- a/bitnami/influxdb/values.yaml +++ b/bitnami/influxdb/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami InfluxDB™ image ## ref: https://hub.docker.com/r/bitnami/influxdb/tags/ -## @param image.registry InfluxDB™ image registry -## @param image.repository InfluxDB™ image repository +## @param image.registry [default: REGISTRY_NAME] InfluxDB™ image registry +## @param image.repository [default: REPOSITORY_NAME/influxdb] InfluxDB™ image repository ## @param image.tag InfluxDB™ image tag (immutable tags are recommended) ## @param image.digest InfluxDB™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy InfluxDB™ image pull policy @@ -825,8 +825,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -976,8 +976,8 @@ backup: bucketName: "gs://bucket/influxdb" ## Bitnami Google Cloud SDK image ## ref: https://hub.docker.com/r/bitnami/google-cloud-sdk/tags/ - ## @param backup.uploadProviders.google.image.registry Google Cloud SDK image registry - ## @param backup.uploadProviders.google.image.repository Google Cloud SDK image name + ## @param backup.uploadProviders.google.image.registry [default: REGISTRY_NAME] Google Cloud SDK image registry + ## @param backup.uploadProviders.google.image.repository [default: REPOSITORY_NAME/google-cloud-sdk] Google Cloud SDK image name ## @param backup.uploadProviders.google.image.tag Google Cloud SDK image tag ## @param backup.uploadProviders.google.image.digest Google Cloud SDK image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param backup.uploadProviders.google.image.pullPolicy Google Cloud SDK image pull policy @@ -1015,8 +1015,8 @@ backup: containerName: "influxdb-container" ## Bitnami Azure CLI image ## ref: https://hub.docker.com/r/bitnami/azure-cli/tags/ - ## @param backup.uploadProviders.azure.image.registry Azure CLI image registry - ## @param backup.uploadProviders.azure.image.repository Azure CLI image repository + ## @param backup.uploadProviders.azure.image.registry [default: REGISTRY_NAME] Azure CLI image registry + ## @param backup.uploadProviders.azure.image.repository [default: REPOSITORY_NAME/azure-cli] Azure CLI image repository ## @param backup.uploadProviders.azure.image.tag Azure CLI image tag (immutable tags are recommended) ## @param backup.uploadProviders.azure.image.digest Azure CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param backup.uploadProviders.azure.image.pullPolicy Azure CLI image pull policy @@ -1054,8 +1054,8 @@ backup: bucketName: "s3://bucket/influxdb" ## Bitnami AWS CLI image ## ref: https://hub.docker.com/r/bitnami/aws-cli/tags - ## @param backup.uploadProviders.aws.image.registry AWS CLI image registry - ## @param backup.uploadProviders.aws.image.repository AWS CLI image repository + ## @param backup.uploadProviders.aws.image.registry [default: REGISTRY_NAME] AWS CLI image registry + ## @param backup.uploadProviders.aws.image.repository [default: REPOSITORY_NAME/aws-cli] AWS CLI image repository ## @param backup.uploadProviders.aws.image.tag AWS CLI image tag (immutable tags are recommended) ## @param backup.uploadProviders.aws.image.digest AWS CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param backup.uploadProviders.aws.image.pullPolicy AWS CLI image pull policy diff --git a/bitnami/jaeger/README.md b/bitnami/jaeger/README.md index 06698d160d33ce..ba97a6e947c59e 100644 --- a/bitnami/jaeger/README.md +++ b/bitnami/jaeger/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jaeger +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jaeger ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [jaeger](https://github.com/bitnami/containers/tree/main/bitnami/jaeger) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Jaeger in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jaeger +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jaeger ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy jaeger on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,15 +80,15 @@ The command removes all the Kubernetes components associated with the chart and ### Jaeger parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------ | --------------------- | -| `image.registry` | Jaeger image registry | `docker.io` | -| `image.repository` | Jaeger image repository | `bitnami/jaeger` | -| `image.tag` | Jaeger image tag (immutable tags are recommended) | `1.50.0-debian-11-r1` | -| `image.digest` | Jaeger image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Jaeger image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------ | ------------------------ | +| `image.registry` | Jaeger image registry | `REGISTRY_NAME` | +| `image.repository` | Jaeger image repository | `REPOSITORY_NAME/jaeger` | +| `image.tag` | Jaeger image tag (immutable tags are recommended) | `1.50.0-debian-11-r1` | +| `image.digest` | Jaeger image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Jaeger image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Query deployment parameters @@ -352,23 +356,23 @@ The command removes all the Kubernetes components associated with the chart and ### Set the image to use for the migration job -| Name | Description | Value | -| -------------------------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- | -| `cqlshImage.registry` | Cassandra image registry | `docker.io` | -| `cqlshImage.repository` | Cassandra image repository | `bitnami/cassandra` | -| `cqlshImage.tag` | Cassandra image tag (immutable tags are recommended) | `4.0.11-debian-11-r76` | -| `cqlshImage.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `cqlshImage.pullPolicy` | image pull policy | `IfNotPresent` | -| `cqlshImage.pullSecrets` | Cassandra image pull secrets | `[]` | -| `cqlshImage.debug` | Enable image debug mode | `false` | -| `externalDatabase.host` | External database host | `""` | -| `externalDatabase.port` | External database port | `9042` | -| `externalDatabase.dbUser.user` | Cassandra admin user | `bn_jaeger` | -| `externalDatabase.dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | -| `externalDatabase.existingSecret` | Name of existing secret containing the database secret | `""` | -| `externalDatabase.existingSecretPasswordKey` | Name of existing secret key containing the database password secret key | `""` | -| `externalDatabase.cluster.datacenter` | Name for cassandra's jaeger datacenter | `dc1` | -| `externalDatabase.keyspace` | Name for cassandra's jaeger keyspace | `bitnami_jaeger` | +| Name | Description | Value | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `cqlshImage.registry` | Cassandra image registry | `REGISTRY_NAME` | +| `cqlshImage.repository` | Cassandra image repository | `REPOSITORY_NAME/cassandra` | +| `cqlshImage.tag` | Cassandra image tag (immutable tags are recommended) | `4.0.11-debian-11-r76` | +| `cqlshImage.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `cqlshImage.pullPolicy` | image pull policy | `IfNotPresent` | +| `cqlshImage.pullSecrets` | Cassandra image pull secrets | `[]` | +| `cqlshImage.debug` | Enable image debug mode | `false` | +| `externalDatabase.host` | External database host | `""` | +| `externalDatabase.port` | External database port | `9042` | +| `externalDatabase.dbUser.user` | Cassandra admin user | `bn_jaeger` | +| `externalDatabase.dbUser.password` | Password for `dbUser.user`. Randomly generated if empty | `""` | +| `externalDatabase.existingSecret` | Name of existing secret containing the database secret | `""` | +| `externalDatabase.existingSecretPasswordKey` | Name of existing secret key containing the database password secret key | `""` | +| `externalDatabase.cluster.datacenter` | Name for cassandra's jaeger datacenter | `dc1` | +| `externalDatabase.keyspace` | Name for cassandra's jaeger keyspace | `bitnami_jaeger` | ### Cassandra storage sub-chart diff --git a/bitnami/jaeger/values.yaml b/bitnami/jaeger/values.yaml index 76ff38fe1c50f1..3e7341cc7e1a02 100644 --- a/bitnami/jaeger/values.yaml +++ b/bitnami/jaeger/values.yaml @@ -58,8 +58,8 @@ diagnosticMode: ## Bitnami Jaeger image ## ref: https://hub.docker.com/r/bitnami/jaeger/tags/ -## @param image.registry Jaeger image registry -## @param image.repository Jaeger image repository +## @param image.registry [default: REGISTRY_NAME] Jaeger image registry +## @param image.repository [default: REPOSITORY_NAME/jaeger] Jaeger image repository ## @param image.tag Jaeger image tag (immutable tags are recommended) ## @param image.digest Jaeger image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy @@ -1093,8 +1093,8 @@ migration: extraVolumes: [] ## @section Set the image to use for the migration job -## @param cqlshImage.registry Cassandra image registry -## @param cqlshImage.repository Cassandra image repository +## @param cqlshImage.registry [default: REGISTRY_NAME] Cassandra image registry +## @param cqlshImage.repository [default: REPOSITORY_NAME/cassandra] Cassandra image repository ## @param cqlshImage.tag Cassandra image tag (immutable tags are recommended) ## @param cqlshImage.digest Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param cqlshImage.pullPolicy image pull policy diff --git a/bitnami/jasperreports/README.md b/bitnami/jasperreports/README.md index 59a2cc14a254f6..0318edd6aeb44d 100644 --- a/bitnami/jasperreports/README.md +++ b/bitnami/jasperreports/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jasperreports +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [JasperReports](https://github.com/bitnami/containers/tree/main/bitnami/jasperreports) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use JasperReports in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jasperreports +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys JasperReports on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,32 +81,32 @@ The command removes all the Kubernetes components associated with the chart and ### JasperReports parameters -| Name | Description | Value | -| ----------------------------- | ------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | JasperReports image registry | `docker.io` | -| `image.repository` | JasperReports image repository | `bitnami/jasperreports` | -| `image.tag` | JasperReports image tag (immutable tags are recommended) | `8.2.0-debian-11-r96` | -| `image.digest` | JasperReports image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | JasperReports image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `jasperreportsUsername` | JasperReports user | `jasperadmin` | -| `jasperreportsExistingSecret` | Name of existing secret containing the key `jasperreports-password` | `""` | -| `jasperreportsPassword` | JasperReports password (Ignored if `jasperreportsExistingSecret` is provided) | `""` | -| `jasperreportsEmail` | JasperReports user email | `user@example.com` | -| `allowEmptyPassword` | Set to `yes` to allow the container to be started with blank passwords | `no` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpEmail` | SMTP email | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpExistingSecret` | Name of existing secret containing the key `smtp-password` | `""` | -| `smtpPassword` | SMTP password (Ignored if `smtpExistingSecret` is provided) | `""` | -| `smtpProtocol` | SMTP protocol [`ssl`, `none`] | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Extra environment variables to be set on Jasperreports container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `updateStrategy.type` | StrategyType | `RollingUpdate` | +| Name | Description | Value | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `image.registry` | JasperReports image registry | `REGISTRY_NAME` | +| `image.repository` | JasperReports image repository | `REPOSITORY_NAME/jasperreports` | +| `image.tag` | JasperReports image tag (immutable tags are recommended) | `8.2.0-debian-11-r96` | +| `image.digest` | JasperReports image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | JasperReports image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `jasperreportsUsername` | JasperReports user | `jasperadmin` | +| `jasperreportsExistingSecret` | Name of existing secret containing the key `jasperreports-password` | `""` | +| `jasperreportsPassword` | JasperReports password (Ignored if `jasperreportsExistingSecret` is provided) | `""` | +| `jasperreportsEmail` | JasperReports user email | `user@example.com` | +| `allowEmptyPassword` | Set to `yes` to allow the container to be started with blank passwords | `no` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpEmail` | SMTP email | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpExistingSecret` | Name of existing secret containing the key `smtp-password` | `""` | +| `smtpPassword` | SMTP password (Ignored if `smtpExistingSecret` is provided) | `""` | +| `smtpProtocol` | SMTP protocol [`ssl`, `none`] | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Extra environment variables to be set on Jasperreports container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `updateStrategy.type` | StrategyType | `RollingUpdate` | ### Jasperreports deployment parameters @@ -243,9 +247,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set jasperreportsUsername=admin,jasperreportsPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/jasperreports + oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the JasperReports administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -253,9 +259,10 @@ The above command sets the JasperReports administrator account username and pass Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/jasperreports +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -380,9 +387,11 @@ export JASPER_PASSWORD=$(kubectl get secret --namespace default jasperreports -o export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default jasperreports-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) export MARIADB_PASSWORD=$(kubectl get secret --namespace default jasperreports-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) kubectl delete deployments.apps jasperreports -helm upgrade jasperreports oci://registry-1.docker.io/bitnamicharts/jasperreports --set jasperreportsPassword=$JASPER_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +helm upgrade jasperreports oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports --set jasperreportsPassword=$JASPER_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 9.0.0 In this major there were two main changes introduced: @@ -443,9 +452,11 @@ Delete the JasperReports deployment and delete the MariaDB statefulset. Notice t Now the upgrade works: ```console -helm upgrade jasperreports oci://registry-1.docker.io/bitnamicharts/jasperreports --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set jasperreportsPassword=$JASPERREPORTS_PASSWORD --set allowEmptyPasswords=false +helm upgrade jasperreports oci://REGISTRY_NAME/REPOSITORY_NAME/jasperreports --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set jasperreportsPassword=$JASPERREPORTS_PASSWORD --set allowEmptyPasswords=false ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You will have to delete the existing MariaDB pod and the new statefulset is going to create a new one ```console diff --git a/bitnami/jasperreports/values.yaml b/bitnami/jasperreports/values.yaml index c8a7837502ef7a..5b96ddca70c23e 100644 --- a/bitnami/jasperreports/values.yaml +++ b/bitnami/jasperreports/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] ## Bitnami JasperReports image version ## ref: https://hub.docker.com/r/bitnami/dokuwiki/tags/ -## @param image.registry JasperReports image registry -## @param image.repository JasperReports image repository +## @param image.registry [default: REGISTRY_NAME] JasperReports image registry +## @param image.repository [default: REPOSITORY_NAME/jasperreports] JasperReports image repository ## @param image.tag JasperReports image tag (immutable tags are recommended) ## @param image.digest JasperReports image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy JasperReports image pull policy diff --git a/bitnami/jenkins/README.md b/bitnami/jenkins/README.md index de0ada71e4c04b..26ff3c722707ca 100644 --- a/bitnami/jenkins/README.md +++ b/bitnami/jenkins/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jenkins +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Jenkins](https://github.com/bitnami/containers/tree/main/bitnami/jenkins) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Jenkins in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jenkins +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Jenkins on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,15 +82,15 @@ The command removes all the Kubernetes components associated with the chart and ### Jenkins Image parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Jenkins image registry | `docker.io` | -| `image.repository` | Jenkins image repository | `bitnami/jenkins` | -| `image.tag` | Jenkins image tag (immutable tags are recommended) | `2.414.3-debian-11-r0` | -| `image.digest` | Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Jenkins image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Jenkins image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | Jenkins image registry | `REGISTRY_NAME` | +| `image.repository` | Jenkins image repository | `REPOSITORY_NAME/jenkins` | +| `image.tag` | Jenkins image tag (immutable tags are recommended) | `2.414.3-debian-11-r0` | +| `image.digest` | Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Jenkins image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Jenkins image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Jenkins Configuration parameters @@ -131,56 +135,56 @@ The command removes all the Kubernetes components associated with the chart and ### Jenkins Configuration as Code plugin settings (EXPERIMENTAL) -| Name | Description | Value | -| ------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ----------------------- | -| `configAsCode.enabled` | Enable configuration as code. | `false` | -| `configAsCode.extraConfigFiles` | List of additional configuration-as-code files to be mounted | `{}` | -| `configAsCode.securityRealm` | Content of the 'securityRealm' block | `{}` | -| `configAsCode.authorizationStrategy` | Content of the 'authorizationStrategy' block | `{}` | -| `configAsCode.security` | Content of the 'security' block | `{}` | -| `configAsCode.extraJenkins` | Append additional settings under the 'jenkins' block | `{}` | -| `configAsCode.extraConfig` | Append additional settings at the root of the configuration-as-code file | `{}` | -| `configAsCode.extraKubernetes` | Append additional settings under the Kubernetes cloud block | `{}` | -| `configAsCode.extraClouds` | Additional clouds | `[]` | -| `configAsCode.existingConfigmap` | Name of an existing configmap containing the config-as-code files. | `""` | -| `configAsCode.autoReload.enabled` | Enable the creation of the autoReload sidecar container. | `true` | -| `configAsCode.autoReload.initialDelay` | In seconds, time | `360` | -| `configAsCode.autoReload.reqRetries` | | `12` | -| `configAsCode.autoReload.interval` | | `10` | -| `configAsCode.autoReload.command` | | `[]` | -| `configAsCode.autoReload.args` | | `[]` | -| `configAsCode.autoReload.extraEnvVars` | | `[]` | -| `configAsCode.autoReload.extraEnvVarsSecret` | | `""` | -| `configAsCode.autoReload.extraEnvVarsCM` | | `""` | -| `configAsCode.autoReload.extraVolumeMounts` | | `[]` | -| `configAsCode.autoReload.containerSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% containers' Security Context | `true` | -| `configAsCode.autoReload.containerSecurityContext.runAsUser` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsUser | `1001` | -| `configAsCode.autoReload.containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsNonRoot | `true` | -| `configAsCode.autoReload.containerSecurityContext.readOnlyRootFilesystem` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsNonRoot | `false` | -| `agent.enabled` | Set to true to enable the configuration of Jenkins kubernetes agents | `false` | -| `agent.image.registry` | Jenkins image registry | `docker.io` | -| `agent.image.repository` | Jenkins image repository | `bitnami/jenkins-agent` | -| `agent.image.tag` | Jenkins image tag (immutable tags are recommended) | `0.3174.0-debian-11-r0` | -| `agent.image.digest` | Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `agent.image.pullPolicy` | Jenkins image pull policy | `IfNotPresent` | -| `agent.image.pullSecrets` | Jenkins image pull secrets | `[]` | -| `agent.image.debug` | Enable image debug mode | `false` | -| `agent.templateLabel` | Label for the Kubernetes agent template | `kubernetes-agent` | -| `agent.podLabels` | Additional pod labels for the Jenkins agent pods | `{}` | -| `agent.annotations` | Additional pod annotations for the Jenkins agent pods | `{}` | -| `agent.sidecars` | Additional sidecar containers for the Jenkins agent pods | `[]` | -| `agent.command` | Override default container command (useful when using custom images) | `""` | -| `agent.args` | Override default container args (useful when using custom images) | `""` | -| `agent.containerExtraEnvVars` | Additional env vars for the Jenkins agent pods | `[]` | -| `agent.podExtraEnvVars` | Additional env vars for the Jenkins agent pods | `[]` | -| `agent.extraAgentTemplate` | Extend the default agent template | `{}` | -| `agent.extraTemplates` | Provide your own custom agent templates | `[]` | -| `agent.resources.limits` | The resources limits for the Jenkins container | `{}` | -| `agent.resources.requests` | The requested resources for the Jenkins container | `{}` | -| `agent.containerSecurityContext.enabled` | Enable container security context | `false` | -| `agent.containerSecurityContext.runAsUser` | User ID for the agent container | `""` | -| `agent.containerSecurityContext.runAsGroup` | User ID for the agent container | `""` | -| `agent.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | +| Name | Description | Value | +| ------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `configAsCode.enabled` | Enable configuration as code. | `false` | +| `configAsCode.extraConfigFiles` | List of additional configuration-as-code files to be mounted | `{}` | +| `configAsCode.securityRealm` | Content of the 'securityRealm' block | `{}` | +| `configAsCode.authorizationStrategy` | Content of the 'authorizationStrategy' block | `{}` | +| `configAsCode.security` | Content of the 'security' block | `{}` | +| `configAsCode.extraJenkins` | Append additional settings under the 'jenkins' block | `{}` | +| `configAsCode.extraConfig` | Append additional settings at the root of the configuration-as-code file | `{}` | +| `configAsCode.extraKubernetes` | Append additional settings under the Kubernetes cloud block | `{}` | +| `configAsCode.extraClouds` | Additional clouds | `[]` | +| `configAsCode.existingConfigmap` | Name of an existing configmap containing the config-as-code files. | `""` | +| `configAsCode.autoReload.enabled` | Enable the creation of the autoReload sidecar container. | `true` | +| `configAsCode.autoReload.initialDelay` | In seconds, time | `360` | +| `configAsCode.autoReload.reqRetries` | | `12` | +| `configAsCode.autoReload.interval` | | `10` | +| `configAsCode.autoReload.command` | | `[]` | +| `configAsCode.autoReload.args` | | `[]` | +| `configAsCode.autoReload.extraEnvVars` | | `[]` | +| `configAsCode.autoReload.extraEnvVarsSecret` | | `""` | +| `configAsCode.autoReload.extraEnvVarsCM` | | `""` | +| `configAsCode.autoReload.extraVolumeMounts` | | `[]` | +| `configAsCode.autoReload.containerSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% containers' Security Context | `true` | +| `configAsCode.autoReload.containerSecurityContext.runAsUser` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsUser | `1001` | +| `configAsCode.autoReload.containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsNonRoot | `true` | +| `configAsCode.autoReload.containerSecurityContext.readOnlyRootFilesystem` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsNonRoot | `false` | +| `agent.enabled` | Set to true to enable the configuration of Jenkins kubernetes agents | `false` | +| `agent.image.registry` | Jenkins image registry | `REGISTRY_NAME` | +| `agent.image.repository` | Jenkins image repository | `REPOSITORY_NAME/jenkins-agent` | +| `agent.image.tag` | Jenkins image tag (immutable tags are recommended) | `0.3174.0-debian-11-r0` | +| `agent.image.digest` | Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `agent.image.pullPolicy` | Jenkins image pull policy | `IfNotPresent` | +| `agent.image.pullSecrets` | Jenkins image pull secrets | `[]` | +| `agent.image.debug` | Enable image debug mode | `false` | +| `agent.templateLabel` | Label for the Kubernetes agent template | `kubernetes-agent` | +| `agent.podLabels` | Additional pod labels for the Jenkins agent pods | `{}` | +| `agent.annotations` | Additional pod annotations for the Jenkins agent pods | `{}` | +| `agent.sidecars` | Additional sidecar containers for the Jenkins agent pods | `[]` | +| `agent.command` | Override default container command (useful when using custom images) | `""` | +| `agent.args` | Override default container args (useful when using custom images) | `""` | +| `agent.containerExtraEnvVars` | Additional env vars for the Jenkins agent pods | `[]` | +| `agent.podExtraEnvVars` | Additional env vars for the Jenkins agent pods | `[]` | +| `agent.extraAgentTemplate` | Extend the default agent template | `{}` | +| `agent.extraTemplates` | Provide your own custom agent templates | `[]` | +| `agent.resources.limits` | The resources limits for the Jenkins container | `{}` | +| `agent.resources.requests` | The requested resources for the Jenkins container | `{}` | +| `agent.containerSecurityContext.enabled` | Enable container security context | `false` | +| `agent.containerSecurityContext.runAsUser` | User ID for the agent container | `""` | +| `agent.containerSecurityContext.runAsGroup` | User ID for the agent container | `""` | +| `agent.containerSecurityContext.privileged` | Decide if the container runs privileged. | `false` | ### Jenkins deployment parameters @@ -284,25 +288,25 @@ The command removes all the Kubernetes components associated with the chart and ### Persistence Parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Persistent Volume size | `8Gi` | -| `persistence.selector` | Selector to match an existing Persistent Volume for Ingester's data PVC | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Persistent Volume size | `8Gi` | +| `persistence.selector` | Selector to match an existing Persistent Volume for Ingester's data PVC | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -323,9 +327,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set jenkinsUser=admin \ --set jenkinsPassword=password \ - oci://registry-1.docker.io/bitnamicharts/jenkins + oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Jenkins administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -333,9 +339,10 @@ The above command sets the Jenkins administrator account username and password t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/jenkins +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -432,10 +439,12 @@ kubectl delete deployments.apps jenkins - Upgrade your release and delete data that should not be persisted anymore: ```console -helm upgrade jenkins oci://registry-1.docker.io/bitnamicharts/jenkins --set jenkinsPassword=$JENKINS_PASSWORD --set jenkinsHome=/bitnami/jenkins/jenkins_home +helm upgrade jenkins oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins --set jenkinsPassword=$JENKINS_PASSWORD --set jenkinsHome=/bitnami/jenkins/jenkins_home kubectl exec -it $(kubectl get pod -l app.kubernetes.io/instance=jenkins,app.kubernetes.io/name=jenkins -o jsonpath="{.items[0].metadata.name}") -- find /bitnami/jenkins -mindepth 1 -maxdepth 1 -not -name jenkins_home -exec rm -rf {} \; ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 7.0.0 Chart labels were adapted to follow the [Helm charts standard labels](https://helm.sh/docs/chart_best_practices/labels/#standard-labels). @@ -447,9 +456,11 @@ Consequences: ```console export JENKINS_PASSWORD=$(kubectl get secret --namespace default jenkins -o jsonpath="{.data.jenkins-password}" | base64 -d) kubectl delete deployments.apps jenkins -helm upgrade jenkins oci://registry-1.docker.io/bitnamicharts/jenkins --set jenkinsPassword=$JENKINS_PASSWORD +helm upgrade jenkins oci://REGISTRY_NAME/REPOSITORY_NAME/jenkins --set jenkinsPassword=$JENKINS_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 6.1.0 This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. diff --git a/bitnami/jenkins/values.yaml b/bitnami/jenkins/values.yaml index cd831f4e589a86..99c82f05fdd617 100644 --- a/bitnami/jenkins/values.yaml +++ b/bitnami/jenkins/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Jenkins image ## ref: https://hub.docker.com/r/bitnami/jenkins/tags/ -## @param image.registry Jenkins image registry -## @param image.repository Jenkins image repository +## @param image.registry [default: REGISTRY_NAME] Jenkins image registry +## @param image.repository [default: REPOSITORY_NAME/jenkins] Jenkins image repository ## @param image.tag Jenkins image tag (immutable tags are recommended) ## @param image.digest Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Jenkins image pull policy @@ -333,8 +333,8 @@ agent: enabled: false ## Bitnami Jenkins agent image ## ref: https://hub.docker.com/r/bitnami/jenkins/tags/ - ## @param agent.image.registry Jenkins image registry - ## @param agent.image.repository Jenkins image repository + ## @param agent.image.registry [default: REGISTRY_NAME] Jenkins image registry + ## @param agent.image.repository [default: REPOSITORY_NAME/jenkins-agent] Jenkins image repository ## @param agent.image.tag Jenkins image tag (immutable tags are recommended) ## @param agent.image.digest Jenkins image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param agent.image.pullPolicy Jenkins image pull policy @@ -888,8 +888,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/joomla/README.md b/bitnami/joomla/README.md index 9ceea174580ffb..a45c4d2577388a 100644 --- a/bitnami/joomla/README.md +++ b/bitnami/joomla/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/joomla +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/joomla ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Joomla!](https://github.com/bitnami/containers/tree/main/bitnami/joomla) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Joomla! in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/joomla +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/joomla ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Joomla! on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,88 +81,88 @@ The command removes all the Kubernetes components associated with the chart and ### Joomla! parameters -| Name | Description | Value | -| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Joomla! image registry | `docker.io` | -| `image.repository` | Joomla! Image name | `bitnami/joomla` | -| `image.tag` | Joomla! Image tag | `4.4.0-debian-11-r0` | -| `image.digest` | Joomla! image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Joomla! image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `joomlaSkipInstall` | Skip Joomla! installation wizard. Useful for migrations and restoring from SQL dump | `no` | -| `joomlaUsername` | User of the application | `user` | -| `joomlaPassword` | Application password | `""` | -| `joomlaEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `no` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes` | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for Joomla! volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Joomla! volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Joomla! volume | `8Gi` | -| `persistence.existingClaim` | An Existing PVC name | `""` | -| `persistence.hostPath` | Host mount path for Joomla! volume | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `podSecurityContext.enabled` | Enable Joomla! pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Joomla! pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Joomla! containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Joomla! containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Joomla! container's Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `priorityClassName` | Define the priority class name to use for the joomla pods here. | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | Joomla! image registry | `REGISTRY_NAME` | +| `image.repository` | Joomla! Image name | `REPOSITORY_NAME/joomla` | +| `image.tag` | Joomla! Image tag | `4.4.0-debian-11-r0` | +| `image.digest` | Joomla! image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Joomla! image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `joomlaSkipInstall` | Skip Joomla! installation wizard. Useful for migrations and restoring from SQL dump | `no` | +| `joomlaUsername` | User of the application | `user` | +| `joomlaPassword` | Application password | `""` | +| `joomlaEmail` | Admin email | `user@example.com` | +| `allowEmptyPassword` | Allow DB blank passwords | `no` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes` | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts` | Container ports | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for Joomla! volume | `""` | +| `persistence.accessModes` | PVC Access Mode for Joomla! volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Joomla! volume | `8Gi` | +| `persistence.existingClaim` | An Existing PVC name | `""` | +| `persistence.hostPath` | Host mount path for Joomla! volume | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `podSecurityContext.enabled` | Enable Joomla! pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Joomla! pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Joomla! containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Joomla! containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Joomla! container's Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `priorityClassName` | Define the priority class name to use for the joomla pods here. | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -216,17 +220,17 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image name | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image name | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | ### NetworkPolicy parameters @@ -255,9 +259,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set joomlaUsername=admin,joomlaPassword=password,mariadb.mariadbRootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/joomla + oci://REGISTRY_NAME/REPOSITORY_NAME/joomla ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Joomla! administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -265,9 +271,10 @@ The above command sets the Joomla! administrator account username and password t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/joomla +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/joomla ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -434,15 +441,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=joo Upgrade your release (maintaining the version) disabling MariaDB and scaling Joomla replicas to 0: ```console -helm upgrade joomla oci://registry-1.docker.io/bitnamicharts/joomla --set joomlaPassword=$JOOMLA_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.1.9 +helm upgrade joomla oci://REGISTRY_NAME/REPOSITORY_NAME/joomla --set joomlaPassword=$JOOMLA_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.1.9 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 9.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade joomla oci://registry-1.docker.io/bitnamicharts/joomla --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set joomlaPassword=$JOOMLA_PASSWORD +helm upgrade joomla oci://REGISTRY_NAME/REPOSITORY_NAME/joomla --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set joomlaPassword=$JOOMLA_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/joomla/values.yaml b/bitnami/joomla/values.yaml index c68695dabdacd0..d21c57c4190cc1 100644 --- a/bitnami/joomla/values.yaml +++ b/bitnami/joomla/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] ## Bitnami Joomla! image version ## ref: https://hub.docker.com/r/bitnami/joomla/tags/ -## @param image.registry Joomla! image registry -## @param image.repository Joomla! Image name +## @param image.registry [default: REGISTRY_NAME] Joomla! image registry +## @param image.repository [default: REPOSITORY_NAME/joomla] Joomla! Image name ## @param image.tag Joomla! Image tag ## @param image.digest Joomla! image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Joomla! image pull policy @@ -611,8 +611,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image name + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image name ## @param metrics.image.tag Apache exporter image tag ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy diff --git a/bitnami/jupyterhub/README.md b/bitnami/jupyterhub/README.md index d26e15891e6e56..9496ed0254a627 100644 --- a/bitnami/jupyterhub/README.md +++ b/bitnami/jupyterhub/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jupyterhub +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jupyterhub ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use JupyterHub in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/jupyterhub +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/jupyterhub ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy JupyterHub on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,79 +85,79 @@ The command removes all the Kubernetes components associated with the chart and ### Hub deployment parameters -| Name | Description | Value | -| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | -| `hub.image.registry` | Hub image registry | `docker.io` | -| `hub.image.repository` | Hub image repository | `bitnami/jupyterhub` | -| `hub.image.tag` | Hub image tag (immutable tags are recommended) | `4.0.2-debian-11-r55` | -| `hub.image.digest` | Hub image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `hub.image.pullPolicy` | Hub image pull policy | `IfNotPresent` | -| `hub.image.pullSecrets` | Hub image pull secrets | `[]` | -| `hub.baseUrl` | Hub base URL | `/` | -| `hub.adminUser` | Hub Dummy authenticator admin user | `user` | -| `hub.password` | Hub Dummy authenticator password | `""` | -| `hub.configuration` | Hub configuration file (to be used by jupyterhub_config.py) | `""` | -| `hub.existingConfigmap` | Configmap with Hub init scripts (replaces the scripts in templates/hub/configmap.yml) | `""` | -| `hub.existingSecret` | Secret with hub configuration (replaces the hub.configuration value) and proxy token | `""` | -| `hub.command` | Override Hub default command | `[]` | -| `hub.args` | Override Hub default args | `[]` | -| `hub.extraEnvVars` | Add extra environment variables to the Hub container | `[]` | -| `hub.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `hub.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `hub.containerPorts.http` | Hub container port | `8081` | -| `hub.startupProbe.enabled` | Enable startupProbe on Hub containers | `true` | -| `hub.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `hub.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `hub.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `hub.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `hub.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `hub.livenessProbe.enabled` | Enable livenessProbe on Hub containers | `true` | -| `hub.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `hub.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `hub.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `hub.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | -| `hub.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `hub.readinessProbe.enabled` | Enable readinessProbe on Hub containers | `true` | -| `hub.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `hub.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `hub.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `hub.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | -| `hub.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `hub.customStartupProbe` | Override default startup probe | `{}` | -| `hub.customLivenessProbe` | Override default liveness probe | `{}` | -| `hub.customReadinessProbe` | Override default readiness probe | `{}` | -| `hub.resources.limits` | The resources limits for the Hub containers | `{}` | -| `hub.resources.requests` | The requested resources for the Hub containers | `{}` | -| `hub.containerSecurityContext.enabled` | Enabled Hub containers' Security Context | `true` | -| `hub.containerSecurityContext.runAsUser` | Set Hub container's Security Context runAsUser | `1000` | -| `hub.containerSecurityContext.runAsNonRoot` | Set Hub container's Security Context runAsNonRoot | `true` | -| `hub.podSecurityContext.enabled` | Enabled Hub pods' Security Context | `true` | -| `hub.podSecurityContext.fsGroup` | Set Hub pod's Security Context fsGroup | `1001` | -| `hub.lifecycleHooks` | LifecycleHooks for the Hub container to automate configuration before or after startup | `{}` | -| `hub.hostAliases` | Add deployment host aliases | `[]` | -| `hub.podLabels` | Add extra labels to the Hub pods | `{}` | -| `hub.podAnnotations` | Add extra annotations to the Hub pods | `{}` | -| `hub.podAffinityPreset` | Pod affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `hub.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `hub.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `hub.nodeAffinityPreset.key` | Node label key to match. Ignored if `hub.affinity` is set | `""` | -| `hub.nodeAffinityPreset.values` | Node label values to match. Ignored if `hub.affinity` is set | `[]` | -| `hub.affinity` | Affinity for pod assignment. | `{}` | -| `hub.nodeSelector` | Node labels for pod assignment. | `{}` | -| `hub.tolerations` | Tolerations for pod assignment. | `[]` | -| `hub.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `hub.priorityClassName` | Priority Class Name | `""` | -| `hub.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `hub.terminationGracePeriodSeconds` | Seconds Hub pod needs to terminate gracefully | `""` | -| `hub.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `hub.updateStrategy.rollingUpdate` | Hub deployment rolling update configuration parameters | `{}` | -| `hub.extraVolumes` | Optionally specify extra list of additional volumes for Hub pods | `[]` | -| `hub.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Hub container(s) | `[]` | -| `hub.initContainers` | Add additional init containers to the Hub pods | `[]` | -| `hub.sidecars` | Add additional sidecar containers to the Hub pod | `[]` | -| `hub.pdb.create` | Deploy Hub PodDisruptionBudget | `false` | -| `hub.pdb.minAvailable` | Set minimum available hub instances | `""` | -| `hub.pdb.maxUnavailable` | Set maximum available hub instances | `""` | +| Name | Description | Value | +| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------------------- | +| `hub.image.registry` | Hub image registry | `REGISTRY_NAME` | +| `hub.image.repository` | Hub image repository | `REPOSITORY_NAME/jupyterhub` | +| `hub.image.tag` | Hub image tag (immutable tags are recommended) | `4.0.2-debian-11-r55` | +| `hub.image.digest` | Hub image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `hub.image.pullPolicy` | Hub image pull policy | `IfNotPresent` | +| `hub.image.pullSecrets` | Hub image pull secrets | `[]` | +| `hub.baseUrl` | Hub base URL | `/` | +| `hub.adminUser` | Hub Dummy authenticator admin user | `user` | +| `hub.password` | Hub Dummy authenticator password | `""` | +| `hub.configuration` | Hub configuration file (to be used by jupyterhub_config.py) | `""` | +| `hub.existingConfigmap` | Configmap with Hub init scripts (replaces the scripts in templates/hub/configmap.yml) | `""` | +| `hub.existingSecret` | Secret with hub configuration (replaces the hub.configuration value) and proxy token | `""` | +| `hub.command` | Override Hub default command | `[]` | +| `hub.args` | Override Hub default args | `[]` | +| `hub.extraEnvVars` | Add extra environment variables to the Hub container | `[]` | +| `hub.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `hub.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `hub.containerPorts.http` | Hub container port | `8081` | +| `hub.startupProbe.enabled` | Enable startupProbe on Hub containers | `true` | +| `hub.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `hub.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `hub.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `hub.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `hub.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `hub.livenessProbe.enabled` | Enable livenessProbe on Hub containers | `true` | +| `hub.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `hub.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `hub.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `hub.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | +| `hub.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `hub.readinessProbe.enabled` | Enable readinessProbe on Hub containers | `true` | +| `hub.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `hub.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `hub.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `hub.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | +| `hub.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `hub.customStartupProbe` | Override default startup probe | `{}` | +| `hub.customLivenessProbe` | Override default liveness probe | `{}` | +| `hub.customReadinessProbe` | Override default readiness probe | `{}` | +| `hub.resources.limits` | The resources limits for the Hub containers | `{}` | +| `hub.resources.requests` | The requested resources for the Hub containers | `{}` | +| `hub.containerSecurityContext.enabled` | Enabled Hub containers' Security Context | `true` | +| `hub.containerSecurityContext.runAsUser` | Set Hub container's Security Context runAsUser | `1000` | +| `hub.containerSecurityContext.runAsNonRoot` | Set Hub container's Security Context runAsNonRoot | `true` | +| `hub.podSecurityContext.enabled` | Enabled Hub pods' Security Context | `true` | +| `hub.podSecurityContext.fsGroup` | Set Hub pod's Security Context fsGroup | `1001` | +| `hub.lifecycleHooks` | LifecycleHooks for the Hub container to automate configuration before or after startup | `{}` | +| `hub.hostAliases` | Add deployment host aliases | `[]` | +| `hub.podLabels` | Add extra labels to the Hub pods | `{}` | +| `hub.podAnnotations` | Add extra annotations to the Hub pods | `{}` | +| `hub.podAffinityPreset` | Pod affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `hub.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `hub.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `hub.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `hub.nodeAffinityPreset.key` | Node label key to match. Ignored if `hub.affinity` is set | `""` | +| `hub.nodeAffinityPreset.values` | Node label values to match. Ignored if `hub.affinity` is set | `[]` | +| `hub.affinity` | Affinity for pod assignment. | `{}` | +| `hub.nodeSelector` | Node labels for pod assignment. | `{}` | +| `hub.tolerations` | Tolerations for pod assignment. | `[]` | +| `hub.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `hub.priorityClassName` | Priority Class Name | `""` | +| `hub.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `hub.terminationGracePeriodSeconds` | Seconds Hub pod needs to terminate gracefully | `""` | +| `hub.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `hub.updateStrategy.rollingUpdate` | Hub deployment rolling update configuration parameters | `{}` | +| `hub.extraVolumes` | Optionally specify extra list of additional volumes for Hub pods | `[]` | +| `hub.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Hub container(s) | `[]` | +| `hub.initContainers` | Add additional init containers to the Hub pods | `[]` | +| `hub.sidecars` | Add additional sidecar containers to the Hub pod | `[]` | +| `hub.pdb.create` | Deploy Hub PodDisruptionBudget | `false` | +| `hub.pdb.minAvailable` | Set minimum available hub instances | `""` | +| `hub.pdb.maxUnavailable` | Set maximum available hub instances | `""` | ### Hub RBAC parameters @@ -205,77 +209,77 @@ The command removes all the Kubernetes components associated with the chart and ### Proxy deployment parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------------- | -| `proxy.image.registry` | Proxy image registry | `docker.io` | -| `proxy.image.repository` | Proxy image repository | `bitnami/configurable-http-proxy` | -| `proxy.image.tag` | Proxy image tag (immutable tags are recommended) | `4.6.0-debian-11-r16` | -| `proxy.image.digest` | Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `proxy.image.pullPolicy` | Proxy image pull policy | `IfNotPresent` | -| `proxy.image.pullSecrets` | Proxy image pull secrets | `[]` | -| `proxy.image.debug` | Activate verbose output | `false` | -| `proxy.secretToken` | Proxy secret token (used for communication with the Hub) | `""` | -| `proxy.command` | Override Proxy default command | `[]` | -| `proxy.args` | Override Proxy default args | `[]` | -| `proxy.extraEnvVars` | Add extra environment variables to the Proxy container | `[]` | -| `proxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `proxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | -| `proxy.containerPort.api` | Proxy api container port | `8001` | -| `proxy.containerPort.metrics` | Proxy metrics container port | `8002` | -| `proxy.containerPort.http` | Proxy http container port | `8000` | -| `proxy.startupProbe.enabled` | Enable startupProbe on Proxy containers | `true` | -| `proxy.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `proxy.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `proxy.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `proxy.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `proxy.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `proxy.livenessProbe.enabled` | Enable livenessProbe on Proxy containers | `true` | -| `proxy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `proxy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `proxy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `proxy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | -| `proxy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `proxy.readinessProbe.enabled` | Enable readinessProbe on Proxy containers | `true` | -| `proxy.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `proxy.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `proxy.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `proxy.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | -| `proxy.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `proxy.customStartupProbe` | Override default startup probe | `{}` | -| `proxy.customLivenessProbe` | Override default liveness probe | `{}` | -| `proxy.customReadinessProbe` | Override default readiness probe | `{}` | -| `proxy.resources.limits` | The resources limits for the Proxy containers | `{}` | -| `proxy.resources.requests` | The requested resources for the Proxy containers | `{}` | -| `proxy.containerSecurityContext.enabled` | Enabled Proxy containers' Security Context | `true` | -| `proxy.containerSecurityContext.runAsUser` | Set Proxy container's Security Context runAsUser | `1001` | -| `proxy.containerSecurityContext.runAsNonRoot` | Set Proxy container's Security Context runAsNonRoot | `true` | -| `proxy.podSecurityContext.enabled` | Enabled Proxy pods' Security Context | `true` | -| `proxy.podSecurityContext.fsGroup` | Set Proxy pod's Security Context fsGroup | `1001` | -| `proxy.lifecycleHooks` | Add lifecycle hooks to the Proxy deployment | `{}` | -| `proxy.hostAliases` | Add deployment host aliases | `[]` | -| `proxy.podLabels` | Add extra labels to the Proxy pods | `{}` | -| `proxy.podAnnotations` | Add extra annotations to the Proxy pods | `{}` | -| `proxy.podAffinityPreset` | Pod affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `proxy.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `proxy.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `proxy.nodeAffinityPreset.key` | Node label key to match. Ignored if `proxy.affinity` is set | `""` | -| `proxy.nodeAffinityPreset.values` | Node label values to match. Ignored if `proxy.affinity` is set | `[]` | -| `proxy.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `proxy.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `proxy.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `proxy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `proxy.priorityClassName` | Priority Class Name | `""` | -| `proxy.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `proxy.terminationGracePeriodSeconds` | Seconds Proxy pod needs to terminate gracefully | `""` | -| `proxy.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `proxy.updateStrategy.rollingUpdate` | Proxy deployment rolling update configuration parameters | `{}` | -| `proxy.extraVolumes` | Optionally specify extra list of additional volumes for Proxy pods | `[]` | -| `proxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Proxy container(s) | `[]` | -| `proxy.initContainers` | Add additional init containers to the Proxy pods | `[]` | -| `proxy.sidecars` | Add additional sidecar containers to the Proxy pod | `[]` | -| `proxy.pdb.create` | Deploy Proxy PodDisruptionBudget | `false` | -| `proxy.pdb.minAvailable` | Set minimum available proxy instances | `""` | -| `proxy.pdb.maxUnavailable` | Set maximum available proxy instances | `""` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------- | +| `proxy.image.registry` | Proxy image registry | `REGISTRY_NAME` | +| `proxy.image.repository` | Proxy image repository | `REPOSITORY_NAME/configurable-http-proxy` | +| `proxy.image.tag` | Proxy image tag (immutable tags are recommended) | `4.6.0-debian-11-r16` | +| `proxy.image.digest` | Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `proxy.image.pullPolicy` | Proxy image pull policy | `IfNotPresent` | +| `proxy.image.pullSecrets` | Proxy image pull secrets | `[]` | +| `proxy.image.debug` | Activate verbose output | `false` | +| `proxy.secretToken` | Proxy secret token (used for communication with the Hub) | `""` | +| `proxy.command` | Override Proxy default command | `[]` | +| `proxy.args` | Override Proxy default args | `[]` | +| `proxy.extraEnvVars` | Add extra environment variables to the Proxy container | `[]` | +| `proxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `proxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| `proxy.containerPort.api` | Proxy api container port | `8001` | +| `proxy.containerPort.metrics` | Proxy metrics container port | `8002` | +| `proxy.containerPort.http` | Proxy http container port | `8000` | +| `proxy.startupProbe.enabled` | Enable startupProbe on Proxy containers | `true` | +| `proxy.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `proxy.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `proxy.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `proxy.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `proxy.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `proxy.livenessProbe.enabled` | Enable livenessProbe on Proxy containers | `true` | +| `proxy.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `proxy.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `proxy.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `proxy.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `30` | +| `proxy.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `proxy.readinessProbe.enabled` | Enable readinessProbe on Proxy containers | `true` | +| `proxy.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `proxy.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `proxy.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `proxy.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `30` | +| `proxy.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `proxy.customStartupProbe` | Override default startup probe | `{}` | +| `proxy.customLivenessProbe` | Override default liveness probe | `{}` | +| `proxy.customReadinessProbe` | Override default readiness probe | `{}` | +| `proxy.resources.limits` | The resources limits for the Proxy containers | `{}` | +| `proxy.resources.requests` | The requested resources for the Proxy containers | `{}` | +| `proxy.containerSecurityContext.enabled` | Enabled Proxy containers' Security Context | `true` | +| `proxy.containerSecurityContext.runAsUser` | Set Proxy container's Security Context runAsUser | `1001` | +| `proxy.containerSecurityContext.runAsNonRoot` | Set Proxy container's Security Context runAsNonRoot | `true` | +| `proxy.podSecurityContext.enabled` | Enabled Proxy pods' Security Context | `true` | +| `proxy.podSecurityContext.fsGroup` | Set Proxy pod's Security Context fsGroup | `1001` | +| `proxy.lifecycleHooks` | Add lifecycle hooks to the Proxy deployment | `{}` | +| `proxy.hostAliases` | Add deployment host aliases | `[]` | +| `proxy.podLabels` | Add extra labels to the Proxy pods | `{}` | +| `proxy.podAnnotations` | Add extra annotations to the Proxy pods | `{}` | +| `proxy.podAffinityPreset` | Pod affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `proxy.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `proxy.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `proxy.nodeAffinityPreset.key` | Node label key to match. Ignored if `proxy.affinity` is set | `""` | +| `proxy.nodeAffinityPreset.values` | Node label values to match. Ignored if `proxy.affinity` is set | `[]` | +| `proxy.affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `proxy.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `proxy.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `proxy.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `proxy.priorityClassName` | Priority Class Name | `""` | +| `proxy.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `proxy.terminationGracePeriodSeconds` | Seconds Proxy pod needs to terminate gracefully | `""` | +| `proxy.updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `proxy.updateStrategy.rollingUpdate` | Proxy deployment rolling update configuration parameters | `{}` | +| `proxy.extraVolumes` | Optionally specify extra list of additional volumes for Proxy pods | `[]` | +| `proxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Proxy container(s) | `[]` | +| `proxy.initContainers` | Add additional init containers to the Proxy pods | `[]` | +| `proxy.sidecars` | Add additional sidecar containers to the Proxy pod | `[]` | +| `proxy.pdb.create` | Deploy Proxy PodDisruptionBudget | `false` | +| `proxy.pdb.minAvailable` | Set minimum available proxy instances | `""` | +| `proxy.pdb.maxUnavailable` | Set maximum available proxy instances | `""` | ### Proxy RBAC Parameters @@ -403,35 +407,35 @@ The command removes all the Kubernetes components associated with the chart and ### Singleuser deployment parameters -| Name | Description | Value | -| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------------- | ------------------------------------ | -| `singleuser.image.registry` | Single User image registry | `docker.io` | -| `singleuser.image.repository` | Single User image repository | `bitnami/jupyter-base-notebook` | -| `singleuser.image.tag` | Single User image tag (immutabe tags are recommended) | `4.0.2-debian-11-r55` | -| `singleuser.image.digest` | Single User image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `singleuser.image.pullPolicy` | Single User image pull policy | `IfNotPresent` | -| `singleuser.image.pullSecrets` | Single User image pull secrets | `[]` | -| `singleuser.notebookDir` | Notebook directory (it will be the same as the PVC volume mount) | `/opt/bitnami/jupyterhub-singleuser` | -| `singleuser.allowPrivilegeEscalation` | Controls whether a process can gain more privileges than its parent process | `false` | -| `singleuser.command` | Override Single User default command | `[]` | -| `singleuser.extraEnvVars` | Extra environment variables that should be set for the user pods | `[]` | -| `singleuser.containerPort` | Single User container port | `8888` | -| `singleuser.resources.limits` | The resources limits for the Singleuser containers | `{}` | -| `singleuser.resources.requests` | The requested resources for the Singleuser containers | `{}` | -| `singleuser.containerSecurityContext.enabled` | Enabled Single User containers' Security Context | `true` | -| `singleuser.containerSecurityContext.runAsUser` | Set Single User container's Security Context runAsUser | `1001` | -| `singleuser.podSecurityContext.enabled` | Enabled Single User pods' Security Context | `true` | -| `singleuser.podSecurityContext.fsGroup` | Set Single User pod's Security Context fsGroup | `1001` | -| `singleuser.podLabels` | Extra labels for Single User pods | `{}` | -| `singleuser.podAnnotations` | Annotations for Single User pods | `{}` | -| `singleuser.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `singleuser.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `singleuser.priorityClassName` | Single User pod priority class name | `""` | -| `singleuser.lifecycleHooks` | Add lifecycle hooks to the Single User deployment to automate configuration before or after startup | `{}` | -| `singleuser.extraVolumes` | Optionally specify extra list of additional volumes for Single User pods | `[]` | -| `singleuser.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Single User container(s) | `[]` | -| `singleuser.initContainers` | Add additional init containers to the Single User pods | `[]` | -| `singleuser.sidecars` | Add additional sidecar containers to the Single User pod | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------------- | --------------------------------------- | +| `singleuser.image.registry` | Single User image registry | `REGISTRY_NAME` | +| `singleuser.image.repository` | Single User image repository | `REPOSITORY_NAME/jupyter-base-notebook` | +| `singleuser.image.tag` | Single User image tag (immutabe tags are recommended) | `4.0.2-debian-11-r55` | +| `singleuser.image.digest` | Single User image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `singleuser.image.pullPolicy` | Single User image pull policy | `IfNotPresent` | +| `singleuser.image.pullSecrets` | Single User image pull secrets | `[]` | +| `singleuser.notebookDir` | Notebook directory (it will be the same as the PVC volume mount) | `/opt/bitnami/jupyterhub-singleuser` | +| `singleuser.allowPrivilegeEscalation` | Controls whether a process can gain more privileges than its parent process | `false` | +| `singleuser.command` | Override Single User default command | `[]` | +| `singleuser.extraEnvVars` | Extra environment variables that should be set for the user pods | `[]` | +| `singleuser.containerPort` | Single User container port | `8888` | +| `singleuser.resources.limits` | The resources limits for the Singleuser containers | `{}` | +| `singleuser.resources.requests` | The requested resources for the Singleuser containers | `{}` | +| `singleuser.containerSecurityContext.enabled` | Enabled Single User containers' Security Context | `true` | +| `singleuser.containerSecurityContext.runAsUser` | Set Single User container's Security Context runAsUser | `1001` | +| `singleuser.podSecurityContext.enabled` | Enabled Single User pods' Security Context | `true` | +| `singleuser.podSecurityContext.fsGroup` | Set Single User pod's Security Context fsGroup | `1001` | +| `singleuser.podLabels` | Extra labels for Single User pods | `{}` | +| `singleuser.podAnnotations` | Annotations for Single User pods | `{}` | +| `singleuser.nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `singleuser.tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `singleuser.priorityClassName` | Single User pod priority class name | `""` | +| `singleuser.lifecycleHooks` | Add lifecycle hooks to the Single User deployment to automate configuration before or after startup | `{}` | +| `singleuser.extraVolumes` | Optionally specify extra list of additional volumes for Single User pods | `[]` | +| `singleuser.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Single User container(s) | `[]` | +| `singleuser.initContainers` | Add additional init containers to the Single User pods | `[]` | +| `singleuser.sidecars` | Add additional sidecar containers to the Single User pod | `[]` | ### Single User RBAC parameters @@ -463,14 +467,14 @@ The command removes all the Kubernetes components associated with the chart and ### Auxiliary image parameters -| Name | Description | Value | -| ---------------------------- | --------------------------------------------------------------------------------------------------------- | ------------------ | -| `auxiliaryImage.registry` | Auxiliary image registry | `docker.io` | -| `auxiliaryImage.repository` | Auxiliary image repository | `bitnami/os-shell` | -| `auxiliaryImage.tag` | Auxiliary image tag (immutabe tags are recommended) | `11-debian-11-r90` | -| `auxiliaryImage.digest` | Auxiliary image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `auxiliaryImage.pullPolicy` | Auxiliary image pull policy | `IfNotPresent` | -| `auxiliaryImage.pullSecrets` | Auxiliary image pull secrets | `[]` | +| Name | Description | Value | +| ---------------------------- | --------------------------------------------------------------------------------------------------------- | -------------------------- | +| `auxiliaryImage.registry` | Auxiliary image registry | `REGISTRY_NAME` | +| `auxiliaryImage.repository` | Auxiliary image repository | `REPOSITORY_NAME/os-shell` | +| `auxiliaryImage.tag` | Auxiliary image tag (immutabe tags are recommended) | `11-debian-11-r90` | +| `auxiliaryImage.digest` | Auxiliary image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `auxiliaryImage.pullPolicy` | Auxiliary image pull policy | `IfNotPresent` | +| `auxiliaryImage.pullSecrets` | Auxiliary image pull secrets | `[]` | ### JupyterHub database parameters @@ -496,17 +500,21 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set proxy.livenessProbe.successThreshold=5 \ - oci://registry-1.docker.io/bitnamicharts/jupyterhub + oci://REGISTRY_NAME/REPOSITORY_NAME/jupyterhub ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `proxy.livenessProbe.successThreshold` to `5`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/jupyterhub +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/jupyterhub ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Configuration and installation details ### [Rolling vs Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) diff --git a/bitnami/jupyterhub/values.yaml b/bitnami/jupyterhub/values.yaml index b51dfd9254c479..59377dc2061da2 100644 --- a/bitnami/jupyterhub/values.yaml +++ b/bitnami/jupyterhub/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## @section Hub deployment parameters hub: - ## @param hub.image.registry Hub image registry - ## @param hub.image.repository Hub image repository + ## @param hub.image.registry [default: REGISTRY_NAME] Hub image registry + ## @param hub.image.repository [default: REPOSITORY_NAME/jupyterhub] Hub image repository ## @param hub.image.tag Hub image tag (immutable tags are recommended) ## @param hub.image.digest Hub image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param hub.image.pullPolicy Hub image pull policy @@ -625,8 +625,8 @@ hub: ## @section Proxy deployment parameters proxy: - ## @param proxy.image.registry Proxy image registry - ## @param proxy.image.repository Proxy image repository + ## @param proxy.image.registry [default: REGISTRY_NAME] Proxy image registry + ## @param proxy.image.repository [default: REPOSITORY_NAME/configurable-http-proxy] Proxy image repository ## @param proxy.image.tag Proxy image tag (immutable tags are recommended) ## @param proxy.image.digest Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param proxy.image.pullPolicy Proxy image pull policy @@ -1402,8 +1402,8 @@ imagePuller: ## Singleuser deployment parameters ## NOTE: The values in this section are used for generating the hub.configuration value. In case you provide ## a custom hub.configuration or a configmap, these will be ignored. -## @param singleuser.image.registry Single User image registry -## @param singleuser.image.repository Single User image repository +## @param singleuser.image.registry [default: REGISTRY_NAME] Single User image registry +## @param singleuser.image.repository [default: REPOSITORY_NAME/jupyter-base-notebook] Single User image repository ## @param singleuser.image.tag Single User image tag (immutabe tags are recommended) ## @param singleuser.image.digest Single User image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param singleuser.image.pullPolicy Single User image pull policy @@ -1587,8 +1587,8 @@ singleuser: ## @section Auxiliary image parameters ## -## @param auxiliaryImage.registry Auxiliary image registry -## @param auxiliaryImage.repository Auxiliary image repository +## @param auxiliaryImage.registry [default: REGISTRY_NAME] Auxiliary image registry +## @param auxiliaryImage.repository [default: REPOSITORY_NAME/os-shell] Auxiliary image repository ## @param auxiliaryImage.tag Auxiliary image tag (immutabe tags are recommended) ## @param auxiliaryImage.digest Auxiliary image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param auxiliaryImage.pullPolicy Auxiliary image pull policy diff --git a/bitnami/kafka/README.md b/bitnami/kafka/README.md index aa45f9239fea5d..bf92d18c0b20cd 100644 --- a/bitnami/kafka/README.md +++ b/bitnami/kafka/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kafka +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kafka ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Kafka](https://github.com/bitnami/containers/tree/main/bitnami/kafka) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Apache Kafka in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kafka +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kafka ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Kafka on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,45 +82,45 @@ The command removes all the Kubernetes components associated with the chart and ### Kafka parameters -| Name | Description | Value | -| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Kafka image registry | `docker.io` | -| `image.repository` | Kafka image repository | `bitnami/kafka` | -| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.6.0-debian-11-r0` | -| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `extraInit` | Additional content for the kafka init script, rendered as a template. | `""` | -| `config` | Configuration file for Kafka, rendered as a template. Auto-generated based on chart values when not specified. | `""` | -| `existingConfigmap` | ConfigMap with Kafka Configuration | `""` | -| `extraConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | -| `secretConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | -| `existingSecretConfig` | Secret with additonal configuration that will be appended to the end of the generated Kafka configuration file | `""` | -| `log4j` | An optional log4j.properties file to overwrite the default of the Kafka brokers | `""` | -| `existingLog4jConfigMap` | The name of an existing ConfigMap containing a log4j.properties file | `""` | -| `heapOpts` | Kafka Java Heap size | `-Xmx1024m -Xms1024m` | -| `interBrokerProtocolVersion` | Override the setting 'inter.broker.protocol.version' during the ZK migration. | `""` | -| `listeners.client.name` | Name for the Kafka client listener | `CLIENT` | -| `listeners.client.containerPort` | Port for the Kafka client listener | `9092` | -| `listeners.client.protocol` | Security protocol for the Kafka client listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | -| `listeners.client.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | -| `listeners.controller.name` | Name for the Kafka controller listener | `CONTROLLER` | -| `listeners.controller.containerPort` | Port for the Kafka controller listener | `9093` | -| `listeners.controller.protocol` | Security protocol for the Kafka controller listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | -| `listeners.controller.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | -| `listeners.interbroker.name` | Name for the Kafka inter-broker listener | `INTERNAL` | -| `listeners.interbroker.containerPort` | Port for the Kafka inter-broker listener | `9094` | -| `listeners.interbroker.protocol` | Security protocol for the Kafka inter-broker listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | -| `listeners.interbroker.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | -| `listeners.external.containerPort` | Port for the Kafka external listener | `9095` | -| `listeners.external.protocol` | Security protocol for the Kafka external listener. . Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | -| `listeners.external.name` | Name for the Kafka external listener | `EXTERNAL` | -| `listeners.external.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.sslClientAuth for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | -| `listeners.extraListeners` | Array of listener objects to be appended to already existing listeners | `[]` | -| `listeners.overrideListeners` | Overrides the Kafka 'listeners' configuration setting. | `""` | -| `listeners.advertisedListeners` | Overrides the Kafka 'advertised.listener' configuration setting. | `""` | -| `listeners.securityProtocolMap` | Overrides the Kafka 'security.protocol.map' configuration setting. | `""` | +| Name | Description | Value | +| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Kafka image registry | `REGISTRY_NAME` | +| `image.repository` | Kafka image repository | `REPOSITORY_NAME/kafka` | +| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.6.0-debian-11-r0` | +| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `extraInit` | Additional content for the kafka init script, rendered as a template. | `""` | +| `config` | Configuration file for Kafka, rendered as a template. Auto-generated based on chart values when not specified. | `""` | +| `existingConfigmap` | ConfigMap with Kafka Configuration | `""` | +| `extraConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | +| `secretConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | +| `existingSecretConfig` | Secret with additonal configuration that will be appended to the end of the generated Kafka configuration file | `""` | +| `log4j` | An optional log4j.properties file to overwrite the default of the Kafka brokers | `""` | +| `existingLog4jConfigMap` | The name of an existing ConfigMap containing a log4j.properties file | `""` | +| `heapOpts` | Kafka Java Heap size | `-Xmx1024m -Xms1024m` | +| `interBrokerProtocolVersion` | Override the setting 'inter.broker.protocol.version' during the ZK migration. | `""` | +| `listeners.client.name` | Name for the Kafka client listener | `CLIENT` | +| `listeners.client.containerPort` | Port for the Kafka client listener | `9092` | +| `listeners.client.protocol` | Security protocol for the Kafka client listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.client.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.controller.name` | Name for the Kafka controller listener | `CONTROLLER` | +| `listeners.controller.containerPort` | Port for the Kafka controller listener | `9093` | +| `listeners.controller.protocol` | Security protocol for the Kafka controller listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.controller.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.interbroker.name` | Name for the Kafka inter-broker listener | `INTERNAL` | +| `listeners.interbroker.containerPort` | Port for the Kafka inter-broker listener | `9094` | +| `listeners.interbroker.protocol` | Security protocol for the Kafka inter-broker listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.interbroker.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.external.containerPort` | Port for the Kafka external listener | `9095` | +| `listeners.external.protocol` | Security protocol for the Kafka external listener. . Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.external.name` | Name for the Kafka external listener | `EXTERNAL` | +| `listeners.external.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.sslClientAuth for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.extraListeners` | Array of listener objects to be appended to already existing listeners | `[]` | +| `listeners.overrideListeners` | Overrides the Kafka 'listeners' configuration setting. | `""` | +| `listeners.advertisedListeners` | Overrides the Kafka 'advertised.listener' configuration setting. | `""` | +| `listeners.securityProtocolMap` | Overrides the Kafka 'security.protocol.map' configuration setting. | `""` | ### Kafka SASL parameters @@ -379,88 +383,88 @@ The command removes all the Kubernetes components associated with the chart and ### Traffic Exposure parameters -| Name | Description | Value | -| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.ports.client` | Kafka svc port for client connections | `9092` | -| `service.ports.controller` | Kafka svc port for controller connections. It is used if "kraft.enabled: true" | `9093` | -| `service.ports.interbroker` | Kafka svc port for inter-broker connections | `9094` | -| `service.ports.external` | Kafka svc port for external connections | `9095` | -| `service.extraPorts` | Extra ports to expose in the Kafka service (normally used with the `sidecar` value) | `[]` | -| `service.nodePorts.client` | Node port for the Kafka client connections | `""` | -| `service.nodePorts.external` | Node port for the Kafka external connections | `""` | -| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.clusterIP` | Kafka service Cluster IP | `""` | -| `service.loadBalancerIP` | Kafka service Load Balancer IP | `""` | -| `service.loadBalancerSourceRanges` | Kafka service Load Balancer sources | `[]` | -| `service.externalTrafficPolicy` | Kafka service external traffic policy | `Cluster` | -| `service.annotations` | Additional custom annotations for Kafka service | `{}` | -| `service.headless.controller.annotations` | Annotations for the controller-eligible headless service. | `{}` | -| `service.headless.controller.labels` | Labels for the controller-eligible headless service. | `{}` | -| `service.headless.broker.annotations` | Annotations for the broker-only headless service. | `{}` | -| `service.headless.broker.labels` | Labels for the broker-only headless service. | `{}` | -| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` | -| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` | -| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` | -| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` | -| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | -| `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | -| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | -| `externalAccess.autoDiscovery.resources.limits` | The resources limits for the auto-discovery init container | `{}` | -| `externalAccess.autoDiscovery.resources.requests` | The requested resources for the auto-discovery init container | `{}` | -| `externalAccess.controller.forceExpose` | If set to true, force exposing controller-eligible nodes although they are configured as controller-only nodes | `false` | -| `externalAccess.controller.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | -| `externalAccess.controller.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | -| `externalAccess.controller.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.controller.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.controller.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.controller.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | -| `externalAccess.controller.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.controller.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | -| `externalAccess.controller.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | -| `externalAccess.controller.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | -| `externalAccess.controller.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | -| `externalAccess.controller.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | -| `externalAccess.controller.service.labels` | Service labels for external access | `{}` | -| `externalAccess.controller.service.annotations` | Service annotations for external access | `{}` | -| `externalAccess.controller.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | -| `externalAccess.broker.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | -| `externalAccess.broker.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | -| `externalAccess.broker.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.broker.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.broker.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.broker.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | -| `externalAccess.broker.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | -| `externalAccess.broker.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | -| `externalAccess.broker.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | -| `externalAccess.broker.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | -| `externalAccess.broker.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | -| `externalAccess.broker.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | -| `externalAccess.broker.service.labels` | Service labels for external access | `{}` | -| `externalAccess.broker.service.annotations` | Service annotations for external access | `{}` | -| `externalAccess.broker.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | -| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` | -| `networkPolicy.externalAccess.from` | customize the from section for External Access on tcp-external port | `[]` | -| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.ports.client` | Kafka svc port for client connections | `9092` | +| `service.ports.controller` | Kafka svc port for controller connections. It is used if "kraft.enabled: true" | `9093` | +| `service.ports.interbroker` | Kafka svc port for inter-broker connections | `9094` | +| `service.ports.external` | Kafka svc port for external connections | `9095` | +| `service.extraPorts` | Extra ports to expose in the Kafka service (normally used with the `sidecar` value) | `[]` | +| `service.nodePorts.client` | Node port for the Kafka client connections | `""` | +| `service.nodePorts.external` | Node port for the Kafka external connections | `""` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.clusterIP` | Kafka service Cluster IP | `""` | +| `service.loadBalancerIP` | Kafka service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | Kafka service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | Kafka service external traffic policy | `Cluster` | +| `service.annotations` | Additional custom annotations for Kafka service | `{}` | +| `service.headless.controller.annotations` | Annotations for the controller-eligible headless service. | `{}` | +| `service.headless.controller.labels` | Labels for the controller-eligible headless service. | `{}` | +| `service.headless.broker.annotations` | Annotations for the broker-only headless service. | `{}` | +| `service.headless.broker.labels` | Labels for the broker-only headless service. | `{}` | +| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` | +| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` | +| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `REGISTRY_NAME` | +| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `REPOSITORY_NAME/kubectl` | +| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | +| `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | +| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | +| `externalAccess.autoDiscovery.resources.limits` | The resources limits for the auto-discovery init container | `{}` | +| `externalAccess.autoDiscovery.resources.requests` | The requested resources for the auto-discovery init container | `{}` | +| `externalAccess.controller.forceExpose` | If set to true, force exposing controller-eligible nodes although they are configured as controller-only nodes | `false` | +| `externalAccess.controller.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | +| `externalAccess.controller.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | +| `externalAccess.controller.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.controller.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | +| `externalAccess.controller.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | +| `externalAccess.controller.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | +| `externalAccess.controller.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | +| `externalAccess.controller.service.labels` | Service labels for external access | `{}` | +| `externalAccess.controller.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.controller.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | +| `externalAccess.broker.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | +| `externalAccess.broker.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | +| `externalAccess.broker.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.broker.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | +| `externalAccess.broker.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | +| `externalAccess.broker.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | +| `externalAccess.broker.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | +| `externalAccess.broker.service.labels` | Service labels for external access | `{}` | +| `externalAccess.broker.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.broker.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | +| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` | +| `networkPolicy.externalAccess.from` | customize the from section for External Access on tcp-external port | `[]` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Other Parameters @@ -477,8 +481,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ----------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | | `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` | -| `metrics.kafka.image.registry` | Kafka exporter image registry | `docker.io` | -| `metrics.kafka.image.repository` | Kafka exporter image repository | `bitnami/kafka-exporter` | +| `metrics.kafka.image.registry` | Kafka exporter image registry | `REGISTRY_NAME` | +| `metrics.kafka.image.repository` | Kafka exporter image repository | `REPOSITORY_NAME/kafka-exporter` | | `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.7.0-debian-11-r132` | | `metrics.kafka.image.digest` | Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` | @@ -531,8 +535,8 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.kafka.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | | `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | | `metrics.jmx.kafkaJmxPort` | JMX port where the exporter will collect metrics, exposed in the Kafka container. | `5555` | -| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` | -| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` | +| `metrics.jmx.image.registry` | JMX exporter image registry | `REGISTRY_NAME` | +| `metrics.jmx.image.repository` | JMX exporter image repository | `REPOSITORY_NAME/jmx-exporter` | | `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r95` | | `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | @@ -656,17 +660,20 @@ The command removes all the Kubernetes components associated with the chart and ```console helm install my-release \ --set replicaCount=3 \ - oci://registry-1.docker.io/bitnamicharts/kafka + oci://REGISTRY_NAME/REPOSITORY_NAME/kafka ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command deploys Kafka with 3 brokers (replicas). Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kafka +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kafka ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -1398,10 +1405,12 @@ Backwards compatibility is not guaranteed when Kafka metrics are enabled, unless Use the workaround below to upgrade from versions previous to 7.0.0. The following example assumes that the release name is kafka: ```console -helm upgrade kafka oci://registry-1.docker.io/bitnamicharts/kafka --version 6.1.8 --set metrics.kafka.enabled=false -helm upgrade kafka oci://registry-1.docker.io/bitnamicharts/kafka --version 7.0.0 --set metrics.kafka.enabled=true +helm upgrade kafka oci://REGISTRY_NAME/REPOSITORY_NAME/kafka --version 6.1.8 --set metrics.kafka.enabled=false +helm upgrade kafka oci://REGISTRY_NAME/REPOSITORY_NAME/kafka --version 7.0.0 --set metrics.kafka.enabled=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 2.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/kafka/values.yaml b/bitnami/kafka/values.yaml index 87a5fa12dc9f49..1d281eb9c35505 100644 --- a/bitnami/kafka/values.yaml +++ b/bitnami/kafka/values.yaml @@ -69,8 +69,8 @@ diagnosticMode: ## Bitnami Kafka image version ## ref: https://hub.docker.com/r/bitnami/kafka/tags/ -## @param image.registry Kafka image registry -## @param image.repository Kafka image repository +## @param image.registry [default: REGISTRY_NAME] Kafka image registry +## @param image.repository [default: REPOSITORY_NAME/kafka] Kafka image repository ## @param image.tag Kafka image tag (immutable tags are recommended) ## @param image.digest Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Kafka image pull policy @@ -1293,8 +1293,8 @@ externalAccess: enabled: false ## Bitnami Kubectl image ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ - ## @param externalAccess.autoDiscovery.image.registry Init container auto-discovery image registry - ## @param externalAccess.autoDiscovery.image.repository Init container auto-discovery image repository + ## @param externalAccess.autoDiscovery.image.registry [default: REGISTRY_NAME] Init container auto-discovery image registry + ## @param externalAccess.autoDiscovery.image.repository [default: REPOSITORY_NAME/kubectl] Init container auto-discovery image repository ## @param externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended) ## @param externalAccess.autoDiscovery.image.digest Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy @@ -1543,8 +1543,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -1625,8 +1625,8 @@ metrics: enabled: false ## Bitnami Kafka exporter image ## ref: https://hub.docker.com/r/bitnami/kafka-exporter/tags/ - ## @param metrics.kafka.image.registry Kafka exporter image registry - ## @param metrics.kafka.image.repository Kafka exporter image repository + ## @param metrics.kafka.image.registry [default: REGISTRY_NAME] Kafka exporter image registry + ## @param metrics.kafka.image.repository [default: REPOSITORY_NAME/kafka-exporter] Kafka exporter image repository ## @param metrics.kafka.image.tag Kafka exporter image tag (immutable tags are recommended) ## @param metrics.kafka.image.digest Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.kafka.image.pullPolicy Kafka exporter image pull policy @@ -1879,8 +1879,8 @@ metrics: kafkaJmxPort: 5555 ## Bitnami JMX exporter image ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/ - ## @param metrics.jmx.image.registry JMX exporter image registry - ## @param metrics.jmx.image.repository JMX exporter image repository + ## @param metrics.jmx.image.registry [default: REGISTRY_NAME] JMX exporter image registry + ## @param metrics.jmx.image.repository [default: REPOSITORY_NAME/jmx-exporter] JMX exporter image repository ## @param metrics.jmx.image.tag JMX exporter image tag (immutable tags are recommended) ## @param metrics.jmx.image.digest JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.jmx.image.pullPolicy JMX exporter image pull policy diff --git a/bitnami/keycloak/README.md b/bitnami/keycloak/README.md index 55cb7916348074..bfd7c4c9140022 100644 --- a/bitnami/keycloak/README.md +++ b/bitnami/keycloak/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/keycloak +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/keycloak ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -34,9 +36,11 @@ Looking to use Keycloak in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/keycloak +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/keycloak ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy a Keycloak application on the Kubernetes cluster in the default configuration. > **Tip**: List all releases using `helm list` @@ -84,8 +88,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `image.registry` | Keycloak image registry | `docker.io` | -| `image.repository` | Keycloak image repository | `bitnami/keycloak` | +| `image.registry` | Keycloak image registry | `REGISTRY_NAME` | +| `image.repository` | Keycloak image repository | `REPOSITORY_NAME/keycloak` | | `image.tag` | Keycloak image tag (immutable tags are recommended) | `22.0.4-debian-11-r3` | | `image.digest` | Keycloak image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Keycloak image pull policy | `IfNotPresent` | @@ -277,42 +281,42 @@ The command removes all the Kubernetes components associated with the chart and ### keycloak-config-cli parameters -| Name | Description | Value | -| --------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `keycloakConfigCli.enabled` | Whether to enable keycloak-config-cli job | `false` | -| `keycloakConfigCli.image.registry` | keycloak-config-cli container image registry | `docker.io` | -| `keycloakConfigCli.image.repository` | keycloak-config-cli container image repository | `bitnami/keycloak-config-cli` | -| `keycloakConfigCli.image.tag` | keycloak-config-cli container image tag | `5.9.0-debian-11-r0` | -| `keycloakConfigCli.image.digest` | keycloak-config-cli container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `keycloakConfigCli.image.pullPolicy` | keycloak-config-cli container image pull policy | `IfNotPresent` | -| `keycloakConfigCli.image.pullSecrets` | keycloak-config-cli container image pull secrets | `[]` | -| `keycloakConfigCli.annotations` | Annotations for keycloak-config-cli job | `{}` | -| `keycloakConfigCli.command` | Command for running the container (set to default if not set). Use array form | `[]` | -| `keycloakConfigCli.args` | Args for running the container (set to default if not set). Use array form | `[]` | -| `keycloakConfigCli.hostAliases` | Job pod host aliases | `[]` | -| `keycloakConfigCli.resources.limits` | The resources limits for the keycloak-config-cli container | `{}` | -| `keycloakConfigCli.resources.requests` | The requested resources for the keycloak-config-cli container | `{}` | -| `keycloakConfigCli.containerSecurityContext.enabled` | Enabled keycloak-config-cli containers' Security Context | `true` | -| `keycloakConfigCli.containerSecurityContext.runAsUser` | Set keycloak-config-cli container's Security Context runAsUser | `1001` | -| `keycloakConfigCli.containerSecurityContext.runAsNonRoot` | Set keycloak-config-cli container's Security Context runAsNonRoot | `true` | -| `keycloakConfigCli.podSecurityContext.enabled` | Enabled keycloak-config-cli pods' Security Context | `true` | -| `keycloakConfigCli.podSecurityContext.fsGroup` | Set keycloak-config-cli pod's Security Context fsGroup | `1001` | -| `keycloakConfigCli.backoffLimit` | Number of retries before considering a Job as failed | `1` | -| `keycloakConfigCli.podLabels` | Pod extra labels | `{}` | -| `keycloakConfigCli.podAnnotations` | Annotations for job pod | `{}` | -| `keycloakConfigCli.extraEnvVars` | Additional environment variables to set | `[]` | -| `keycloakConfigCli.nodeSelector` | Node labels for pod assignment | `{}` | -| `keycloakConfigCli.podTolerations` | Tolerations for job pod assignment | `[]` | -| `keycloakConfigCli.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `keycloakConfigCli.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `keycloakConfigCli.extraVolumes` | Extra volumes to add to the job | `[]` | -| `keycloakConfigCli.extraVolumeMounts` | Extra volume mounts to add to the container | `[]` | -| `keycloakConfigCli.initContainers` | Add additional init containers to the Keycloak config cli pod | `[]` | -| `keycloakConfigCli.sidecars` | Add additional sidecar containers to the Keycloak config cli pod | `[]` | -| `keycloakConfigCli.configuration` | keycloak-config-cli realms configuration | `{}` | -| `keycloakConfigCli.existingConfigmap` | ConfigMap with keycloak-config-cli configuration | `""` | -| `keycloakConfigCli.cleanupAfterFinished.enabled` | Enables Cleanup for Finished Jobs | `false` | -| `keycloakConfigCli.cleanupAfterFinished.seconds` | Sets the value of ttlSecondsAfterFinished | `600` | +| Name | Description | Value | +| --------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | +| `keycloakConfigCli.enabled` | Whether to enable keycloak-config-cli job | `false` | +| `keycloakConfigCli.image.registry` | keycloak-config-cli container image registry | `REGISTRY_NAME` | +| `keycloakConfigCli.image.repository` | keycloak-config-cli container image repository | `REPOSITORY_NAME/keycloak-config-cli` | +| `keycloakConfigCli.image.tag` | keycloak-config-cli container image tag | `5.9.0-debian-11-r0` | +| `keycloakConfigCli.image.digest` | keycloak-config-cli container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `keycloakConfigCli.image.pullPolicy` | keycloak-config-cli container image pull policy | `IfNotPresent` | +| `keycloakConfigCli.image.pullSecrets` | keycloak-config-cli container image pull secrets | `[]` | +| `keycloakConfigCli.annotations` | Annotations for keycloak-config-cli job | `{}` | +| `keycloakConfigCli.command` | Command for running the container (set to default if not set). Use array form | `[]` | +| `keycloakConfigCli.args` | Args for running the container (set to default if not set). Use array form | `[]` | +| `keycloakConfigCli.hostAliases` | Job pod host aliases | `[]` | +| `keycloakConfigCli.resources.limits` | The resources limits for the keycloak-config-cli container | `{}` | +| `keycloakConfigCli.resources.requests` | The requested resources for the keycloak-config-cli container | `{}` | +| `keycloakConfigCli.containerSecurityContext.enabled` | Enabled keycloak-config-cli containers' Security Context | `true` | +| `keycloakConfigCli.containerSecurityContext.runAsUser` | Set keycloak-config-cli container's Security Context runAsUser | `1001` | +| `keycloakConfigCli.containerSecurityContext.runAsNonRoot` | Set keycloak-config-cli container's Security Context runAsNonRoot | `true` | +| `keycloakConfigCli.podSecurityContext.enabled` | Enabled keycloak-config-cli pods' Security Context | `true` | +| `keycloakConfigCli.podSecurityContext.fsGroup` | Set keycloak-config-cli pod's Security Context fsGroup | `1001` | +| `keycloakConfigCli.backoffLimit` | Number of retries before considering a Job as failed | `1` | +| `keycloakConfigCli.podLabels` | Pod extra labels | `{}` | +| `keycloakConfigCli.podAnnotations` | Annotations for job pod | `{}` | +| `keycloakConfigCli.extraEnvVars` | Additional environment variables to set | `[]` | +| `keycloakConfigCli.nodeSelector` | Node labels for pod assignment | `{}` | +| `keycloakConfigCli.podTolerations` | Tolerations for job pod assignment | `[]` | +| `keycloakConfigCli.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `keycloakConfigCli.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `keycloakConfigCli.extraVolumes` | Extra volumes to add to the job | `[]` | +| `keycloakConfigCli.extraVolumeMounts` | Extra volume mounts to add to the container | `[]` | +| `keycloakConfigCli.initContainers` | Add additional init containers to the Keycloak config cli pod | `[]` | +| `keycloakConfigCli.sidecars` | Add additional sidecar containers to the Keycloak config cli pod | `[]` | +| `keycloakConfigCli.configuration` | keycloak-config-cli realms configuration | `{}` | +| `keycloakConfigCli.existingConfigmap` | ConfigMap with keycloak-config-cli configuration | `""` | +| `keycloakConfigCli.cleanupAfterFinished.enabled` | Enables Cleanup for Finished Jobs | `false` | +| `keycloakConfigCli.cleanupAfterFinished.seconds` | Sets the value of ttlSecondsAfterFinished | `600` | ### Database parameters @@ -356,9 +360,11 @@ The command removes all the Kubernetes components associated with the chart and Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set auth.adminPassword=secretpassword oci://registry-1.docker.io/bitnamicharts/keycloak +helm install my-release --set auth.adminPassword=secretpassword oci://REGISTRY_NAME/REPOSITORY_NAME/keycloak ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Keycloak administrator password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -366,9 +372,10 @@ The above command sets the Keycloak administrator password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/keycloak +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/keycloak ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) Keycloak realms, users and clients can be created from the Keycloak administration panel. Refer to the [tutorial on adding user authentication to applications with Keycloak](https://docs.bitnami.com/tutorials/integrate-keycloak-authentication-kubernetes) for more details on these operations. diff --git a/bitnami/keycloak/values.yaml b/bitnami/keycloak/values.yaml index 231b038587c8d8..a53d0ad35a7033 100644 --- a/bitnami/keycloak/values.yaml +++ b/bitnami/keycloak/values.yaml @@ -83,8 +83,8 @@ diagnosticMode: ## Bitnami Keycloak image version ## ref: https://hub.docker.com/r/bitnami/keycloak/tags/ -## @param image.registry Keycloak image registry -## @param image.repository Keycloak image repository +## @param image.registry [default: REGISTRY_NAME] Keycloak image registry +## @param image.repository [default: REPOSITORY_NAME/keycloak] Keycloak image repository ## @param image.tag Keycloak image tag (immutable tags are recommended) ## @param image.digest Keycloak image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Keycloak image pull policy @@ -854,8 +854,8 @@ keycloakConfigCli: enabled: false ## Bitnami keycloak-config-cli image ## ref: https://hub.docker.com/r/bitnami/keycloak-config-cli/tags/ - ## @param keycloakConfigCli.image.registry keycloak-config-cli container image registry - ## @param keycloakConfigCli.image.repository keycloak-config-cli container image repository + ## @param keycloakConfigCli.image.registry [default: REGISTRY_NAME] keycloak-config-cli container image registry + ## @param keycloakConfigCli.image.repository [default: REPOSITORY_NAME/keycloak-config-cli] keycloak-config-cli container image repository ## @param keycloakConfigCli.image.tag keycloak-config-cli container image tag ## @param keycloakConfigCli.image.digest keycloak-config-cli container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param keycloakConfigCli.image.pullPolicy keycloak-config-cli container image pull policy diff --git a/bitnami/kiam/README.md b/bitnami/kiam/README.md index c7f981434cdda4..a6e9c56fdeedea 100644 --- a/bitnami/kiam/README.md +++ b/bitnami/kiam/README.md @@ -11,9 +11,10 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kiam +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kiam ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > NOTE: KIAM has been designed to work on a Kubernetes cluster deployed on top of AWS, although it is possible to deploy it in other environments. ## Introduction @@ -36,9 +37,11 @@ Looking to use Kiam in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kiam +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kiam ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy a kiam application on the Kubernetes cluster in the default configuration. > **Tip**: List all releases using `helm list` @@ -81,8 +84,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------- | ---------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | kiam image registry | `docker.io` | -| `image.repository` | kiam image name | `bitnami/kiam` | +| `image.registry` | kiam image registry | `REGISTRY_NAME` | +| `image.repository` | kiam image name | `REPOSITORY_NAME/kiam` | | `image.tag` | kiam image tag | `4.2.0-debian-11-r421` | | `image.digest` | kiam image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | kiam image pull policy | `IfNotPresent` | @@ -345,17 +348,20 @@ The command removes all the Kubernetes components associated with the chart and Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set server.resourceType=deployment oci://registry-1.docker.io/bitnamicharts/kiam +helm install my-release --set server.resourceType=deployment oci://REGISTRY_NAME/REPOSITORY_NAME/kiam ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the server nodes to be deployed as Deployment objects. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kiam +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kiam ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/kiam/values.yaml b/bitnami/kiam/values.yaml index 9ad07449301403..68ee8ea5498b7a 100644 --- a/bitnami/kiam/values.yaml +++ b/bitnami/kiam/values.yaml @@ -57,8 +57,8 @@ diagnosticMode: ## @section kiam image parameters -## @param image.registry kiam image registry -## @param image.repository kiam image name +## @param image.registry [default: REGISTRY_NAME] kiam image registry +## @param image.repository [default: REPOSITORY_NAME/kiam] kiam image name ## @param image.tag kiam image tag ## @param image.digest kiam image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy kiam image pull policy diff --git a/bitnami/kibana/README.md b/bitnami/kibana/README.md index 3561a7edd435e0..148de187e9b3f1 100644 --- a/bitnami/kibana/README.md +++ b/bitnami/kibana/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kibana --set elasticsearch.hosts[0]= --set elasticsearch.port= +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kibana --set elasticsearch.hosts[0]= --set elasticsearch.port= ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Kibana](https://github.com/bitnami/containers/tree/main/bitnami/kibana) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,11 +36,13 @@ Looking to use Kibana in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kibana \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kibana \ --set elasticsearch.hosts[0]= \ --set elasticsearch.port= \ ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This chart requires an Elasticsearch instance to work. You can use an already existing Elasticsearch instance. These commands deploy Kibana on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,139 +84,139 @@ The command removes all the Kubernetes components associated with the chart and ### Kibana parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `image.registry` | Kibana image registry | `docker.io` | -| `image.repository` | Kibana image repository | `bitnami/kibana` | -| `image.tag` | Kibana image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | -| `image.digest` | Kibana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Kibana image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable %%MAIN_CONTAINER%% image debug mode | `false` | -| `replicaCount` | Number of replicas of the Kibana Pod | `1` | -| `updateStrategy.type` | Set up update strategy for Kibana installation. | `RollingUpdate` | -| `schedulerName` | Alternative scheduler | `""` | -| `priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `plugins` | Array containing the Kibana plugins to be installed in deployment | `[]` | -| `savedObjects.urls` | Array containing links to NDJSON files to be imported during Kibana initialization | `[]` | -| `savedObjects.configmap` | Configmap containing NDJSON files to be imported during Kibana initialization (evaluated as a template) | `""` | -| `extraConfiguration` | Extra settings to be added to the default kibana.yml configmap that the chart creates (unless replaced using `configurationCM`). Evaluated as a template | `{}` | -| `configurationCM` | ConfigMap containing a kibana.yml file that will replace the default one specified in configuration.yaml | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array containing extra env vars to configure Kibana | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars to configure Kibana | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars to configure Kibana (in case of sensitive data) | `""` | -| `extraVolumes` | Array to add extra volumes. Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array to add extra mounts. Normally used with `extraVolumes` | `[]` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources` | Volume Permissions resources | `{}` | -| `persistence.enabled` | Enable persistence | `true` | -| `persistence.storageClass` | Kibana data Persistent Volume Storage Class | `""` | -| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `""` | -| `persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `persistence.size` | Size for the PV | `10Gi` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | -| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | -| `persistence.dataSource` | Custom PVC data source | `{}` | -| `startupProbe.enabled` | Enable/disable the startup probe | `false` | -| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `120` | -| `startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `forceInitScripts` | Force execution of init scripts | `false` | -| `initScriptsCM` | Configmap with init scripts to execute | `""` | -| `initScriptsSecret` | Secret with init scripts to execute (for sensitive data) | `""` | -| `service.ports.http` | Kubernetes Service port | `5601` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | -| `service.clusterIP` | %%MAIN_CONTAINER_NAME%% service Cluster IP | `""` | -| `service.loadBalancerIP` | loadBalancerIP if Kibana service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | %%MAIN_CONTAINER_NAME%% service Load Balancer sources | `[]` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.annotations` | Annotations for Kibana service (evaluated as a template) | `{}` | -| `service.labels` | Extra labels for Kibana service | `{}` | -| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.pathType` | Ingress Path type | `ImplementationSpecific` | -| `ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | -| `ingress.hostname` | Default host for the ingress resource. If specified as "*" no host rule is configured | `kibana.local` | -| `ingress.path` | The Path to Kibana. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | -| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `containerPorts.http` | Port to expose at container level | `5601` | -| `podSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set %%MAIN_CONTAINER_NAME%% pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% container's Security Context runAsNonRoot | `true` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Extra labels to add to Pod | `{}` | -| `sidecars` | Attach additional containers to the pod | `[]` | -| `initContainers` | Add additional init containers to the pod | `[]` | -| `configuration` | Kibana configuration | `{}` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.service.annotations` | Prometheus annotations for the Kibana service | `{}` | -| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | Kibana image registry | `REGISTRY_NAME` | +| `image.repository` | Kibana image repository | `REPOSITORY_NAME/kibana` | +| `image.tag` | Kibana image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | +| `image.digest` | Kibana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Kibana image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable %%MAIN_CONTAINER%% image debug mode | `false` | +| `replicaCount` | Number of replicas of the Kibana Pod | `1` | +| `updateStrategy.type` | Set up update strategy for Kibana installation. | `RollingUpdate` | +| `schedulerName` | Alternative scheduler | `""` | +| `priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `plugins` | Array containing the Kibana plugins to be installed in deployment | `[]` | +| `savedObjects.urls` | Array containing links to NDJSON files to be imported during Kibana initialization | `[]` | +| `savedObjects.configmap` | Configmap containing NDJSON files to be imported during Kibana initialization (evaluated as a template) | `""` | +| `extraConfiguration` | Extra settings to be added to the default kibana.yml configmap that the chart creates (unless replaced using `configurationCM`). Evaluated as a template | `{}` | +| `configurationCM` | ConfigMap containing a kibana.yml file that will replace the default one specified in configuration.yaml | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array containing extra env vars to configure Kibana | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars to configure Kibana | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars to configure Kibana (in case of sensitive data) | `""` | +| `extraVolumes` | Array to add extra volumes. Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array to add extra mounts. Normally used with `extraVolumes` | `[]` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources` | Volume Permissions resources | `{}` | +| `persistence.enabled` | Enable persistence | `true` | +| `persistence.storageClass` | Kibana data Persistent Volume Storage Class | `""` | +| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `persistence.size` | Size for the PV | `10Gi` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `startupProbe.enabled` | Enable/disable the startup probe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `120` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `forceInitScripts` | Force execution of init scripts | `false` | +| `initScriptsCM` | Configmap with init scripts to execute | `""` | +| `initScriptsSecret` | Secret with init scripts to execute (for sensitive data) | `""` | +| `service.ports.http` | Kubernetes Service port | `5601` | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | +| `service.clusterIP` | %%MAIN_CONTAINER_NAME%% service Cluster IP | `""` | +| `service.loadBalancerIP` | loadBalancerIP if Kibana service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | %%MAIN_CONTAINER_NAME%% service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `service.annotations` | Annotations for Kibana service (evaluated as a template) | `{}` | +| `service.labels` | Extra labels for Kibana service | `{}` | +| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.pathType` | Ingress Path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | +| `ingress.hostname` | Default host for the ingress resource. If specified as "*" no host rule is configured | `kibana.local` | +| `ingress.path` | The Path to Kibana. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | +| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `containerPorts.http` | Port to expose at container level | `5601` | +| `podSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set %%MAIN_CONTAINER_NAME%% pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled %%MAIN_CONTAINER_NAME%% containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set %%MAIN_CONTAINER_NAME%% containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% container's Security Context runAsNonRoot | `true` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Extra labels to add to Pod | `{}` | +| `sidecars` | Attach additional containers to the pod | `[]` | +| `initContainers` | Add additional init containers to the pod | `[]` | +| `configuration` | Kibana configuration | `{}` | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.service.annotations` | Prometheus annotations for the Kibana service | `{}` | +| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | ### Kibana server TLS configuration @@ -248,9 +252,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set admin.user=admin-user oci://registry-1.docker.io/bitnamicharts/kibana + --set admin.user=admin-user oci://REGISTRY_NAME/REPOSITORY_NAME/kibana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Kibana admin user to `admin-user`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -258,9 +264,10 @@ The above command sets the Kibana admin user to `admin-user`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kibana +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kibana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/kibana/values.yaml b/bitnami/kibana/values.yaml index d47fa73c347ba3..99a557bd34e389 100644 --- a/bitnami/kibana/values.yaml +++ b/bitnami/kibana/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Kibana image version ## ref: https://hub.docker.com/r/bitnami/kibana/tags/ -## @param image.registry Kibana image registry -## @param image.repository Kibana image repository +## @param image.registry [default: REGISTRY_NAME] Kibana image registry +## @param image.repository [default: REPOSITORY_NAME/kibana] Kibana image repository ## @param image.tag Kibana image tag (immutable tags are recommended) ## @param image.digest Kibana image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Kibana image pull policy @@ -185,8 +185,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/kong/README.md b/bitnami/kong/README.md index 5e6aed61ab0932..0b59b883b11e0d 100644 --- a/bitnami/kong/README.md +++ b/bitnami/kong/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [kong](https://github.com/bitnami/containers/tree/main/bitnami/kong) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. It also includes the [kong-ingress-controller](https://github.com/bitnami/containers/tree/main/bitnami/kong-ingress-controller) container for managing Ingress resources using Kong. @@ -35,9 +37,11 @@ Looking to use Kong in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy kong on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,16 +81,16 @@ helm delete my-release ### Kong common parameters -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | kong image registry | `docker.io` | -| `image.repository` | kong image repository | `bitnami/kong` | -| `image.tag` | kong image tag (immutable tags are recommended) | `3.4.2-debian-11-r0` | -| `image.digest` | kong image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | kong image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `database` | Select which database backend Kong will use. Can be 'postgresql', 'cassandra' or 'off' | `postgresql` | +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------------------------------------------------- | ---------------------- | +| `image.registry` | kong image registry | `REGISTRY_NAME` | +| `image.repository` | kong image repository | `REPOSITORY_NAME/kong` | +| `image.tag` | kong image tag (immutable tags are recommended) | `3.4.2-debian-11-r0` | +| `image.digest` | kong image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | kong image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `database` | Select which database backend Kong will use. Can be 'postgresql', 'cassandra' or 'off' | `postgresql` | ### Kong deployment / daemonset parameters @@ -210,54 +214,54 @@ helm delete my-release ### Kong Ingress Controller Container Parameters -| Name | Description | Value | -| --------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `ingressController.enabled` | Enable/disable the Kong Ingress Controller | `true` | -| `ingressController.image.registry` | Kong Ingress Controller image registry | `docker.io` | -| `ingressController.image.repository` | Kong Ingress Controller image name | `bitnami/kong-ingress-controller` | -| `ingressController.image.tag` | Kong Ingress Controller image tag | `2.12.0-debian-11-r10` | -| `ingressController.image.digest` | Kong Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `ingressController.image.pullPolicy` | Kong Ingress Controller image pull policy | `IfNotPresent` | -| `ingressController.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `ingressController.proxyReadyTimeout` | Maximum time (in seconds) to wait for the Kong container to be ready | `300` | -| `ingressController.ingressClass` | Name of the class to register Kong Ingress Controller (useful when having other Ingress Controllers in the cluster) | `kong` | -| `ingressController.command` | Override default container command (useful when using custom images) | `[]` | -| `ingressController.args` | Override default container args (useful when using custom images) | `[]` | -| `ingressController.extraEnvVars` | Array containing extra env vars to configure Kong | `[]` | -| `ingressController.extraEnvVarsCM` | ConfigMap containing extra env vars to configure Kong Ingress Controller | `""` | -| `ingressController.extraEnvVarsSecret` | Secret containing extra env vars to configure Kong Ingress Controller (in case of sensitive data) | `""` | -| `ingressController.extraVolumeMounts` | Array of extra volume mounts to be added to the Kong Ingress Controller container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `ingressController.containerPorts.health` | Kong Ingress Controller health container port | `10254` | -| `ingressController.resources.limits` | The resources limits for the Kong Ingress Controller container | `{}` | -| `ingressController.resources.requests` | The requested resources for the Kong Ingress Controller container | `{}` | -| `ingressController.livenessProbe.enabled` | Enable livenessProbe on Kong Ingress Controller containers | `true` | -| `ingressController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `ingressController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `ingressController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `ingressController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `ingressController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `ingressController.readinessProbe.enabled` | Enable readinessProbe on Kong Ingress Controller containers | `true` | -| `ingressController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `ingressController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `ingressController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `ingressController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `ingressController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `ingressController.startupProbe.enabled` | Enable startupProbe on Kong Ingress Controller containers | `false` | -| `ingressController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `ingressController.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | -| `ingressController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `ingressController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `20` | -| `ingressController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `ingressController.customLivenessProbe` | Override default liveness probe (Kong Ingress Controller container) | `{}` | -| `ingressController.customReadinessProbe` | Override default readiness probe (Kong Ingress Controller container) | `{}` | -| `ingressController.customStartupProbe` | Override default startup probe (Kong Ingress Controller container) | `{}` | -| `ingressController.lifecycleHooks` | Lifecycle hooks (Kong Ingress Controller container) | `{}` | -| `ingressController.serviceAccount.create` | Enable the creation of a ServiceAccount for Keycloak pods | `true` | -| `ingressController.serviceAccount.name` | Name of the created ServiceAccount (name generated using common.names.fullname template otherwise) | `""` | -| `ingressController.serviceAccount.automountServiceAccountToken` | Auto-mount the service account token in the pod | `true` | -| `ingressController.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `ingressController.rbac.create` | Create the necessary RBAC resources for the Ingress Controller to work | `true` | -| `ingressController.rbac.rules` | Custom RBAC rules | `[]` | +| Name | Description | Value | +| --------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | +| `ingressController.enabled` | Enable/disable the Kong Ingress Controller | `true` | +| `ingressController.image.registry` | Kong Ingress Controller image registry | `REGISTRY_NAME` | +| `ingressController.image.repository` | Kong Ingress Controller image name | `REPOSITORY_NAME/kong-ingress-controller` | +| `ingressController.image.tag` | Kong Ingress Controller image tag | `2.12.0-debian-11-r10` | +| `ingressController.image.digest` | Kong Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `ingressController.image.pullPolicy` | Kong Ingress Controller image pull policy | `IfNotPresent` | +| `ingressController.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `ingressController.proxyReadyTimeout` | Maximum time (in seconds) to wait for the Kong container to be ready | `300` | +| `ingressController.ingressClass` | Name of the class to register Kong Ingress Controller (useful when having other Ingress Controllers in the cluster) | `kong` | +| `ingressController.command` | Override default container command (useful when using custom images) | `[]` | +| `ingressController.args` | Override default container args (useful when using custom images) | `[]` | +| `ingressController.extraEnvVars` | Array containing extra env vars to configure Kong | `[]` | +| `ingressController.extraEnvVarsCM` | ConfigMap containing extra env vars to configure Kong Ingress Controller | `""` | +| `ingressController.extraEnvVarsSecret` | Secret containing extra env vars to configure Kong Ingress Controller (in case of sensitive data) | `""` | +| `ingressController.extraVolumeMounts` | Array of extra volume mounts to be added to the Kong Ingress Controller container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `ingressController.containerPorts.health` | Kong Ingress Controller health container port | `10254` | +| `ingressController.resources.limits` | The resources limits for the Kong Ingress Controller container | `{}` | +| `ingressController.resources.requests` | The requested resources for the Kong Ingress Controller container | `{}` | +| `ingressController.livenessProbe.enabled` | Enable livenessProbe on Kong Ingress Controller containers | `true` | +| `ingressController.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `ingressController.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `ingressController.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `ingressController.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `ingressController.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `ingressController.readinessProbe.enabled` | Enable readinessProbe on Kong Ingress Controller containers | `true` | +| `ingressController.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `ingressController.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `ingressController.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `ingressController.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `ingressController.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `ingressController.startupProbe.enabled` | Enable startupProbe on Kong Ingress Controller containers | `false` | +| `ingressController.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `ingressController.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | +| `ingressController.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `ingressController.startupProbe.failureThreshold` | Failure threshold for startupProbe | `20` | +| `ingressController.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `ingressController.customLivenessProbe` | Override default liveness probe (Kong Ingress Controller container) | `{}` | +| `ingressController.customReadinessProbe` | Override default readiness probe (Kong Ingress Controller container) | `{}` | +| `ingressController.customStartupProbe` | Override default startup probe (Kong Ingress Controller container) | `{}` | +| `ingressController.lifecycleHooks` | Lifecycle hooks (Kong Ingress Controller container) | `{}` | +| `ingressController.serviceAccount.create` | Enable the creation of a ServiceAccount for Keycloak pods | `true` | +| `ingressController.serviceAccount.name` | Name of the created ServiceAccount (name generated using common.names.fullname template otherwise) | `""` | +| `ingressController.serviceAccount.automountServiceAccountToken` | Auto-mount the service account token in the pod | `true` | +| `ingressController.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `ingressController.rbac.create` | Create the necessary RBAC resources for the Ingress Controller to work | `true` | +| `ingressController.rbac.rules` | Custom RBAC rules | `[]` | ### Kong Migration job Parameters @@ -278,27 +282,27 @@ helm delete my-release ### PostgreSQL Parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------- | -| `postgresql.enabled` | Switch to enable or disable the PostgreSQL helm chart | `true` | -| `postgresql.auth.postgresPassword` | Password for the "postgres" admin user | `""` | -| `postgresql.auth.username` | Name for a custom user to create | `kong` | -| `postgresql.auth.password` | Password for the custom user to create | `""` | -| `postgresql.auth.database` | Name for a custom database to create | `kong` | -| `postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `""` | -| `postgresql.auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` | -| `postgresql.architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | -| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | -| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `postgresql.image.tag` | PostgreSQL image tag (immutable tags are recommended) | `14.9.0-debian-11-r56` | -| `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `postgresql.external.host` | Database host | `""` | -| `postgresql.external.port` | Database port number | `5432` | -| `postgresql.external.user` | Non-root username for Kong | `kong` | -| `postgresql.external.password` | Password for the non-root username for Kong | `""` | -| `postgresql.external.database` | Kong database name | `kong` | -| `postgresql.external.existingSecret` | Name of an existing secret resource containing the database credentials | `""` | -| `postgresql.external.existingSecretPasswordKey` | Name of an existing secret key containing the database credentials | `""` | +| Name | Description | Value | +| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `postgresql.enabled` | Switch to enable or disable the PostgreSQL helm chart | `true` | +| `postgresql.auth.postgresPassword` | Password for the "postgres" admin user | `""` | +| `postgresql.auth.username` | Name for a custom user to create | `kong` | +| `postgresql.auth.password` | Password for the custom user to create | `""` | +| `postgresql.auth.database` | Name for a custom database to create | `kong` | +| `postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `""` | +| `postgresql.auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` | +| `postgresql.architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | +| `postgresql.image.registry` | PostgreSQL image registry | `REGISTRY_NAME` | +| `postgresql.image.repository` | PostgreSQL image repository | `REPOSITORY_NAME/postgresql` | +| `postgresql.image.tag` | PostgreSQL image tag (immutable tags are recommended) | `14.9.0-debian-11-r56` | +| `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `postgresql.external.host` | Database host | `""` | +| `postgresql.external.port` | Database port number | `5432` | +| `postgresql.external.user` | Non-root username for Kong | `kong` | +| `postgresql.external.password` | Password for the non-root username for Kong | `""` | +| `postgresql.external.database` | Kong database name | `kong` | +| `postgresql.external.existingSecret` | Name of an existing secret resource containing the database credentials | `""` | +| `postgresql.external.existingSecretPasswordKey` | Name of an existing secret key containing the database credentials | `""` | ### Cassandra Parameters @@ -344,17 +348,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set service.exposeAdmin=true oci://registry-1.docker.io/bitnamicharts/kong + --set service.exposeAdmin=true oci://REGISTRY_NAME/REPOSITORY_NAME/kong ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command exposes the Kong admin ports inside the Kong service. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kong +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kong ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -372,32 +379,38 @@ The Bitnami Kong chart allows setting two database backends: PostgreSQL or Cassa - Deploy the PostgreSQL sub-chart (default) ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Use an external PostgreSQL database ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong \ --set postgresql.enabled=false \ --set postgresql.external.host=_HOST_OF_YOUR_POSTGRESQL_INSTALLATION_ \ --set postgresql.external.password=_PASSWORD_OF_YOUR_POSTGRESQL_INSTALLATION_ \ --set postgresql.external.user=_USER_OF_YOUR_POSTGRESQL_INSTALLATION_ ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Deploy the Cassandra sub-chart ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong \ --set database=cassandra \ --set postgresql.enabled=false \ --set cassandra.enabled=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Use an existing Cassandra installation ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kong \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong \ --set database=cassandra \ --set postgresql.enabled=false \ --set cassandra.enabled=false \ @@ -408,6 +421,8 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/kong \ --set cassandra.external.password=_PASSWORD_OF_YOUR_CASSANDRA_INSTALLATION_ ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### DB-less Kong 1.1 added the capability to run Kong without a database, using only in-memory storage for entities: we call this DB-less mode. When running Kong DB-less, the configuration of entities is done in a second configuration file, in YAML or JSON, using declarative configuration (ref. [Link](https://legacy-gateway--kongdocs.netlify.app/gateway-oss/1.1.x/db-less-and-declarative-config/)). @@ -511,13 +526,14 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to specify the existing passwords while performing a upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `postgresql.postgresqlPassword` or `cassandra.password` parameters when upgrading the chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/kong \ +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kong \ --set database=postgresql --set postgresql.enabled=true --set --set postgresql.postgresqlPassword=[POSTGRESQL_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders _[POSTGRESQL_PASSWORD]_ with the values obtained from instructions in the installation notes. ### To 10.0.0 @@ -586,11 +602,13 @@ kubectl delete statefulsets.apps kong-postgresql --cascade=false ##### Upgrade the chart release ```console -helm upgrade kong oci://registry-1.docker.io/bitnamicharts/kong \ +helm upgrade kong oci://REGISTRY_NAME/REPOSITORY_NAME/kong \ --set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD \ --set postgresql.persistence.existingClaim=$POSTGRESQL_PVC ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ##### Force new statefulset to create a new pod for postgresql ```console diff --git a/bitnami/kong/values.yaml b/bitnami/kong/values.yaml index 14a0471e87845c..88500245ca4890 100644 --- a/bitnami/kong/values.yaml +++ b/bitnami/kong/values.yaml @@ -64,8 +64,8 @@ diagnosticMode: ## Bitnami kong image version ## ref: https://hub.docker.com/r/bitnami/kong/tags/ -## @param image.registry kong image registry -## @param image.repository kong image repository +## @param image.registry [default: REGISTRY_NAME] kong image registry +## @param image.repository [default: REPOSITORY_NAME/kong] kong image repository ## @param image.tag kong image tag (immutable tags are recommended) ## @param image.digest kong image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy kong image pull policy @@ -564,8 +564,8 @@ ingressController: ## @param ingressController.enabled Enable/disable the Kong Ingress Controller ## enabled: true - ## @param ingressController.image.registry Kong Ingress Controller image registry - ## @param ingressController.image.repository Kong Ingress Controller image name + ## @param ingressController.image.registry [default: REGISTRY_NAME] Kong Ingress Controller image registry + ## @param ingressController.image.repository [default: REPOSITORY_NAME/kong-ingress-controller] Kong Ingress Controller image name ## @param ingressController.image.tag Kong Ingress Controller image tag ## @param ingressController.image.digest Kong Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param ingressController.image.pullPolicy Kong Ingress Controller image pull policy @@ -790,8 +790,8 @@ postgresql: enabled: true ## Override PostgreSQL default image as 14.x is not supported ## ref: https://github.com/bitnami/containers/tree/main/bitnami/postgresql - ## @param postgresql.image.registry PostgreSQL image registry - ## @param postgresql.image.repository PostgreSQL image repository + ## @param postgresql.image.registry [default: REGISTRY_NAME] PostgreSQL image registry + ## @param postgresql.image.repository [default: REPOSITORY_NAME/postgresql] PostgreSQL image repository ## @param postgresql.image.tag PostgreSQL image tag (immutable tags are recommended) ## @param postgresql.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/kube-prometheus/README.md b/bitnami/kube-prometheus/README.md index 9a97fe143b7a3d..069ab1b6357e0f 100644 --- a/bitnami/kube-prometheus/README.md +++ b/bitnami/kube-prometheus/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kube-prometheus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps [Prometheus Operator](https://github.com/bitnami/containers/tree/main/bitnami/prometheus-operator) on [Kubernetes](https://kubernetes.io) using the [Helm](https://helm.sh) package manager. @@ -42,9 +44,11 @@ Looking to use Prometheus Operator in production? Try [VMware Application Catalo To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kube-prometheus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys kube-prometheus on the Kubernetes cluster in the default configuration. The [configuration](#configuration-and-installation-details) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -84,481 +88,481 @@ The command removes all the Kubernetes components associated with the chart and ### Prometheus Operator Parameters -| Name | Description | Value | -| ------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| `operator.enabled` | Deploy Prometheus Operator to the cluster | `true` | -| `operator.image.registry` | Prometheus Operator image registry | `docker.io` | -| `operator.image.repository` | Prometheus Operator image repository | `bitnami/prometheus-operator` | -| `operator.image.tag` | Prometheus Operator image tag (immutable tags are recommended) | `0.68.0-debian-11-r24` | -| `operator.image.digest` | Prometheus Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `operator.image.pullPolicy` | Prometheus Operator image pull policy | `IfNotPresent` | -| `operator.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `operator.extraArgs` | Additional arguments passed to Prometheus Operator | `[]` | -| `operator.command` | Override default container command (useful when using custom images) | `[]` | -| `operator.args` | Override default container args (useful when using custom images) | `[]` | -| `operator.lifecycleHooks` | for the Prometheus Operator container(s) to automate configuration before or after startup | `{}` | -| `operator.extraEnvVars` | Array with extra environment variables to add to Prometheus Operator nodes | `[]` | -| `operator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus Operator nodes | `""` | -| `operator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus Operator nodes | `""` | -| `operator.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus Operator pod(s) | `[]` | -| `operator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus Operator container(s) | `[]` | -| `operator.sidecars` | Add additional sidecar containers to the Prometheus Operator pod(s) | `[]` | -| `operator.initContainers` | Add additional init containers to the Prometheus Operator pod(s) | `[]` | -| `operator.hostAliases` | Add deployment host aliases | `[]` | -| `operator.serviceAccount.create` | Specify whether to create a ServiceAccount for Prometheus Operator | `true` | -| `operator.serviceAccount.name` | The name of the ServiceAccount to create | `""` | -| `operator.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `operator.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `operator.schedulerName` | Name of the Kubernetess scheduler (other than default) | `""` | -| `operator.terminationGracePeriodSeconds` | In seconds, time the given to the Prometheus Operator pod needs to terminate gracefully | `""` | -| `operator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `operator.podSecurityContext.enabled` | Enable pod security context | `true` | -| `operator.podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `operator.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `operator.containerSecurityContext.enabled` | Enable container security context | `true` | -| `operator.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `operator.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `operator.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `operator.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | -| `operator.service.type` | Kubernetes service type | `ClusterIP` | -| `operator.service.ports.http` | Prometheus Operator service port | `8080` | -| `operator.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `operator.service.nodePorts.http` | Kubernetes Service nodePort | `""` | -| `operator.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `operator.service.loadBalancerClass` | Operator service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `operator.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `operator.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `operator.service.healthCheckNodePort` | Specifies the health check node port (numeric port number) for the service if `externalTrafficPolicy` is set to Local. | `""` | -| `operator.service.labels` | Additional labels for Prometheus Operator service | `{}` | -| `operator.service.annotations` | Additional annotations for Prometheus Operator service | `{}` | -| `operator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `operator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `operator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `operator.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus Operator | `true` | -| `operator.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `operator.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | -| `operator.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | -| `operator.serviceMonitor.relabelings` | Relabel configs | `[]` | -| `operator.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `operator.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `operator.serviceMonitor.annotations` | Extra annotations for the ServiceMonitor | `{}` | -| `operator.serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | -| `operator.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | -| `operator.resources` | Configure resource requests and limits | `{}` | -| `operator.podAffinityPreset` | Pod affinity preset | `""` | -| `operator.podAntiAffinityPreset` | Prometheus Operator Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `operator.nodeAffinityPreset.type` | Prometheus Operator Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `operator.nodeAffinityPreset.key` | Prometheus Operator Node label key to match Ignored if `affinity` is set. | `""` | -| `operator.nodeAffinityPreset.values` | Prometheus Operator Node label values to match. Ignored if `affinity` is set. | `[]` | -| `operator.affinity` | Prometheus Operator Affinity for pod assignment | `{}` | -| `operator.nodeSelector` | Prometheus Operator Node labels for pod assignment | `{}` | -| `operator.tolerations` | Prometheus Operator Tolerations for pod assignment | `[]` | -| `operator.podAnnotations` | Annotations for Prometheus Operator pods | `{}` | -| `operator.podLabels` | Extra labels for Prometheus Operator pods | `{}` | -| `operator.priorityClassName` | Priority class assigned to the Pods | `""` | -| `operator.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `operator.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `operator.livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `operator.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `operator.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `operator.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `operator.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `operator.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `operator.readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `operator.readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `operator.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `operator.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `operator.startupProbe.enabled` | Turn on and off startup probe | `false` | -| `operator.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `30` | -| `operator.startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `operator.startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `operator.startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `operator.startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `operator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `operator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `operator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `operator.logLevel` | Log level for Prometheus Operator | `info` | -| `operator.logFormat` | Log format for Prometheus Operator | `logfmt` | -| `operator.configReloaderResources` | Set the prometheus config reloader side-car CPU and memory requests and limits. | `{}` | -| `operator.kubeletService.enabled` | If true, the operator will create and maintain a service for scraping kubelets | `true` | -| `operator.kubeletService.namespace` | Namespace to deploy the kubelet service | `kube-system` | -| `operator.prometheusConfigReloader.image` | Prometheus Config Reloader image. If not set, the same as `operator.image.registry` | `{}` | -| `operator.prometheusConfigReloader.containerSecurityContext.enabled` | Enable container security context | `true` | -| `operator.prometheusConfigReloader.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | -| `operator.prometheusConfigReloader.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `operator.prometheusConfigReloader.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `operator.prometheusConfigReloader.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `operator.prometheusConfigReloader.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | -| `operator.prometheusConfigReloader.livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `operator.prometheusConfigReloader.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `operator.prometheusConfigReloader.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `operator.prometheusConfigReloader.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `operator.prometheusConfigReloader.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `15` | -| `operator.prometheusConfigReloader.readinessProbe.periodSeconds` | How often to perform the probe | `20` | -| `operator.prometheusConfigReloader.readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `operator.prometheusConfigReloader.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `operator.prometheusConfigReloader.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `operator.namespaces` | Optional comma-separated list of namespaces to watch (default=all). | `""` | +| Name | Description | Value | +| ------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | +| `operator.enabled` | Deploy Prometheus Operator to the cluster | `true` | +| `operator.image.registry` | Prometheus Operator image registry | `REGISTRY_NAME` | +| `operator.image.repository` | Prometheus Operator image repository | `REPOSITORY_NAME/prometheus-operator` | +| `operator.image.tag` | Prometheus Operator image tag (immutable tags are recommended) | `0.68.0-debian-11-r27` | +| `operator.image.digest` | Prometheus Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `operator.image.pullPolicy` | Prometheus Operator image pull policy | `IfNotPresent` | +| `operator.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `operator.extraArgs` | Additional arguments passed to Prometheus Operator | `[]` | +| `operator.command` | Override default container command (useful when using custom images) | `[]` | +| `operator.args` | Override default container args (useful when using custom images) | `[]` | +| `operator.lifecycleHooks` | for the Prometheus Operator container(s) to automate configuration before or after startup | `{}` | +| `operator.extraEnvVars` | Array with extra environment variables to add to Prometheus Operator nodes | `[]` | +| `operator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus Operator nodes | `""` | +| `operator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus Operator nodes | `""` | +| `operator.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus Operator pod(s) | `[]` | +| `operator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus Operator container(s) | `[]` | +| `operator.sidecars` | Add additional sidecar containers to the Prometheus Operator pod(s) | `[]` | +| `operator.initContainers` | Add additional init containers to the Prometheus Operator pod(s) | `[]` | +| `operator.hostAliases` | Add deployment host aliases | `[]` | +| `operator.serviceAccount.create` | Specify whether to create a ServiceAccount for Prometheus Operator | `true` | +| `operator.serviceAccount.name` | The name of the ServiceAccount to create | `""` | +| `operator.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `operator.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `operator.schedulerName` | Name of the Kubernetess scheduler (other than default) | `""` | +| `operator.terminationGracePeriodSeconds` | In seconds, time the given to the Prometheus Operator pod needs to terminate gracefully | `""` | +| `operator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `operator.podSecurityContext.enabled` | Enable pod security context | `true` | +| `operator.podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `operator.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `operator.containerSecurityContext.enabled` | Enable container security context | `true` | +| `operator.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `operator.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `operator.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `operator.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | +| `operator.service.type` | Kubernetes service type | `ClusterIP` | +| `operator.service.ports.http` | Prometheus Operator service port | `8080` | +| `operator.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `operator.service.nodePorts.http` | Kubernetes Service nodePort | `""` | +| `operator.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `operator.service.loadBalancerClass` | Operator service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `operator.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `operator.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `operator.service.healthCheckNodePort` | Specifies the health check node port (numeric port number) for the service if `externalTrafficPolicy` is set to Local. | `""` | +| `operator.service.labels` | Additional labels for Prometheus Operator service | `{}` | +| `operator.service.annotations` | Additional annotations for Prometheus Operator service | `{}` | +| `operator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `operator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `operator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `operator.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus Operator | `true` | +| `operator.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `operator.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | +| `operator.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | +| `operator.serviceMonitor.relabelings` | Relabel configs | `[]` | +| `operator.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `operator.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `operator.serviceMonitor.annotations` | Extra annotations for the ServiceMonitor | `{}` | +| `operator.serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | +| `operator.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| `operator.resources` | Configure resource requests and limits | `{}` | +| `operator.podAffinityPreset` | Pod affinity preset | `""` | +| `operator.podAntiAffinityPreset` | Prometheus Operator Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `operator.nodeAffinityPreset.type` | Prometheus Operator Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `operator.nodeAffinityPreset.key` | Prometheus Operator Node label key to match Ignored if `affinity` is set. | `""` | +| `operator.nodeAffinityPreset.values` | Prometheus Operator Node label values to match. Ignored if `affinity` is set. | `[]` | +| `operator.affinity` | Prometheus Operator Affinity for pod assignment | `{}` | +| `operator.nodeSelector` | Prometheus Operator Node labels for pod assignment | `{}` | +| `operator.tolerations` | Prometheus Operator Tolerations for pod assignment | `[]` | +| `operator.podAnnotations` | Annotations for Prometheus Operator pods | `{}` | +| `operator.podLabels` | Extra labels for Prometheus Operator pods | `{}` | +| `operator.priorityClassName` | Priority class assigned to the Pods | `""` | +| `operator.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `operator.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `operator.livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `operator.livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `operator.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `operator.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `operator.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `operator.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `operator.readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `operator.readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `operator.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `operator.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `operator.startupProbe.enabled` | Turn on and off startup probe | `false` | +| `operator.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `30` | +| `operator.startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `operator.startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `operator.startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `operator.startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `operator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `operator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `operator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `operator.logLevel` | Log level for Prometheus Operator | `info` | +| `operator.logFormat` | Log format for Prometheus Operator | `logfmt` | +| `operator.configReloaderResources` | Set the prometheus config reloader side-car CPU and memory requests and limits. | `{}` | +| `operator.kubeletService.enabled` | If true, the operator will create and maintain a service for scraping kubelets | `true` | +| `operator.kubeletService.namespace` | Namespace to deploy the kubelet service | `kube-system` | +| `operator.prometheusConfigReloader.image` | Prometheus Config Reloader image. If not set, the same as `operator.image.registry` | `{}` | +| `operator.prometheusConfigReloader.containerSecurityContext.enabled` | Enable container security context | `true` | +| `operator.prometheusConfigReloader.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | +| `operator.prometheusConfigReloader.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `operator.prometheusConfigReloader.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `operator.prometheusConfigReloader.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `operator.prometheusConfigReloader.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | +| `operator.prometheusConfigReloader.livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `operator.prometheusConfigReloader.livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `operator.prometheusConfigReloader.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `operator.prometheusConfigReloader.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `operator.prometheusConfigReloader.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `15` | +| `operator.prometheusConfigReloader.readinessProbe.periodSeconds` | How often to perform the probe | `20` | +| `operator.prometheusConfigReloader.readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `operator.prometheusConfigReloader.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `operator.prometheusConfigReloader.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `operator.namespaces` | Optional comma-separated list of namespaces to watch (default=all). | `""` | ### Prometheus Parameters -| Name | Description | Value | -| --------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `prometheus.enabled` | Deploy Prometheus to the cluster | `true` | -| `prometheus.image.registry` | Prometheus image registry | `docker.io` | -| `prometheus.image.repository` | Prometheus image repository | `bitnami/prometheus` | -| `prometheus.image.tag` | Prometheus image tag (immutable tags are recommended) | `2.47.1-debian-11-r1` | -| `prometheus.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `prometheus.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `prometheus.serviceAccount.create` | Specify whether to create a ServiceAccount for Prometheus | `true` | -| `prometheus.serviceAccount.name` | The name of the ServiceAccount to create | `""` | -| `prometheus.serviceAccount.annotations` | Additional annotations for created Prometheus ServiceAccount | `{}` | -| `prometheus.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `prometheus.podSecurityContext.enabled` | Enable security context | `true` | -| `prometheus.podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `prometheus.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `prometheus.containerSecurityContext.enabled` | Enable container security context | `true` | -| `prometheus.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | -| `prometheus.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `prometheus.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `prometheus.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `prometheus.pdb.create` | Create a pod disruption budget for Prometheus | `false` | -| `prometheus.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `prometheus.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `prometheus.service.type` | Kubernetes service type | `ClusterIP` | -| `prometheus.service.ports.http` | Prometheus service port | `9090` | -| `prometheus.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `prometheus.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `prometheus.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `prometheus.service.loadBalancerClass` | Prometheus service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `prometheus.service.loadBalancerSourceRanges` | Address that are allowed when service is `LoadBalancer` | `[]` | -| `prometheus.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `prometheus.service.healthCheckNodePort` | Specifies the health check node port | `""` | -| `prometheus.service.labels` | Additional labels for Prometheus service (this value is evaluated as a template) | `{}` | -| `prometheus.service.annotations` | Additional annotations for Prometheus service (this value is evaluated as a template) | `{}` | -| `prometheus.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `prometheus.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `prometheus.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus itself | `true` | -| `prometheus.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `prometheus.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | -| `prometheus.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | -| `prometheus.serviceMonitor.relabelings` | Relabel configs | `[]` | -| `prometheus.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | -| `prometheus.ingress.enabled` | Enable ingress controller resource | `false` | -| `prometheus.ingress.pathType` | Ingress Path type | `ImplementationSpecific` | -| `prometheus.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | -| `prometheus.ingress.hostname` | Default host for the ingress resource | `prometheus.local` | -| `prometheus.ingress.path` | The Path to Prometheus. You may need to set this to '/*' in order to use this with ALB ingress controllers | `/` | -| `prometheus.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `prometheus.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `prometheus.ingress.tls` | Enable TLS configuration for the hostname defined at prometheus.ingress.hostname parameter | `false` | -| `prometheus.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `prometheus.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `prometheus.ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | -| `prometheus.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `prometheus.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `prometheus.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | -| `prometheus.externalUrl` | External URL used to access Prometheus | `""` | -| `prometheus.resources` | CPU/Memory resource requests/limits for node | `{}` | -| `prometheus.podAffinityPreset` | Prometheus Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `prometheus.podAntiAffinityPreset` | Prometheus Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `prometheus.nodeAffinityPreset.type` | Prometheus Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `prometheus.nodeAffinityPreset.key` | Prometheus Node label key to match Ignored if `affinity` is set. | `""` | -| `prometheus.nodeAffinityPreset.values` | Prometheus Node label values to match. Ignored if `affinity` is set. | `[]` | -| `prometheus.affinity` | Prometheus Affinity for pod assignment | `{}` | -| `prometheus.nodeSelector` | Prometheus Node labels for pod assignment | `{}` | -| `prometheus.topologySpreadConstraints` | Prometheus Topology Spread Constraints for pod assignment | `[]` | -| `prometheus.tolerations` | Prometheus Tolerations for pod assignment | `[]` | -| `prometheus.scrapeInterval` | Interval between consecutive scrapes | `""` | -| `prometheus.evaluationInterval` | Interval between consecutive evaluations | `""` | -| `prometheus.scrapeTimeout` | Timeout after which the global scrape is ended | `""` | -| `prometheus.sampleLimit` | Per-scrape max number of scraped samples. Requires Prometheus v2.45.0 and newer | `""` | -| `prometheus.enforcedSampleLimit` | Override sampleLimits set by ServiceMonitor, PodMonitor or Probe objects | `""` | -| `prometheus.listenLocal` | ListenLocal makes the Prometheus server listen on loopback | `false` | -| `prometheus.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `prometheus.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | -| `prometheus.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | -| `prometheus.livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `prometheus.livenessProbe.timeoutSeconds` | When the probe times out | `3` | -| `prometheus.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `10` | -| `prometheus.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `prometheus.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `prometheus.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | -| `prometheus.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | -| `prometheus.readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `prometheus.readinessProbe.timeoutSeconds` | When the probe times out | `3` | -| `prometheus.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `10` | -| `prometheus.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `prometheus.startupProbe.enabled` | Turn on and off readiness probe | `true` | -| `prometheus.startupProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | -| `prometheus.startupProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | -| `prometheus.startupProbe.periodSeconds` | How often to perform the probe | `15` | -| `prometheus.startupProbe.timeoutSeconds` | When the probe times out | `3` | -| `prometheus.startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `60` | -| `prometheus.startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `prometheus.enableAdminAPI` | Enable Prometheus adminitrative API | `false` | -| `prometheus.enableFeatures` | Enable access to Prometheus disabled features. | `[]` | -| `prometheus.alertingEndpoints` | Alertmanagers to which alerts will be sent | `[]` | -| `prometheus.externalLabels` | External labels to add to any time series or alerts when communicating with external systems | `{}` | -| `prometheus.replicaExternalLabelName` | Name of the external label used to denote replica name | `""` | -| `prometheus.replicaExternalLabelNameClear` | Clear external label used to denote replica name | `false` | -| `prometheus.routePrefix` | Prefix used to register routes, overriding externalUrl route | `/` | -| `prometheus.prometheusExternalLabelName` | Name of the external label used to denote Prometheus instance name | `""` | -| `prometheus.prometheusExternalLabelNameClear` | Clear external label used to denote Prometheus instance name | `false` | -| `prometheus.secrets` | Secrets that should be mounted into the Prometheus Pods | `[]` | -| `prometheus.configMaps` | ConfigMaps that should be mounted into the Prometheus Pods | `[]` | -| `prometheus.querySpec` | The query command line flags when starting Prometheus | `{}` | -| `prometheus.ruleNamespaceSelector` | Namespaces to be selected for PrometheusRules discovery | `{}` | -| `prometheus.ruleSelector` | PrometheusRules to be selected for target discovery | `{}` | -| `prometheus.serviceMonitorSelector` | ServiceMonitors to be selected for target discovery | `{}` | -| `prometheus.serviceMonitorNamespaceSelector` | Namespaces to be selected for ServiceMonitor discovery | `{}` | -| `prometheus.podMonitorSelector` | PodMonitors to be selected for target discovery. | `{}` | -| `prometheus.podMonitorNamespaceSelector` | Namespaces to be selected for PodMonitor discovery | `{}` | -| `prometheus.probeSelector` | Probes to be selected for target discovery. | `{}` | -| `prometheus.probeNamespaceSelector` | Namespaces to be selected for Probe discovery | `{}` | -| `prometheus.scrapeConfigSelector` | ScrapeConfig to be selected for target discovery. | `{}` | -| `prometheus.scrapeConfigNamespaceSelector` | Namespaces to be selected for ScrapeConfig discovery | `{}` | -| `prometheus.retention` | Metrics retention days | `10d` | -| `prometheus.retentionSize` | Maximum size of metrics | `""` | -| `prometheus.disableCompaction` | Disable the compaction of the Prometheus TSDB | `false` | -| `prometheus.walCompression` | Enable compression of the write-ahead log using Snappy | `false` | -| `prometheus.paused` | If true, the Operator won't process any Prometheus configuration changes | `false` | -| `prometheus.replicaCount` | Number of Prometheus replicas desired | `1` | -| `prometheus.shards` | Number of Prometheus shards desired | `1` | -| `prometheus.logLevel` | Log level for Prometheus | `info` | -| `prometheus.logFormat` | Log format for Prometheus | `logfmt` | -| `prometheus.podMetadata` | Standard object's metadata | `{}` | -| `prometheus.remoteRead` | The remote_read spec configuration for Prometheus | `[]` | -| `prometheus.remoteWrite` | The remote_write spec configuration for Prometheus | `[]` | -| `prometheus.enableRemoteWriteReceiver` | Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. | `false` | -| `prometheus.storageSpec` | Prometheus StorageSpec for persistent data | `{}` | -| `prometheus.persistence.enabled` | Use PVCs to persist data. If the storageSpec is provided this will not take effect. | `false` | -| `prometheus.persistence.storageClass` | Persistent Volume Storage Class | `""` | -| `prometheus.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `prometheus.persistence.size` | Persistent Volume Size | `8Gi` | -| `prometheus.persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `prometheus.priorityClassName` | Priority class assigned to the Pods | `""` | -| `prometheus.containers` | Containers allows injecting additional containers | `[]` | -| `prometheus.initContainers` | Add additional init containers to the prometheus pod(s) | `[]` | -| `prometheus.volumes` | Volumes allows configuration of additional volumes | `[]` | -| `prometheus.volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template | `[]` | -| `prometheus.additionalPrometheusRules` | PrometheusRule defines recording and alerting rules for a Prometheus instance. | `[]` | -| `prometheus.additionalArgs` | Allows setting additional arguments for the Prometheus container | `[]` | -| `prometheus.additionalScrapeConfigs.enabled` | Enable additional scrape configs | `false` | -| `prometheus.additionalScrapeConfigs.type` | Indicates if the cart should use external additional scrape configs or internal configs | `external` | -| `prometheus.additionalScrapeConfigs.external.name` | Name of the secret that Prometheus should use for the additional external scrape configuration | `""` | -| `prometheus.additionalScrapeConfigs.external.key` | Name of the key inside the secret to be used for the additional external scrape configuration | `""` | -| `prometheus.additionalScrapeConfigs.internal.jobList` | A list of Prometheus scrape jobs | `[]` | -| `prometheus.additionalScrapeConfigsExternal.enabled` | Deprecated: Enable additional scrape configs that are managed externally to this chart | `false` | -| `prometheus.additionalScrapeConfigsExternal.name` | Deprecated: Name of the secret that Prometheus should use for the additional scrape configuration | `""` | -| `prometheus.additionalScrapeConfigsExternal.key` | Deprecated: Name of the key inside the secret to be used for the additional scrape configuration | `""` | -| `prometheus.additionalAlertRelabelConfigsExternal.enabled` | Enable additional Prometheus alert relabel configs that are managed externally to this chart | `false` | -| `prometheus.additionalAlertRelabelConfigsExternal.name` | Name of the secret that Prometheus should use for the additional Prometheus alert relabel configuration | `""` | -| `prometheus.additionalAlertRelabelConfigsExternal.key` | Name of the key inside the secret to be used for the additional Prometheus alert relabel configuration | `""` | -| `prometheus.additionalAlertManagerExternal.enabled` | Enable additional Prometheus AlertManager configs that are managed externally to this chart | `false` | -| `prometheus.additionalAlertManagerExternal.name` | Name of the secret that Prometheus should use for the additional Prometheus AlertManager configuration | `""` | -| `prometheus.additionalAlertManagerExternal.key` | Name of the key inside the secret to be used for the additional Prometheus AlertManager configuration | `""` | -| `prometheus.thanos.create` | Create a Thanos sidecar container | `false` | -| `prometheus.thanos.image.registry` | Thanos image registry | `docker.io` | -| `prometheus.thanos.image.repository` | Thanos image name | `bitnami/thanos` | -| `prometheus.thanos.image.tag` | Thanos image tag | `0.32.4-debian-11-r0` | -| `prometheus.thanos.image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `prometheus.thanos.image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | -| `prometheus.thanos.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `prometheus.thanos.containerSecurityContext.enabled` | Enable container security context | `true` | -| `prometheus.thanos.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | -| `prometheus.thanos.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `prometheus.thanos.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `prometheus.thanos.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `prometheus.thanos.prometheusUrl` | Override default prometheus url `http://localhost:9090` | `""` | -| `prometheus.thanos.extraArgs` | Additional arguments passed to the thanos sidecar container | `[]` | -| `prometheus.thanos.objectStorageConfig.secretName` | Support mounting a Secret for the objectStorageConfig of the sideCar container. | `""` | -| `prometheus.thanos.objectStorageConfig.secretKey` | Secret key with the configuration file. | `thanos.yaml` | -| `prometheus.thanos.extraVolumeMounts` | Additional volumeMounts from `prometheus.volumes` for thanos sidecar container | `[]` | -| `prometheus.thanos.resources.limits` | The resources limits for the Thanos sidecar container | `{}` | -| `prometheus.thanos.resources.requests` | The resources requests for the Thanos sidecar container | `{}` | -| `prometheus.thanos.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `prometheus.thanos.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | -| `prometheus.thanos.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | -| `prometheus.thanos.livenessProbe.periodSeconds` | How often to perform the probe | `5` | -| `prometheus.thanos.livenessProbe.timeoutSeconds` | When the probe times out | `3` | -| `prometheus.thanos.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `prometheus.thanos.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `prometheus.thanos.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `prometheus.thanos.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | -| `prometheus.thanos.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | -| `prometheus.thanos.readinessProbe.periodSeconds` | How often to perform the probe | `5` | -| `prometheus.thanos.readinessProbe.timeoutSeconds` | When the probe times out | `3` | -| `prometheus.thanos.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `prometheus.thanos.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `prometheus.thanos.service.type` | Kubernetes service type | `ClusterIP` | -| `prometheus.thanos.service.ports.grpc` | Thanos service port | `10901` | -| `prometheus.thanos.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | -| `prometheus.thanos.service.nodePorts.grpc` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `prometheus.thanos.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `prometheus.thanos.service.loadBalancerClass` | Thanos service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `prometheus.thanos.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `prometheus.thanos.service.labels` | Additional labels for Thanos service | `{}` | -| `prometheus.thanos.service.annotations` | Additional annotations for Thanos service | `{}` | -| `prometheus.thanos.service.extraPorts` | Additional ports to expose from the Thanos sidecar container | `[]` | -| `prometheus.thanos.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | -| `prometheus.thanos.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `prometheus.thanos.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `prometheus.thanos.ingress.enabled` | Enable ingress controller resource | `false` | -| `prometheus.thanos.ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `prometheus.thanos.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | -| `prometheus.thanos.ingress.hostname` | Default host for the ingress record | `thanos.prometheus.local` | -| `prometheus.thanos.ingress.path` | Default path for the ingress record | `/` | -| `prometheus.thanos.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `prometheus.thanos.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `prometheus.thanos.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | -| `prometheus.thanos.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `prometheus.thanos.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | -| `prometheus.thanos.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `prometheus.thanos.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | -| `prometheus.thanos.ingress.secrets` | Custom TLS certificates as secrets | `[]` | -| `prometheus.thanos.ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | -| `prometheus.configReloader.service.enabled` | Enable config-reloader sidecar service | `false` | -| `prometheus.configReloader.service.type` | Kubernetes service type | `ClusterIP` | -| `prometheus.configReloader.service.ports.http` | config-reloader sidecar container service port | `8080` | -| `prometheus.configReloader.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | -| `prometheus.configReloader.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `prometheus.configReloader.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `prometheus.configReloader.service.loadBalancerClass` | Prometheus Config Reloader service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `prometheus.configReloader.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `prometheus.configReloader.service.labels` | Additional labels for Prometheus service | `{}` | -| `prometheus.configReloader.service.annotations` | Additional annotations for Prometheus service | `{}` | -| `prometheus.configReloader.service.extraPorts` | Additional ports to expose from the config-reloader sidecar container | `[]` | -| `prometheus.configReloader.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | -| `prometheus.configReloader.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `prometheus.configReloader.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `prometheus.configReloader.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus config-reloader sidecar | `false` | -| `prometheus.configReloader.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | -| `prometheus.configReloader.serviceMonitor.path` | HTTP path to scrape for metrics | `/metrics` | -| `prometheus.configReloader.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `prometheus.configReloader.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | -| `prometheus.configReloader.serviceMonitor.relabelings` | Relabel configs | `[]` | -| `prometheus.configReloader.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | -| `prometheus.portName` | Port name used for the pods and governing service. This defaults to web | `web` | +| Name | Description | Value | +| --------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `prometheus.enabled` | Deploy Prometheus to the cluster | `true` | +| `prometheus.image.registry` | Prometheus image registry | `REGISTRY_NAME` | +| `prometheus.image.repository` | Prometheus image repository | `REPOSITORY_NAME/prometheus` | +| `prometheus.image.tag` | Prometheus image tag (immutable tags are recommended) | `2.47.1-debian-11-r2` | +| `prometheus.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `prometheus.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `prometheus.serviceAccount.create` | Specify whether to create a ServiceAccount for Prometheus | `true` | +| `prometheus.serviceAccount.name` | The name of the ServiceAccount to create | `""` | +| `prometheus.serviceAccount.annotations` | Additional annotations for created Prometheus ServiceAccount | `{}` | +| `prometheus.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `prometheus.podSecurityContext.enabled` | Enable security context | `true` | +| `prometheus.podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `prometheus.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `prometheus.containerSecurityContext.enabled` | Enable container security context | `true` | +| `prometheus.containerSecurityContext.readOnlyRootFilesystem` | Mount / (root) as a readonly filesystem | `false` | +| `prometheus.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `prometheus.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `prometheus.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `prometheus.pdb.create` | Create a pod disruption budget for Prometheus | `false` | +| `prometheus.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `prometheus.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `prometheus.service.type` | Kubernetes service type | `ClusterIP` | +| `prometheus.service.ports.http` | Prometheus service port | `9090` | +| `prometheus.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `prometheus.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `prometheus.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `prometheus.service.loadBalancerClass` | Prometheus service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `prometheus.service.loadBalancerSourceRanges` | Address that are allowed when service is `LoadBalancer` | `[]` | +| `prometheus.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `prometheus.service.healthCheckNodePort` | Specifies the health check node port | `""` | +| `prometheus.service.labels` | Additional labels for Prometheus service (this value is evaluated as a template) | `{}` | +| `prometheus.service.annotations` | Additional annotations for Prometheus service (this value is evaluated as a template) | `{}` | +| `prometheus.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `prometheus.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `prometheus.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus itself | `true` | +| `prometheus.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `prometheus.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | +| `prometheus.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | +| `prometheus.serviceMonitor.relabelings` | Relabel configs | `[]` | +| `prometheus.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| `prometheus.ingress.enabled` | Enable ingress controller resource | `false` | +| `prometheus.ingress.pathType` | Ingress Path type | `ImplementationSpecific` | +| `prometheus.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | +| `prometheus.ingress.hostname` | Default host for the ingress resource | `prometheus.local` | +| `prometheus.ingress.path` | The Path to Prometheus. You may need to set this to '/*' in order to use this with ALB ingress controllers | `/` | +| `prometheus.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `prometheus.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `prometheus.ingress.tls` | Enable TLS configuration for the hostname defined at prometheus.ingress.hostname parameter | `false` | +| `prometheus.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `prometheus.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `prometheus.ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | +| `prometheus.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `prometheus.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | +| `prometheus.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `prometheus.externalUrl` | External URL used to access Prometheus | `""` | +| `prometheus.resources` | CPU/Memory resource requests/limits for node | `{}` | +| `prometheus.podAffinityPreset` | Prometheus Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `prometheus.podAntiAffinityPreset` | Prometheus Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `prometheus.nodeAffinityPreset.type` | Prometheus Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `prometheus.nodeAffinityPreset.key` | Prometheus Node label key to match Ignored if `affinity` is set. | `""` | +| `prometheus.nodeAffinityPreset.values` | Prometheus Node label values to match. Ignored if `affinity` is set. | `[]` | +| `prometheus.affinity` | Prometheus Affinity for pod assignment | `{}` | +| `prometheus.nodeSelector` | Prometheus Node labels for pod assignment | `{}` | +| `prometheus.topologySpreadConstraints` | Prometheus Topology Spread Constraints for pod assignment | `[]` | +| `prometheus.tolerations` | Prometheus Tolerations for pod assignment | `[]` | +| `prometheus.scrapeInterval` | Interval between consecutive scrapes | `""` | +| `prometheus.evaluationInterval` | Interval between consecutive evaluations | `""` | +| `prometheus.scrapeTimeout` | Timeout after which the global scrape is ended | `""` | +| `prometheus.sampleLimit` | Per-scrape max number of scraped samples. Requires Prometheus v2.45.0 and newer | `""` | +| `prometheus.enforcedSampleLimit` | Override sampleLimits set by ServiceMonitor, PodMonitor or Probe objects | `""` | +| `prometheus.listenLocal` | ListenLocal makes the Prometheus server listen on loopback | `false` | +| `prometheus.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `prometheus.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | +| `prometheus.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | +| `prometheus.livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `prometheus.livenessProbe.timeoutSeconds` | When the probe times out | `3` | +| `prometheus.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `10` | +| `prometheus.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `prometheus.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `prometheus.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | +| `prometheus.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | +| `prometheus.readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `prometheus.readinessProbe.timeoutSeconds` | When the probe times out | `3` | +| `prometheus.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `10` | +| `prometheus.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `prometheus.startupProbe.enabled` | Turn on and off readiness probe | `true` | +| `prometheus.startupProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | +| `prometheus.startupProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | +| `prometheus.startupProbe.periodSeconds` | How often to perform the probe | `15` | +| `prometheus.startupProbe.timeoutSeconds` | When the probe times out | `3` | +| `prometheus.startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `60` | +| `prometheus.startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `prometheus.enableAdminAPI` | Enable Prometheus adminitrative API | `false` | +| `prometheus.enableFeatures` | Enable access to Prometheus disabled features. | `[]` | +| `prometheus.alertingEndpoints` | Alertmanagers to which alerts will be sent | `[]` | +| `prometheus.externalLabels` | External labels to add to any time series or alerts when communicating with external systems | `{}` | +| `prometheus.replicaExternalLabelName` | Name of the external label used to denote replica name | `""` | +| `prometheus.replicaExternalLabelNameClear` | Clear external label used to denote replica name | `false` | +| `prometheus.routePrefix` | Prefix used to register routes, overriding externalUrl route | `/` | +| `prometheus.prometheusExternalLabelName` | Name of the external label used to denote Prometheus instance name | `""` | +| `prometheus.prometheusExternalLabelNameClear` | Clear external label used to denote Prometheus instance name | `false` | +| `prometheus.secrets` | Secrets that should be mounted into the Prometheus Pods | `[]` | +| `prometheus.configMaps` | ConfigMaps that should be mounted into the Prometheus Pods | `[]` | +| `prometheus.querySpec` | The query command line flags when starting Prometheus | `{}` | +| `prometheus.ruleNamespaceSelector` | Namespaces to be selected for PrometheusRules discovery | `{}` | +| `prometheus.ruleSelector` | PrometheusRules to be selected for target discovery | `{}` | +| `prometheus.serviceMonitorSelector` | ServiceMonitors to be selected for target discovery | `{}` | +| `prometheus.serviceMonitorNamespaceSelector` | Namespaces to be selected for ServiceMonitor discovery | `{}` | +| `prometheus.podMonitorSelector` | PodMonitors to be selected for target discovery. | `{}` | +| `prometheus.podMonitorNamespaceSelector` | Namespaces to be selected for PodMonitor discovery | `{}` | +| `prometheus.probeSelector` | Probes to be selected for target discovery. | `{}` | +| `prometheus.probeNamespaceSelector` | Namespaces to be selected for Probe discovery | `{}` | +| `prometheus.scrapeConfigSelector` | ScrapeConfig to be selected for target discovery. | `{}` | +| `prometheus.scrapeConfigNamespaceSelector` | Namespaces to be selected for ScrapeConfig discovery | `{}` | +| `prometheus.retention` | Metrics retention days | `10d` | +| `prometheus.retentionSize` | Maximum size of metrics | `""` | +| `prometheus.disableCompaction` | Disable the compaction of the Prometheus TSDB | `false` | +| `prometheus.walCompression` | Enable compression of the write-ahead log using Snappy | `false` | +| `prometheus.paused` | If true, the Operator won't process any Prometheus configuration changes | `false` | +| `prometheus.replicaCount` | Number of Prometheus replicas desired | `1` | +| `prometheus.shards` | Number of Prometheus shards desired | `1` | +| `prometheus.logLevel` | Log level for Prometheus | `info` | +| `prometheus.logFormat` | Log format for Prometheus | `logfmt` | +| `prometheus.podMetadata` | Standard object's metadata | `{}` | +| `prometheus.remoteRead` | The remote_read spec configuration for Prometheus | `[]` | +| `prometheus.remoteWrite` | The remote_write spec configuration for Prometheus | `[]` | +| `prometheus.enableRemoteWriteReceiver` | Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. | `false` | +| `prometheus.storageSpec` | Prometheus StorageSpec for persistent data | `{}` | +| `prometheus.persistence.enabled` | Use PVCs to persist data. If the storageSpec is provided this will not take effect. | `false` | +| `prometheus.persistence.storageClass` | Persistent Volume Storage Class | `""` | +| `prometheus.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `prometheus.persistence.size` | Persistent Volume Size | `8Gi` | +| `prometheus.persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `prometheus.priorityClassName` | Priority class assigned to the Pods | `""` | +| `prometheus.containers` | Containers allows injecting additional containers | `[]` | +| `prometheus.initContainers` | Add additional init containers to the prometheus pod(s) | `[]` | +| `prometheus.volumes` | Volumes allows configuration of additional volumes | `[]` | +| `prometheus.volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template | `[]` | +| `prometheus.additionalPrometheusRules` | PrometheusRule defines recording and alerting rules for a Prometheus instance. | `[]` | +| `prometheus.additionalArgs` | Allows setting additional arguments for the Prometheus container | `[]` | +| `prometheus.additionalScrapeConfigs.enabled` | Enable additional scrape configs | `false` | +| `prometheus.additionalScrapeConfigs.type` | Indicates if the cart should use external additional scrape configs or internal configs | `external` | +| `prometheus.additionalScrapeConfigs.external.name` | Name of the secret that Prometheus should use for the additional external scrape configuration | `""` | +| `prometheus.additionalScrapeConfigs.external.key` | Name of the key inside the secret to be used for the additional external scrape configuration | `""` | +| `prometheus.additionalScrapeConfigs.internal.jobList` | A list of Prometheus scrape jobs | `[]` | +| `prometheus.additionalScrapeConfigsExternal.enabled` | Deprecated: Enable additional scrape configs that are managed externally to this chart | `false` | +| `prometheus.additionalScrapeConfigsExternal.name` | Deprecated: Name of the secret that Prometheus should use for the additional scrape configuration | `""` | +| `prometheus.additionalScrapeConfigsExternal.key` | Deprecated: Name of the key inside the secret to be used for the additional scrape configuration | `""` | +| `prometheus.additionalAlertRelabelConfigsExternal.enabled` | Enable additional Prometheus alert relabel configs that are managed externally to this chart | `false` | +| `prometheus.additionalAlertRelabelConfigsExternal.name` | Name of the secret that Prometheus should use for the additional Prometheus alert relabel configuration | `""` | +| `prometheus.additionalAlertRelabelConfigsExternal.key` | Name of the key inside the secret to be used for the additional Prometheus alert relabel configuration | `""` | +| `prometheus.additionalAlertManagerExternal.enabled` | Enable additional Prometheus AlertManager configs that are managed externally to this chart | `false` | +| `prometheus.additionalAlertManagerExternal.name` | Name of the secret that Prometheus should use for the additional Prometheus AlertManager configuration | `""` | +| `prometheus.additionalAlertManagerExternal.key` | Name of the key inside the secret to be used for the additional Prometheus AlertManager configuration | `""` | +| `prometheus.thanos.create` | Create a Thanos sidecar container | `false` | +| `prometheus.thanos.image.registry` | Thanos image registry | `REGISTRY_NAME` | +| `prometheus.thanos.image.repository` | Thanos image name | `REPOSITORY_NAME/thanos` | +| `prometheus.thanos.image.tag` | Thanos image tag | `0.32.4-debian-11-r3` | +| `prometheus.thanos.image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `prometheus.thanos.image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | +| `prometheus.thanos.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `prometheus.thanos.containerSecurityContext.enabled` | Enable container security context | `true` | +| `prometheus.thanos.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | +| `prometheus.thanos.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `prometheus.thanos.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `prometheus.thanos.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `prometheus.thanos.prometheusUrl` | Override default prometheus url `http://localhost:9090` | `""` | +| `prometheus.thanos.extraArgs` | Additional arguments passed to the thanos sidecar container | `[]` | +| `prometheus.thanos.objectStorageConfig.secretName` | Support mounting a Secret for the objectStorageConfig of the sideCar container. | `""` | +| `prometheus.thanos.objectStorageConfig.secretKey` | Secret key with the configuration file. | `thanos.yaml` | +| `prometheus.thanos.extraVolumeMounts` | Additional volumeMounts from `prometheus.volumes` for thanos sidecar container | `[]` | +| `prometheus.thanos.resources.limits` | The resources limits for the Thanos sidecar container | `{}` | +| `prometheus.thanos.resources.requests` | The resources requests for the Thanos sidecar container | `{}` | +| `prometheus.thanos.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `prometheus.thanos.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | +| `prometheus.thanos.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | +| `prometheus.thanos.livenessProbe.periodSeconds` | How often to perform the probe | `5` | +| `prometheus.thanos.livenessProbe.timeoutSeconds` | When the probe times out | `3` | +| `prometheus.thanos.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `prometheus.thanos.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `prometheus.thanos.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `prometheus.thanos.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | +| `prometheus.thanos.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | +| `prometheus.thanos.readinessProbe.periodSeconds` | How often to perform the probe | `5` | +| `prometheus.thanos.readinessProbe.timeoutSeconds` | When the probe times out | `3` | +| `prometheus.thanos.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `prometheus.thanos.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `prometheus.thanos.service.type` | Kubernetes service type | `ClusterIP` | +| `prometheus.thanos.service.ports.grpc` | Thanos service port | `10901` | +| `prometheus.thanos.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | +| `prometheus.thanos.service.nodePorts.grpc` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `prometheus.thanos.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `prometheus.thanos.service.loadBalancerClass` | Thanos service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `prometheus.thanos.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `prometheus.thanos.service.labels` | Additional labels for Thanos service | `{}` | +| `prometheus.thanos.service.annotations` | Additional annotations for Thanos service | `{}` | +| `prometheus.thanos.service.extraPorts` | Additional ports to expose from the Thanos sidecar container | `[]` | +| `prometheus.thanos.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | +| `prometheus.thanos.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `prometheus.thanos.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `prometheus.thanos.ingress.enabled` | Enable ingress controller resource | `false` | +| `prometheus.thanos.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `prometheus.thanos.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `prometheus.thanos.ingress.hostname` | Default host for the ingress record | `thanos.prometheus.local` | +| `prometheus.thanos.ingress.path` | Default path for the ingress record | `/` | +| `prometheus.thanos.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `prometheus.thanos.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `prometheus.thanos.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `prometheus.thanos.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `prometheus.thanos.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `prometheus.thanos.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `prometheus.thanos.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `prometheus.thanos.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `prometheus.thanos.ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | +| `prometheus.configReloader.service.enabled` | Enable config-reloader sidecar service | `false` | +| `prometheus.configReloader.service.type` | Kubernetes service type | `ClusterIP` | +| `prometheus.configReloader.service.ports.http` | config-reloader sidecar container service port | `8080` | +| `prometheus.configReloader.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | +| `prometheus.configReloader.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `prometheus.configReloader.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `prometheus.configReloader.service.loadBalancerClass` | Prometheus Config Reloader service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `prometheus.configReloader.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `prometheus.configReloader.service.labels` | Additional labels for Prometheus service | `{}` | +| `prometheus.configReloader.service.annotations` | Additional annotations for Prometheus service | `{}` | +| `prometheus.configReloader.service.extraPorts` | Additional ports to expose from the config-reloader sidecar container | `[]` | +| `prometheus.configReloader.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | +| `prometheus.configReloader.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `prometheus.configReloader.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `prometheus.configReloader.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Prometheus config-reloader sidecar | `false` | +| `prometheus.configReloader.serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | +| `prometheus.configReloader.serviceMonitor.path` | HTTP path to scrape for metrics | `/metrics` | +| `prometheus.configReloader.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `prometheus.configReloader.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | +| `prometheus.configReloader.serviceMonitor.relabelings` | Relabel configs | `[]` | +| `prometheus.configReloader.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| `prometheus.portName` | Port name used for the pods and governing service. This defaults to web | `web` | ### Alertmanager Parameters -| Name | Description | Value | -| ---------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `alertmanager.enabled` | Deploy Alertmanager to the cluster | `true` | -| `alertmanager.image.registry` | Prometheus image registry | `docker.io` | -| `alertmanager.image.repository` | Prometheus image repository | `bitnami/alertmanager` | -| `alertmanager.image.tag` | Prometheus image tag (immutable tags are recommended) | `0.26.0-debian-11-r41` | -| `alertmanager.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `alertmanager.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `alertmanager.serviceAccount.create` | Specify whether to create a ServiceAccount for Alertmanager | `true` | -| `alertmanager.serviceAccount.name` | The name of the ServiceAccount to create | `""` | -| `alertmanager.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `alertmanager.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `alertmanager.podSecurityContext.enabled` | Enable security context | `true` | -| `alertmanager.podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `alertmanager.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `alertmanager.containerSecurityContext.enabled` | Enable container security context | `true` | -| `alertmanager.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | -| `alertmanager.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `alertmanager.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `alertmanager.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `alertmanager.pdb.create` | Create a pod disruption budget for Alertmanager | `false` | -| `alertmanager.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `alertmanager.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `alertmanager.service.type` | Kubernetes service type | `ClusterIP` | -| `alertmanager.service.ports.http` | Alertmanager service port | `9093` | -| `alertmanager.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `alertmanager.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `alertmanager.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `alertmanager.service.loadBalancerClass` | Alertmanager service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `alertmanager.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `alertmanager.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `alertmanager.service.healthCheckNodePort` | Specifies the health check node port | `""` | -| `alertmanager.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `alertmanager.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `alertmanager.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `alertmanager.service.annotations` | Additional annotations for Alertmanager service (this value is evaluated as a template) | `{}` | -| `alertmanager.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Alertmanager | `true` | -| `alertmanager.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used. | `""` | -| `alertmanager.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | -| `alertmanager.serviceMonitor.relabelings` | Relabel configs | `[]` | -| `alertmanager.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `alertmanager.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `alertmanager.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `alertmanager.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `alertmanager.serviceMonitor.annotations` | Extra annotations for the ServiceMonitor | `{}` | -| `alertmanager.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `alertmanager.serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | -| `alertmanager.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | -| `alertmanager.ingress.enabled` | Enable ingress controller resource | `false` | -| `alertmanager.ingress.pathType` | Ingress Path type | `ImplementationSpecific` | -| `alertmanager.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | -| `alertmanager.ingress.hostname` | Default host for the ingress resource | `alertmanager.local` | -| `alertmanager.ingress.path` | The Path to Alert Manager. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | -| `alertmanager.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `alertmanager.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `alertmanager.ingress.tls` | Enable TLS configuration for the hostname defined at alertmanager.ingress.hostname parameter | `false` | -| `alertmanager.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `alertmanager.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `alertmanager.ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | -| `alertmanager.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `alertmanager.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `alertmanager.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | -| `alertmanager.externalUrl` | External URL used to access Alertmanager | `""` | -| `alertmanager.resources` | CPU/Memory resource requests/limits for node | `{}` | -| `alertmanager.podAffinityPreset` | Alertmanager Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `alertmanager.podAntiAffinityPreset` | Alertmanager Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `alertmanager.nodeAffinityPreset.type` | Alertmanager Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `alertmanager.nodeAffinityPreset.key` | Alertmanager Node label key to match Ignored if `affinity` is set. | `""` | -| `alertmanager.nodeAffinityPreset.values` | Alertmanager Node label values to match. Ignored if `affinity` is set. | `[]` | -| `alertmanager.affinity` | Alertmanager Affinity for pod assignment | `{}` | -| `alertmanager.nodeSelector` | Alertmanager Node labels for pod assignment | `{}` | -| `alertmanager.tolerations` | Alertmanager Tolerations for pod assignment | `[]` | -| `alertmanager.config` | Alertmanager configuration directive | `{}` | -| `alertmanager.templateFiles` | Extra files to be added inside the `alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}` secret. | `{}` | -| `alertmanager.externalConfig` | Alertmanager configuration is created externally. If true, `alertmanager.config` is ignored, and a secret will not be created. | `false` | -| `alertmanager.replicaCount` | Number of Alertmanager replicas desired | `1` | -| `alertmanager.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `alertmanager.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | -| `alertmanager.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | -| `alertmanager.livenessProbe.periodSeconds` | How often to perform the probe | `5` | -| `alertmanager.livenessProbe.timeoutSeconds` | When the probe times out | `3` | -| `alertmanager.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `alertmanager.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `alertmanager.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `alertmanager.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | -| `alertmanager.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | -| `alertmanager.readinessProbe.periodSeconds` | How often to perform the probe | `5` | -| `alertmanager.readinessProbe.timeoutSeconds` | When the probe times out | `3` | -| `alertmanager.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `alertmanager.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `alertmanager.logLevel` | Log level for Alertmanager | `info` | -| `alertmanager.logFormat` | Log format for Alertmanager | `logfmt` | -| `alertmanager.podMetadata` | Standard object's metadata. | `{}` | -| `alertmanager.secrets` | Secrets that should be mounted into the Alertmanager Pods | `[]` | -| `alertmanager.configMaps` | ConfigMaps that should be mounted into the Alertmanager Pods | `[]` | -| `alertmanager.retention` | Metrics retention days | `120h` | -| `alertmanager.storageSpec` | Alertmanager StorageSpec for persistent data | `{}` | -| `alertmanager.persistence.enabled` | Use PVCs to persist data. If the storageSpec is provided this will not take effect. | `false` | -| `alertmanager.persistence.storageClass` | Persistent Volume Storage Class | `""` | -| `alertmanager.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `alertmanager.persistence.size` | Persistent Volume Size | `8Gi` | -| `alertmanager.persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `alertmanager.paused` | If true, the Operator won't process any Alertmanager configuration changes | `false` | -| `alertmanager.listenLocal` | ListenLocal makes the Alertmanager server listen on loopback | `false` | -| `alertmanager.containers` | Containers allows injecting additional containers | `[]` | -| `alertmanager.volumes` | Volumes allows configuration of additional volumes. Evaluated as a template | `[]` | -| `alertmanager.volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template | `[]` | -| `alertmanager.priorityClassName` | Priority class assigned to the Pods | `""` | -| `alertmanager.additionalPeers` | AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster | `[]` | -| `alertmanager.routePrefix` | Prefix used to register routes, overriding externalUrl route | `/` | -| `alertmanager.portName` | Port name used for the pods and governing service. This defaults to web | `web` | -| `alertmanager.configNamespaceSelector` | Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. This defaults to {} | `{}` | -| `alertmanager.configSelector` | AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. This defaults to {} | `{}` | -| `alertmanager.configuration` | EXPERIMENTAL: alertmanagerConfiguration specifies the global Alertmanager configuration. If defined, it takes precedence over the `configSecret` field. This field may change in future releases. The specified global alertmanager config will not force add a namespace label in routes and inhibitRules | `{}` | +| Name | Description | Value | +| ---------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `alertmanager.enabled` | Deploy Alertmanager to the cluster | `true` | +| `alertmanager.image.registry` | Prometheus image registry | `REGISTRY_NAME` | +| `alertmanager.image.repository` | Prometheus image repository | `REPOSITORY_NAME/alertmanager` | +| `alertmanager.image.tag` | Prometheus image tag (immutable tags are recommended) | `0.26.0-debian-11-r43` | +| `alertmanager.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `alertmanager.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `alertmanager.serviceAccount.create` | Specify whether to create a ServiceAccount for Alertmanager | `true` | +| `alertmanager.serviceAccount.name` | The name of the ServiceAccount to create | `""` | +| `alertmanager.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `alertmanager.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `alertmanager.podSecurityContext.enabled` | Enable security context | `true` | +| `alertmanager.podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `alertmanager.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `alertmanager.containerSecurityContext.enabled` | Enable container security context | `true` | +| `alertmanager.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | +| `alertmanager.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `alertmanager.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `alertmanager.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `alertmanager.pdb.create` | Create a pod disruption budget for Alertmanager | `false` | +| `alertmanager.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `alertmanager.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `alertmanager.service.type` | Kubernetes service type | `ClusterIP` | +| `alertmanager.service.ports.http` | Alertmanager service port | `9093` | +| `alertmanager.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `alertmanager.service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `alertmanager.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `alertmanager.service.loadBalancerClass` | Alertmanager service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `alertmanager.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `alertmanager.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `alertmanager.service.healthCheckNodePort` | Specifies the health check node port | `""` | +| `alertmanager.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `alertmanager.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `alertmanager.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `alertmanager.service.annotations` | Additional annotations for Alertmanager service (this value is evaluated as a template) | `{}` | +| `alertmanager.serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Alertmanager | `true` | +| `alertmanager.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used. | `""` | +| `alertmanager.serviceMonitor.metricRelabelings` | Metric relabeling | `[]` | +| `alertmanager.serviceMonitor.relabelings` | Relabel configs | `[]` | +| `alertmanager.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `alertmanager.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `alertmanager.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `alertmanager.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `alertmanager.serviceMonitor.annotations` | Extra annotations for the ServiceMonitor | `{}` | +| `alertmanager.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `alertmanager.serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | +| `alertmanager.serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| `alertmanager.ingress.enabled` | Enable ingress controller resource | `false` | +| `alertmanager.ingress.pathType` | Ingress Path type | `ImplementationSpecific` | +| `alertmanager.ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | +| `alertmanager.ingress.hostname` | Default host for the ingress resource | `alertmanager.local` | +| `alertmanager.ingress.path` | The Path to Alert Manager. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | +| `alertmanager.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `alertmanager.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `alertmanager.ingress.tls` | Enable TLS configuration for the hostname defined at alertmanager.ingress.hostname parameter | `false` | +| `alertmanager.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `alertmanager.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `alertmanager.ingress.extraPaths` | Additional arbitrary path/backend objects | `[]` | +| `alertmanager.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `alertmanager.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | +| `alertmanager.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `alertmanager.externalUrl` | External URL used to access Alertmanager | `""` | +| `alertmanager.resources` | CPU/Memory resource requests/limits for node | `{}` | +| `alertmanager.podAffinityPreset` | Alertmanager Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `alertmanager.podAntiAffinityPreset` | Alertmanager Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `alertmanager.nodeAffinityPreset.type` | Alertmanager Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `alertmanager.nodeAffinityPreset.key` | Alertmanager Node label key to match Ignored if `affinity` is set. | `""` | +| `alertmanager.nodeAffinityPreset.values` | Alertmanager Node label values to match. Ignored if `affinity` is set. | `[]` | +| `alertmanager.affinity` | Alertmanager Affinity for pod assignment | `{}` | +| `alertmanager.nodeSelector` | Alertmanager Node labels for pod assignment | `{}` | +| `alertmanager.tolerations` | Alertmanager Tolerations for pod assignment | `[]` | +| `alertmanager.config` | Alertmanager configuration directive | `{}` | +| `alertmanager.templateFiles` | Extra files to be added inside the `alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}` secret. | `{}` | +| `alertmanager.externalConfig` | Alertmanager configuration is created externally. If true, `alertmanager.config` is ignored, and a secret will not be created. | `false` | +| `alertmanager.replicaCount` | Number of Alertmanager replicas desired | `1` | +| `alertmanager.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `alertmanager.livenessProbe.path` | Path of the HTTP service for checking the healthy state | `/-/healthy` | +| `alertmanager.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | +| `alertmanager.livenessProbe.periodSeconds` | How often to perform the probe | `5` | +| `alertmanager.livenessProbe.timeoutSeconds` | When the probe times out | `3` | +| `alertmanager.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `alertmanager.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `alertmanager.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `alertmanager.readinessProbe.path` | Path of the HTTP service for checking the ready state | `/-/ready` | +| `alertmanager.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | +| `alertmanager.readinessProbe.periodSeconds` | How often to perform the probe | `5` | +| `alertmanager.readinessProbe.timeoutSeconds` | When the probe times out | `3` | +| `alertmanager.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `alertmanager.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `alertmanager.logLevel` | Log level for Alertmanager | `info` | +| `alertmanager.logFormat` | Log format for Alertmanager | `logfmt` | +| `alertmanager.podMetadata` | Standard object's metadata. | `{}` | +| `alertmanager.secrets` | Secrets that should be mounted into the Alertmanager Pods | `[]` | +| `alertmanager.configMaps` | ConfigMaps that should be mounted into the Alertmanager Pods | `[]` | +| `alertmanager.retention` | Metrics retention days | `120h` | +| `alertmanager.storageSpec` | Alertmanager StorageSpec for persistent data | `{}` | +| `alertmanager.persistence.enabled` | Use PVCs to persist data. If the storageSpec is provided this will not take effect. | `false` | +| `alertmanager.persistence.storageClass` | Persistent Volume Storage Class | `""` | +| `alertmanager.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `alertmanager.persistence.size` | Persistent Volume Size | `8Gi` | +| `alertmanager.persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `alertmanager.paused` | If true, the Operator won't process any Alertmanager configuration changes | `false` | +| `alertmanager.listenLocal` | ListenLocal makes the Alertmanager server listen on loopback | `false` | +| `alertmanager.containers` | Containers allows injecting additional containers | `[]` | +| `alertmanager.volumes` | Volumes allows configuration of additional volumes. Evaluated as a template | `[]` | +| `alertmanager.volumeMounts` | VolumeMounts allows configuration of additional VolumeMounts. Evaluated as a template | `[]` | +| `alertmanager.priorityClassName` | Priority class assigned to the Pods | `""` | +| `alertmanager.additionalPeers` | AdditionalPeers allows injecting a set of additional Alertmanagers to peer with to form a highly available cluster | `[]` | +| `alertmanager.routePrefix` | Prefix used to register routes, overriding externalUrl route | `/` | +| `alertmanager.portName` | Port name used for the pods and governing service. This defaults to web | `web` | +| `alertmanager.configNamespaceSelector` | Namespaces to be selected for AlertmanagerConfig discovery. If nil, only check own namespace. This defaults to {} | `{}` | +| `alertmanager.configSelector` | AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. This defaults to {} | `{}` | +| `alertmanager.configuration` | EXPERIMENTAL: alertmanagerConfiguration specifies the global Alertmanager configuration. If defined, it takes precedence over the `configSecret` field. This field may change in future releases. The specified global alertmanager config will not force add a namespace label in routes and inhibitRules | `{}` | ### Exporters @@ -588,77 +592,77 @@ The command removes all the Kubernetes components associated with the chart and ### Blackbox Exporter Deployment Parameters -| Name | Description | Value | -| -------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `blackboxExporter.enabled` | Enable Blackbox Exporter deployment | `true` | -| `blackboxExporter.image.registry` | Blackbox Exporter image registry | `docker.io` | -| `blackboxExporter.image.repository` | Blackbox Exporter image repository | `bitnami/blackbox-exporter` | -| `blackboxExporter.image.pullPolicy` | Blackbox Exporter image pull policy | `IfNotPresent` | -| `blackboxExporter.image.tag` | Blackbox Exporter image tag (immutable tags are recommended) | `0.24.0-debian-11-r135` | -| `blackboxExporter.image.digest` | Blackbox Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `blackboxExporter.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `blackboxExporter.extraEnvVars` | Array with extra environment variables to add to blackboxExporter nodes | `[]` | -| `blackboxExporter.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for blackboxExporter nodes | `""` | -| `blackboxExporter.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for blackboxExporter nodes | `""` | -| `blackboxExporter.command` | Override default container command (useful when using custom images) | `[]` | -| `blackboxExporter.args` | Override default container args (useful when using custom images) | `[]` | -| `blackboxExporter.replicaCount` | Number of Blackbox Exporter replicas to deploy | `1` | -| `blackboxExporter.livenessProbe.enabled` | Enable livenessProbe on Blackbox Exporter nodes | `true` | -| `blackboxExporter.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `blackboxExporter.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `blackboxExporter.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `blackboxExporter.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `blackboxExporter.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `blackboxExporter.readinessProbe.enabled` | Enable readinessProbe on Blackbox Exporter nodes | `true` | -| `blackboxExporter.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | -| `blackboxExporter.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `blackboxExporter.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `blackboxExporter.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `blackboxExporter.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `blackboxExporter.startupProbe.enabled` | Enable startupProbe on Blackbox Exporter containers | `false` | -| `blackboxExporter.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `blackboxExporter.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `blackboxExporter.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `blackboxExporter.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `blackboxExporter.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `blackboxExporter.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `blackboxExporter.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `blackboxExporter.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `blackboxExporter.configuration` | Blackbox Exporter configuration | `{}` | -| `blackboxExporter.existingConfigMap` | ConfigMap pointing to the Blackbox Exporter configuration | `""` | -| `blackboxExporter.containerPorts.http` | Blackbox Exporter HTTP container port | `19115` | -| `blackboxExporter.serviceAccount.create` | Enable creation of ServiceAccount for WordPress pod | `true` | -| `blackboxExporter.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `blackboxExporter.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | -| `blackboxExporter.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `blackboxExporter.resources.limits` | The resources limits for the blackboxExporter containers | `{}` | -| `blackboxExporter.resources.requests` | The requested resources for the blackboxExporter containers | `{}` | -| `blackboxExporter.podSecurityContext.enabled` | Enabled Blackbox Exporter pods' Security Context | `true` | -| `blackboxExporter.podSecurityContext.fsGroup` | Set Blackbox Exporter pod's Security Context fsGroup | `1001` | -| `blackboxExporter.containerSecurityContext.enabled` | Enabled Blackbox Exporter containers' Security Context | `true` | -| `blackboxExporter.containerSecurityContext.runAsUser` | Set Blackbox Exporter containers' Security Context runAsUser | `1001` | -| `blackboxExporter.containerSecurityContext.runAsNonRoot` | Set Blackbox Exporter containers' Security Context runAsNonRoot | `true` | -| `blackboxExporter.lifecycleHooks` | for the blackboxExporter container(s) to automate configuration before or after startup | `{}` | -| `blackboxExporter.hostAliases` | blackboxExporter pods host aliases | `[]` | -| `blackboxExporter.podLabels` | Extra labels for blackboxExporter pods | `{}` | -| `blackboxExporter.podAnnotations` | Annotations for blackboxExporter pods | `{}` | -| `blackboxExporter.podAffinityPreset` | Pod affinity preset. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `blackboxExporter.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `blackboxExporter.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `blackboxExporter.nodeAffinityPreset.key` | Node label key to match. Ignored if `blackboxExporter.affinity` is set | `""` | -| `blackboxExporter.nodeAffinityPreset.values` | Node label values to match. Ignored if `blackboxExporter.affinity` is set | `[]` | -| `blackboxExporter.affinity` | Affinity for Blackbox Exporter pods assignment | `{}` | -| `blackboxExporter.nodeSelector` | Node labels for Blackbox Exporter pods assignment | `{}` | -| `blackboxExporter.tolerations` | Tolerations for Blackbox Exporter pods assignment | `[]` | -| `blackboxExporter.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `blackboxExporter.priorityClassName` | Blackbox Exporter pods' priorityClassName | `""` | -| `blackboxExporter.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `blackboxExporter.terminationGracePeriodSeconds` | In seconds, time the given to the Blackbox Exporter pod needs to terminate gracefully | `""` | -| `blackboxExporter.updateStrategy.type` | Blackbox Exporter statefulset strategy type | `RollingUpdate` | -| `blackboxExporter.extraVolumes` | Optionally specify extra list of additional volumes for the Blackbox Exporter pod(s) | `[]` | -| `blackboxExporter.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Blackbox Exporter container(s) | `[]` | -| `blackboxExporter.sidecars` | Add additional sidecar containers to the Blackbox Exporter pod(s) | `[]` | -| `blackboxExporter.initContainers` | Add additional init containers to the Blackbox Exporter pod(s) | `[]` | +| Name | Description | Value | +| -------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `blackboxExporter.enabled` | Enable Blackbox Exporter deployment | `true` | +| `blackboxExporter.image.registry` | Blackbox Exporter image registry | `REGISTRY_NAME` | +| `blackboxExporter.image.repository` | Blackbox Exporter image repository | `REPOSITORY_NAME/blackbox-exporter` | +| `blackboxExporter.image.pullPolicy` | Blackbox Exporter image pull policy | `IfNotPresent` | +| `blackboxExporter.image.tag` | Blackbox Exporter image tag (immutable tags are recommended) | `0.24.0-debian-11-r139` | +| `blackboxExporter.image.digest` | Blackbox Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `blackboxExporter.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `blackboxExporter.extraEnvVars` | Array with extra environment variables to add to blackboxExporter nodes | `[]` | +| `blackboxExporter.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for blackboxExporter nodes | `""` | +| `blackboxExporter.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for blackboxExporter nodes | `""` | +| `blackboxExporter.command` | Override default container command (useful when using custom images) | `[]` | +| `blackboxExporter.args` | Override default container args (useful when using custom images) | `[]` | +| `blackboxExporter.replicaCount` | Number of Blackbox Exporter replicas to deploy | `1` | +| `blackboxExporter.livenessProbe.enabled` | Enable livenessProbe on Blackbox Exporter nodes | `true` | +| `blackboxExporter.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `blackboxExporter.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `blackboxExporter.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `blackboxExporter.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `blackboxExporter.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `blackboxExporter.readinessProbe.enabled` | Enable readinessProbe on Blackbox Exporter nodes | `true` | +| `blackboxExporter.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | +| `blackboxExporter.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `blackboxExporter.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `blackboxExporter.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `blackboxExporter.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `blackboxExporter.startupProbe.enabled` | Enable startupProbe on Blackbox Exporter containers | `false` | +| `blackboxExporter.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `blackboxExporter.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `blackboxExporter.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `blackboxExporter.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `blackboxExporter.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `blackboxExporter.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `blackboxExporter.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `blackboxExporter.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `blackboxExporter.configuration` | Blackbox Exporter configuration | `{}` | +| `blackboxExporter.existingConfigMap` | ConfigMap pointing to the Blackbox Exporter configuration | `""` | +| `blackboxExporter.containerPorts.http` | Blackbox Exporter HTTP container port | `19115` | +| `blackboxExporter.serviceAccount.create` | Enable creation of ServiceAccount for WordPress pod | `true` | +| `blackboxExporter.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `blackboxExporter.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | +| `blackboxExporter.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `blackboxExporter.resources.limits` | The resources limits for the blackboxExporter containers | `{}` | +| `blackboxExporter.resources.requests` | The requested resources for the blackboxExporter containers | `{}` | +| `blackboxExporter.podSecurityContext.enabled` | Enabled Blackbox Exporter pods' Security Context | `true` | +| `blackboxExporter.podSecurityContext.fsGroup` | Set Blackbox Exporter pod's Security Context fsGroup | `1001` | +| `blackboxExporter.containerSecurityContext.enabled` | Enabled Blackbox Exporter containers' Security Context | `true` | +| `blackboxExporter.containerSecurityContext.runAsUser` | Set Blackbox Exporter containers' Security Context runAsUser | `1001` | +| `blackboxExporter.containerSecurityContext.runAsNonRoot` | Set Blackbox Exporter containers' Security Context runAsNonRoot | `true` | +| `blackboxExporter.lifecycleHooks` | for the blackboxExporter container(s) to automate configuration before or after startup | `{}` | +| `blackboxExporter.hostAliases` | blackboxExporter pods host aliases | `[]` | +| `blackboxExporter.podLabels` | Extra labels for blackboxExporter pods | `{}` | +| `blackboxExporter.podAnnotations` | Annotations for blackboxExporter pods | `{}` | +| `blackboxExporter.podAffinityPreset` | Pod affinity preset. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `blackboxExporter.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `blackboxExporter.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `blackboxExporter.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `blackboxExporter.nodeAffinityPreset.key` | Node label key to match. Ignored if `blackboxExporter.affinity` is set | `""` | +| `blackboxExporter.nodeAffinityPreset.values` | Node label values to match. Ignored if `blackboxExporter.affinity` is set | `[]` | +| `blackboxExporter.affinity` | Affinity for Blackbox Exporter pods assignment | `{}` | +| `blackboxExporter.nodeSelector` | Node labels for Blackbox Exporter pods assignment | `{}` | +| `blackboxExporter.tolerations` | Tolerations for Blackbox Exporter pods assignment | `[]` | +| `blackboxExporter.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `blackboxExporter.priorityClassName` | Blackbox Exporter pods' priorityClassName | `""` | +| `blackboxExporter.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `blackboxExporter.terminationGracePeriodSeconds` | In seconds, time the given to the Blackbox Exporter pod needs to terminate gracefully | `""` | +| `blackboxExporter.updateStrategy.type` | Blackbox Exporter statefulset strategy type | `RollingUpdate` | +| `blackboxExporter.extraVolumes` | Optionally specify extra list of additional volumes for the Blackbox Exporter pod(s) | `[]` | +| `blackboxExporter.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Blackbox Exporter container(s) | `[]` | +| `blackboxExporter.sidecars` | Add additional sidecar containers to the Blackbox Exporter pod(s) | `[]` | +| `blackboxExporter.initContainers` | Add additional init containers to the Blackbox Exporter pod(s) | `[]` | ### Blackbox Exporter Traffic Exposure Parameters @@ -764,17 +768,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set operator.logLevel=debug \ --set prometheus.replicaCount=5 \ - oci://registry-1.docker.io/bitnamicharts/kube-prometheus + oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Prometheus Operator `logLevel` to `debug`. Additionally it sets the `prometheus.replicaCount` to `5`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kube-prometheus +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -822,9 +829,11 @@ While upgrading a chart, please note that there are certain limitations to upgra ## Upgrading ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/kube-prometheus +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 8.0.0 This major updates the kube-state-metrics subchart to its newest major, 3.0.0, and the node-exporter subchart to its newest major, 3.0.0. Both releases contains name changes to a few of its values. For more information, please refer to [kube-state-metrics upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/kube-state-metrics#to-300) and [node-exporter upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/node-exporter#to-300). @@ -945,9 +954,11 @@ To upgrade from version 2.0.0, previously remove the Thanos sidecar svc to avoid ```console kubectl delete svc my-relase-kube-prometheus-prometheus-thanos -helm upgrade my-release --set prometheus.thanos.create=true oci://registry-1.docker.io/bitnamicharts/kube-prometheus +helm upgrade my-release --set prometheus.thanos.create=true oci://REGISTRY_NAME/REPOSITORY_NAME/kube-prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 2.0.0 - CRDs were updated to the latest prometheus-operator v0.4.1 release artifacts diff --git a/bitnami/kube-prometheus/values.yaml b/bitnami/kube-prometheus/values.yaml index c18aa3b84068ab..14aafd208dc493 100644 --- a/bitnami/kube-prometheus/values.yaml +++ b/bitnami/kube-prometheus/values.yaml @@ -57,8 +57,8 @@ operator: enabled: true ## Bitnami Prometheus Operator image version ## ref: https://hub.docker.com/r/bitnami/prometheus-operator/tags/ - ## @param operator.image.registry Prometheus Operator image registry - ## @param operator.image.repository Prometheus Operator image repository + ## @param operator.image.registry [default: REGISTRY_NAME] Prometheus Operator image registry + ## @param operator.image.repository [default: REPOSITORY_NAME/prometheus-operator] Prometheus Operator image repository ## @param operator.image.tag Prometheus Operator image tag (immutable tags are recommended) ## @param operator.image.digest Prometheus Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param operator.image.pullPolicy Prometheus Operator image pull policy @@ -515,8 +515,8 @@ prometheus: enabled: true ## Bitnami Prometheus image version ## ref: https://hub.docker.com/r/bitnami/prometheus/tags/ - ## @param prometheus.image.registry Prometheus image registry - ## @param prometheus.image.repository Prometheus image repository + ## @param prometheus.image.registry [default: REGISTRY_NAME] Prometheus image registry + ## @param prometheus.image.repository [default: REPOSITORY_NAME/prometheus] Prometheus image repository ## @param prometheus.image.tag Prometheus image tag (immutable tags are recommended) ## @param prometheus.image.digest Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param prometheus.image.pullSecrets Specify docker-registry secret names as an array @@ -1192,8 +1192,8 @@ prometheus: create: false ## Bitnami Thanos image ## ref: https://hub.docker.com/r/bitnami/thanos/tags/ - ## @param prometheus.thanos.image.registry Thanos image registry - ## @param prometheus.thanos.image.repository Thanos image name + ## @param prometheus.thanos.image.registry [default: REGISTRY_NAME] Thanos image registry + ## @param prometheus.thanos.image.repository [default: REPOSITORY_NAME/thanos] Thanos image name ## @param prometheus.thanos.image.tag Thanos image tag ## @param prometheus.thanos.image.digest Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param prometheus.thanos.image.pullPolicy Thanos image pull policy @@ -1592,8 +1592,8 @@ alertmanager: enabled: true ## Bitnami Alertmanager image version ## ref: https://hub.docker.com/r/bitnami/prometheus-operator/tags/ - ## @param alertmanager.image.registry Prometheus image registry - ## @param alertmanager.image.repository Prometheus image repository + ## @param alertmanager.image.registry [default: REGISTRY_NAME] Prometheus image registry + ## @param alertmanager.image.repository [default: REPOSITORY_NAME/alertmanager] Prometheus image repository ## @param alertmanager.image.tag Prometheus image tag (immutable tags are recommended) ## @param alertmanager.image.digest Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param alertmanager.image.pullSecrets Specify docker-registry secret names as an array @@ -2188,8 +2188,8 @@ blackboxExporter: enabled: true ## Bitnami Alertmanager image version ## ref: https://hub.docker.com/r/bitnami/prometheus-operator/tags/ - ## @param blackboxExporter.image.registry Blackbox Exporter image registry - ## @param blackboxExporter.image.repository Blackbox Exporter image repository + ## @param blackboxExporter.image.registry [default: REGISTRY_NAME] Blackbox Exporter image registry + ## @param blackboxExporter.image.repository [default: REPOSITORY_NAME/blackbox-exporter] Blackbox Exporter image repository ## @param blackboxExporter.image.pullPolicy Blackbox Exporter image pull policy ## @param blackboxExporter.image.tag Blackbox Exporter image tag (immutable tags are recommended) ## @param blackboxExporter.image.digest Blackbox Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag diff --git a/bitnami/kube-state-metrics/README.md b/bitnami/kube-state-metrics/README.md index af99b27eb5e882..a3060426ac77af 100644 --- a/bitnami/kube-state-metrics/README.md +++ b/bitnami/kube-state-metrics/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kube-state-metrics +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-state-metrics ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps [kube-state-metrics](https://github.com/bitnami/containers/tree/main/bitnami/kube-state-metrics) on [Kubernetes](https://kubernetes.io) using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Kube State Metrics in production? Try [VMware Application Catalog To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kube-state-metrics +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-state-metrics ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys kube-state-metrics on the Kubernetes cluster in the default configuration. The [configuration](#configuration-and-installation-details) section lists the parameters that can be configured during installation. ## Uninstalling the Chart @@ -74,147 +78,150 @@ The command removes all the Kubernetes components associated with the chart and ### kube-state-metrics parameters -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------- | -| `hostAliases` | Add deployment host aliases | `[]` | -| `rbac.create` | Whether to create & use RBAC resources or not | `true` | -| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `image.registry` | kube-state-metrics image registry | `docker.io` | -| `image.repository` | kube-state-metrics image repository | `bitnami/kube-state-metrics` | -| `image.tag` | kube-state-metrics image tag (immutable tags are recommended) | `2.10.0-debian-11-r34` | -| `image.digest` | kube-state-metrics image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | kube-state-metrics image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `extraArgs` | Additional command line arguments to pass to kube-state-metrics | `{}` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the kube-state-metrics container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to kube-state-metrics nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for kube-state-metrics pod(s) | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for kube-state-metrics pod(s) | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the kube-state-metrics pod(s) | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the kube-state-metrics container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the kube-state-metrics pod(s) | `[]` | -| `initContainers` | Add additional init containers to the kube-state-metrics pod(s) | `[]` | -| `namespaces` | Comma-separated list of namespaces to be enabled. Defaults to all namespaces. Evaluated as a template. | `""` | -| `kubeResources.certificatesigningrequests` | Enable the `certificatesigningrequests` resource | `true` | -| `kubeResources.configmaps` | Enable the `configmaps` resource | `true` | -| `kubeResources.cronjobs` | Enable the `cronjobs` resource | `true` | -| `kubeResources.daemonsets` | Enable the `daemonsets` resource | `true` | -| `kubeResources.deployments` | Enable the `deployments` resource | `true` | -| `kubeResources.endpoints` | Enable the `endpoints` resource | `true` | -| `kubeResources.horizontalpodautoscalers` | Enable the `horizontalpodautoscalers` resource | `true` | -| `kubeResources.ingresses` | Enable the `ingresses` resource | `true` | -| `kubeResources.jobs` | Enable the `jobs` resource | `true` | -| `kubeResources.limitranges` | Enable the `limitranges` resource | `true` | -| `kubeResources.mutatingwebhookconfigurations` | Enable the `mutatingwebhookconfigurations` resource | `true` | -| `kubeResources.namespaces` | Enable the `namespaces` resource | `true` | -| `kubeResources.networkpolicies` | Enable the `networkpolicies` resource | `true` | -| `kubeResources.nodes` | Enable the `nodes` resource | `true` | -| `kubeResources.persistentvolumeclaims` | Enable the `persistentvolumeclaims` resource | `true` | -| `kubeResources.persistentvolumes` | Enable the `persistentvolumes` resource | `true` | -| `kubeResources.poddisruptionbudgets` | Enable the `poddisruptionbudgets` resource | `true` | -| `kubeResources.pods` | Enable the `pods` resource | `true` | -| `kubeResources.replicasets` | Enable the `replicasets` resource | `true` | -| `kubeResources.replicationcontrollers` | Enable the `replicationcontrollers` resource | `true` | -| `kubeResources.resourcequotas` | Enable the `resourcequotas` resource | `true` | -| `kubeResources.secrets` | Enable the `secrets` resource | `true` | -| `kubeResources.services` | Enable the `services` resource | `true` | -| `kubeResources.statefulsets` | Enable the `statefulsets` resource | `true` | -| `kubeResources.storageclasses` | Enable the `storageclasses` resource | `true` | -| `kubeResources.verticalpodautoscalers` | Enable the `verticalpodautoscalers` resource | `false` | -| `kubeResources.validatingwebhookconfigurations` | Enable the `validatingwebhookconfigurations` resource | `false` | -| `kubeResources.volumeattachments` | Enable the `volumeattachments` resource | `true` | -| `podSecurityContext.enabled` | Enabled kube-state-metrics pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set kube-state-metrics pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled kube-state-metrics containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set kube-state-metrics containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set kube-state-metrics container's Security Context runAsNonRoot | `true` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.ports.http` | kube-state-metrics service port | `8080` | -| `service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `service.externalTrafficPolicy` | kube-state-metrics service external traffic policy | `Cluster` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Additional annotations for kube-state-metrics service | `{}` | -| `service.labels` | Additional labels for kube-state-metrics service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `hostNetwork` | Enable hostNetwork mode | `false` | -| `priorityClassName` | Priority class assigned to the Pods | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the kube-state-metrics pod needs to terminate gracefully | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `replicaCount` | Desired number of controller pods | `1` | -| `podLabels` | Pod labels | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `updateStrategy` | Allows setting of `RollingUpdate` strategy | `{}` | -| `minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `startupProbe.enabled` | Turn on and off startup probe | `false` | -| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `30` | -| `startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | -| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor kube-state-metrics | `false` | -| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | -| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `serviceMonitor.honorLabels` | Honor metrics labels | `false` | -| `serviceMonitor.relabelings` | ServiceMonitor relabelings | `[]` | -| `serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings | `[]` | -| `serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | -| `serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | -| `selfMonitor.enabled` | Creates a selfMonitor to monitor kube-state-metrics itself | `false` | -| `selfMonitor.telemetryPort` | Kube-state-metrics telemetry Port | `8081` | -| `selfMonitor.telemetryNodePort` | Kube-state-metrics Node Port | `""` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------ | +| `hostAliases` | Add deployment host aliases | `[]` | +| `rbac.create` | Whether to create & use RBAC resources or not | `true` | +| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `image.registry` | kube-state-metrics image registry | `REGISTRY_NAME` | +| `image.repository` | kube-state-metrics image repository | `REPOSITORY_NAME/kube-state-metrics` | +| `image.tag` | kube-state-metrics image tag (immutable tags are recommended) | `2.10.0-debian-11-r34` | +| `image.digest` | kube-state-metrics image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | kube-state-metrics image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `extraArgs` | Additional command line arguments to pass to kube-state-metrics | `{}` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the kube-state-metrics container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to kube-state-metrics nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for kube-state-metrics pod(s) | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for kube-state-metrics pod(s) | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the kube-state-metrics pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the kube-state-metrics container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the kube-state-metrics pod(s) | `[]` | +| `initContainers` | Add additional init containers to the kube-state-metrics pod(s) | `[]` | +| `namespaces` | Comma-separated list of namespaces to be enabled. Defaults to all namespaces. Evaluated as a template. | `""` | +| `kubeResources.certificatesigningrequests` | Enable the `certificatesigningrequests` resource | `true` | +| `kubeResources.configmaps` | Enable the `configmaps` resource | `true` | +| `kubeResources.cronjobs` | Enable the `cronjobs` resource | `true` | +| `kubeResources.daemonsets` | Enable the `daemonsets` resource | `true` | +| `kubeResources.deployments` | Enable the `deployments` resource | `true` | +| `kubeResources.endpoints` | Enable the `endpoints` resource | `true` | +| `kubeResources.horizontalpodautoscalers` | Enable the `horizontalpodautoscalers` resource | `true` | +| `kubeResources.ingresses` | Enable the `ingresses` resource | `true` | +| `kubeResources.jobs` | Enable the `jobs` resource | `true` | +| `kubeResources.limitranges` | Enable the `limitranges` resource | `true` | +| `kubeResources.mutatingwebhookconfigurations` | Enable the `mutatingwebhookconfigurations` resource | `true` | +| `kubeResources.namespaces` | Enable the `namespaces` resource | `true` | +| `kubeResources.networkpolicies` | Enable the `networkpolicies` resource | `true` | +| `kubeResources.nodes` | Enable the `nodes` resource | `true` | +| `kubeResources.persistentvolumeclaims` | Enable the `persistentvolumeclaims` resource | `true` | +| `kubeResources.persistentvolumes` | Enable the `persistentvolumes` resource | `true` | +| `kubeResources.poddisruptionbudgets` | Enable the `poddisruptionbudgets` resource | `true` | +| `kubeResources.pods` | Enable the `pods` resource | `true` | +| `kubeResources.replicasets` | Enable the `replicasets` resource | `true` | +| `kubeResources.replicationcontrollers` | Enable the `replicationcontrollers` resource | `true` | +| `kubeResources.resourcequotas` | Enable the `resourcequotas` resource | `true` | +| `kubeResources.secrets` | Enable the `secrets` resource | `true` | +| `kubeResources.services` | Enable the `services` resource | `true` | +| `kubeResources.statefulsets` | Enable the `statefulsets` resource | `true` | +| `kubeResources.storageclasses` | Enable the `storageclasses` resource | `true` | +| `kubeResources.verticalpodautoscalers` | Enable the `verticalpodautoscalers` resource | `false` | +| `kubeResources.validatingwebhookconfigurations` | Enable the `validatingwebhookconfigurations` resource | `false` | +| `kubeResources.volumeattachments` | Enable the `volumeattachments` resource | `true` | +| `podSecurityContext.enabled` | Enabled kube-state-metrics pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set kube-state-metrics pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled kube-state-metrics containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set kube-state-metrics containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set kube-state-metrics container's Security Context runAsNonRoot | `true` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.ports.http` | kube-state-metrics service port | `8080` | +| `service.nodePorts.http` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `service.externalTrafficPolicy` | kube-state-metrics service external traffic policy | `Cluster` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Additional annotations for kube-state-metrics service | `{}` | +| `service.labels` | Additional labels for kube-state-metrics service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `hostNetwork` | Enable hostNetwork mode | `false` | +| `priorityClassName` | Priority class assigned to the Pods | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the kube-state-metrics pod needs to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `replicaCount` | Desired number of controller pods | `1` | +| `podLabels` | Pod labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `updateStrategy` | Allows setting of `RollingUpdate` strategy | `{}` | +| `minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `startupProbe.enabled` | Turn on and off startup probe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `30` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `6` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor kube-state-metrics | `false` | +| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | +| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `serviceMonitor.honorLabels` | Honor metrics labels | `false` | +| `serviceMonitor.relabelings` | ServiceMonitor relabelings | `[]` | +| `serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings | `[]` | +| `serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `serviceMonitor.extraParameters` | Any extra parameter to be added to the endpoint configured in the ServiceMonitor | `{}` | +| `serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| `selfMonitor.enabled` | Creates a selfMonitor to monitor kube-state-metrics itself | `false` | +| `selfMonitor.telemetryPort` | Kube-state-metrics telemetry Port | `8081` | +| `selfMonitor.telemetryNodePort` | Kube-state-metrics Node Port | `""` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example the following command sets the `replicas` of the kube-state-metrics Pods to `2`. ```console -helm install my-release --set replicas=2 oci://registry-1.docker.io/bitnamicharts/kube-state-metrics +helm install my-release --set replicas=2 oci://REGISTRY_NAME/REPOSITORY_NAME/kube-state-metrics ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/kube-state-metrics +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kube-state-metrics ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -244,9 +251,11 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/kube-state-metrics +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kube-state-metrics ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 3.0.0 This major release renames several values in this chart and adds missing features, in order to be aligned with the rest of the assets in the Bitnami charts repository. diff --git a/bitnami/kube-state-metrics/values.yaml b/bitnami/kube-state-metrics/values.yaml index c7e2ea04f9c992..d0cb5adae6e831 100644 --- a/bitnami/kube-state-metrics/values.yaml +++ b/bitnami/kube-state-metrics/values.yaml @@ -91,8 +91,8 @@ serviceAccount: annotations: {} ## Bitnami kube-state-metrics image version ## ref: https://hub.docker.com/r/bitnami/kube-state-metrics/tags/ -## @param image.registry kube-state-metrics image registry -## @param image.repository kube-state-metrics image repository +## @param image.registry [default: REGISTRY_NAME] kube-state-metrics image registry +## @param image.repository [default: REPOSITORY_NAME/kube-state-metrics] kube-state-metrics image repository ## @param image.tag kube-state-metrics image tag (immutable tags are recommended) ## @param image.digest kube-state-metrics image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy kube-state-metrics image pull policy diff --git a/bitnami/kubeapps/README.md b/bitnami/kubeapps/README.md index 57b93a6bb0a137..bedde3fc0cfbbf 100644 --- a/bitnami/kubeapps/README.md +++ b/bitnami/kubeapps/README.md @@ -9,9 +9,10 @@ Kubeapps is a web-based UI for launching and managing applications on Kubernetes ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kubeapps --namespace kubeapps --create-namespace +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps --namespace kubeapps --create-namespace ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Check out the [getting started](https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/tutorials/getting-started.md) to start deploying apps with Kubeapps. ## Introduction @@ -45,9 +46,11 @@ Looking to use Kubeapps in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kubeapps --namespace kubeapps --create-namespace +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps --namespace kubeapps --create-namespace ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Kubeapps on the Kubernetes cluster in the `kubeapps` namespace. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Caveat**: Only one Kubeapps installation is supported per namespace @@ -108,308 +111,308 @@ Once you have installed Kubeapps follow the [Getting Started Guide](https://gith ### Frontend parameters -| Name | Description | Value | -| ------------------------------------------------ | ----------------------------------------------------------------------------------------------------- | ---------------------- | -| `frontend.image.registry` | NGINX image registry | `docker.io` | -| `frontend.image.repository` | NGINX image repository | `bitnami/nginx` | -| `frontend.image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r46` | -| `frontend.image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `frontend.image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | -| `frontend.image.pullSecrets` | NGINX image pull secrets | `[]` | -| `frontend.image.debug` | Enable image debug mode | `false` | -| `frontend.proxypassAccessTokenAsBearer` | Use access_token as the Bearer when talking to the k8s api server | `false` | -| `frontend.proxypassExtraSetHeader` | Set an additional proxy header for all requests proxied via NGINX | `""` | -| `frontend.largeClientHeaderBuffers` | Set large_client_header_buffers in NGINX config | `4 32k` | -| `frontend.replicaCount` | Number of frontend replicas to deploy | `2` | -| `frontend.updateStrategy.type` | Frontend deployment strategy type. | `RollingUpdate` | -| `frontend.resources.limits.cpu` | The CPU limits for the NGINX container | `250m` | -| `frontend.resources.limits.memory` | The memory limits for the NGINX container | `128Mi` | -| `frontend.resources.requests.cpu` | The requested CPU for the NGINX container | `25m` | -| `frontend.resources.requests.memory` | The requested memory for the NGINX container | `32Mi` | -| `frontend.extraEnvVars` | Array with extra environment variables to add to the NGINX container | `[]` | -| `frontend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the NGINX container | `""` | -| `frontend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the NGINX container | `""` | -| `frontend.containerPorts.http` | NGINX HTTP container port | `8080` | -| `frontend.podSecurityContext.enabled` | Enabled frontend pods' Security Context | `true` | -| `frontend.podSecurityContext.fsGroup` | Set frontend pod's Security Context fsGroup | `1001` | -| `frontend.containerSecurityContext.enabled` | Enabled NGINX containers' Security Context | `true` | -| `frontend.containerSecurityContext.runAsUser` | Set NGINX container's Security Context runAsUser | `1001` | -| `frontend.containerSecurityContext.runAsNonRoot` | Set NGINX container's Security Context runAsNonRoot | `true` | -| `frontend.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `frontend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | -| `frontend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `frontend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `frontend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `frontend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `frontend.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `frontend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | -| `frontend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `frontend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `frontend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `frontend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `frontend.startupProbe.enabled` | Enable startupProbe | `false` | -| `frontend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `frontend.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `frontend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `frontend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `frontend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `frontend.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `frontend.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `frontend.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `frontend.lifecycleHooks` | Custom lifecycle hooks for frontend containers | `{}` | -| `frontend.command` | Override default container command (useful when using custom images) | `[]` | -| `frontend.args` | Override default container args (useful when using custom images) | `[]` | -| `frontend.podLabels` | Extra labels for frontend pods | `{}` | -| `frontend.podAnnotations` | Annotations for frontend pods | `{}` | -| `frontend.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `frontend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `frontend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `frontend.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `frontend.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `frontend.affinity` | Affinity for pod assignment | `{}` | -| `frontend.nodeSelector` | Node labels for pod assignment | `{}` | -| `frontend.tolerations` | Tolerations for pod assignment | `[]` | -| `frontend.priorityClassName` | Priority class name for frontend pods | `""` | -| `frontend.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `frontend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `frontend.hostAliases` | Custom host aliases for frontend pods | `[]` | -| `frontend.extraVolumes` | Optionally specify extra list of additional volumes for frontend pods | `[]` | -| `frontend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for frontend container(s) | `[]` | -| `frontend.sidecars` | Add additional sidecar containers to the frontend pod | `[]` | -| `frontend.initContainers` | Add additional init containers to the frontend pods | `[]` | -| `frontend.service.type` | Frontend service type | `ClusterIP` | -| `frontend.service.ports.http` | Frontend service HTTP port | `80` | -| `frontend.service.nodePorts.http` | Node port for HTTP | `""` | -| `frontend.service.clusterIP` | Frontend service Cluster IP | `""` | -| `frontend.service.loadBalancerIP` | Frontend service Load Balancer IP | `""` | -| `frontend.service.loadBalancerSourceRanges` | Frontend service Load Balancer sources | `[]` | -| `frontend.service.externalTrafficPolicy` | Frontend service external traffic policy | `Cluster` | -| `frontend.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `frontend.service.annotations` | Additional custom annotations for frontend service | `{}` | -| `frontend.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `frontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| ------------------------------------------------ | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `frontend.image.registry` | NGINX image registry | `REGISTRY_NAME` | +| `frontend.image.repository` | NGINX image repository | `REPOSITORY_NAME/nginx` | +| `frontend.image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r46` | +| `frontend.image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `frontend.image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | +| `frontend.image.pullSecrets` | NGINX image pull secrets | `[]` | +| `frontend.image.debug` | Enable image debug mode | `false` | +| `frontend.proxypassAccessTokenAsBearer` | Use access_token as the Bearer when talking to the k8s api server | `false` | +| `frontend.proxypassExtraSetHeader` | Set an additional proxy header for all requests proxied via NGINX | `""` | +| `frontend.largeClientHeaderBuffers` | Set large_client_header_buffers in NGINX config | `4 32k` | +| `frontend.replicaCount` | Number of frontend replicas to deploy | `2` | +| `frontend.updateStrategy.type` | Frontend deployment strategy type. | `RollingUpdate` | +| `frontend.resources.limits.cpu` | The CPU limits for the NGINX container | `250m` | +| `frontend.resources.limits.memory` | The memory limits for the NGINX container | `128Mi` | +| `frontend.resources.requests.cpu` | The requested CPU for the NGINX container | `25m` | +| `frontend.resources.requests.memory` | The requested memory for the NGINX container | `32Mi` | +| `frontend.extraEnvVars` | Array with extra environment variables to add to the NGINX container | `[]` | +| `frontend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the NGINX container | `""` | +| `frontend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the NGINX container | `""` | +| `frontend.containerPorts.http` | NGINX HTTP container port | `8080` | +| `frontend.podSecurityContext.enabled` | Enabled frontend pods' Security Context | `true` | +| `frontend.podSecurityContext.fsGroup` | Set frontend pod's Security Context fsGroup | `1001` | +| `frontend.containerSecurityContext.enabled` | Enabled NGINX containers' Security Context | `true` | +| `frontend.containerSecurityContext.runAsUser` | Set NGINX container's Security Context runAsUser | `1001` | +| `frontend.containerSecurityContext.runAsNonRoot` | Set NGINX container's Security Context runAsNonRoot | `true` | +| `frontend.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `frontend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | +| `frontend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `frontend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `frontend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `frontend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `frontend.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `frontend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | +| `frontend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `frontend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `frontend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `frontend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `frontend.startupProbe.enabled` | Enable startupProbe | `false` | +| `frontend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `frontend.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `frontend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `frontend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `frontend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `frontend.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `frontend.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `frontend.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `frontend.lifecycleHooks` | Custom lifecycle hooks for frontend containers | `{}` | +| `frontend.command` | Override default container command (useful when using custom images) | `[]` | +| `frontend.args` | Override default container args (useful when using custom images) | `[]` | +| `frontend.podLabels` | Extra labels for frontend pods | `{}` | +| `frontend.podAnnotations` | Annotations for frontend pods | `{}` | +| `frontend.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `frontend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `frontend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `frontend.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `frontend.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `frontend.affinity` | Affinity for pod assignment | `{}` | +| `frontend.nodeSelector` | Node labels for pod assignment | `{}` | +| `frontend.tolerations` | Tolerations for pod assignment | `[]` | +| `frontend.priorityClassName` | Priority class name for frontend pods | `""` | +| `frontend.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `frontend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `frontend.hostAliases` | Custom host aliases for frontend pods | `[]` | +| `frontend.extraVolumes` | Optionally specify extra list of additional volumes for frontend pods | `[]` | +| `frontend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for frontend container(s) | `[]` | +| `frontend.sidecars` | Add additional sidecar containers to the frontend pod | `[]` | +| `frontend.initContainers` | Add additional init containers to the frontend pods | `[]` | +| `frontend.service.type` | Frontend service type | `ClusterIP` | +| `frontend.service.ports.http` | Frontend service HTTP port | `80` | +| `frontend.service.nodePorts.http` | Node port for HTTP | `""` | +| `frontend.service.clusterIP` | Frontend service Cluster IP | `""` | +| `frontend.service.loadBalancerIP` | Frontend service Load Balancer IP | `""` | +| `frontend.service.loadBalancerSourceRanges` | Frontend service Load Balancer sources | `[]` | +| `frontend.service.externalTrafficPolicy` | Frontend service external traffic policy | `Cluster` | +| `frontend.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `frontend.service.annotations` | Additional custom annotations for frontend service | `{}` | +| `frontend.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `frontend.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### Dashboard parameters -| Name | Description | Value | -| ------------------------------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `dashboard.enabled` | Specifies whether Kubeapps Dashboard should be deployed or not | `true` | -| `dashboard.image.registry` | Dashboard image registry | `docker.io` | -| `dashboard.image.repository` | Dashboard image repository | `bitnami/kubeapps-dashboard` | -| `dashboard.image.tag` | Dashboard image tag (immutable tags are recommended) | `2.9.0-debian-11-r11` | -| `dashboard.image.digest` | Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `dashboard.image.pullPolicy` | Dashboard image pull policy | `IfNotPresent` | -| `dashboard.image.pullSecrets` | Dashboard image pull secrets | `[]` | -| `dashboard.image.debug` | Enable image debug mode | `false` | -| `dashboard.customStyle` | Custom CSS injected to the Dashboard to customize Kubeapps look and feel | `""` | -| `dashboard.customAppViews` | Package names to signal a custom app view | `[]` | -| `dashboard.customComponents` | Custom Form components injected into the BasicDeploymentForm | `""` | -| `dashboard.remoteComponentsUrl` | Remote URL that can be used to load custom components vs loading from the local filesystem | `""` | -| `dashboard.skipAvailablePackageDetails` | Skip the package details view and go straight to the installation view of the latest version | `false` | -| `dashboard.customLocale` | Custom translations injected to the Dashboard to customize the strings used in Kubeapps | `""` | -| `dashboard.defaultTheme` | Default theme used in the Dashboard if the user has not selected any theme yet. | `""` | -| `dashboard.replicaCount` | Number of Dashboard replicas to deploy | `2` | -| `dashboard.createNamespaceLabels` | Labels added to newly created namespaces | `{}` | -| `dashboard.updateStrategy.type` | Dashboard deployment strategy type. | `RollingUpdate` | -| `dashboard.extraEnvVars` | Array with extra environment variables to add to the Dashboard container | `[]` | -| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the Dashboard container | `""` | -| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the Dashboard container | `""` | -| `dashboard.containerPorts.http` | Dashboard HTTP container port | `8080` | -| `dashboard.resources.limits.cpu` | The CPU limits for the Dashboard container | `250m` | -| `dashboard.resources.limits.memory` | The memory limits for the Dashboard container | `128Mi` | -| `dashboard.resources.requests.cpu` | The requested CPU for the Dashboard container | `25m` | -| `dashboard.resources.requests.memory` | The requested memory for the Dashboard container | `32Mi` | -| `dashboard.podSecurityContext.enabled` | Enabled Dashboard pods' Security Context | `true` | -| `dashboard.podSecurityContext.fsGroup` | Set Dashboard pod's Security Context fsGroup | `1001` | -| `dashboard.containerSecurityContext.enabled` | Enabled Dashboard containers' Security Context | `true` | -| `dashboard.containerSecurityContext.runAsUser` | Set Dashboard container's Security Context runAsUser | `1001` | -| `dashboard.containerSecurityContext.runAsNonRoot` | Set Dashboard container's Security Context runAsNonRoot | `true` | -| `dashboard.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | -| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `dashboard.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | -| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `dashboard.startupProbe.enabled` | Enable startupProbe | `true` | -| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `dashboard.lifecycleHooks` | Custom lifecycle hooks for Dashboard containers | `{}` | -| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | -| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | -| `dashboard.podLabels` | Extra labels for Dashboard pods | `{}` | -| `dashboard.podAnnotations` | Annotations for Dashboard pods | `{}` | -| `dashboard.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `dashboard.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `dashboard.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `dashboard.affinity` | Affinity for pod assignment | `{}` | -| `dashboard.nodeSelector` | Node labels for pod assignment | `{}` | -| `dashboard.tolerations` | Tolerations for pod assignment | `[]` | -| `dashboard.priorityClassName` | Priority class name for Dashboard pods | `""` | -| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `dashboard.hostAliases` | Custom host aliases for Dashboard pods | `[]` | -| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for Dashboard pods | `[]` | -| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Dashboard container(s) | `[]` | -| `dashboard.sidecars` | Add additional sidecar containers to the Dashboard pod | `[]` | -| `dashboard.initContainers` | Add additional init containers to the Dashboard pods | `[]` | -| `dashboard.service.ports.http` | Dashboard service HTTP port | `8080` | -| `dashboard.service.annotations` | Additional custom annotations for Dashboard service | `{}` | +| Name | Description | Value | +| ------------------------------------------------- | --------------------------------------------------------------------------------------------------------- | ------------------------------------ | +| `dashboard.enabled` | Specifies whether Kubeapps Dashboard should be deployed or not | `true` | +| `dashboard.image.registry` | Dashboard image registry | `REGISTRY_NAME` | +| `dashboard.image.repository` | Dashboard image repository | `REPOSITORY_NAME/kubeapps-dashboard` | +| `dashboard.image.tag` | Dashboard image tag (immutable tags are recommended) | `2.9.0-debian-11-r11` | +| `dashboard.image.digest` | Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `dashboard.image.pullPolicy` | Dashboard image pull policy | `IfNotPresent` | +| `dashboard.image.pullSecrets` | Dashboard image pull secrets | `[]` | +| `dashboard.image.debug` | Enable image debug mode | `false` | +| `dashboard.customStyle` | Custom CSS injected to the Dashboard to customize Kubeapps look and feel | `""` | +| `dashboard.customAppViews` | Package names to signal a custom app view | `[]` | +| `dashboard.customComponents` | Custom Form components injected into the BasicDeploymentForm | `""` | +| `dashboard.remoteComponentsUrl` | Remote URL that can be used to load custom components vs loading from the local filesystem | `""` | +| `dashboard.skipAvailablePackageDetails` | Skip the package details view and go straight to the installation view of the latest version | `false` | +| `dashboard.customLocale` | Custom translations injected to the Dashboard to customize the strings used in Kubeapps | `""` | +| `dashboard.defaultTheme` | Default theme used in the Dashboard if the user has not selected any theme yet. | `""` | +| `dashboard.replicaCount` | Number of Dashboard replicas to deploy | `2` | +| `dashboard.createNamespaceLabels` | Labels added to newly created namespaces | `{}` | +| `dashboard.updateStrategy.type` | Dashboard deployment strategy type. | `RollingUpdate` | +| `dashboard.extraEnvVars` | Array with extra environment variables to add to the Dashboard container | `[]` | +| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the Dashboard container | `""` | +| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the Dashboard container | `""` | +| `dashboard.containerPorts.http` | Dashboard HTTP container port | `8080` | +| `dashboard.resources.limits.cpu` | The CPU limits for the Dashboard container | `250m` | +| `dashboard.resources.limits.memory` | The memory limits for the Dashboard container | `128Mi` | +| `dashboard.resources.requests.cpu` | The requested CPU for the Dashboard container | `25m` | +| `dashboard.resources.requests.memory` | The requested memory for the Dashboard container | `32Mi` | +| `dashboard.podSecurityContext.enabled` | Enabled Dashboard pods' Security Context | `true` | +| `dashboard.podSecurityContext.fsGroup` | Set Dashboard pod's Security Context fsGroup | `1001` | +| `dashboard.containerSecurityContext.enabled` | Enabled Dashboard containers' Security Context | `true` | +| `dashboard.containerSecurityContext.runAsUser` | Set Dashboard container's Security Context runAsUser | `1001` | +| `dashboard.containerSecurityContext.runAsNonRoot` | Set Dashboard container's Security Context runAsNonRoot | `true` | +| `dashboard.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | +| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `dashboard.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | +| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `dashboard.startupProbe.enabled` | Enable startupProbe | `true` | +| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `dashboard.lifecycleHooks` | Custom lifecycle hooks for Dashboard containers | `{}` | +| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | +| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | +| `dashboard.podLabels` | Extra labels for Dashboard pods | `{}` | +| `dashboard.podAnnotations` | Annotations for Dashboard pods | `{}` | +| `dashboard.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `dashboard.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `dashboard.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `dashboard.affinity` | Affinity for pod assignment | `{}` | +| `dashboard.nodeSelector` | Node labels for pod assignment | `{}` | +| `dashboard.tolerations` | Tolerations for pod assignment | `[]` | +| `dashboard.priorityClassName` | Priority class name for Dashboard pods | `""` | +| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `dashboard.hostAliases` | Custom host aliases for Dashboard pods | `[]` | +| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for Dashboard pods | `[]` | +| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Dashboard container(s) | `[]` | +| `dashboard.sidecars` | Add additional sidecar containers to the Dashboard pod | `[]` | +| `dashboard.initContainers` | Add additional init containers to the Dashboard pods | `[]` | +| `dashboard.service.ports.http` | Dashboard service HTTP port | `8080` | +| `dashboard.service.annotations` | Additional custom annotations for Dashboard service | `{}` | ### AppRepository Controller parameters -| Name | Description | Value | -| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | -| `apprepository.image.registry` | Kubeapps AppRepository Controller image registry | `docker.io` | -| `apprepository.image.repository` | Kubeapps AppRepository Controller image repository | `bitnami/kubeapps-apprepository-controller` | -| `apprepository.image.tag` | Kubeapps AppRepository Controller image tag (immutable tags are recommended) | `2.9.0-debian-11-r10` | -| `apprepository.image.digest` | Kubeapps AppRepository Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `apprepository.image.pullPolicy` | Kubeapps AppRepository Controller image pull policy | `IfNotPresent` | -| `apprepository.image.pullSecrets` | Kubeapps AppRepository Controller image pull secrets | `[]` | -| `apprepository.syncImage.registry` | Kubeapps Asset Syncer image registry | `docker.io` | -| `apprepository.syncImage.repository` | Kubeapps Asset Syncer image repository | `bitnami/kubeapps-asset-syncer` | -| `apprepository.syncImage.tag` | Kubeapps Asset Syncer image tag (immutable tags are recommended) | `2.9.0-debian-11-r10` | -| `apprepository.syncImage.digest` | Kubeapps Asset Syncer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `apprepository.syncImage.pullPolicy` | Kubeapps Asset Syncer image pull policy | `IfNotPresent` | -| `apprepository.syncImage.pullSecrets` | Kubeapps Asset Syncer image pull secrets | `[]` | -| `apprepository.globalReposNamespaceSuffix` | Suffix for the namespace of global repos in the Helm plugin. Defaults to empty for backwards compatibility. Ignored if kubeappsapis.pluginConfig.helm.packages.v1alpha1.globalPackagingNamespace is set. | `""` | -| `apprepository.initialRepos` | Initial chart repositories to configure | `[]` | -| `apprepository.customAnnotations` | Custom annotations be added to each AppRepository-generated CronJob, Job and Pod | `{}` | -| `apprepository.customLabels` | Custom labels be added to each AppRepository-generated CronJob, Job and Pod | `{}` | -| `apprepository.initialReposProxy.enabled` | Enables the proxy | `false` | -| `apprepository.initialReposProxy.httpProxy` | URL for the http proxy | `""` | -| `apprepository.initialReposProxy.httpsProxy` | URL for the https proxy | `""` | -| `apprepository.initialReposProxy.noProxy` | URL to exclude from using the proxy | `""` | -| `apprepository.crontab` | Default schedule for syncing App repositories (defaults to every 10 minutes) | `""` | -| `apprepository.watchAllNamespaces` | Watch all namespaces to support separate AppRepositories per namespace | `true` | -| `apprepository.extraFlags` | Additional command line flags for AppRepository Controller | `[]` | -| `apprepository.replicaCount` | Number of AppRepository Controller replicas to deploy | `1` | -| `apprepository.updateStrategy.type` | AppRepository Controller deployment strategy type. | `RollingUpdate` | -| `apprepository.resources.limits.cpu` | The CPU limits for the AppRepository Controller container | `250m` | -| `apprepository.resources.limits.memory` | The memory limits for the AppRepository Controller container | `128Mi` | -| `apprepository.resources.requests.cpu` | The requested CPU for the AppRepository Controller container | `25m` | -| `apprepository.resources.requests.memory` | The requested memory for the AppRepository Controller container | `32Mi` | -| `apprepository.podSecurityContext.enabled` | Enabled AppRepository Controller pods' Security Context | `true` | -| `apprepository.podSecurityContext.fsGroup` | Set AppRepository Controller pod's Security Context fsGroup | `1001` | -| `apprepository.containerSecurityContext.enabled` | Enabled AppRepository Controller containers' Security Context | `true` | -| `apprepository.containerSecurityContext.runAsUser` | Set AppRepository Controller container's Security Context runAsUser | `1001` | -| `apprepository.containerSecurityContext.runAsNonRoot` | Set AppRepository Controller container's Security Context runAsNonRoot | `true` | -| `apprepository.lifecycleHooks` | Custom lifecycle hooks for AppRepository Controller containers | `{}` | -| `apprepository.command` | Override default container command (useful when using custom images) | `[]` | -| `apprepository.args` | Override default container args (useful when using custom images) | `[]` | -| `apprepository.extraEnvVars` | Array with extra environment variables to add to AppRepository Controller pod(s) | `[]` | -| `apprepository.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for AppRepository Controller pod(s) | `""` | -| `apprepository.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for AppRepository Controller pod(s) | `""` | -| `apprepository.extraVolumes` | Optionally specify extra list of additional volumes for the AppRepository Controller pod(s) | `[]` | -| `apprepository.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the AppRepository Controller container(s) | `[]` | -| `apprepository.podLabels` | Extra labels for AppRepository Controller pods | `{}` | -| `apprepository.podAnnotations` | Annotations for AppRepository Controller pods | `{}` | -| `apprepository.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `apprepository.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `apprepository.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `apprepository.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `apprepository.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `apprepository.affinity` | Affinity for pod assignment | `{}` | -| `apprepository.nodeSelector` | Node labels for pod assignment | `{}` | -| `apprepository.tolerations` | Tolerations for pod assignment | `[]` | -| `apprepository.priorityClassName` | Priority class name for AppRepository Controller pods | `""` | -| `apprepository.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `apprepository.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `apprepository.hostAliases` | Custom host aliases for AppRepository Controller pods | `[]` | -| `apprepository.sidecars` | Add additional sidecar containers to the AppRepository Controller pod(s) | `[]` | -| `apprepository.initContainers` | Add additional init containers to the AppRepository Controller pod(s) | `[]` | -| `apprepository.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `apprepository.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `apprepository.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `apprepository.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| Name | Description | Value | +| ----------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------- | +| `apprepository.image.registry` | Kubeapps AppRepository Controller image registry | `REGISTRY_NAME` | +| `apprepository.image.repository` | Kubeapps AppRepository Controller image repository | `REPOSITORY_NAME/kubeapps-apprepository-controller` | +| `apprepository.image.tag` | Kubeapps AppRepository Controller image tag (immutable tags are recommended) | `2.9.0-debian-11-r10` | +| `apprepository.image.digest` | Kubeapps AppRepository Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `apprepository.image.pullPolicy` | Kubeapps AppRepository Controller image pull policy | `IfNotPresent` | +| `apprepository.image.pullSecrets` | Kubeapps AppRepository Controller image pull secrets | `[]` | +| `apprepository.syncImage.registry` | Kubeapps Asset Syncer image registry | `REGISTRY_NAME` | +| `apprepository.syncImage.repository` | Kubeapps Asset Syncer image repository | `REPOSITORY_NAME/kubeapps-asset-syncer` | +| `apprepository.syncImage.tag` | Kubeapps Asset Syncer image tag (immutable tags are recommended) | `2.9.0-debian-11-r10` | +| `apprepository.syncImage.digest` | Kubeapps Asset Syncer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `apprepository.syncImage.pullPolicy` | Kubeapps Asset Syncer image pull policy | `IfNotPresent` | +| `apprepository.syncImage.pullSecrets` | Kubeapps Asset Syncer image pull secrets | `[]` | +| `apprepository.globalReposNamespaceSuffix` | Suffix for the namespace of global repos in the Helm plugin. Defaults to empty for backwards compatibility. Ignored if kubeappsapis.pluginConfig.helm.packages.v1alpha1.globalPackagingNamespace is set. | `""` | +| `apprepository.initialRepos` | Initial chart repositories to configure | `[]` | +| `apprepository.customAnnotations` | Custom annotations be added to each AppRepository-generated CronJob, Job and Pod | `{}` | +| `apprepository.customLabels` | Custom labels be added to each AppRepository-generated CronJob, Job and Pod | `{}` | +| `apprepository.initialReposProxy.enabled` | Enables the proxy | `false` | +| `apprepository.initialReposProxy.httpProxy` | URL for the http proxy | `""` | +| `apprepository.initialReposProxy.httpsProxy` | URL for the https proxy | `""` | +| `apprepository.initialReposProxy.noProxy` | URL to exclude from using the proxy | `""` | +| `apprepository.crontab` | Default schedule for syncing App repositories (defaults to every 10 minutes) | `""` | +| `apprepository.watchAllNamespaces` | Watch all namespaces to support separate AppRepositories per namespace | `true` | +| `apprepository.extraFlags` | Additional command line flags for AppRepository Controller | `[]` | +| `apprepository.replicaCount` | Number of AppRepository Controller replicas to deploy | `1` | +| `apprepository.updateStrategy.type` | AppRepository Controller deployment strategy type. | `RollingUpdate` | +| `apprepository.resources.limits.cpu` | The CPU limits for the AppRepository Controller container | `250m` | +| `apprepository.resources.limits.memory` | The memory limits for the AppRepository Controller container | `128Mi` | +| `apprepository.resources.requests.cpu` | The requested CPU for the AppRepository Controller container | `25m` | +| `apprepository.resources.requests.memory` | The requested memory for the AppRepository Controller container | `32Mi` | +| `apprepository.podSecurityContext.enabled` | Enabled AppRepository Controller pods' Security Context | `true` | +| `apprepository.podSecurityContext.fsGroup` | Set AppRepository Controller pod's Security Context fsGroup | `1001` | +| `apprepository.containerSecurityContext.enabled` | Enabled AppRepository Controller containers' Security Context | `true` | +| `apprepository.containerSecurityContext.runAsUser` | Set AppRepository Controller container's Security Context runAsUser | `1001` | +| `apprepository.containerSecurityContext.runAsNonRoot` | Set AppRepository Controller container's Security Context runAsNonRoot | `true` | +| `apprepository.lifecycleHooks` | Custom lifecycle hooks for AppRepository Controller containers | `{}` | +| `apprepository.command` | Override default container command (useful when using custom images) | `[]` | +| `apprepository.args` | Override default container args (useful when using custom images) | `[]` | +| `apprepository.extraEnvVars` | Array with extra environment variables to add to AppRepository Controller pod(s) | `[]` | +| `apprepository.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for AppRepository Controller pod(s) | `""` | +| `apprepository.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for AppRepository Controller pod(s) | `""` | +| `apprepository.extraVolumes` | Optionally specify extra list of additional volumes for the AppRepository Controller pod(s) | `[]` | +| `apprepository.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the AppRepository Controller container(s) | `[]` | +| `apprepository.podLabels` | Extra labels for AppRepository Controller pods | `{}` | +| `apprepository.podAnnotations` | Annotations for AppRepository Controller pods | `{}` | +| `apprepository.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `apprepository.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `apprepository.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `apprepository.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `apprepository.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `apprepository.affinity` | Affinity for pod assignment | `{}` | +| `apprepository.nodeSelector` | Node labels for pod assignment | `{}` | +| `apprepository.tolerations` | Tolerations for pod assignment | `[]` | +| `apprepository.priorityClassName` | Priority class name for AppRepository Controller pods | `""` | +| `apprepository.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `apprepository.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `apprepository.hostAliases` | Custom host aliases for AppRepository Controller pods | `[]` | +| `apprepository.sidecars` | Add additional sidecar containers to the AppRepository Controller pod(s) | `[]` | +| `apprepository.initContainers` | Add additional init containers to the AppRepository Controller pod(s) | `[]` | +| `apprepository.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `apprepository.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `apprepository.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `apprepository.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | ### Auth Proxy parameters -| Name | Description | Value | -| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `authProxy.enabled` | Specifies whether Kubeapps should configure OAuth login/logout | `false` | -| `authProxy.image.registry` | OAuth2 Proxy image registry | `docker.io` | -| `authProxy.image.repository` | OAuth2 Proxy image repository | `bitnami/oauth2-proxy` | -| `authProxy.image.tag` | OAuth2 Proxy image tag (immutable tags are recommended) | `7.5.1-debian-11-r10` | -| `authProxy.image.digest` | OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `authProxy.image.pullPolicy` | OAuth2 Proxy image pull policy | `IfNotPresent` | -| `authProxy.image.pullSecrets` | OAuth2 Proxy image pull secrets | `[]` | -| `authProxy.external` | Use an external Auth Proxy instead of deploying its own one | `false` | -| `authProxy.oauthLoginURI` | OAuth Login URI to which the Kubeapps frontend redirects for authn | `/oauth2/start` | -| `authProxy.oauthLogoutURI` | OAuth Logout URI to which the Kubeapps frontend redirects for authn | `/oauth2/sign_out` | -| `authProxy.skipKubeappsLoginPage` | Skip the Kubeapps login page when using OIDC and directly redirect to the IdP | `false` | -| `authProxy.provider` | OAuth provider | `""` | -| `authProxy.clientID` | OAuth Client ID | `""` | -| `authProxy.clientSecret` | OAuth Client secret | `""` | -| `authProxy.cookieSecret` | Secret used by oauth2-proxy to encrypt any credentials | `""` | -| `authProxy.existingOauth2Secret` | Name of an existing secret containing the OAuth client secrets, it should contain the keys clientID, clientSecret, and cookieSecret | `""` | -| `authProxy.cookieRefresh` | Duration after which to refresh the cookie | `2m` | -| `authProxy.scope` | OAuth scope specification | `openid email groups` | -| `authProxy.emailDomain` | Allowed email domains | `*` | -| `authProxy.extraFlags` | Additional command line flags for oauth2-proxy | `[]` | -| `authProxy.lifecycleHooks` | for the Auth Proxy container(s) to automate configuration before or after startup | `{}` | -| `authProxy.command` | Override default container command (useful when using custom images) | `[]` | -| `authProxy.args` | Override default container args (useful when using custom images) | `[]` | -| `authProxy.extraEnvVars` | Array with extra environment variables to add to the Auth Proxy container | `[]` | -| `authProxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Auth Proxy containers(s) | `""` | -| `authProxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Auth Proxy containers(s) | `""` | -| `authProxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Auth Proxy container(s) | `[]` | -| `authProxy.containerPorts.proxy` | Auth Proxy HTTP container port | `3000` | -| `authProxy.containerSecurityContext.enabled` | Enabled Auth Proxy containers' Security Context | `true` | -| `authProxy.containerSecurityContext.runAsUser` | Set Auth Proxy container's Security Context runAsUser | `1001` | -| `authProxy.containerSecurityContext.runAsNonRoot` | Set Auth Proxy container's Security Context runAsNonRoot | `true` | -| `authProxy.resources.limits.cpu` | The CPU limits for the OAuth2 Proxy container | `250m` | -| `authProxy.resources.limits.memory` | The memory limits for the OAuth2 Proxy container | `128Mi` | -| `authProxy.resources.requests.cpu` | The requested CPU for the OAuth2 Proxy container | `25m` | -| `authProxy.resources.requests.memory` | The requested memory for the OAuth2 Proxy container | `32Mi` | +| Name | Description | Value | +| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `authProxy.enabled` | Specifies whether Kubeapps should configure OAuth login/logout | `false` | +| `authProxy.image.registry` | OAuth2 Proxy image registry | `REGISTRY_NAME` | +| `authProxy.image.repository` | OAuth2 Proxy image repository | `REPOSITORY_NAME/oauth2-proxy` | +| `authProxy.image.tag` | OAuth2 Proxy image tag (immutable tags are recommended) | `7.5.1-debian-11-r10` | +| `authProxy.image.digest` | OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `authProxy.image.pullPolicy` | OAuth2 Proxy image pull policy | `IfNotPresent` | +| `authProxy.image.pullSecrets` | OAuth2 Proxy image pull secrets | `[]` | +| `authProxy.external` | Use an external Auth Proxy instead of deploying its own one | `false` | +| `authProxy.oauthLoginURI` | OAuth Login URI to which the Kubeapps frontend redirects for authn | `/oauth2/start` | +| `authProxy.oauthLogoutURI` | OAuth Logout URI to which the Kubeapps frontend redirects for authn | `/oauth2/sign_out` | +| `authProxy.skipKubeappsLoginPage` | Skip the Kubeapps login page when using OIDC and directly redirect to the IdP | `false` | +| `authProxy.provider` | OAuth provider | `""` | +| `authProxy.clientID` | OAuth Client ID | `""` | +| `authProxy.clientSecret` | OAuth Client secret | `""` | +| `authProxy.cookieSecret` | Secret used by oauth2-proxy to encrypt any credentials | `""` | +| `authProxy.existingOauth2Secret` | Name of an existing secret containing the OAuth client secrets, it should contain the keys clientID, clientSecret, and cookieSecret | `""` | +| `authProxy.cookieRefresh` | Duration after which to refresh the cookie | `2m` | +| `authProxy.scope` | OAuth scope specification | `openid email groups` | +| `authProxy.emailDomain` | Allowed email domains | `*` | +| `authProxy.extraFlags` | Additional command line flags for oauth2-proxy | `[]` | +| `authProxy.lifecycleHooks` | for the Auth Proxy container(s) to automate configuration before or after startup | `{}` | +| `authProxy.command` | Override default container command (useful when using custom images) | `[]` | +| `authProxy.args` | Override default container args (useful when using custom images) | `[]` | +| `authProxy.extraEnvVars` | Array with extra environment variables to add to the Auth Proxy container | `[]` | +| `authProxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Auth Proxy containers(s) | `""` | +| `authProxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Auth Proxy containers(s) | `""` | +| `authProxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Auth Proxy container(s) | `[]` | +| `authProxy.containerPorts.proxy` | Auth Proxy HTTP container port | `3000` | +| `authProxy.containerSecurityContext.enabled` | Enabled Auth Proxy containers' Security Context | `true` | +| `authProxy.containerSecurityContext.runAsUser` | Set Auth Proxy container's Security Context runAsUser | `1001` | +| `authProxy.containerSecurityContext.runAsNonRoot` | Set Auth Proxy container's Security Context runAsNonRoot | `true` | +| `authProxy.resources.limits.cpu` | The CPU limits for the OAuth2 Proxy container | `250m` | +| `authProxy.resources.limits.memory` | The memory limits for the OAuth2 Proxy container | `128Mi` | +| `authProxy.resources.requests.cpu` | The requested CPU for the OAuth2 Proxy container | `25m` | +| `authProxy.resources.requests.memory` | The requested memory for the OAuth2 Proxy container | `32Mi` | ### Pinniped Proxy parameters -| Name | Description | Value | -| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | --------------------------------- | -| `pinnipedProxy.enabled` | Specifies whether Kubeapps should configure Pinniped Proxy | `false` | -| `pinnipedProxy.image.registry` | Pinniped Proxy image registry | `docker.io` | -| `pinnipedProxy.image.repository` | Pinniped Proxy image repository | `bitnami/kubeapps-pinniped-proxy` | -| `pinnipedProxy.image.tag` | Pinniped Proxy image tag (immutable tags are recommended) | `2.9.0-debian-11-r9` | -| `pinnipedProxy.image.digest` | Pinniped Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `pinnipedProxy.image.pullPolicy` | Pinniped Proxy image pull policy | `IfNotPresent` | -| `pinnipedProxy.image.pullSecrets` | Pinniped Proxy image pull secrets | `[]` | -| `pinnipedProxy.defaultPinnipedNamespace` | Namespace in which pinniped concierge is installed | `pinniped-concierge` | -| `pinnipedProxy.defaultAuthenticatorType` | Authenticator type | `JWTAuthenticator` | -| `pinnipedProxy.defaultAuthenticatorName` | Authenticator name | `jwt-authenticator` | -| `pinnipedProxy.defaultPinnipedAPISuffix` | API suffix | `pinniped.dev` | -| `pinnipedProxy.tls.existingSecret` | TLS secret with which to proxy requests | `""` | -| `pinnipedProxy.tls.caCertificate` | TLS CA cert config map which clients of pinniped proxy should use with TLS requests | `""` | -| `pinnipedProxy.lifecycleHooks` | For the Pinniped Proxy container(s) to automate configuration before or after startup | `{}` | -| `pinnipedProxy.command` | Override default container command (useful when using custom images) | `[]` | -| `pinnipedProxy.args` | Override default container args (useful when using custom images) | `[]` | -| `pinnipedProxy.extraEnvVars` | Array with extra environment variables to add to Pinniped Proxy container(s) | `[]` | -| `pinnipedProxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Pinniped Proxy container(s) | `""` | -| `pinnipedProxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Pinniped Proxy container(s) | `""` | -| `pinnipedProxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Pinniped Proxy container(s) | `[]` | -| `pinnipedProxy.containerPorts.pinnipedProxy` | Pinniped Proxy container port | `3333` | -| `pinnipedProxy.containerSecurityContext.enabled` | Enabled Pinniped Proxy containers' Security Context | `true` | -| `pinnipedProxy.containerSecurityContext.runAsUser` | Set Pinniped Proxy container's Security Context runAsUser | `1001` | -| `pinnipedProxy.containerSecurityContext.runAsNonRoot` | Set Pinniped Proxy container's Security Context runAsNonRoot | `true` | -| `pinnipedProxy.resources.limits.cpu` | The CPU limits for the Pinniped Proxy container | `250m` | -| `pinnipedProxy.resources.limits.memory` | The memory limits for the Pinniped Proxy container | `128Mi` | -| `pinnipedProxy.resources.requests.cpu` | The requested CPU for the Pinniped Proxy container | `25m` | -| `pinnipedProxy.resources.requests.memory` | The requested memory for the Pinniped Proxy container | `32Mi` | -| `pinnipedProxy.service.ports.pinnipedProxy` | Pinniped Proxy service port | `3333` | -| `pinnipedProxy.service.annotations` | Additional custom annotations for Pinniped Proxy service | `{}` | +| Name | Description | Value | +| ----------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------------- | +| `pinnipedProxy.enabled` | Specifies whether Kubeapps should configure Pinniped Proxy | `false` | +| `pinnipedProxy.image.registry` | Pinniped Proxy image registry | `REGISTRY_NAME` | +| `pinnipedProxy.image.repository` | Pinniped Proxy image repository | `REPOSITORY_NAME/kubeapps-pinniped-proxy` | +| `pinnipedProxy.image.tag` | Pinniped Proxy image tag (immutable tags are recommended) | `2.9.0-debian-11-r9` | +| `pinnipedProxy.image.digest` | Pinniped Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `pinnipedProxy.image.pullPolicy` | Pinniped Proxy image pull policy | `IfNotPresent` | +| `pinnipedProxy.image.pullSecrets` | Pinniped Proxy image pull secrets | `[]` | +| `pinnipedProxy.defaultPinnipedNamespace` | Namespace in which pinniped concierge is installed | `pinniped-concierge` | +| `pinnipedProxy.defaultAuthenticatorType` | Authenticator type | `JWTAuthenticator` | +| `pinnipedProxy.defaultAuthenticatorName` | Authenticator name | `jwt-authenticator` | +| `pinnipedProxy.defaultPinnipedAPISuffix` | API suffix | `pinniped.dev` | +| `pinnipedProxy.tls.existingSecret` | TLS secret with which to proxy requests | `""` | +| `pinnipedProxy.tls.caCertificate` | TLS CA cert config map which clients of pinniped proxy should use with TLS requests | `""` | +| `pinnipedProxy.lifecycleHooks` | For the Pinniped Proxy container(s) to automate configuration before or after startup | `{}` | +| `pinnipedProxy.command` | Override default container command (useful when using custom images) | `[]` | +| `pinnipedProxy.args` | Override default container args (useful when using custom images) | `[]` | +| `pinnipedProxy.extraEnvVars` | Array with extra environment variables to add to Pinniped Proxy container(s) | `[]` | +| `pinnipedProxy.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Pinniped Proxy container(s) | `""` | +| `pinnipedProxy.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Pinniped Proxy container(s) | `""` | +| `pinnipedProxy.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Pinniped Proxy container(s) | `[]` | +| `pinnipedProxy.containerPorts.pinnipedProxy` | Pinniped Proxy container port | `3333` | +| `pinnipedProxy.containerSecurityContext.enabled` | Enabled Pinniped Proxy containers' Security Context | `true` | +| `pinnipedProxy.containerSecurityContext.runAsUser` | Set Pinniped Proxy container's Security Context runAsUser | `1001` | +| `pinnipedProxy.containerSecurityContext.runAsNonRoot` | Set Pinniped Proxy container's Security Context runAsNonRoot | `true` | +| `pinnipedProxy.resources.limits.cpu` | The CPU limits for the Pinniped Proxy container | `250m` | +| `pinnipedProxy.resources.limits.memory` | The memory limits for the Pinniped Proxy container | `128Mi` | +| `pinnipedProxy.resources.requests.cpu` | The requested CPU for the Pinniped Proxy container | `25m` | +| `pinnipedProxy.resources.requests.memory` | The requested memory for the Pinniped Proxy container | `32Mi` | +| `pinnipedProxy.service.ports.pinnipedProxy` | Pinniped Proxy service port | `3333` | +| `pinnipedProxy.service.annotations` | Additional custom annotations for Pinniped Proxy service | `{}` | ### Other Parameters @@ -461,8 +464,8 @@ Once you have installed Kubeapps follow the [Getting Started Guide](https://gith | `kubeappsapis.pluginConfig.flux.packages.v1alpha1.noCrossNamespaceRefs` | Enable this flag to disallow cross-namespace references, useful when running Flux on multi-tenant clusters | `false` | | `kubeappsapis.pluginConfig.resources.packages.v1alpha1.trustedNamespaces.headerName` | Optional header name for trusted namespaces | `""` | | `kubeappsapis.pluginConfig.resources.packages.v1alpha1.trustedNamespaces.headerPattern` | Optional header pattern for trusted namespaces | `""` | -| `kubeappsapis.image.registry` | Kubeapps-APIs image registry | `docker.io` | -| `kubeappsapis.image.repository` | Kubeapps-APIs image repository | `bitnami/kubeapps-apis` | +| `kubeappsapis.image.registry` | Kubeapps-APIs image registry | `REGISTRY_NAME` | +| `kubeappsapis.image.repository` | Kubeapps-APIs image repository | `REPOSITORY_NAME/kubeapps-apis` | | `kubeappsapis.image.tag` | Kubeapps-APIs image tag (immutable tags are recommended) | `2.9.0-debian-11-r10` | | `kubeappsapis.image.digest` | Kubeapps-APIs image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `kubeappsapis.image.pullPolicy` | Kubeapps-APIs image pull policy | `IfNotPresent` | @@ -537,54 +540,54 @@ Once you have installed Kubeapps follow the [Getting Started Guide](https://gith ### OCI Catalog chart configuration -| Name | Description | Value | -| -------------------------------------------------- | ----------------------------------------------------------------------------------------------------------- | ------------------------------ | -| `ociCatalog.enabled` | Enable the OCI catalog gRPC service for cataloging | `false` | -| `ociCatalog.image.registry` | OCI Catalog image registry | `docker.io` | -| `ociCatalog.image.repository` | OCI Catalog image repository | `bitnami/kubeapps-oci-catalog` | -| `ociCatalog.image.tag` | OCI Catalog image tag (immutable tags are recommended) | `2.9.0-debian-11-r4` | -| `ociCatalog.image.digest` | OCI Catalog image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `ociCatalog.image.pullPolicy` | OCI Catalog image pull policy | `IfNotPresent` | -| `ociCatalog.image.pullSecrets` | OCI Catalog image pull secrets | `[]` | -| `ociCatalog.image.debug` | Enable image debug mode | `false` | -| `ociCatalog.extraFlags` | Additional command line flags for OCI Catalog | `[]` | -| `ociCatalog.extraEnvVars` | Array with extra environment variables to add to the oci-catalog container | `[]` | -| `ociCatalog.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the OCI Catalog container | `""` | -| `ociCatalog.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the OCI Catalog container | `""` | -| `ociCatalog.containerPorts.grpc` | OCI Catalog gRPC container port | `50061` | -| `ociCatalog.resources.limits.cpu` | The CPU limits for the OCI Catalog container | `250m` | -| `ociCatalog.resources.limits.memory` | The memory limits for the OCI Catalog container | `256Mi` | -| `ociCatalog.resources.requests.cpu` | The requested CPU for the OCI Catalog container | `25m` | -| `ociCatalog.resources.requests.memory` | The requested memory for the OCI Catalog container | `32Mi` | -| `ociCatalog.containerSecurityContext.enabled` | Enabled OCI Catalog containers' Security Context | `true` | -| `ociCatalog.containerSecurityContext.runAsUser` | Set OCI Catalog container's Security Context runAsUser | `1001` | -| `ociCatalog.containerSecurityContext.runAsNonRoot` | Set OCI Catalog container's Security Context runAsNonRoot | `true` | -| `ociCatalog.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `ociCatalog.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | -| `ociCatalog.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `ociCatalog.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `ociCatalog.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `ociCatalog.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `ociCatalog.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `ociCatalog.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | -| `ociCatalog.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `ociCatalog.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `ociCatalog.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `ociCatalog.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `ociCatalog.startupProbe.enabled` | Enable startupProbe | `false` | -| `ociCatalog.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `ociCatalog.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `ociCatalog.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `ociCatalog.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `ociCatalog.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `ociCatalog.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `ociCatalog.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `ociCatalog.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `ociCatalog.lifecycleHooks` | Custom lifecycle hooks for OCI Catalog containers | `{}` | -| `ociCatalog.command` | Override default container command (useful when using custom images) | `[]` | -| `ociCatalog.args` | Override default container args (useful when using custom images) | `[]` | -| `ociCatalog.extraVolumes` | Optionally specify extra list of additional volumes for the OCI Catalog pod(s) | `[]` | -| `ociCatalog.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the OCI Catalog container(s) | `[]` | +| Name | Description | Value | +| -------------------------------------------------- | ----------------------------------------------------------------------------------------------------------- | -------------------------------------- | +| `ociCatalog.enabled` | Enable the OCI catalog gRPC service for cataloging | `false` | +| `ociCatalog.image.registry` | OCI Catalog image registry | `REGISTRY_NAME` | +| `ociCatalog.image.repository` | OCI Catalog image repository | `REPOSITORY_NAME/kubeapps-oci-catalog` | +| `ociCatalog.image.tag` | OCI Catalog image tag (immutable tags are recommended) | `2.9.0-debian-11-r4` | +| `ociCatalog.image.digest` | OCI Catalog image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `ociCatalog.image.pullPolicy` | OCI Catalog image pull policy | `IfNotPresent` | +| `ociCatalog.image.pullSecrets` | OCI Catalog image pull secrets | `[]` | +| `ociCatalog.image.debug` | Enable image debug mode | `false` | +| `ociCatalog.extraFlags` | Additional command line flags for OCI Catalog | `[]` | +| `ociCatalog.extraEnvVars` | Array with extra environment variables to add to the oci-catalog container | `[]` | +| `ociCatalog.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for the OCI Catalog container | `""` | +| `ociCatalog.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for the OCI Catalog container | `""` | +| `ociCatalog.containerPorts.grpc` | OCI Catalog gRPC container port | `50061` | +| `ociCatalog.resources.limits.cpu` | The CPU limits for the OCI Catalog container | `250m` | +| `ociCatalog.resources.limits.memory` | The memory limits for the OCI Catalog container | `256Mi` | +| `ociCatalog.resources.requests.cpu` | The requested CPU for the OCI Catalog container | `25m` | +| `ociCatalog.resources.requests.memory` | The requested memory for the OCI Catalog container | `32Mi` | +| `ociCatalog.containerSecurityContext.enabled` | Enabled OCI Catalog containers' Security Context | `true` | +| `ociCatalog.containerSecurityContext.runAsUser` | Set OCI Catalog container's Security Context runAsUser | `1001` | +| `ociCatalog.containerSecurityContext.runAsNonRoot` | Set OCI Catalog container's Security Context runAsNonRoot | `true` | +| `ociCatalog.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `ociCatalog.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | +| `ociCatalog.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `ociCatalog.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `ociCatalog.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `ociCatalog.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `ociCatalog.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `ociCatalog.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | +| `ociCatalog.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `ociCatalog.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `ociCatalog.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `ociCatalog.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `ociCatalog.startupProbe.enabled` | Enable startupProbe | `false` | +| `ociCatalog.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `ociCatalog.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `ociCatalog.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `ociCatalog.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `ociCatalog.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `ociCatalog.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `ociCatalog.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `ociCatalog.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `ociCatalog.lifecycleHooks` | Custom lifecycle hooks for OCI Catalog containers | `{}` | +| `ociCatalog.command` | Override default container command (useful when using custom images) | `[]` | +| `ociCatalog.args` | Override default container args (useful when using custom images) | `[]` | +| `ociCatalog.extraVolumes` | Optionally specify extra list of additional volumes for the OCI Catalog pod(s) | `[]` | +| `ociCatalog.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the OCI Catalog container(s) | `[]` | ### Redis® chart configuration @@ -605,17 +608,21 @@ Once you have installed Kubeapps follow the [Getting Started Guide](https://gith ```console helm install kubeapps --namespace kubeapps \ --set ingress.enabled=true \ - oci://registry-1.docker.io/bitnamicharts/kubeapps + oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables an Ingress Rule to expose Kubeapps. Alternatively, a YAML file that specifies the values for parameters can be provided while installing the chart. For example, ```console -helm install kubeapps --namespace kubeapps -f custom-values.yaml oci://registry-1.docker.io/bitnamicharts/kubeapps +helm install kubeapps --namespace kubeapps -f custom-values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Configuration and installation details ### Configuring Initial Repositories @@ -704,9 +711,11 @@ Now upgrade Kubeapps: ```console export RELEASE_NAME=kubeapps -helm upgrade $RELEASE_NAME oci://registry-1.docker.io/bitnamicharts/kubeapps +helm upgrade $RELEASE_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you find issues upgrading Kubeapps, check the [troubleshooting](#error-while-upgrading-the-chart) section. ### To 14.0.0 @@ -778,13 +787,15 @@ Have a look at the [dashboard documentation](https://github.com/vmware-tanzu/kub The example below will match the URL `http://example.com` to the Kubeapps dashboard. For further configuration, please refer to your specific Ingress configuration docs (e.g., [NGINX](https://github.com/kubernetes/ingress-nginx) or [HAProxy](https://github.com/haproxytech/kubernetes-ingress)). ```console -helm install kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps \ +helm install kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps \ --namespace kubeapps \ --set ingress.enabled=true \ --set ingress.hostname=example.com \ --set ingress.annotations."kubernetes\.io/ingress\.class"=nginx # or your preferred ingress controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you are using LDAP via Dex with OIDC or you are getting an error message like `upstream sent too big header while reading response header from upstream` it means the cookie size is too big and can't be processed by the Ingress Controller. You can work around this problem by setting the following Nginx ingress annotations (look for similar annotations in your preferred Ingress Controller): @@ -800,7 +811,7 @@ You can work around this problem by setting the following Nginx ingress annotati You may want to serve Kubeapps with a subpath, for instance `http://example.com/subpath`, you have to set the proper Ingress configuration. If you are using the ingress configuration provided by the Kubeapps chart, you will have to set the `ingress.hostname` and `path` parameters: ```console -helm install kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps \ +helm install kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps \ --namespace kubeapps \ --set ingress.enabled=true \ --set ingress.hostname=example.com \ @@ -808,10 +819,12 @@ helm install kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps \ --set ingress.annotations."kubernetes\.io/ingress\.class"=nginx # or your preferred ingress controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Besides, if you are using the OAuth2/OIDC login (more information at the [using an OIDC provider documentation](https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/tutorials/using-an-OIDC-provider.md)), you will need, also, to configure the different URLs: ```console -helm install kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps \ +helm install kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps \ --namespace kubeapps \ # ... other OIDC and ingress flags --set authProxy.oauthLoginURI="/subpath/oauth2/login" \ @@ -819,6 +832,8 @@ helm install kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps \ --set authProxy.extraFlags="{,--proxy-prefix=/subpath/oauth2}" ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Can Kubeapps install apps into more than one cluster? Yes! Kubeapps 2.0+ supports multicluster environments. Have a look at the [Kubeapps dashboard documentation](https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/howto/deploying-to-multiple-clusters.md) to know more. @@ -928,9 +943,11 @@ kubectl api-versions If the above command does not include entries for `rbac.authorization.k8s.io` you should perform the chart installation by setting `rbac.create=false`: ```console -helm install --name kubeapps --namespace kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps --set rbac.create=false +helm install --name kubeapps --namespace kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps --set rbac.create=false ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Error while upgrading the Chart It is possible that when upgrading Kubeapps an error appears. That can be caused by a breaking change in the new chart or because the current chart installation is in an inconsistent state. If you find issues upgrading Kubeapps you can follow these steps: @@ -971,9 +988,11 @@ It is possible that when upgrading Kubeapps an error appears. That can be caused ```console helm repo update - helm install --name kubeapps --namespace kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps + helm install --name kubeapps --namespace kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + 6. (Optional) Restore any repositories you backed up in the first step: ```console @@ -1032,9 +1051,11 @@ After that, you will be able to upgrade Kubeapps to 2.3.1 using the existing dat > **WARNING**: Make sure that the variable `$POSTGRESQL_PASSWORD` is properly populated. Setting a wrong (or empty) password will corrupt the release. ```console -helm upgrade kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps -n kubeapps --set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD +helm upgrade kubeapps oci://REGISTRY_NAME/REPOSITORY_NAME/kubeapps -n kubeapps --set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Upgrading to 2.0.1 (Chart 5.0.0) [On November 13, 2020, Helm 2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm 3 and to be consistent with the Helm project itself regarding the Helm 2 EOL. diff --git a/bitnami/kubeapps/values.yaml b/bitnami/kubeapps/values.yaml index 728b105ab75dc4..9dd38b06e7c1c0 100644 --- a/bitnami/kubeapps/values.yaml +++ b/bitnami/kubeapps/values.yaml @@ -197,8 +197,8 @@ packaging: frontend: ## Bitnami NGINX image ## ref: https://hub.docker.com/r/bitnami/nginx/tags/ - ## @param frontend.image.registry NGINX image registry - ## @param frontend.image.repository NGINX image repository + ## @param frontend.image.registry [default: REGISTRY_NAME] NGINX image registry + ## @param frontend.image.repository [default: REPOSITORY_NAME/nginx] NGINX image repository ## @param frontend.image.tag NGINX image tag (immutable tags are recommended) ## @param frontend.image.digest NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param frontend.image.pullPolicy NGINX image pull policy @@ -516,8 +516,8 @@ dashboard: enabled: true ## Bitnami Kubeapps Dashboard image ## ref: https://hub.docker.com/r/bitnami/kubeapps-dashboard/ - ## @param dashboard.image.registry Dashboard image registry - ## @param dashboard.image.repository Dashboard image repository + ## @param dashboard.image.registry [default: REGISTRY_NAME] Dashboard image registry + ## @param dashboard.image.repository [default: REPOSITORY_NAME/kubeapps-dashboard] Dashboard image repository ## @param dashboard.image.tag Dashboard image tag (immutable tags are recommended) ## @param dashboard.image.digest Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param dashboard.image.pullPolicy Dashboard image pull policy @@ -824,8 +824,8 @@ dashboard: apprepository: ## Bitnami Kubeapps AppRepository Controller image ## ref: https://hub.docker.com/r/bitnami/kubeapps-apprepository-controller/tags/ - ## @param apprepository.image.registry Kubeapps AppRepository Controller image registry - ## @param apprepository.image.repository Kubeapps AppRepository Controller image repository + ## @param apprepository.image.registry [default: REGISTRY_NAME] Kubeapps AppRepository Controller image registry + ## @param apprepository.image.repository [default: REPOSITORY_NAME/kubeapps-apprepository-controller] Kubeapps AppRepository Controller image repository ## @param apprepository.image.tag Kubeapps AppRepository Controller image tag (immutable tags are recommended) ## @param apprepository.image.digest Kubeapps AppRepository Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param apprepository.image.pullPolicy Kubeapps AppRepository Controller image pull policy @@ -851,8 +851,8 @@ apprepository: pullSecrets: [] ## Bitnami Kubeapps Asset Syncer image ## ref: https://hub.docker.com/r/bitnami/kubeapps-asset-syncer/tags/ - ## @param apprepository.syncImage.registry Kubeapps Asset Syncer image registry - ## @param apprepository.syncImage.repository Kubeapps Asset Syncer image repository + ## @param apprepository.syncImage.registry [default: REGISTRY_NAME] Kubeapps Asset Syncer image registry + ## @param apprepository.syncImage.repository [default: REPOSITORY_NAME/kubeapps-asset-syncer] Kubeapps Asset Syncer image repository ## @param apprepository.syncImage.tag Kubeapps Asset Syncer image tag (immutable tags are recommended) ## @param apprepository.syncImage.digest Kubeapps Asset Syncer image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param apprepository.syncImage.pullPolicy Kubeapps Asset Syncer image pull policy @@ -1135,8 +1135,8 @@ authProxy: enabled: false ## Bitnami OAuth2 Proxy image ## ref: https://hub.docker.com/r/bitnami/oauth2-proxy/tags/ - ## @param authProxy.image.registry OAuth2 Proxy image registry - ## @param authProxy.image.repository OAuth2 Proxy image repository + ## @param authProxy.image.registry [default: REGISTRY_NAME] OAuth2 Proxy image registry + ## @param authProxy.image.repository [default: REPOSITORY_NAME/oauth2-proxy] OAuth2 Proxy image repository ## @param authProxy.image.tag OAuth2 Proxy image tag (immutable tags are recommended) ## @param authProxy.image.digest OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param authProxy.image.pullPolicy OAuth2 Proxy image pull policy @@ -1273,8 +1273,8 @@ pinnipedProxy: enabled: false ## Bitnami Pinniped Proxy image ## ref: https://hub.docker.com/r/bitnami/kubeapps-pinniped-proxy/tags/ - ## @param pinnipedProxy.image.registry Pinniped Proxy image registry - ## @param pinnipedProxy.image.repository Pinniped Proxy image repository + ## @param pinnipedProxy.image.registry [default: REGISTRY_NAME] Pinniped Proxy image registry + ## @param pinnipedProxy.image.repository [default: REPOSITORY_NAME/kubeapps-pinniped-proxy] Pinniped Proxy image repository ## @param pinnipedProxy.image.tag Pinniped Proxy image tag (immutable tags are recommended) ## @param pinnipedProxy.image.digest Pinniped Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param pinnipedProxy.image.pullPolicy Pinniped Proxy image pull policy @@ -1566,8 +1566,8 @@ kubeappsapis: headerPattern: "" ## Bitnami Kubeapps-APIs image ## ref: https://hub.docker.com/r/bitnami/kubeapps-apis/tags/ - ## @param kubeappsapis.image.registry Kubeapps-APIs image registry - ## @param kubeappsapis.image.repository Kubeapps-APIs image repository + ## @param kubeappsapis.image.registry [default: REGISTRY_NAME] Kubeapps-APIs image registry + ## @param kubeappsapis.image.repository [default: REPOSITORY_NAME/kubeapps-apis] Kubeapps-APIs image repository ## @param kubeappsapis.image.tag Kubeapps-APIs image tag (immutable tags are recommended) ## @param kubeappsapis.image.digest Kubeapps-APIs image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param kubeappsapis.image.pullPolicy Kubeapps-APIs image pull policy @@ -1850,8 +1850,8 @@ ociCatalog: enabled: false ## Bitnami Kubeapps OCI Catalog image ## ref: https://hub.docker.com/r/bitnami/kubeapps-ocicatalog/ - ## @param ociCatalog.image.registry OCI Catalog image registry - ## @param ociCatalog.image.repository OCI Catalog image repository + ## @param ociCatalog.image.registry [default: REGISTRY_NAME] OCI Catalog image registry + ## @param ociCatalog.image.repository [default: REPOSITORY_NAME/kubeapps-oci-catalog] OCI Catalog image repository ## @param ociCatalog.image.tag OCI Catalog image tag (immutable tags are recommended) ## @param ociCatalog.image.digest OCI Catalog image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param ociCatalog.image.pullPolicy OCI Catalog image pull policy diff --git a/bitnami/kubernetes-event-exporter/README.md b/bitnami/kubernetes-event-exporter/README.md index eabdc6314b5f02..66b2c0dc1091ed 100644 --- a/bitnami/kubernetes-event-exporter/README.md +++ b/bitnami/kubernetes-event-exporter/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kubernetes-event-exporter +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kubernetes-event-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Kubernetes Event Exporter](https://github.com/resmoio/kubernetes-event-exporter) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Kubernetes Event Exporter in production? Try [VMware Application To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/kubernetes-event-exporter +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kubernetes-event-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Kubernetes Event Exporter on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` or `helm ls --all-namespaces` @@ -74,85 +78,85 @@ The command removes all the Kubernetes components associated with the chart and ### Kubernetes Event Exporter parameters -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | -| `replicaCount` | Desired number of pod replicas | `1` | -| `revisionHistoryLimit` | Desired number of old ReplicaSets to retain | `10` | -| `containerPorts.http` | HTTP container port | `2112` | -| `extraContainerPorts` | Optionally specify extra list of additional port-mappings for the container | `[]` | -| `image.registry` | Container image registry | `docker.io` | -| `image.repository` | Container image name | `bitnami/kubernetes-event-exporter` | -| `image.tag` | Container image tag | `1.4.0-debian-11-r60` | -| `image.digest` | Container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `config.logLevel` | Verbosity of the logs (options: `fatal`, `error`, `warn`, `info` or `debug`) | `debug` | -| `config.logFormat` | How the logs are formatted. Allowed values: `pretty` or `json` | `pretty` | -| `config.receivers` | Array containing event receivers | `[]` | -| `config.route.routes` | Array containing event route configuration | `[]` | -| `rbac.create` | Create the RBAC roles for API accessibility | `true` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod labels | `{}` | -| `podSecurityContext.enabled` | Enable security context | `true` | -| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | -| `containerSecurityContext.enabled` | Enable container security context | `true` | -| `containerSecurityContext.capabilities.add` | Add capabilities for the securityContext | `[]` | -| `containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | -| `containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly only | `true` | -| `containerSecurityContext.runAsNonRoot` | If the pod should run as a non root container. | `true` | -| `containerSecurityContext.runAsUser` | Define the uid with which the pod will run | `1001` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | Lifecycle for the container to automate configuration before or after startup | `{}` | -| `resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | -| `resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | -| `customStartupProbe` | Configure startup probe for Kubernetes event exporter pod | `{}` | -| `customLivenessProbe` | Configure liveness probe for Kubernetes event exporter pod | `{}` | -| `customReadinessProbe` | Configure readiness probe for Kubernetes event exporter pod | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `priorityClassName` | Set Priority Class Name to allow priority control over other pods | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `updateStrategy.type` | Deployment strategy type. | `RollingUpdate` | -| `extraEnvVars` | Array containing extra env vars to be added to all containers | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all containers | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all containers | `""` | -| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | -| `extraVolumes` | Array to add extra volumes | `[]` | -| `initContainers` | Attach additional init containers to pods | `[]` | -| `sidecars` | Add additional sidecar containers to pods | `[]` | -| `metrics.enabled` | Enable exposing statistics | `false` | -| `metrics.service.ports.http` | Metrics service HTTP port | `2112` | -| `metrics.service.annotations` | Annotations for enabling prometheus to access the metrics endpoints | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.port` | Metrics service HTTP port | `http` | -| `metrics.serviceMonitor.endpoints` | The endpoint configuration of the ServiceMonitor. Path is mandatory. Interval, timeout and labellings can be overwritten. | `[]` | -| `metrics.serviceMonitor.path` | Metrics service HTTP path. Deprecated: Use @param metrics.serviceMonitor.endpoints instead | `""` | -| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.prometheusRule.enabled` | Create PrometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.groups` | Groups, containing the alert rules. | `[]` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------- | +| `replicaCount` | Desired number of pod replicas | `1` | +| `revisionHistoryLimit` | Desired number of old ReplicaSets to retain | `10` | +| `containerPorts.http` | HTTP container port | `2112` | +| `extraContainerPorts` | Optionally specify extra list of additional port-mappings for the container | `[]` | +| `image.registry` | Container image registry | `REGISTRY_NAME` | +| `image.repository` | Container image name | `REPOSITORY_NAME/kubernetes-event-exporter` | +| `image.tag` | Container image tag | `1.4.0-debian-11-r60` | +| `image.digest` | Container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `config.logLevel` | Verbosity of the logs (options: `fatal`, `error`, `warn`, `info` or `debug`) | `debug` | +| `config.logFormat` | How the logs are formatted. Allowed values: `pretty` or `json` | `pretty` | +| `config.receivers` | Array containing event receivers | `[]` | +| `config.route.routes` | Array containing event route configuration | `[]` | +| `rbac.create` | Create the RBAC roles for API accessibility | `true` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod labels | `{}` | +| `podSecurityContext.enabled` | Enable security context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the container | `1001` | +| `containerSecurityContext.enabled` | Enable container security context | `true` | +| `containerSecurityContext.capabilities.add` | Add capabilities for the securityContext | `[]` | +| `containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | +| `containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly only | `true` | +| `containerSecurityContext.runAsNonRoot` | If the pod should run as a non root container. | `true` | +| `containerSecurityContext.runAsUser` | Define the uid with which the pod will run | `1001` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | Lifecycle for the container to automate configuration before or after startup | `{}` | +| `resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` | +| `resources.requests` | Specify resource requests which the container needs to spawn. | `{}` | +| `customStartupProbe` | Configure startup probe for Kubernetes event exporter pod | `{}` | +| `customLivenessProbe` | Configure liveness probe for Kubernetes event exporter pod | `{}` | +| `customReadinessProbe` | Configure readiness probe for Kubernetes event exporter pod | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `priorityClassName` | Set Priority Class Name to allow priority control over other pods | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `updateStrategy.type` | Deployment strategy type. | `RollingUpdate` | +| `extraEnvVars` | Array containing extra env vars to be added to all containers | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all containers | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all containers | `""` | +| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | +| `extraVolumes` | Array to add extra volumes | `[]` | +| `initContainers` | Attach additional init containers to pods | `[]` | +| `sidecars` | Add additional sidecar containers to pods | `[]` | +| `metrics.enabled` | Enable exposing statistics | `false` | +| `metrics.service.ports.http` | Metrics service HTTP port | `2112` | +| `metrics.service.annotations` | Annotations for enabling prometheus to access the metrics endpoints | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.port` | Metrics service HTTP port | `http` | +| `metrics.serviceMonitor.endpoints` | The endpoint configuration of the ServiceMonitor. Path is mandatory. Interval, timeout and labellings can be overwritten. | `[]` | +| `metrics.serviceMonitor.path` | Metrics service HTTP path. Deprecated: Use @param metrics.serviceMonitor.endpoints instead | `""` | +| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.prometheusRule.enabled` | Create PrometheusRule Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.prometheusRule.namespace` | Namespace which Prometheus is running in | `""` | +| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.groups` | Groups, containing the alert rules. | `[]` | ### Autoscaling diff --git a/bitnami/kubernetes-event-exporter/values.yaml b/bitnami/kubernetes-event-exporter/values.yaml index b97232df9c1fdc..256c2ad32dcb19 100644 --- a/bitnami/kubernetes-event-exporter/values.yaml +++ b/bitnami/kubernetes-event-exporter/values.yaml @@ -70,8 +70,8 @@ containerPorts: extraContainerPorts: [] image: - ## @param image.registry Container image registry - ## @param image.repository Container image name + ## @param image.registry [default: REGISTRY_NAME] Container image registry + ## @param image.repository [default: REPOSITORY_NAME/kubernetes-event-exporter] Container image name ## @param image.tag Container image tag ## @param image.digest Container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Container image pull policy diff --git a/bitnami/logstash/README.md b/bitnami/logstash/README.md index e1304a4a56e080..5b683cc69bb11c 100644 --- a/bitnami/logstash/README.md +++ b/bitnami/logstash/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/logstash +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/logstash ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [logstash](https://github.com/bitnami/containers/tree/main/bitnami/logstash) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Logstash in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/logstash +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/logstash ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy logstash on the Kubernetes cluster in the default configuration. The [configuration](#configuration-and-installation-details) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,145 +80,148 @@ The command removes all the Kubernetes components associated with the chart and ### Logstash parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `image.registry` | Logstash image registry | `docker.io` | -| `image.repository` | Logstash image repository | `bitnami/logstash` | -| `image.tag` | Logstash image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | -| `image.digest` | Logstash image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Logstash image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `configFileName` | Logstash configuration file name. It must match the name of the configuration file mounted as a configmap. | `logstash.conf` | -| `enableMonitoringAPI` | Whether to enable the Logstash Monitoring API or not Kubernetes cluster domain | `true` | -| `monitoringAPIPort` | Logstash Monitoring API Port | `9600` | -| `extraEnvVars` | Array containing extra env vars to configure Logstash | `[]` | -| `extraEnvVarsSecret` | To add secrets to environment | `""` | -| `extraEnvVarsCM` | To add configmaps to environment | `""` | -| `input` | Input Plugins configuration | `""` | -| `filter` | Filter Plugins configuration | `""` | -| `output` | Output Plugins configuration | `""` | -| `existingConfiguration` | Name of existing ConfigMap object with the Logstash configuration (`input`, `filter`, and `output` will be ignored). | `""` | -| `enableMultiplePipelines` | Allows user to use multiple pipelines | `false` | -| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | -| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | -| `serviceAccount.create` | Enable creation of ServiceAccount for Logstash pods | `true` | -| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | `""` | -| `serviceAccount.automountServiceAccountToken` | Allows automount of ServiceAccountToken on the serviceAccount created | `true` | -| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `containerPorts` | Array containing the ports to open in the Logstash container (evaluated as a template) | `[]` | -| `initContainers` | Add additional init containers to the Logstash pod(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the Logstash pod(s) | `[]` | -| `replicaCount` | Number of Logstash replicas to deploy | `1` | -| `updateStrategy.type` | Update strategy type (`RollingUpdate`, or `OnDelete`) | `RollingUpdate` | -| `podManagementPolicy` | Pod management policy | `OrderedReady` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Extra labels for Logstash pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `priorityClassName` | Pod priority | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the Logstash pod needs to terminate gracefully | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `podSecurityContext.enabled` | Enabled Logstash pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Logstash pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled Logstash containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set Logstash containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Logstash container's Security Context runAsNonRoot | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the Logstash container(s) to automate configuration before or after startup | `{}` | -| `resources.limits` | The resources limits for the Logstash container | `{}` | -| `resources.requests` | The requested resources for the Logstash container | `{}` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Custom startup probe for the Web component | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) | `ClusterIP` | -| `service.ports` | Logstash service ports (evaluated as a template) | `[]` | -| `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `service.externalTrafficPolicy` | External traffic policy, configure to Local to preserve client source IP when using an external loadBalancer | `""` | -| `service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `service.annotations` | Annotations for Logstash service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.headless.annotations` | Annotations for the headless service. | `{}` | -| `persistence.enabled` | Enable Logstash data persistence using PVC | `false` | -| `persistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | -| `persistence.storageClass` | PVC Storage Class for Logstash data volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Logstash data volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Logstash data volume | `2Gi` | -| `persistence.annotations` | Annotations for the PVC | `{}` | -| `persistence.mountPath` | Mount path of the Logstash data volume | `/bitnami/logstash/data` | -| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.securityContext.runAsUser` | User ID for the volumePermissions init container | `0` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `ingress.pathType` | Ingress Path type | `ImplementationSpecific` | -| `ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | -| `ingress.hostname` | Default host for the ingress resource | `logstash.local` | -| `ingress.path` | The Path to Logstash. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | -| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` | -| `ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `pdb.create` | If true, create a pod disruption budget for pods. | `false` | -| `pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | Logstash image registry | `REGISTRY_NAME` | +| `image.repository` | Logstash image repository | `REPOSITORY_NAME/logstash` | +| `image.tag` | Logstash image tag (immutable tags are recommended) | `8.10.4-debian-11-r0` | +| `image.digest` | Logstash image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Logstash image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `configFileName` | Logstash configuration file name. It must match the name of the configuration file mounted as a configmap. | `logstash.conf` | +| `enableMonitoringAPI` | Whether to enable the Logstash Monitoring API or not Kubernetes cluster domain | `true` | +| `monitoringAPIPort` | Logstash Monitoring API Port | `9600` | +| `extraEnvVars` | Array containing extra env vars to configure Logstash | `[]` | +| `extraEnvVarsSecret` | To add secrets to environment | `""` | +| `extraEnvVarsCM` | To add configmaps to environment | `""` | +| `input` | Input Plugins configuration | `""` | +| `filter` | Filter Plugins configuration | `""` | +| `output` | Output Plugins configuration | `""` | +| `existingConfiguration` | Name of existing ConfigMap object with the Logstash configuration (`input`, `filter`, and `output` will be ignored). | `""` | +| `enableMultiplePipelines` | Allows user to use multiple pipelines | `false` | +| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | +| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | +| `serviceAccount.create` | Enable creation of ServiceAccount for Logstash pods | `true` | +| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | `""` | +| `serviceAccount.automountServiceAccountToken` | Allows automount of ServiceAccountToken on the serviceAccount created | `true` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `containerPorts` | Array containing the ports to open in the Logstash container (evaluated as a template) | `[]` | +| `initContainers` | Add additional init containers to the Logstash pod(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the Logstash pod(s) | `[]` | +| `replicaCount` | Number of Logstash replicas to deploy | `1` | +| `updateStrategy.type` | Update strategy type (`RollingUpdate`, or `OnDelete`) | `RollingUpdate` | +| `podManagementPolicy` | Pod management policy | `OrderedReady` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Extra labels for Logstash pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `priorityClassName` | Pod priority | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the Logstash pod needs to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `podSecurityContext.enabled` | Enabled Logstash pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Logstash pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled Logstash containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set Logstash containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Logstash container's Security Context runAsNonRoot | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the Logstash container(s) to automate configuration before or after startup | `{}` | +| `resources.limits` | The resources limits for the Logstash container | `{}` | +| `resources.requests` | The requested resources for the Logstash container | `{}` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `60` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `60` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Custom startup probe for the Web component | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `service.type` | Kubernetes service type (`ClusterIP`, `NodePort`, or `LoadBalancer`) | `ClusterIP` | +| `service.ports` | Logstash service ports (evaluated as a template) | `[]` | +| `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | +| `service.externalTrafficPolicy` | External traffic policy, configure to Local to preserve client source IP when using an external loadBalancer | `""` | +| `service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `service.annotations` | Annotations for Logstash service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.headless.annotations` | Annotations for the headless service. | `{}` | +| `persistence.enabled` | Enable Logstash data persistence using PVC | `false` | +| `persistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | +| `persistence.storageClass` | PVC Storage Class for Logstash data volume | `""` | +| `persistence.accessModes` | PVC Access Mode for Logstash data volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Logstash data volume | `2Gi` | +| `persistence.annotations` | Annotations for the PVC | `{}` | +| `persistence.mountPath` | Mount path of the Logstash data volume | `/bitnami/logstash/data` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.securityContext.runAsUser` | User ID for the volumePermissions init container | `0` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `ingress.enabled` | Enable ingress controller resource | `false` | +| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `ingress.pathType` | Ingress Path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Override API Version (automatically detected if not set) | `""` | +| `ingress.hostname` | Default host for the ingress resource | `logstash.local` | +| `ingress.path` | The Path to Logstash. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | +| `ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | +| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` | +| `ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | +| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `pdb.create` | If true, create a pod disruption budget for pods. | `false` | +| `pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ - --set enableMonitoringAPI=false oci://registry-1.docker.io/bitnamicharts/logstash + --set enableMonitoringAPI=false oci://REGISTRY_NAME/REPOSITORY_NAME/logstash ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command disables the Logstash Monitoring API. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/logstash +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/logstash ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/logstash/values.yaml b/bitnami/logstash/values.yaml index 389809712781e9..0c12497d99bb06 100644 --- a/bitnami/logstash/values.yaml +++ b/bitnami/logstash/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Logstash image ## ref: https://hub.docker.com/r/bitnami/logstash/tags/ -## @param image.registry Logstash image registry -## @param image.repository Logstash image repository +## @param image.registry [default: REGISTRY_NAME] Logstash image registry +## @param image.repository [default: REPOSITORY_NAME/logstash] Logstash image repository ## @param image.tag Logstash image tag (immutable tags are recommended) ## @param image.digest Logstash image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Logstash image pull policy @@ -525,8 +525,8 @@ volumePermissions: ## securityContext: runAsUser: 0 - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/magento/README.md b/bitnami/magento/README.md index 6501f06035572c..7e4cb36f5ce5a8 100644 --- a/bitnami/magento/README.md +++ b/bitnami/magento/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/magento +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Magento](https://github.com/bitnami/containers/tree/main/bitnami/magento) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Magento in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/magento +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Magento on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,88 +84,88 @@ The command removes all the Kubernetes components associated with the chart and ### Magento parameters -| Name | Description | Value | -| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Magento image registry | `docker.io` | -| `image.repository` | Magento image repository | `bitnami/magento` | -| `image.tag` | Magento image tag (immutable tags are recommended) | `2.4.6-debian-11-r114` | -| `image.digest` | Magento image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Magento image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `replicaCount` | Number of Magento Pods to run | `1` | -| `magentoSkipInstall` | Skip Magento installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `magentoHost` | Magento host to create application URLs | `""` | -| `magentoUsername` | User of the application | `user` | -| `magentoPassword` | Application password | `""` | -| `magentoEmail` | Admin email | `user@example.com` | -| `magentoFirstName` | Magento Admin First Name | `""` | -| `magentoLastName` | Magento Admin Last Name | `""` | -| `magentoAdminUri` | Magento prefix to access Magento Admin | `""` | -| `magentoMode` | Magento mode | `""` | -| `magentoExtraInstallArgs` | Magento extra install args | `""` | -| `magentoDeployStaticContent` | Deploy static content during the first deployment, to optimize page load time | `false` | -| `magentoUseHttps` | Use SSL to access the Magento Store. Valid values: `true`, `false` | `false` | -| `magentoUseSecureAdmin` | Use SSL to access the Magento Admin. Valid values: `true`, `false` | `false` | -| `magentoSkipReindex` | Skip Magento Indexer reindex step during the initialization. Valid values: `true`, `false` | `false` | -| `allowEmptyPassword` | Allow DB blank passwords | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes` | `[]` | -| `extraContainerPorts` | Array of additional container ports for the Magento container | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `containerPorts` | Container ports | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `resources.limits` | The resources limits for the Magento container | `{}` | -| `resources.requests` | The requested resourcesc for the Magento container | `{}` | -| `podSecurityContext.enabled` | Enable Magento pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Magento pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Magento containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Magento containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% container's Security Context runAsNonRoot | `true` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `300` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | Magento image registry | `REGISTRY_NAME` | +| `image.repository` | Magento image repository | `REPOSITORY_NAME/magento` | +| `image.tag` | Magento image tag (immutable tags are recommended) | `2.4.6-debian-11-r114` | +| `image.digest` | Magento image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Magento image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `replicaCount` | Number of Magento Pods to run | `1` | +| `magentoSkipInstall` | Skip Magento installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `magentoHost` | Magento host to create application URLs | `""` | +| `magentoUsername` | User of the application | `user` | +| `magentoPassword` | Application password | `""` | +| `magentoEmail` | Admin email | `user@example.com` | +| `magentoFirstName` | Magento Admin First Name | `""` | +| `magentoLastName` | Magento Admin Last Name | `""` | +| `magentoAdminUri` | Magento prefix to access Magento Admin | `""` | +| `magentoMode` | Magento mode | `""` | +| `magentoExtraInstallArgs` | Magento extra install args | `""` | +| `magentoDeployStaticContent` | Deploy static content during the first deployment, to optimize page load time | `false` | +| `magentoUseHttps` | Use SSL to access the Magento Store. Valid values: `true`, `false` | `false` | +| `magentoUseSecureAdmin` | Use SSL to access the Magento Admin. Valid values: `true`, `false` | `false` | +| `magentoSkipReindex` | Skip Magento Indexer reindex step during the initialization. Valid values: `true`, `false` | `false` | +| `allowEmptyPassword` | Allow DB blank passwords | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes` | `[]` | +| `extraContainerPorts` | Array of additional container ports for the Magento container | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `priorityClassName` | %%MAIN_CONTAINER_NAME%% pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `containerPorts` | Container ports | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `resources.limits` | The resources limits for the Magento container | `{}` | +| `resources.requests` | The requested resourcesc for the Magento container | `{}` | +| `podSecurityContext.enabled` | Enable Magento pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Magento pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Magento containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Magento containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set %%MAIN_CONTAINER_NAME%% container's Security Context runAsNonRoot | `true` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `300` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### NetworkPolicy parameters @@ -185,47 +189,47 @@ The command removes all the Kubernetes components associated with the chart and ### Database parameters -| Name | Description | Value | -| ------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ----------------------- | -| `mariadb.enabled` | Whether to deploy a mariadb server to satisfy the applications database requirements. | `true` | -| `mariadb.image.registry` | MariaDB image registry | `docker.io` | -| `mariadb.image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `mariadb.image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.15-debian-11-r49` | -| `mariadb.image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | -| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | -| `mariadb.auth.database` | Database name to create | `bitnami_magento` | -| `mariadb.auth.username` | Database user to create | `bn_magento` | -| `mariadb.auth.password` | Password for the database | `""` | -| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | -| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` | -| `mariadb.primary.persistence.accessModes` | Database Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | -| `mariadb.primary.persistence.hostPath` | Set path in case you want to use local host path volumes (not recommended in production) | `""` | -| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` | -| `externalDatabase.host` | Host of the existing database | `""` | -| `externalDatabase.port` | Port of the existing database | `3306` | -| `externalDatabase.user` | Existing username in the external db | `bn_magento` | -| `externalDatabase.password` | Password for the above username | `""` | -| `externalDatabase.database` | Name of the existing database | `bitnami_magento` | -| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password | `""` | +| Name | Description | Value | +| ------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `mariadb.enabled` | Whether to deploy a mariadb server to satisfy the applications database requirements. | `true` | +| `mariadb.image.registry` | MariaDB image registry | `REGISTRY_NAME` | +| `mariadb.image.repository` | MariaDB image repository | `REPOSITORY_NAME/mariadb` | +| `mariadb.image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.15-debian-11-r49` | +| `mariadb.image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | +| `mariadb.auth.database` | Database name to create | `bitnami_magento` | +| `mariadb.auth.username` | Database user to create | `bn_magento` | +| `mariadb.auth.password` | Password for the database | `""` | +| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | +| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` | +| `mariadb.primary.persistence.accessModes` | Database Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | +| `mariadb.primary.persistence.hostPath` | Set path in case you want to use local host path volumes (not recommended in production) | `""` | +| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` | +| `externalDatabase.host` | Host of the existing database | `""` | +| `externalDatabase.port` | Port of the existing database | `3306` | +| `externalDatabase.user` | Existing username in the external db | `bn_magento` | +| `externalDatabase.password` | Password for the above username | `""` | +| `externalDatabase.database` | Name of the existing database | `bitnami_magento` | +| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password | `""` | ### Elasticsearch parameters -| Name | Description | Value | -| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `elasticsearch.enabled` | Whether to deploy a elasticsearch server to use as magento's search engine | `true` | -| `elasticsearch.image.registry` | Elasticsearch image registry | `docker.io` | -| `elasticsearch.image.repository` | Elasticsearch image repository | `bitnami/elasticsearch` | -| `elasticsearch.image.tag` | Elasticsearch image tag (immutable tags are recommended) | `7.17.14-debian-11-r1` | -| `elasticsearch.image.digest` | Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `elasticsearch.sysctlImage.enabled` | Enable kernel settings modifier image for Elasticsearch | `true` | -| `elasticsearch.master.replicaCount` | Desired number of Elasticsearch master-eligible nodes | `1` | -| `elasticsearch.coordinating.replicaCount` | Desired number of Elasticsearch coordinating-only nodes | `1` | -| `elasticsearch.data.replicaCount` | Desired number of Elasticsearch data nodes | `1` | -| `elasticsearch.ingest.replicaCount` | Desired number of Elasticsearch ingest nodes | `1` | -| `externalElasticsearch.host` | Host of the external elasticsearch server | `""` | -| `externalElasticsearch.port` | Port of the external elasticsearch server | `""` | +| Name | Description | Value | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `elasticsearch.enabled` | Whether to deploy a elasticsearch server to use as magento's search engine | `true` | +| `elasticsearch.image.registry` | Elasticsearch image registry | `REGISTRY_NAME` | +| `elasticsearch.image.repository` | Elasticsearch image repository | `REPOSITORY_NAME/elasticsearch` | +| `elasticsearch.image.tag` | Elasticsearch image tag (immutable tags are recommended) | `7.17.14-debian-11-r1` | +| `elasticsearch.image.digest` | Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `elasticsearch.sysctlImage.enabled` | Enable kernel settings modifier image for Elasticsearch | `true` | +| `elasticsearch.master.replicaCount` | Desired number of Elasticsearch master-eligible nodes | `1` | +| `elasticsearch.coordinating.replicaCount` | Desired number of Elasticsearch coordinating-only nodes | `1` | +| `elasticsearch.data.replicaCount` | Desired number of Elasticsearch data nodes | `1` | +| `elasticsearch.ingest.replicaCount` | Desired number of Elasticsearch ingest nodes | `1` | +| `externalElasticsearch.host` | Host of the external elasticsearch server | `""` | +| `externalElasticsearch.port` | Port of the external elasticsearch server | `""` | ### Persistence parameters @@ -244,17 +248,17 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resourcesc for the init container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resourcesc for the init container | `{}` | ### Traffic Exposure Parameters @@ -290,20 +294,20 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ----------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources.limits` | The resources limits for the metrics container | `{}` | -| `metrics.resources.requests` | The requested resources for the metrics container | `{}` | -| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` | -| `metrics.service.port` | Service Metrics port | `9117` | -| `metrics.service.annotations` | Annotations for the Prometheus exporter service | `{}` | +| Name | Description | Value | +| ----------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources.limits` | The resources limits for the metrics container | `{}` | +| `metrics.resources.requests` | The requested resources for the metrics container | `{}` | +| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` | +| `metrics.service.port` | Service Metrics port | `9117` | +| `metrics.service.annotations` | Annotations for the Prometheus exporter service | `{}` | ### Certificate injection parameters @@ -321,8 +325,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | | `certificates.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -359,9 +363,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set magentoUsername=admin,magentoPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/magento + oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Magento administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -369,9 +375,10 @@ The above command sets the Magento administrator account username and password t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/magento +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -539,9 +546,11 @@ As an alternative, you can use of the preset configurations for pod affinity, po 3. Install the chart ```console - helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/magento + helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -555,9 +564,11 @@ As an alternative, you can use of the preset configurations for pod affinity, po 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/magento + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/magento ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `magento-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the Magento file directory permissions yourself and disable or clear Magento cache. @@ -698,9 +709,11 @@ export APP_PASSWORD=$(kubectl get secret --namespace default magento -o jsonpath export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default magento-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) export MARIADB_PASSWORD=$(kubectl get secret --namespace default magento-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) kubectl delete deployments.apps magento -helm upgrade magento oci://registry-1.docker.io/bitnamicharts/magento --set magentoHost=$APP_HOST,magentoPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +helm upgrade magento oci://REGISTRY_NAME/REPOSITORY_NAME/magento --set magentoHost=$APP_HOST,magentoPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 15.0.0 In this major there were two main changes introduced: @@ -761,9 +774,11 @@ kubectl delete statefulsets.apps magento-mariadb --cascade=false Now the upgrade works: ```console -helm upgrade magento oci://registry-1.docker.io/bitnamicharts/magento --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set magentoPassword=$MAGENTO_PASSWORD --set magentoHost=$MAGENTO_HOST +helm upgrade magento oci://REGISTRY_NAME/REPOSITORY_NAME/magento --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set magentoPassword=$MAGENTO_PASSWORD --set magentoHost=$MAGENTO_HOST ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You will have to delete the existing MariaDB pod and the new statefulset is going to create a new one ```console diff --git a/bitnami/magento/values.yaml b/bitnami/magento/values.yaml index 26630f86c19171..9be185613d2cde 100644 --- a/bitnami/magento/values.yaml +++ b/bitnami/magento/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Magento image version ## ref: https://hub.docker.com/r/bitnami/magento/tags/ -## @param image.registry Magento image registry -## @param image.repository Magento image repository +## @param image.registry [default: REGISTRY_NAME] Magento image registry +## @param image.repository [default: REPOSITORY_NAME/magento] Magento image repository ## @param image.tag Magento image tag (immutable tags are recommended) ## @param image.digest Magento image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Magento image pull policy @@ -486,8 +486,8 @@ mariadb: enabled: true ## Override MariaDB default image as 10.6 is not supported https://devdocs.magento.com/guides/v2.4/install-gde/system-requirements.html#database ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb - ## @param mariadb.image.registry MariaDB image registry - ## @param mariadb.image.repository MariaDB image repository + ## @param mariadb.image.registry [default: REGISTRY_NAME] MariaDB image registry + ## @param mariadb.image.repository [default: REPOSITORY_NAME/mariadb] MariaDB image repository ## @param mariadb.image.tag MariaDB image tag (immutable tags are recommended) ## @param mariadb.image.digest MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -580,8 +580,8 @@ elasticsearch: enabled: true ## Override Elasticsearch default image as version 8 is not supported https://devdocs.magento.com/guides/v2.4/install-gde/system-requirements.html#database ## ref: https://github.com/bitnami/containers/tree/main/bitnami/elasticsearch - ## @param elasticsearch.image.registry Elasticsearch image registry - ## @param elasticsearch.image.repository Elasticsearch image repository + ## @param elasticsearch.image.registry [default: REGISTRY_NAME] Elasticsearch image registry + ## @param elasticsearch.image.repository [default: REPOSITORY_NAME/elasticsearch] Elasticsearch image repository ## @param elasticsearch.image.tag Elasticsearch image tag (immutable tags are recommended) ## @param elasticsearch.image.digest Elasticsearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -688,8 +688,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -889,8 +889,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -989,8 +989,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image ## @param certificates.image.tag Container sidecar image tag (immutable tags are recommended) ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/mariadb-galera/README.md b/bitnami/mariadb-galera/README.md index 6ebe2411b9d7ab..1704090c5a7777 100644 --- a/bitnami/mariadb-galera/README.md +++ b/bitnami/mariadb-galera/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MariaDB Galera](https://github.com/bitnami/containers/tree/main/bitnami/mariadb-galera) cluster on [Kubernetes](https://kubernetes.io) using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use MariaDB Galera in production? Try [VMware Application Catalog](ht To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys MariaDB Galera on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -85,176 +89,176 @@ The command removes all the Kubernetes components associated with the chart and ### MariaDB Galera parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `image.registry` | MariaDB Galera image registry | `docker.io` | -| `image.repository` | MariaDB Galera image repository | `bitnami/mariadb-galera` | -| `image.tag` | MariaDB Galera image tag (immutable tags are recommended) | `11.1.2-debian-11-r0` | -| `image.digest` | MariaDB Galera image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MariaDB Galera image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `podManagementPolicy` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | `OrderedReady` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `service.ports.mysql` | MariaDB service port | `3306` | -| `service.nodePorts.mysql` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` | -| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | Addresses that are allowed when svc is `LoadBalancer` | `[]` | -| `service.externalTrafficPolicy` | %%MAIN_CONTAINER_NAME%% service external traffic policy | `Cluster` | -| `service.annotations` | Additional annotations for MariaDB Galera service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.headless.annotations` | Annotations for the headless service. | `{}` | -| `service.headless.publishNotReadyAddresses` | Publish not Ready MariaDB Galera pods' IPs in the headless service. | `true` | -| `serviceAccount.create` | Specify whether a ServiceAccount should be created | `false` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Array containing extra env vars to configure MariaDB Galera replicas | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars to configure MariaDB Galera replicas | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars to configure MariaDB Galera replicas | `""` | -| `rbac.create` | Specify whether RBAC resources should be created and used | `false` | -| `podSecurityContext.enabled` | Enable security context | `true` | -| `podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `podSecurityContext.runAsUser` | User ID for the container | `1001` | -| `containerSecurityContext.enabled` | Enabled galera's container Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set galera's container Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set galera's container Security Context runAsNonRoot | `true` | -| `rootUser.user` | Username for the admin user. | `root` | -| `rootUser.password` | Password for the admin user. Ignored if existing secret is provided. | `""` | -| `rootUser.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | -| `existingSecret` | Use existing secret for password details (`rootUser.password`, `db.password`, `galera.mariabackup.password` will be ignored and picked up from this secret) | `""` | -| `usePasswordFiles` | Mount credentials as a files instead of using an environment variable. | `false` | -| `customPasswordFiles` | Use custom password files when `usePasswordFiles` is set to `true`. Define path for keys `root`, `user`, and `mariabackup`. | `{}` | -| `db.user` | Username of new user to create | `""` | -| `db.password` | Password for the new user. Ignored if existing secret is provided. | `""` | -| `db.name` | Name for new database to create | `my_database` | -| `db.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | -| `galera.name` | Galera cluster name | `galera` | -| `galera.bootstrap.forceBootstrap` | Option to force the boostraping from the indicated node in `galera.bootstarp.bootstrapFromNode` | `false` | -| `galera.bootstrap.bootstrapFromNode` | Node to bootstrap from, you will need to change this parameter in case you want to bootstrap from other node | `0` | -| `galera.bootstrap.forceSafeToBootstrap` | Force `safe_to_bootstrap: 1` in `grastate.date` file | `false` | -| `galera.mariabackup.user` | MariaBackup username | `mariabackup` | -| `galera.mariabackup.password` | MariaBackup password. Password is ignored if existingSecret is specified. | `""` | -| `galera.mariabackup.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | -| `ldap.enabled` | Enable LDAP support | `false` | -| `ldap.uri` | LDAP URL beginning in the form `ldap` | `""` | -| `ldap.base` | LDAP base DN | `""` | -| `ldap.binddn` | LDAP bind DN | `""` | -| `ldap.bindpw` | LDAP bind password | `""` | -| `ldap.bslookup` | LDAP base lookup | `""` | -| `ldap.filter` | LDAP custom filter | `""` | -| `ldap.map` | LDAP custom map | `""` | -| `ldap.nss_initgroups_ignoreusers` | LDAP ignored users | `root,nslcd` | -| `ldap.scope` | LDAP search scope | `""` | -| `ldap.tls_reqcert` | LDAP TLS check on server certificates | `""` | -| `tls.enabled` | Enable TLS support for replication traffic | `false` | -| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `tls.certificatesSecret` | Name of the secret that contains the certificates | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `mariadbConfiguration` | Configuration for the MariaDB server | `""` | -| `configurationConfigMap` | ConfigMap with the MariaDB configuration files (Note: Overrides `mariadbConfiguration`). The value is evaluated as a template. | `""` | -| `initdbScripts` | Specify dictionary of scripts to be run at first boot | `{}` | -| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | -| `extraFlags` | MariaDB additional command line flags | `""` | -| `replicaCount` | Desired number of cluster nodes | `3` | -| `updateStrategy.type` | updateStrategy for MariaDB Master StatefulSet | `RollingUpdate` | -| `podLabels` | Extra labels for MariaDB Galera pods | `{}` | -| `podAnnotations` | Annotations for MariaDB Galera pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `topologySpreadConstraints` | Topology Spread Constraints for pods assignment | `[]` | -| `lifecycleHooks` | for the galera container(s) to automate configuration before or after startup | `{}` | -| `containerPorts.mysql` | mariadb database container port | `3306` | -| `containerPorts.galera` | galera cluster container port | `4567` | -| `containerPorts.ist` | galera IST container port | `4568` | -| `containerPorts.sst` | galera SST container port | `4444` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `""` | -| `persistence.subPath` | Subdirectory of the volume to mount | `""` | -| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mariadb` | -| `persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | -| `persistence.storageClass` | Persistent Volume Storage Class | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `persistence.labels` | Persistent Volume Claim Labels | `{}` | -| `persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `persistence.size` | Persistent Volume Size | `8Gi` | -| `priorityClassName` | Priority Class Name for Statefulset | `""` | -| `initContainers` | Additional init containers (this value is evaluated as a template) | `[]` | -| `sidecars` | Add additional sidecar containers (this value is evaluated as a template) | `[]` | -| `extraVolumes` | Extra volumes | `[]` | -| `extraVolumeMounts` | Mount extra volume(s) | `[]` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `1` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `1` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `startupProbe.enabled` | Turn on and off startup probe | `false` | -| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `120` | -| `startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `startupProbe.timeoutSeconds` | When the probe times out | `1` | -| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `48` | -| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `customReadinessProbe` | Custom rediness probe for the Web component | `{}` | -| `podDisruptionBudget.create` | Specifies whether a Pod disruption budget should be created | `false` | -| `podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | MariaDB Prometheus exporter image registry | `docker.io` | -| `metrics.image.repository` | MariaDB Prometheus exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | MariaDB Prometheus exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | -| `metrics.image.digest` | MariaDB Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | MariaDB Prometheus exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | MariaDB Prometheus exporter image pull secrets | `[]` | -| `metrics.extraFlags` | MariaDB Prometheus exporter additional command line flags | `[]` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.containerSecurityContext.enabled` | Enabled exporter's container Security Context | `false` | -| `metrics.service.type` | Prometheus exporter service type | `ClusterIP` | -| `metrics.service.port` | Prometheus exporter service port | `9104` | -| `metrics.service.annotations` | Prometheus exporter service annotations | `{}` | -| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` | -| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | Prometheus metrics service external traffic policy | `Cluster` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` | -| `metrics.prometheusRules.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true`, and makes little sense without ServiceMonitor) | `false` | -| `metrics.prometheusRules.additionalLabels` | Additional labels to add to the PrometheusRule so it is picked up by the operator | `{}` | -| `metrics.prometheusRules.rules` | PrometheusRule rules to configure | `{}` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `image.registry` | MariaDB Galera image registry | `REGISTRY_NAME` | +| `image.repository` | MariaDB Galera image repository | `REPOSITORY_NAME/mariadb-galera` | +| `image.tag` | MariaDB Galera image tag (immutable tags are recommended) | `11.1.2-debian-11-r0` | +| `image.digest` | MariaDB Galera image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | MariaDB Galera image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `podManagementPolicy` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | `OrderedReady` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `service.ports.mysql` | MariaDB service port | `3306` | +| `service.nodePorts.mysql` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` | +| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | Addresses that are allowed when svc is `LoadBalancer` | `[]` | +| `service.externalTrafficPolicy` | %%MAIN_CONTAINER_NAME%% service external traffic policy | `Cluster` | +| `service.annotations` | Additional annotations for MariaDB Galera service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.headless.annotations` | Annotations for the headless service. | `{}` | +| `service.headless.publishNotReadyAddresses` | Publish not Ready MariaDB Galera pods' IPs in the headless service. | `true` | +| `serviceAccount.create` | Specify whether a ServiceAccount should be created | `false` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array containing extra env vars to configure MariaDB Galera replicas | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars to configure MariaDB Galera replicas | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars to configure MariaDB Galera replicas | `""` | +| `rbac.create` | Specify whether RBAC resources should be created and used | `false` | +| `podSecurityContext.enabled` | Enable security context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `podSecurityContext.runAsUser` | User ID for the container | `1001` | +| `containerSecurityContext.enabled` | Enabled galera's container Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set galera's container Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set galera's container Security Context runAsNonRoot | `true` | +| `rootUser.user` | Username for the admin user. | `root` | +| `rootUser.password` | Password for the admin user. Ignored if existing secret is provided. | `""` | +| `rootUser.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | +| `existingSecret` | Use existing secret for password details (`rootUser.password`, `db.password`, `galera.mariabackup.password` will be ignored and picked up from this secret) | `""` | +| `usePasswordFiles` | Mount credentials as a files instead of using an environment variable. | `false` | +| `customPasswordFiles` | Use custom password files when `usePasswordFiles` is set to `true`. Define path for keys `root`, `user`, and `mariabackup`. | `{}` | +| `db.user` | Username of new user to create | `""` | +| `db.password` | Password for the new user. Ignored if existing secret is provided. | `""` | +| `db.name` | Name for new database to create | `my_database` | +| `db.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | +| `galera.name` | Galera cluster name | `galera` | +| `galera.bootstrap.forceBootstrap` | Option to force the boostraping from the indicated node in `galera.bootstarp.bootstrapFromNode` | `false` | +| `galera.bootstrap.bootstrapFromNode` | Node to bootstrap from, you will need to change this parameter in case you want to bootstrap from other node | `0` | +| `galera.bootstrap.forceSafeToBootstrap` | Force `safe_to_bootstrap: 1` in `grastate.date` file | `false` | +| `galera.mariabackup.user` | MariaBackup username | `mariabackup` | +| `galera.mariabackup.password` | MariaBackup password. Password is ignored if existingSecret is specified. | `""` | +| `galera.mariabackup.forcePassword` | Option to force users to specify a password. That is required for 'helm upgrade' to work properly. | `false` | +| `ldap.enabled` | Enable LDAP support | `false` | +| `ldap.uri` | LDAP URL beginning in the form `ldap` | `""` | +| `ldap.base` | LDAP base DN | `""` | +| `ldap.binddn` | LDAP bind DN | `""` | +| `ldap.bindpw` | LDAP bind password | `""` | +| `ldap.bslookup` | LDAP base lookup | `""` | +| `ldap.filter` | LDAP custom filter | `""` | +| `ldap.map` | LDAP custom map | `""` | +| `ldap.nss_initgroups_ignoreusers` | LDAP ignored users | `root,nslcd` | +| `ldap.scope` | LDAP search scope | `""` | +| `ldap.tls_reqcert` | LDAP TLS check on server certificates | `""` | +| `tls.enabled` | Enable TLS support for replication traffic | `false` | +| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | +| `tls.certificatesSecret` | Name of the secret that contains the certificates | `""` | +| `tls.certFilename` | Certificate filename | `""` | +| `tls.certKeyFilename` | Certificate key filename | `""` | +| `tls.certCAFilename` | CA Certificate filename | `""` | +| `mariadbConfiguration` | Configuration for the MariaDB server | `""` | +| `configurationConfigMap` | ConfigMap with the MariaDB configuration files (Note: Overrides `mariadbConfiguration`). The value is evaluated as a template. | `""` | +| `initdbScripts` | Specify dictionary of scripts to be run at first boot | `{}` | +| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | +| `extraFlags` | MariaDB additional command line flags | `""` | +| `replicaCount` | Desired number of cluster nodes | `3` | +| `updateStrategy.type` | updateStrategy for MariaDB Master StatefulSet | `RollingUpdate` | +| `podLabels` | Extra labels for MariaDB Galera pods | `{}` | +| `podAnnotations` | Annotations for MariaDB Galera pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `topologySpreadConstraints` | Topology Spread Constraints for pods assignment | `[]` | +| `lifecycleHooks` | for the galera container(s) to automate configuration before or after startup | `{}` | +| `containerPorts.mysql` | mariadb database container port | `3306` | +| `containerPorts.galera` | galera cluster container port | `4567` | +| `containerPorts.ist` | galera IST container port | `4568` | +| `containerPorts.sst` | galera SST container port | `4444` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `""` | +| `persistence.subPath` | Subdirectory of the volume to mount | `""` | +| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mariadb` | +| `persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | +| `persistence.storageClass` | Persistent Volume Storage Class | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.labels` | Persistent Volume Claim Labels | `{}` | +| `persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `persistence.size` | Persistent Volume Size | `8Gi` | +| `priorityClassName` | Priority Class Name for Statefulset | `""` | +| `initContainers` | Additional init containers (this value is evaluated as a template) | `[]` | +| `sidecars` | Add additional sidecar containers (this value is evaluated as a template) | `[]` | +| `extraVolumes` | Extra volumes | `[]` | +| `extraVolumeMounts` | Mount extra volume(s) | `[]` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `120` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `1` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `1` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `startupProbe.enabled` | Turn on and off startup probe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before startup probe is initiated | `120` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `1` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `48` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `customReadinessProbe` | Custom rediness probe for the Web component | `{}` | +| `podDisruptionBudget.create` | Specifies whether a Pod disruption budget should be created | `false` | +| `podDisruptionBudget.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `podDisruptionBudget.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | MariaDB Prometheus exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | MariaDB Prometheus exporter image repository | `REPOSITORY_NAME/mysqld-exporter` | +| `metrics.image.tag` | MariaDB Prometheus exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | +| `metrics.image.digest` | MariaDB Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | MariaDB Prometheus exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | MariaDB Prometheus exporter image pull secrets | `[]` | +| `metrics.extraFlags` | MariaDB Prometheus exporter additional command line flags | `[]` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled exporter's container Security Context | `false` | +| `metrics.service.type` | Prometheus exporter service type | `ClusterIP` | +| `metrics.service.port` | Prometheus exporter service port | `9104` | +| `metrics.service.annotations` | Prometheus exporter service annotations | `{}` | +| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` | +| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service Load Balancer sources | `[]` | +| `metrics.service.externalTrafficPolicy` | Prometheus metrics service external traffic policy | `Cluster` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` | +| `metrics.prometheusRules.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true`, and makes little sense without ServiceMonitor) | `false` | +| `metrics.prometheusRules.additionalLabels` | Additional labels to add to the PrometheusRule so it is picked up by the operator | `{}` | +| `metrics.prometheusRules.rules` | PrometheusRule rules to configure | `{}` | The above parameters map to the env variables defined in [bitnami/mariadb-galera](https://github.com/bitnami/containers/tree/main/bitnami/mariadb-galera). For more information please refer to the [bitnami/mariadb-galera](https://github.com/bitnami/containers/tree/main/bitnami/mariadb-galera) image documentation. @@ -264,9 +268,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set rootUser.password=secretpassword, --set db.user=app_database \ - oci://registry-1.docker.io/bitnamicharts/mariadb-galera + oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MariaDB `root` account password to `secretpassword`. Additionally it creates a database named `my_database`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -274,9 +280,10 @@ The above command sets the MariaDB `root` account password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mariadb-galera +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Passing extra command-line flags to mysqld startup @@ -288,9 +295,11 @@ For example, if you want to enable the PAM cleartext plugin, specify the command ```console helm install my-release \ --set extraFlags="--pam-use-cleartext-plugin=ON" \ - oci://registry-1.docker.io/bitnamicharts/mariadb-galera + oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Configuration and installation details ### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) @@ -512,7 +521,7 @@ There are two possible scenarios: In this case you will need the node number `N` and run: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera \ --set rootUser.password=XXXX \ --set galera.mariabackup.password=YYYY \ --set galera.bootstrap.forceBootstrap=true \ @@ -520,12 +529,14 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera --set podManagementPolicy=Parallel ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ##### All the nodes with `safe_to_bootstrap: 0` In this case the cluster was not stopped cleanly and you need to pick one to force the bootstrap from. The one to be chosen in the one with the highest `seqno` in `/bitnami/mariadb/data/grastate.dat`. The following example shows how to force bootstrap from node 3. ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera \ +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera \ --set rootUser.password=XXXX \ --set galera.mariabackup.password=YYYY \ --set galera.bootstrap.forceBootstrap=true \ @@ -534,17 +545,21 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera --set podManagementPolicy=Parallel ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + #### Remove the forced boostraping After you have started the cluster by forcing the bootstraping on one of the nodes, you will need to remove the forcing so the node can restart with normality. ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera \ +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera \ --set rootUser.password=XXXX \ --set galera.mariabackup.password=YYYY \ --set podManagementPolicy=Parallel ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Persistence The [Bitnami MariaDB Galera](https://github.com/bitnami/containers/tree/main/bitnami/mariadb-galera) image stores the MariaDB data and configurations at the `/bitnami/mariadb` path of the container. @@ -566,12 +581,14 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to specify the existing passwords while performing a upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `rootUser.password`, `db.password` and `galera.mariabackup.password` parameters when upgrading the chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mariadb-galera \ +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb-galera \ --set rootUser.password=[ROOT_PASSWORD] \ --set db.password=[MARIADB_PASSWORD] \ --set galera.mariabackup.password=[GALERA_MARIABACKUP_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholders _[ROOT_PASSWORD]_, _[MARIADB_PASSWORD]_ and _[MARIABACKUP_PASSWORD]_ with the values obtained from instructions in the installation notes. ### To 9.0.0 diff --git a/bitnami/mariadb-galera/values.yaml b/bitnami/mariadb-galera/values.yaml index 4371867e794dfd..7f30082d092d49 100644 --- a/bitnami/mariadb-galera/values.yaml +++ b/bitnami/mariadb-galera/values.yaml @@ -69,8 +69,8 @@ diagnosticMode: ## Bitnami MariaDB Galera image ## ref: https://hub.docker.com/r/bitnami/mariadb-galera/tags/ -## @param image.registry MariaDB Galera image registry -## @param image.repository MariaDB Galera image repository +## @param image.registry [default: REGISTRY_NAME] MariaDB Galera image registry +## @param image.repository [default: REPOSITORY_NAME/mariadb-galera] MariaDB Galera image repository ## @param image.tag MariaDB Galera image tag (immutable tags are recommended) ## @param image.digest MariaDB Galera image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy MariaDB Galera image pull policy @@ -789,8 +789,8 @@ metrics: enabled: false ## Bitnami MySQL Prometheus exporter image ## ref: https://hub.docker.com/r/bitnami/mysqld-exporter/tags/ - ## @param metrics.image.registry MariaDB Prometheus exporter image registry - ## @param metrics.image.repository MariaDB Prometheus exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] MariaDB Prometheus exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/mysqld-exporter] MariaDB Prometheus exporter image repository ## @param metrics.image.tag MariaDB Prometheus exporter image tag (immutable tags are recommended) ## @param metrics.image.digest MariaDB Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy MariaDB Prometheus exporter image pull policy diff --git a/bitnami/mariadb/README.md b/bitnami/mariadb/README.md index d9b5c2bed65c69..ae1ba929e182ac 100644 --- a/bitnami/mariadb/README.md +++ b/bitnami/mariadb/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MariaDB](https://github.com/bitnami/containers/tree/main/bitnami/mariadb) replication cluster deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,9 +37,11 @@ Looking to use MariaDB in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mariadb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys MariaDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -82,28 +86,28 @@ The command removes all the Kubernetes components associated with the chart and ### MariaDB common parameters -| Name | Description | Value | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | MariaDB image registry | `docker.io` | -| `image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `image.tag` | MariaDB image tag (immutable tags are recommended) | `11.1.2-debian-11-r0` | -| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | -| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` | -| `auth.database` | Name for a custom database to create | `my_database` | -| `auth.username` | Name for a custom user to create | `""` | -| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | -| `auth.replicationUser` | MariaDB replication user | `replicator` | -| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` | -| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` | -| `auth.forcePassword` | Force users to specify required passwords | `false` | -| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` | -| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | -| `initdbScripts` | Dictionary of initdb scripts | `{}` | -| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | +| Name | Description | Value | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | MariaDB image registry | `REGISTRY_NAME` | +| `image.repository` | MariaDB image repository | `REPOSITORY_NAME/mariadb` | +| `image.tag` | MariaDB image tag (immutable tags are recommended) | `11.1.2-debian-11-r0` | +| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | +| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` | +| `auth.database` | Name for a custom database to create | `my_database` | +| `auth.username` | Name for a custom user to create | `""` | +| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | +| `auth.replicationUser` | MariaDB replication user | `replicator` | +| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` | +| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` | +| `auth.forcePassword` | Force users to specify required passwords | `false` | +| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` | +| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | +| `initdbScripts` | Dictionary of initdb scripts | `{}` | +| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | ### MariaDB Primary parameters @@ -303,63 +307,63 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | ### Metrics parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Exporter image registry | `docker.io` | -| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | -| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.annotations` | Annotations for the Exporter pod | `{}` | -| `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` | -| `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` | -| `metrics.containerSecurityContext.privileged` | Set metrics container's Security Context privileged | `false` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set metrics container's Security Context allowPrivilegeEscalation | `false` | -| `metrics.resources.limits` | The resources limits for MariaDB prometheus exporter containers | `{}` | -| `metrics.resources.requests` | The requested resources for MariaDB prometheus exporter containers | `{}` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Exporter image repository | `REPOSITORY_NAME/mysqld-exporter` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | +| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.annotations` | Annotations for the Exporter pod | `{}` | +| `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` | +| `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` | +| `metrics.containerSecurityContext.privileged` | Set metrics container's Security Context privileged | `false` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set metrics container's Security Context allowPrivilegeEscalation | `false` | +| `metrics.resources.limits` | The resources limits for MariaDB prometheus exporter containers | `{}` | +| `metrics.resources.requests` | The requested resources for MariaDB prometheus exporter containers | `{}` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | ### NetworkPolicy parameters @@ -387,9 +391,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.rootPassword=secretpassword,auth.database=app_database \ - oci://registry-1.docker.io/bitnamicharts/mariadb + oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MariaDB `root` account password to `secretpassword`. Additionally it creates a database named `my_database`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -397,9 +403,10 @@ The above command sets the MariaDB `root` account password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mariadb +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -457,9 +464,11 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mariadb --set auth.rootPassword=[ROOT_PASSWORD] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb --set auth.rootPassword=[ROOT_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes. ### To 14.0.0 @@ -522,9 +531,11 @@ Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new - Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`: ```console -helm install mariadb oci://registry-1.docker.io/bitnamicharts/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] +helm install mariadb oci://REGISTRY_NAME/REPOSITORY_NAME/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release. ### To 7.0.0 diff --git a/bitnami/mariadb/values.yaml b/bitnami/mariadb/values.yaml index 708ea54b66fd1b..f4d7b9408414bb 100644 --- a/bitnami/mariadb/values.yaml +++ b/bitnami/mariadb/values.yaml @@ -79,8 +79,8 @@ serviceBindings: ## Bitnami MariaDB image ## ref: https://hub.docker.com/r/bitnami/mariadb/tags/ -## @param image.registry MariaDB image registry -## @param image.repository MariaDB image repository +## @param image.registry [default: REGISTRY_NAME] MariaDB image registry +## @param image.repository [default: REPOSITORY_NAME/mariadb] MariaDB image repository ## @param image.tag MariaDB image tag (immutable tags are recommended) ## @param image.digest MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy MariaDB image pull policy @@ -994,8 +994,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -1030,8 +1030,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Exporter image registry - ## @param metrics.image.repository Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/mysqld-exporter] Exporter image repository ## @param metrics.image.tag Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Exporter image pull policy diff --git a/bitnami/mastodon/README.md b/bitnami/mastodon/README.md index 0871b9652aa984..9da7c3b4492fb5 100644 --- a/bitnami/mastodon/README.md +++ b/bitnami/mastodon/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mastodon +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mastodon ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Mastodon in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mastodon +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mastodon ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Mastodon on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -66,26 +70,26 @@ The command removes all the Kubernetes components associated with the chart and ### Common parameters -| Name | Description | Value | -| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.name | `""` | -| `fullnameOverride` | String to fully override common.names.fullname | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | -| `image.registry` | Mastodon image registry | `docker.io` | -| `image.repository` | Mastodon image repository | `bitnami/mastodon` | -| `image.tag` | Mastodon image tag (immutable tags are recommended) | `4.2.1-debian-11-r1` | -| `image.digest` | Mastodon image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `image.pullPolicy` | Mastodon image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Mastodon image pull secrets | `[]` | -| `image.debug` | Enable Mastodon image debug mode | `false` | +| Name | Description | Value | +| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.name | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | +| `image.registry` | Mastodon image registry | `REGISTRY_NAME` | +| `image.repository` | Mastodon image repository | `REPOSITORY_NAME/mastodon` | +| `image.tag` | Mastodon image tag (immutable tags are recommended) | `4.2.1-debian-11-r1` | +| `image.digest` | Mastodon image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `image.pullPolicy` | Mastodon image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Mastodon image pull secrets | `[]` | +| `image.debug` | Enable Mastodon image debug mode | `false` | ### Mastodon common parameters @@ -423,17 +427,17 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Other Parameters @@ -564,9 +568,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set adminUsername=admin \ --set adminPassword=password \ - oci://registry-1.docker.io/bitnamicharts/mastodon + oci://REGISTRY_NAME/REPOSITORY_NAME/mastodon ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the mastodon administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -574,9 +580,10 @@ The above command sets the mastodon administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mastodon +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mastodon ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/mastodon/values.yaml b/bitnami/mastodon/values.yaml index f50dedeaa8d7f6..36c99df1d35ba7 100644 --- a/bitnami/mastodon/values.yaml +++ b/bitnami/mastodon/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami Mastodon image ## ref: https://hub.docker.com/r/bitnami/mastodon/tags/ -## @param image.registry Mastodon image registry -## @param image.repository Mastodon image repository +## @param image.registry [default: REGISTRY_NAME] Mastodon image registry +## @param image.repository [default: REPOSITORY_NAME/mastodon] Mastodon image repository ## @param image.tag Mastodon image tag (immutable tags are recommended) ## @param image.digest Mastodon image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param image.pullPolicy Mastodon image pull policy @@ -1247,8 +1247,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets diff --git a/bitnami/matomo/README.md b/bitnami/matomo/README.md index 162b3945a32c2a..f839547d45ae75 100644 --- a/bitnami/matomo/README.md +++ b/bitnami/matomo/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/matomo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Matomo](https://github.com/bitnami/containers/tree/main/bitnami/matomo) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Matomo in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/matomo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Matomo on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,101 +81,101 @@ The command removes all the Kubernetes components associated with the chart and ### Matomo parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Matomo image registry | `docker.io` | -| `image.repository` | Matomo Image name | `bitnami/matomo` | -| `image.tag` | Matomo Image tag | `4.15.1-debian-11-r63` | -| `image.digest` | Matomo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Matomo image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of Matomo Pods to run (requires ReadWriteMany PVC support) | `1` | -| `matomoUsername` | User of the application | `user` | -| `matomoPassword` | Application password | `""` | -| `matomoEmail` | Admin email | `user@example.com` | -| `matomoWebsiteName` | Matomo application name | `example` | -| `matomoWebsiteHost` | Matomo application host | `https://example.org` | -| `matomoSkipInstall` | Skip Matomo installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Matomo pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `serviceAccountName` | Attach serviceAccountName to the pod and sidecars | `""` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpAuth` | SMTP authentication mechanism (options: Plain, Login, Crammd5) | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `noreplyName` | Noreply name | `""` | -| `noreplyAddress` | Noreply address | `""` | -| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | -| `containerPorts` | Container ports | `{}` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for Matomo volume | `""` | -| `persistence.accessModes` | PVC Access Mode for Matomo volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Matomo volume | `8Gi` | -| `persistence.dataSource` | Custom PVC data source | `{}` | -| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | -| `persistence.hostPath` | If defined, the matomo-data volume will mount to the specified hostPath. | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `persistence.selector` | Selector to match an existing Persistent Volume for Matomo data PVC | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.limits` | The resources limits for Matomo containers | `{}` | -| `resources.requests` | The requested resources for Matomo containers | `{}` | -| `podSecurityContext.enabled` | Enable Matomo pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Matomo pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Matomo containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Matomo containers' Security Context | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/matomo.php` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/matomo.php` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/matomo.php` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | Matomo image registry | `REGISTRY_NAME` | +| `image.repository` | Matomo Image name | `REPOSITORY_NAME/matomo` | +| `image.tag` | Matomo Image tag | `4.15.1-debian-11-r63` | +| `image.digest` | Matomo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Matomo image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of Matomo Pods to run (requires ReadWriteMany PVC support) | `1` | +| `matomoUsername` | User of the application | `user` | +| `matomoPassword` | Application password | `""` | +| `matomoEmail` | Admin email | `user@example.com` | +| `matomoWebsiteName` | Matomo application name | `example` | +| `matomoWebsiteHost` | Matomo application host | `https://example.org` | +| `matomoSkipInstall` | Skip Matomo installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | +| `allowEmptyPassword` | Allow DB blank passwords | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | Matomo pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `serviceAccountName` | Attach serviceAccountName to the pod and sidecars | `""` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `smtpAuth` | SMTP authentication mechanism (options: Plain, Login, Crammd5) | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `noreplyName` | Noreply name | `""` | +| `noreplyAddress` | Noreply address | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `containerPorts` | Container ports | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for Matomo volume | `""` | +| `persistence.accessModes` | PVC Access Mode for Matomo volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Matomo volume | `8Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | +| `persistence.hostPath` | If defined, the matomo-data volume will mount to the specified hostPath. | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.selector` | Selector to match an existing Persistent Volume for Matomo data PVC | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.limits` | The resources limits for Matomo containers | `{}` | +| `resources.requests` | The requested resources for Matomo containers | `{}` | +| `podSecurityContext.enabled` | Enable Matomo pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Matomo pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Matomo containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Matomo containers' Security Context | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/matomo.php` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/matomo.php` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/matomo.php` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -229,31 +233,31 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a exporter side-car | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a exporter side-car | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | ### Certificate injection parameters @@ -271,8 +275,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | | `certificates.extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -328,9 +332,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set matomoUsername=user,matomoPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/matomo + oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Matomo administrator account username and password to `user` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -338,9 +344,10 @@ The above command sets the Matomo administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/matomo +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -389,9 +396,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/matomo +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -405,9 +414,11 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry- 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/matomo + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/matomo ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `matomo-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the Matomo file directory permissions yourself diff --git a/bitnami/matomo/values.yaml b/bitnami/matomo/values.yaml index 31561529612138..32d6e139cde6cb 100644 --- a/bitnami/matomo/values.yaml +++ b/bitnami/matomo/values.yaml @@ -51,8 +51,8 @@ extraDeploy: [] ## Bitnami Matomo image version ## ref: https://hub.docker.com/r/bitnami/matomo/tags/ -## @param image.registry Matomo image registry -## @param image.repository Matomo Image name +## @param image.registry [default: REGISTRY_NAME] Matomo image registry +## @param image.repository [default: REPOSITORY_NAME/matomo] Matomo Image name ## @param image.tag Matomo Image tag ## @param image.digest Matomo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Matomo image pull policy @@ -676,8 +676,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -729,8 +729,8 @@ metrics: ## @param metrics.enabled Start a exporter side-car ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -800,8 +800,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret containing extra env vars (in case of sensitive data) ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image ## @param certificates.image.tag Container sidecar image tag ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/mediawiki/README.md b/bitnami/mediawiki/README.md index 1ac0bc45d60c08..ed95df561012f1 100644 --- a/bitnami/mediawiki/README.md +++ b/bitnami/mediawiki/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mediawiki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MediaWiki](https://github.com/bitnami/containers/tree/main/bitnami/mediawiki) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use MediaWiki in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mediawiki +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys MediaWiki on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,34 +81,34 @@ The command removes all the Kubernetes components associated with the chart and ### Mediawiki parameters -| Name | Description | Value | -| -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | MediaWiki image registry | `docker.io` | -| `image.repository` | MediaWiki image repository | `bitnami/mediawiki` | -| `image.tag` | MediaWiki image tag (immutable tags are recommended) | `1.40.1-debian-11-r3` | -| `image.digest` | MediaWiki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable MediaWiki image debug mode | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `mediawikiUser` | User of the application | `user` | -| `mediawikiPassword` | Application password | `""` | -| `mediawikiSecret` | Existing `Secret` containing the password for the `mediawikiUser` user; must contain the key `mediawiki-password` and optional key `smtp-password` | `""` | -| `mediawikiEmail` | Admin email | `user@example.com` | -| `mediawikiName` | Name for the wiki | `My Wiki` | -| `mediawikiHost` | Mediawiki host to create application URLs | `""` | -| `allowEmptyPassword` | Allow DB blank passwords | `yes` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpHostID` | SMTP host ID | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the Mediawiki container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Extra environment variables to be set on Mediawki container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | MediaWiki image registry | `REGISTRY_NAME` | +| `image.repository` | MediaWiki image repository | `REPOSITORY_NAME/mediawiki` | +| `image.tag` | MediaWiki image tag (immutable tags are recommended) | `1.40.1-debian-11-r3` | +| `image.digest` | MediaWiki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable MediaWiki image debug mode | `false` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `mediawikiUser` | User of the application | `user` | +| `mediawikiPassword` | Application password | `""` | +| `mediawikiSecret` | Existing `Secret` containing the password for the `mediawikiUser` user; must contain the key `mediawiki-password` and optional key `smtp-password` | `""` | +| `mediawikiEmail` | Admin email | `user@example.com` | +| `mediawikiName` | Name for the wiki | `My Wiki` | +| `mediawikiHost` | Mediawiki host to create application URLs | `""` | +| `allowEmptyPassword` | Allow DB blank passwords | `yes` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpHostID` | SMTP host ID | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the Mediawiki container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Extra environment variables to be set on Mediawki container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | ### Mediawiki deployment parameters @@ -229,27 +233,27 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r8` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.port` | Metrics service port | `9117` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `true` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r8` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | +| `metrics.port` | Metrics service port | `9117` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `true` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | ### NetworkPolicy parameters @@ -282,9 +286,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set mediawikiUser=admin,mediawikiPassword=password,mariadb.mariadbRootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/mediawiki + oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MediaWiki administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -292,9 +298,10 @@ The above command sets the MediaWiki administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mediawiki +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -410,9 +417,11 @@ export APP_PASSWORD=$(kubectl get secret --namespace default mediawiki -o jsonpa export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default mediawiki-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) export MARIADB_PASSWORD=$(kubectl get secret --namespace default mediawiki-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) kubectl delete deployments.apps mediawiki -helm upgrade mediawiki oci://registry-1.docker.io/bitnamicharts/mediawiki --set mediawikiHost=$APP_HOST,mediawikiPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +helm upgrade mediawiki oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki --set mediawikiHost=$APP_HOST,mediawikiPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 11.0.0 In this major there were two main changes introduced: @@ -474,9 +483,11 @@ Delete the Mediawiki deployment and delete the MariaDB statefulset. Notice the o Now the upgrade works: ```console -helm upgrade mediawiki oci://registry-1.docker.io/bitnamicharts/mediawiki --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set mediawikiPassword=$MEDIAWIKI_PASSWORD --set mediawikiHost=$MEDIAWIKI_HOST +helm upgrade mediawiki oci://REGISTRY_NAME/REPOSITORY_NAME/mediawiki --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set mediawikiPassword=$MEDIAWIKI_PASSWORD --set mediawikiHost=$MEDIAWIKI_HOST ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You will have to delete the existing MariaDB pod and the new statefulset is going to create a new one ```console diff --git a/bitnami/mediawiki/values.yaml b/bitnami/mediawiki/values.yaml index 9fa136d0839131..74a18eb19f2dac 100644 --- a/bitnami/mediawiki/values.yaml +++ b/bitnami/mediawiki/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami DokuWiki image version ## ref: https://hub.docker.com/r/bitnami/mediawiki/tags/ -## @param image.registry MediaWiki image registry -## @param image.repository MediaWiki image repository +## @param image.registry [default: REGISTRY_NAME] MediaWiki image registry +## @param image.repository [default: REPOSITORY_NAME/mediawiki] MediaWiki image repository ## @param image.tag MediaWiki image tag (immutable tags are recommended) ## @param image.digest MediaWiki image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Image pull policy @@ -659,8 +659,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy diff --git a/bitnami/memcached/README.md b/bitnami/memcached/README.md index a403efb49d6243..ce926364523ba3 100644 --- a/bitnami/memcached/README.md +++ b/bitnami/memcached/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/memcached +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/memcached ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Memcached](https://github.com/bitnami/containers/tree/main/bitnami/memcached) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Memcached in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/memcached +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/memcached ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Memcached on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,25 +80,25 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached parameters -| Name | Description | Value | -| ----------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Memcached image registry | `docker.io` | -| `image.repository` | Memcached image repository | `bitnami/memcached` | -| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | -| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | -| `auth.enabled` | Enable Memcached authentication | `false` | -| `auth.username` | Memcached admin user | `""` | -| `auth.password` | Memcached admin password | `""` | -| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | +| Name | Description | Value | +| ----------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | Memcached image registry | `REGISTRY_NAME` | +| `image.repository` | Memcached image repository | `REPOSITORY_NAME/memcached` | +| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.22-debian-11-r0` | +| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | +| `auth.enabled` | Enable Memcached authentication | `false` | +| `auth.username` | Memcached admin user | `""` | +| `auth.password` | Memcached admin password | `""` | +| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | ### Deployment/Statefulset parameters @@ -202,76 +206,78 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Memcached exporter image registry | `docker.io` | -| `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` | -| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r121` | -| `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.containerPorts.metrics` | Memcached Prometheus Exporter container port | `9150` | -| `metrics.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `metrics.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `metrics.containerSecurityContext.enabled` | Enabled Metrics containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Metrics containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Metrics containers' Security Context runAsNonRoot | `true` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Memcached Prometheus exporter containers | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Memcached Prometheus exporter containers | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Memcached Prometheus exporter containers | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.podAnnotations` | Memcached Prometheus exporter pod Annotation and Labels | `{}` | -| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Memcached exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Memcached exporter image repository | `REPOSITORY_NAME/memcached-exporter` | +| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r121` | +| `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.containerPorts.metrics` | Memcached Prometheus Exporter container port | `9150` | +| `metrics.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `metrics.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled Metrics containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Metrics containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Metrics containers' Security Context runAsNonRoot | `true` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Memcached Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Memcached Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Memcached Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.podAnnotations` | Memcached Prometheus exporter pod Annotation and Labels | `{}` | +| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | +| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | The above parameters map to the environment variables defined in the [bitnami/memcached](https://github.com/bitnami/containers/tree/main/bitnami/memcached) container image. For more information please refer to the [bitnami/memcached](https://github.com/bitnami/containers/tree/main/bitnami/memcached) container image documentation. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set auth.username=user,auth.password=password oci://registry-1.docker.io/bitnamicharts/memcached +helm install my-release --set auth.username=user,auth.password=password oci://REGISTRY_NAME/REPOSITORY_NAME/memcached ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Memcached admin account username and password to `user` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -279,9 +285,10 @@ The above command sets the Memcached admin account username and password to `use Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/memcached +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/memcached ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -351,9 +358,11 @@ Use the workaround below to upgrade from versions previous to 4.0.0. The followi ```console kubectl delete deployment memcached --cascade=false -helm upgrade memcached oci://registry-1.docker.io/bitnamicharts/memcached +helm upgrade memcached oci://REGISTRY_NAME/REPOSITORY_NAME/memcached ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 3.0.0 This release uses the new bash based `bitnami/memcached` container which uses bash scripts for the start up logic of the container and is smaller in size. diff --git a/bitnami/memcached/values.yaml b/bitnami/memcached/values.yaml index ebd7abb1020d02..b39ea117117410 100644 --- a/bitnami/memcached/values.yaml +++ b/bitnami/memcached/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ -## @param image.registry Memcached image registry -## @param image.repository Memcached image repository +## @param image.registry [default: REGISTRY_NAME] Memcached image registry +## @param image.repository [default: REPOSITORY_NAME/memcached] Memcached image repository ## @param image.tag Memcached image tag (immutable tags are recommended) ## @param image.digest Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Memcached image pull policy @@ -505,8 +505,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -550,8 +550,8 @@ metrics: enabled: false ## Bitnami Memcached Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/memcached-exporter/tags/ - ## @param metrics.image.registry Memcached exporter image registry - ## @param metrics.image.repository Memcached exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Memcached exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/memcached-exporter] Memcached exporter image repository ## @param metrics.image.tag Memcached exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy diff --git a/bitnami/metallb/README.md b/bitnami/metallb/README.md index bf88c1e34bbe32..e0f39117b6c520 100644 --- a/bitnami/metallb/README.md +++ b/bitnami/metallb/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/metallb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/metallb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -35,9 +37,11 @@ Looking to use MetalLB in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/metallb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/metallb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy metallb on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -89,80 +93,80 @@ The command removes all the Kubernetes components associated with the chart and ### Controller parameters -| Name | Description | Value | -| -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -| `controller.image.registry` | MetalLB Controller image registry | `docker.io` | -| `controller.image.repository` | MetalLB Controller image repository | `bitnami/metallb-controller` | -| `controller.image.tag` | MetalLB Controller image tag (immutable tags are recommended) | `0.13.11-debian-11-r29` | -| `controller.image.digest` | MetalLB Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `controller.image.pullPolicy` | MetalLB Controller image pull policy | `IfNotPresent` | -| `controller.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `controller.updateStrategy.type` | Metallb controller deployment strategy type. | `RollingUpdate` | -| `controller.hostAliases` | Deployment pod host aliases | `[]` | -| `controller.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | -| `controller.psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | -| `controller.priorityClassName` | Metallb controller pods' priorityClassName | `""` | -| `controller.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `controller.terminationGracePeriodSeconds` | In seconds, time the given to the Metallb controller pod needs to terminate gracefully | `0` | -| `controller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `controller.resources.limits` | The resources limits for the container | `{}` | -| `controller.resources.requests` | The requested resources for the container | `{}` | -| `controller.nodeSelector` | Node labels for controller pod assignment | `{}` | -| `controller.tolerations` | Tolerations for controller pod assignment | `[]` | -| `controller.affinity` | Affinity for controller pod assignment | `{}` | -| `controller.podAnnotations` | Controller Pod annotations | `{}` | -| `controller.podLabels` | Controller Pod labels | `{}` | -| `controller.podAffinityPreset` | Controller Pod affinitypreset. Allowed values: soft, hard | `""` | -| `controller.podAntiAffinityPreset` | Controller Pod anti affinitypreset. Allowed values: soft, hard | `soft` | -| `controller.nodeAffinityPreset.type` | Controller Pod Node affinity preset. Allowed values: soft, hard | `""` | -| `controller.nodeAffinityPreset.key` | Controller Pod Node affinity label key to match | `""` | -| `controller.nodeAffinityPreset.values` | Controller Pod Node affinity label values to match | `[]` | -| `controller.podSecurityContext.enabled` | Enabled Metallb Controller pods' Security Context | `true` | -| `controller.podSecurityContext.fsGroup` | Set Metallb Controller pod's Security Context fsGroup | `1001` | -| `controller.containerSecurityContext.enabled` | Enabled Metallb Controller containers' Security Context | `true` | -| `controller.containerSecurityContext.runAsUser` | Set Metallb Controller containers' Security Context runAsUser | `1001` | -| `controller.containerSecurityContext.runAsNonRoot` | Set Metallb Controller container's Security Context runAsNonRoot | `true` | -| `controller.containerSecurityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | -| `controller.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | -| `controller.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | -| `controller.command` | Override default container command (useful when using custom images) | `[]` | -| `controller.args` | Override default container args (useful when using custom images) | `[]` | -| `controller.lifecycleHooks` | for the Metallb Controller container(s) to automate configuration before or after startup | `{}` | -| `controller.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | -| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Metallb controller nodes | `""` | -| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Metallb controller nodes | `""` | -| `controller.extraVolumes` | Optionally specify extra list of additional volumes for the Metallb controller pod(s) | `[]` | -| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Metallb controller container(s) | `[]` | -| `controller.sidecars` | Add additional sidecar containers to the Metallb Controller pod(s) | `[]` | -| `controller.initContainers` | Add additional init containers to the Metallb Controller pod(s) | `[]` | -| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `controller.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `controller.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `controller.revisionHistoryLimit` | Configure the revisionHistoryLimit of the Controller deployment | `3` | -| `controller.containerPorts.metrics` | Configures the ports the MetalLB Controller listens on for metrics | `7472` | -| `controller.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `controller.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `controller.startupProbe.enabled` | Enable startupProbe | `false` | -| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `controller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `controller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `controller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | -| `controller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `controller.customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `controller.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `controller.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `controller.logLevel` | Sets the controller log level. Does not work if the args are overridden | `info` | +| Name | Description | Value | +| -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ | +| `controller.image.registry` | MetalLB Controller image registry | `REGISTRY_NAME` | +| `controller.image.repository` | MetalLB Controller image repository | `REPOSITORY_NAME/metallb-controller` | +| `controller.image.tag` | MetalLB Controller image tag (immutable tags are recommended) | `0.13.11-debian-11-r29` | +| `controller.image.digest` | MetalLB Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `controller.image.pullPolicy` | MetalLB Controller image pull policy | `IfNotPresent` | +| `controller.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `controller.updateStrategy.type` | Metallb controller deployment strategy type. | `RollingUpdate` | +| `controller.hostAliases` | Deployment pod host aliases | `[]` | +| `controller.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | +| `controller.psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | +| `controller.priorityClassName` | Metallb controller pods' priorityClassName | `""` | +| `controller.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `controller.terminationGracePeriodSeconds` | In seconds, time the given to the Metallb controller pod needs to terminate gracefully | `0` | +| `controller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `controller.resources.limits` | The resources limits for the container | `{}` | +| `controller.resources.requests` | The requested resources for the container | `{}` | +| `controller.nodeSelector` | Node labels for controller pod assignment | `{}` | +| `controller.tolerations` | Tolerations for controller pod assignment | `[]` | +| `controller.affinity` | Affinity for controller pod assignment | `{}` | +| `controller.podAnnotations` | Controller Pod annotations | `{}` | +| `controller.podLabels` | Controller Pod labels | `{}` | +| `controller.podAffinityPreset` | Controller Pod affinitypreset. Allowed values: soft, hard | `""` | +| `controller.podAntiAffinityPreset` | Controller Pod anti affinitypreset. Allowed values: soft, hard | `soft` | +| `controller.nodeAffinityPreset.type` | Controller Pod Node affinity preset. Allowed values: soft, hard | `""` | +| `controller.nodeAffinityPreset.key` | Controller Pod Node affinity label key to match | `""` | +| `controller.nodeAffinityPreset.values` | Controller Pod Node affinity label values to match | `[]` | +| `controller.podSecurityContext.enabled` | Enabled Metallb Controller pods' Security Context | `true` | +| `controller.podSecurityContext.fsGroup` | Set Metallb Controller pod's Security Context fsGroup | `1001` | +| `controller.containerSecurityContext.enabled` | Enabled Metallb Controller containers' Security Context | `true` | +| `controller.containerSecurityContext.runAsUser` | Set Metallb Controller containers' Security Context runAsUser | `1001` | +| `controller.containerSecurityContext.runAsNonRoot` | Set Metallb Controller container's Security Context runAsNonRoot | `true` | +| `controller.containerSecurityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | +| `controller.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | +| `controller.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | +| `controller.command` | Override default container command (useful when using custom images) | `[]` | +| `controller.args` | Override default container args (useful when using custom images) | `[]` | +| `controller.lifecycleHooks` | for the Metallb Controller container(s) to automate configuration before or after startup | `{}` | +| `controller.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | +| `controller.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Metallb controller nodes | `""` | +| `controller.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Metallb controller nodes | `""` | +| `controller.extraVolumes` | Optionally specify extra list of additional volumes for the Metallb controller pod(s) | `[]` | +| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Metallb controller container(s) | `[]` | +| `controller.sidecars` | Add additional sidecar containers to the Metallb Controller pod(s) | `[]` | +| `controller.initContainers` | Add additional init containers to the Metallb Controller pod(s) | `[]` | +| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `controller.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `controller.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `controller.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `controller.revisionHistoryLimit` | Configure the revisionHistoryLimit of the Controller deployment | `3` | +| `controller.containerPorts.metrics` | Configures the ports the MetalLB Controller listens on for metrics | `7472` | +| `controller.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `controller.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `controller.startupProbe.enabled` | Enable startupProbe | `false` | +| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `controller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `controller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `controller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | +| `controller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `controller.customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `controller.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `controller.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `controller.logLevel` | Sets the controller log level. Does not work if the args are overridden | `info` | ### Metallb controller Prometheus metrics export @@ -184,81 +188,81 @@ The command removes all the Kubernetes components associated with the chart and ### Speaker parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `speaker.enabled` | Whether to enable BGP speakers or not | `true` | -| `speaker.image.registry` | MetalLB Speaker image registry | `docker.io` | -| `speaker.image.repository` | MetalLB Speaker image repository | `bitnami/metallb-speaker` | -| `speaker.image.tag` | MetalLB Speaker image tag (immutable tags are recommended) | `0.13.11-debian-11-r31` | -| `speaker.image.digest` | MetalLB Speaker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `speaker.image.pullPolicy` | MetalLB Speaker image pull policy | `IfNotPresent` | -| `speaker.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `speaker.updateStrategy.type` | Speaker daemonset strategy type | `RollingUpdate` | -| `speaker.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | -| `speaker.hostAliases` | Deployment pod host aliases | `[]` | -| `speaker.psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | -| `speaker.priorityClassName` | Speaker pods' priorityClassName | `""` | -| `speaker.terminationGracePeriodSeconds` | In seconds, time the given to the Speaker pod needs to terminate gracefully | `2` | -| `speaker.resources.limits` | The resources limits for the container | `{}` | -| `speaker.resources.requests` | The requested resources for the container | `{}` | -| `speaker.nodeSelector` | Node labels for speaker pod assignment | `{}` | -| `speaker.tolerations` | Tolerations for speaker pod assignment | `[]` | -| `speaker.affinity` | Affinity for speaker pod assignment | `{}` | -| `speaker.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `speaker.nodeAffinityPreset.key` | Node label key to match. Ignored if `speaker.affinity` is set | `""` | -| `speaker.nodeAffinityPreset.values` | Node label values to match. Ignored if `speaker.affinity` is set | `[]` | -| `speaker.podAffinityPreset` | Pod affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `speaker.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `speaker.podAnnotations` | Speaker Pod annotations | `{}` | -| `speaker.podLabels` | Speaker Pod labels | `{}` | -| `speaker.podSecurityContext.enabled` | Enabled Speaker pods' Security Context | `true` | -| `speaker.podSecurityContext.fsGroup` | Set Speaker pod's Security Context fsGroup | `0` | -| `speaker.containerSecurityContext.enabled` | Enabled Speaker containers' Security Context | `true` | -| `speaker.containerSecurityContext.runAsUser` | Set Speaker containers' Security Context runAsUser | `0` | -| `speaker.containerSecurityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | -| `speaker.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | -| `speaker.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | -| `speaker.containerSecurityContext.capabilities.add` | Add capabilities for the securityContext | `[]` | -| `speaker.command` | Override default container command (useful when using custom images) | `[]` | -| `speaker.args` | Override default container args (useful when using custom images) | `[]` | -| `speaker.lifecycleHooks` | for the Speaker container(s) to automate configuration before or after startup | `{}` | -| `speaker.sidecars` | Add additional sidecar containers to the Speaker pod(s) | `[]` | -| `speaker.initContainers` | Add additional init containers to the Speaker pod(s) | `[]` | -| `speaker.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `speaker.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `speaker.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `speaker.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `speaker.secretName` | References a Secret name for the member secret outside of the helm chart | `""` | -| `speaker.secretKey` | References a Secret key the member secret outside of the helm chart | `""` | -| `speaker.secretValue` | Custom value for `speaker.secretKey` | `""` | -| `speaker.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | -| `speaker.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Speaker nodes | `""` | -| `speaker.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Speaker nodes | `""` | -| `speaker.extraVolumes` | Optionally specify extra list of additional volumes for the Speaker pod(s) | `[]` | -| `speaker.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Speaker container(s) | `[]` | -| `speaker.containerPorts.metrics` | HTTP Metrics Endpoint | `7472` | -| `speaker.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `speaker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `speaker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `speaker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `speaker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `speaker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `speaker.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `speaker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `speaker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `speaker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `speaker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `speaker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `speaker.startupProbe.enabled` | Enable startupProbe | `false` | -| `speaker.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `speaker.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `speaker.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `speaker.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | -| `speaker.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `speaker.customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `speaker.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `speaker.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `speaker.logLevel` | Sets the speaker log level. Does not work if the args are overridden | `info` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `speaker.enabled` | Whether to enable BGP speakers or not | `true` | +| `speaker.image.registry` | MetalLB Speaker image registry | `REGISTRY_NAME` | +| `speaker.image.repository` | MetalLB Speaker image repository | `REPOSITORY_NAME/metallb-speaker` | +| `speaker.image.tag` | MetalLB Speaker image tag (immutable tags are recommended) | `0.13.11-debian-11-r31` | +| `speaker.image.digest` | MetalLB Speaker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `speaker.image.pullPolicy` | MetalLB Speaker image pull policy | `IfNotPresent` | +| `speaker.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `speaker.updateStrategy.type` | Speaker daemonset strategy type | `RollingUpdate` | +| `speaker.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | +| `speaker.hostAliases` | Deployment pod host aliases | `[]` | +| `speaker.psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | +| `speaker.priorityClassName` | Speaker pods' priorityClassName | `""` | +| `speaker.terminationGracePeriodSeconds` | In seconds, time the given to the Speaker pod needs to terminate gracefully | `2` | +| `speaker.resources.limits` | The resources limits for the container | `{}` | +| `speaker.resources.requests` | The requested resources for the container | `{}` | +| `speaker.nodeSelector` | Node labels for speaker pod assignment | `{}` | +| `speaker.tolerations` | Tolerations for speaker pod assignment | `[]` | +| `speaker.affinity` | Affinity for speaker pod assignment | `{}` | +| `speaker.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `speaker.nodeAffinityPreset.key` | Node label key to match. Ignored if `speaker.affinity` is set | `""` | +| `speaker.nodeAffinityPreset.values` | Node label values to match. Ignored if `speaker.affinity` is set | `[]` | +| `speaker.podAffinityPreset` | Pod affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `speaker.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `speaker.podAnnotations` | Speaker Pod annotations | `{}` | +| `speaker.podLabels` | Speaker Pod labels | `{}` | +| `speaker.podSecurityContext.enabled` | Enabled Speaker pods' Security Context | `true` | +| `speaker.podSecurityContext.fsGroup` | Set Speaker pod's Security Context fsGroup | `0` | +| `speaker.containerSecurityContext.enabled` | Enabled Speaker containers' Security Context | `true` | +| `speaker.containerSecurityContext.runAsUser` | Set Speaker containers' Security Context runAsUser | `0` | +| `speaker.containerSecurityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | +| `speaker.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | +| `speaker.containerSecurityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | +| `speaker.containerSecurityContext.capabilities.add` | Add capabilities for the securityContext | `[]` | +| `speaker.command` | Override default container command (useful when using custom images) | `[]` | +| `speaker.args` | Override default container args (useful when using custom images) | `[]` | +| `speaker.lifecycleHooks` | for the Speaker container(s) to automate configuration before or after startup | `{}` | +| `speaker.sidecars` | Add additional sidecar containers to the Speaker pod(s) | `[]` | +| `speaker.initContainers` | Add additional init containers to the Speaker pod(s) | `[]` | +| `speaker.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `speaker.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `speaker.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `speaker.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `speaker.secretName` | References a Secret name for the member secret outside of the helm chart | `""` | +| `speaker.secretKey` | References a Secret key the member secret outside of the helm chart | `""` | +| `speaker.secretValue` | Custom value for `speaker.secretKey` | `""` | +| `speaker.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | +| `speaker.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Speaker nodes | `""` | +| `speaker.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Speaker nodes | `""` | +| `speaker.extraVolumes` | Optionally specify extra list of additional volumes for the Speaker pod(s) | `[]` | +| `speaker.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Speaker container(s) | `[]` | +| `speaker.containerPorts.metrics` | HTTP Metrics Endpoint | `7472` | +| `speaker.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `speaker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `speaker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `speaker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `speaker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `speaker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `speaker.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `speaker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `speaker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `speaker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `speaker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `speaker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `speaker.startupProbe.enabled` | Enable startupProbe | `false` | +| `speaker.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `speaker.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `speaker.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `speaker.startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | +| `speaker.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `speaker.customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `speaker.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `speaker.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `speaker.logLevel` | Sets the speaker log level. Does not work if the args are overridden | `info` | ### Speaker Prometheus metrics export @@ -281,9 +285,11 @@ The command removes all the Kubernetes components associated with the chart and ```console helm install my-release \ --set readinessProbe.successThreshold=5 \ - oci://registry-1.docker.io/bitnamicharts/metallb + oci://REGISTRY_NAME/REPOSITORY_NAME/metallb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `readinessProbe.successThreshold` to `5`. ## Configuration and installation details diff --git a/bitnami/metallb/values.yaml b/bitnami/metallb/values.yaml index 6c2721a10f004e..fbb452f552da94 100644 --- a/bitnami/metallb/values.yaml +++ b/bitnami/metallb/values.yaml @@ -94,8 +94,8 @@ prometheusRule: ## ref: https://hub.docker.com/r/bitnami/metallb-controller/tags ## controller: - ## @param controller.image.registry MetalLB Controller image registry - ## @param controller.image.repository MetalLB Controller image repository + ## @param controller.image.registry [default: REGISTRY_NAME] MetalLB Controller image registry + ## @param controller.image.repository [default: REPOSITORY_NAME/metallb-controller] MetalLB Controller image repository ## @param controller.image.tag MetalLB Controller image tag (immutable tags are recommended) ## @param controller.image.digest MetalLB Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param controller.image.pullPolicy MetalLB Controller image pull policy @@ -460,8 +460,8 @@ speaker: ## Some CNI implementations (e.g. Calico) does not require speakers ## enabled: true - ## @param speaker.image.registry MetalLB Speaker image registry - ## @param speaker.image.repository MetalLB Speaker image repository + ## @param speaker.image.registry [default: REGISTRY_NAME] MetalLB Speaker image registry + ## @param speaker.image.repository [default: REPOSITORY_NAME/metallb-speaker] MetalLB Speaker image repository ## @param speaker.image.tag MetalLB Speaker image tag (immutable tags are recommended) ## @param speaker.image.digest MetalLB Speaker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param speaker.image.pullPolicy MetalLB Speaker image pull policy diff --git a/bitnami/metrics-server/README.md b/bitnami/metrics-server/README.md index c822fe976e02c1..6e0f09c533780c 100644 --- a/bitnami/metrics-server/README.md +++ b/bitnami/metrics-server/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/metrics-server +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/metrics-server ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Metrics Server](https://github.com/bitnami/containers/tree/main/bitnami/metrics-server) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Metrics Server in production? Try [VMware Application Catalog](ht To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/metrics-server +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/metrics-server ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Metrics Server on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -75,113 +79,116 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Server parameters -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------ | -| `image.registry` | Metrics Server image registry | `docker.io` | -| `image.repository` | Metrics Server image repository | `bitnami/metrics-server` | -| `image.tag` | Metrics Server image tag (immutable tags are recommended) | `0.6.4-debian-11-r70` | -| `image.digest` | Metrics Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Metrics Server image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Metrics Server image pull secrets | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `replicas` | Number of metrics-server nodes to deploy | `1` | -| `updateStrategy.type` | Set up update strategy for metrics-server installation. | `RollingUpdate` | -| `rbac.create` | Enable RBAC authentication | `true` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to create | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `apiService.create` | Specifies whether the v1beta1.metrics.k8s.io API service should be created. You can check if it is needed with `kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes"`. | `false` | -| `apiService.insecureSkipTLSVerify` | Specifies whether to skip self-verifying self-signed TLS certificates. Set to "false" if you are providing your own certificates. | `true` | -| `apiService.caBundle` | A base64-encoded string of concatenated certificates for the CA chain for the APIService. | `""` | -| `containerPorts.https` | Port where metrics-server will be running | `8443` | -| `hostNetwork` | Enable hostNetwork mode | `false` | -| `dnsPolicy` | Default dnsPolicy setting | `ClusterFirst` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the metrics-server container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to metrics-server nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for metrics-server nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for metrics-server nodes | `""` | -| `extraArgs` | Extra arguments to pass to metrics-server on start up | `[]` | -| `sidecars` | Add additional sidecar containers to the metrics-server pod(s) | `[]` | -| `initContainers` | Add additional init containers to the metrics-server pod(s) | `[]` | -| `podLabels` | Pod labels | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `priorityClassName` | Priority class for pod scheduling | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the metrics-server pod needs to terminate gracefully | `""` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `pdb.create` | Create a PodDisruptionBudget | `false` | -| `pdb.minAvailable` | Minimum available instances | `""` | -| `pdb.maxUnavailable` | Maximum unavailable instances | `""` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `topologySpreadConstraints` | Topology spread constraints for pod | `[]` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.ports.https` | Kubernetes Service port | `443` | -| `service.nodePorts.https` | Kubernetes Service port | `""` | -| `service.clusterIP` | metrics-server service Cluster IP | `""` | -| `service.loadBalancerIP` | LoadBalancer IP if Service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | metrics-server service Load Balancer sources | `[]` | -| `service.externalTrafficPolicy` | metrics-server service external traffic policy | `Cluster` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Annotations for the Service | `{}` | -| `service.labels` | Labels for the Service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `0` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `customLivenessProbe` | Custom Liveness probes for metrics-server | `{}` | -| `customReadinessProbe` | Custom Readiness probes metrics-server | `{}` | -| `containerSecurityContext.enabled` | Enable Container security context | `true` | -| `containerSecurityContext.readOnlyRootFilesystem` | ReadOnlyRootFilesystem for the container | `false` | -| `containerSecurityContext.runAsNonRoot` | Run containers as non-root users | `true` | -| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `podSecurityContext.enabled` | Pod security context | `false` | -| `podSecurityContext.fsGroup` | Set %%MAIN_CONTAINER_NAME%% pod's Security Context fsGroup | `1001` | -| `extraVolumes` | Extra volumes | `[]` | -| `extraVolumeMounts` | Mount extra volume(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------- | +| `image.registry` | Metrics Server image registry | `REGISTRY_NAME` | +| `image.repository` | Metrics Server image repository | `REPOSITORY_NAME/metrics-server` | +| `image.tag` | Metrics Server image tag (immutable tags are recommended) | `0.6.4-debian-11-r70` | +| `image.digest` | Metrics Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Metrics Server image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Metrics Server image pull secrets | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `replicas` | Number of metrics-server nodes to deploy | `1` | +| `updateStrategy.type` | Set up update strategy for metrics-server installation. | `RollingUpdate` | +| `rbac.create` | Enable RBAC authentication | `true` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to create | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `apiService.create` | Specifies whether the v1beta1.metrics.k8s.io API service should be created. You can check if it is needed with `kubectl get --raw "/apis/metrics.k8s.io/v1beta1/nodes"`. | `false` | +| `apiService.insecureSkipTLSVerify` | Specifies whether to skip self-verifying self-signed TLS certificates. Set to "false" if you are providing your own certificates. | `true` | +| `apiService.caBundle` | A base64-encoded string of concatenated certificates for the CA chain for the APIService. | `""` | +| `containerPorts.https` | Port where metrics-server will be running | `8443` | +| `hostNetwork` | Enable hostNetwork mode | `false` | +| `dnsPolicy` | Default dnsPolicy setting | `ClusterFirst` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the metrics-server container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to metrics-server nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for metrics-server nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for metrics-server nodes | `""` | +| `extraArgs` | Extra arguments to pass to metrics-server on start up | `[]` | +| `sidecars` | Add additional sidecar containers to the metrics-server pod(s) | `[]` | +| `initContainers` | Add additional init containers to the metrics-server pod(s) | `[]` | +| `podLabels` | Pod labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `priorityClassName` | Priority class for pod scheduling | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the metrics-server pod needs to terminate gracefully | `""` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `pdb.create` | Create a PodDisruptionBudget | `false` | +| `pdb.minAvailable` | Minimum available instances | `""` | +| `pdb.maxUnavailable` | Maximum unavailable instances | `""` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `topologySpreadConstraints` | Topology spread constraints for pod | `[]` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.ports.https` | Kubernetes Service port | `443` | +| `service.nodePorts.https` | Kubernetes Service port | `""` | +| `service.clusterIP` | metrics-server service Cluster IP | `""` | +| `service.loadBalancerIP` | LoadBalancer IP if Service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | metrics-server service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | metrics-server service external traffic policy | `Cluster` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Annotations for the Service | `{}` | +| `service.labels` | Labels for the Service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `0` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `customLivenessProbe` | Custom Liveness probes for metrics-server | `{}` | +| `customReadinessProbe` | Custom Readiness probes metrics-server | `{}` | +| `containerSecurityContext.enabled` | Enable Container security context | `true` | +| `containerSecurityContext.readOnlyRootFilesystem` | ReadOnlyRootFilesystem for the container | `false` | +| `containerSecurityContext.runAsNonRoot` | Run containers as non-root users | `true` | +| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `podSecurityContext.enabled` | Pod security context | `false` | +| `podSecurityContext.fsGroup` | Set %%MAIN_CONTAINER_NAME%% pod's Security Context fsGroup | `1001` | +| `extraVolumes` | Extra volumes | `[]` | +| `extraVolumeMounts` | Mount extra volume(s) | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ - --set rbac.create=true oci://registry-1.docker.io/bitnamicharts/metrics-server + --set rbac.create=true oci://REGISTRY_NAME/REPOSITORY_NAME/metrics-server ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables RBAC authentication. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/metrics-server +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/metrics-server ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -239,9 +246,11 @@ Use the workaround below to upgrade from versions previous to 4.0.0. The followi ```console kubectl delete deployment metrics-server --cascade=false -helm upgrade metrics-server oci://registry-1.docker.io/bitnamicharts/metrics-server +helm upgrade metrics-server oci://REGISTRY_NAME/REPOSITORY_NAME/metrics-server ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 2.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/metrics-server/values.yaml b/bitnami/metrics-server/values.yaml index 535b584f4394de..ea8e18873f66ea 100644 --- a/bitnami/metrics-server/values.yaml +++ b/bitnami/metrics-server/values.yaml @@ -59,8 +59,8 @@ diagnosticMode: ## Bitnami Metrics Server image version ## ref: https://hub.docker.com/r/bitnami/metrics-server/tags/ -## @param image.registry Metrics Server image registry -## @param image.repository Metrics Server image repository +## @param image.registry [default: REGISTRY_NAME] Metrics Server image registry +## @param image.repository [default: REPOSITORY_NAME/metrics-server] Metrics Server image repository ## @param image.tag Metrics Server image tag (immutable tags are recommended) ## @param image.digest Metrics Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Metrics Server image pull policy diff --git a/bitnami/milvus/README.md b/bitnami/milvus/README.md index a631c5c65ab193..f8692d2519470a 100644 --- a/bitnami/milvus/README.md +++ b/bitnami/milvus/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/milvus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/milvus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Milvus in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/milvus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/milvus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys milvus on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,55 +85,55 @@ The command removes all the Kubernetes components associated with the chart and ### Common Milvus Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `milvus.image.registry` | Milvus image registry | `docker.io` | -| `milvus.image.repository` | Milvus image repository | `bitnami/milvus` | -| `milvus.image.tag` | Milvus image tag (immutable tags are recommended) | `2.2.14-debian-11-r37` | -| `milvus.image.digest` | Milvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `milvus.image.pullPolicy` | Milvus image pull policy | `IfNotPresent` | -| `milvus.image.pullSecrets` | Milvus image pull secrets | `[]` | -| `milvus.image.debug` | Enable debug mode | `false` | -| `milvus.auth.enabled` | enable Milvus authentication | `false` | -| `milvus.auth.username` | Milvus username | `user` | -| `milvus.auth.password` | Milvus username password | `""` | -| `milvus.auth.rootPassword` | Milvus root password | `""` | -| `milvus.auth.existingSecret` | Name of a secret containing the Milvus password | `""` | -| `milvus.auth.existingSecretPasswordKey` | Name of the secret key containing the Milvus password | `""` | -| `milvus.defaultConfig` | Milvus components default configuration | `""` | -| `milvus.extraConfig` | Extra configuration parameters | `{}` | -| `milvus.existingConfigMap` | name of a ConfigMap with existing configuration for the default configuration | `""` | -| `milvus.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | -| `initJob.forceRun` | Force the run of the credential job | `false` | -| `initJob.image.registry` | PyMilvus image registry | `docker.io` | -| `initJob.image.repository` | PyMilvus image repository | `bitnami/pymilvus` | -| `initJob.image.tag` | PyMilvus image tag (immutable tags are recommended) | `2.3.1-debian-11-r12` | -| `initJob.image.digest` | PyMilvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `initJob.image.pullPolicy` | PyMilvus image pull policy | `IfNotPresent` | -| `initJob.image.pullSecrets` | PyMilvus image pull secrets | `[]` | -| `initJob.enableDefaultInitContainers` | Deploy default init containers | `true` | -| `initJob.backoffLimit` | set backoff limit of the job | `10` | -| `initJob.extraVolumes` | Optionally specify extra list of additional volumes for the credential init job | `[]` | -| `initJob.extraCommands` | Extra commands to pass to the generation job | `""` | -| `initJob.containerSecurityContext.enabled` | Enabled credential init job containers' Security Context | `true` | -| `initJob.containerSecurityContext.runAsUser` | Set credential init job containers' Security Context runAsUser | `1001` | -| `initJob.containerSecurityContext.runAsNonRoot` | Set credential init job containers' Security Context runAsNonRoot | `true` | -| `initJob.containerSecurityContext.readOnlyRootFilesystem` | Set credential init job containers' Security Context runAsNonRoot | `true` | -| `initJob.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` | -| `initJob.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` | -| `initJob.podSecurityContext.enabled` | Enabled credential init job pods' Security Context | `true` | -| `initJob.podSecurityContext.fsGroup` | Set credential init job pod's Security Context fsGroup | `1001` | -| `initJob.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `initJob.extraEnvVars` | Array containing extra env vars to configure the credential init job | `[]` | -| `initJob.extraEnvVarsCM` | ConfigMap containing extra env vars to configure the credential init job | `""` | -| `initJob.extraEnvVarsSecret` | Secret containing extra env vars to configure the credential init job (in case of sensitive data) | `""` | -| `initJob.extraVolumeMounts` | Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initJob.resources.limits` | The resources limits for the container | `{}` | -| `initJob.resources.requests` | The requested resources for the container | `{}` | -| `initJob.hostAliases` | Add deployment host aliases | `[]` | -| `initJob.annotations` | Add annotations to the job | `{}` | -| `initJob.podLabels` | Additional pod labels | `{}` | -| `initJob.podAnnotations` | Additional pod annotations | `{}` | +| Name | Description | Value | +| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `milvus.image.registry` | Milvus image registry | `REGISTRY_NAME` | +| `milvus.image.repository` | Milvus image repository | `REPOSITORY_NAME/milvus` | +| `milvus.image.tag` | Milvus image tag (immutable tags are recommended) | `2.2.14-debian-11-r37` | +| `milvus.image.digest` | Milvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `milvus.image.pullPolicy` | Milvus image pull policy | `IfNotPresent` | +| `milvus.image.pullSecrets` | Milvus image pull secrets | `[]` | +| `milvus.image.debug` | Enable debug mode | `false` | +| `milvus.auth.enabled` | enable Milvus authentication | `false` | +| `milvus.auth.username` | Milvus username | `user` | +| `milvus.auth.password` | Milvus username password | `""` | +| `milvus.auth.rootPassword` | Milvus root password | `""` | +| `milvus.auth.existingSecret` | Name of a secret containing the Milvus password | `""` | +| `milvus.auth.existingSecretPasswordKey` | Name of the secret key containing the Milvus password | `""` | +| `milvus.defaultConfig` | Milvus components default configuration | `""` | +| `milvus.extraConfig` | Extra configuration parameters | `{}` | +| `milvus.existingConfigMap` | name of a ConfigMap with existing configuration for the default configuration | `""` | +| `milvus.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` | +| `initJob.forceRun` | Force the run of the credential job | `false` | +| `initJob.image.registry` | PyMilvus image registry | `REGISTRY_NAME` | +| `initJob.image.repository` | PyMilvus image repository | `REPOSITORY_NAME/pymilvus` | +| `initJob.image.tag` | PyMilvus image tag (immutable tags are recommended) | `2.3.1-debian-11-r12` | +| `initJob.image.digest` | PyMilvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `initJob.image.pullPolicy` | PyMilvus image pull policy | `IfNotPresent` | +| `initJob.image.pullSecrets` | PyMilvus image pull secrets | `[]` | +| `initJob.enableDefaultInitContainers` | Deploy default init containers | `true` | +| `initJob.backoffLimit` | set backoff limit of the job | `10` | +| `initJob.extraVolumes` | Optionally specify extra list of additional volumes for the credential init job | `[]` | +| `initJob.extraCommands` | Extra commands to pass to the generation job | `""` | +| `initJob.containerSecurityContext.enabled` | Enabled credential init job containers' Security Context | `true` | +| `initJob.containerSecurityContext.runAsUser` | Set credential init job containers' Security Context runAsUser | `1001` | +| `initJob.containerSecurityContext.runAsNonRoot` | Set credential init job containers' Security Context runAsNonRoot | `true` | +| `initJob.containerSecurityContext.readOnlyRootFilesystem` | Set credential init job containers' Security Context runAsNonRoot | `true` | +| `initJob.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` | +| `initJob.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` | +| `initJob.podSecurityContext.enabled` | Enabled credential init job pods' Security Context | `true` | +| `initJob.podSecurityContext.fsGroup` | Set credential init job pod's Security Context fsGroup | `1001` | +| `initJob.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `initJob.extraEnvVars` | Array containing extra env vars to configure the credential init job | `[]` | +| `initJob.extraEnvVarsCM` | ConfigMap containing extra env vars to configure the credential init job | `""` | +| `initJob.extraEnvVarsSecret` | Secret containing extra env vars to configure the credential init job (in case of sensitive data) | `""` | +| `initJob.extraVolumeMounts` | Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initJob.resources.limits` | The resources limits for the container | `{}` | +| `initJob.resources.requests` | The requested resources for the container | `{}` | +| `initJob.hostAliases` | Add deployment host aliases | `[]` | +| `initJob.annotations` | Add annotations to the job | `{}` | +| `initJob.podLabels` | Additional pod labels | `{}` | +| `initJob.podAnnotations` | Additional pod annotations | `{}` | ### Data Coordinator Deployment Parameters @@ -1246,85 +1250,85 @@ The command removes all the Kubernetes components associated with the chart and ### Attu Deployment Parameters -| Name | Description | Value | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | --------------------- | -| `attu.enabled` | Enable Attu deployment | `true` | -| `attu.image.registry` | Attu image registry | `docker.io` | -| `attu.image.repository` | Attu image repository | `bitnami/attu` | -| `attu.image.tag` | Attu image tag (immutable tags are recommended) | `2.3.1-debian-11-r22` | -| `attu.image.digest` | Attu image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `attu.image.pullPolicy` | Attu image pull policy | `IfNotPresent` | -| `attu.image.pullSecrets` | Attu image pull secrets | `[]` | -| `attu.image.debug` | Enable debug mode | `false` | -| `attu.extraEnvVars` | Array with extra environment variables to add to attu nodes | `[]` | -| `attu.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for attu nodes | `""` | -| `attu.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for attu nodes | `""` | -| `attu.command` | Override default container command (useful when using custom images) | `[]` | -| `attu.args` | Override default container args (useful when using custom images) | `[]` | -| `attu.replicaCount` | Number of Attu replicas to deploy | `1` | -| `attu.containerPorts.http` | HTTP port for Attu | `3000` | -| `attu.livenessProbe.enabled` | Enable livenessProbe on Attu nodes | `true` | -| `attu.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `attu.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `attu.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `attu.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `attu.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `attu.readinessProbe.enabled` | Enable readinessProbe on Attu nodes | `true` | -| `attu.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `attu.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `attu.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `attu.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `attu.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `attu.startupProbe.enabled` | Enable startupProbe on Attu containers | `false` | -| `attu.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `attu.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `attu.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `attu.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `attu.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `attu.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `attu.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `attu.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `attu.resources.limits` | The resources limits for the attu containers | `{}` | -| `attu.resources.requests` | The requested resources for the attu containers | `{}` | -| `attu.podSecurityContext.enabled` | Enabled Attu pods' Security Context | `true` | -| `attu.podSecurityContext.fsGroup` | Set Attu pod's Security Context fsGroup | `1001` | -| `attu.podSecurityContext.seccompProfile.type` | Set Attu container's Security Context seccomp profile | `RuntimeDefault` | -| `attu.containerSecurityContext.enabled` | Enabled Attu containers' Security Context | `true` | -| `attu.containerSecurityContext.runAsUser` | Set Attu containers' Security Context runAsUser | `1001` | -| `attu.containerSecurityContext.runAsNonRoot` | Set Attu containers' Security Context runAsNonRoot | `true` | -| `attu.containerSecurityContext.readOnlyRootFilesystem` | Set Attu containers' Security Context runAsNonRoot | `true` | -| `attu.containerSecurityContext.allowPrivilegeEscalation` | Set Attu container's privilege escalation | `false` | -| `attu.containerSecurityContext.capabilities.drop` | Set Attu container's Security Context runAsNonRoot | `["ALL"]` | -| `attu.lifecycleHooks` | for the attu container(s) to automate configuration before or after startup | `{}` | -| `attu.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | -| `attu.hostAliases` | attu pods host aliases | `[]` | -| `attu.podLabels` | Extra labels for attu pods | `{}` | -| `attu.podAnnotations` | Annotations for attu pods | `{}` | -| `attu.podAffinityPreset` | Pod affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `attu.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `attu.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `attu.nodeAffinityPreset.key` | Node label key to match. Ignored if `attu.affinity` is set | `""` | -| `attu.nodeAffinityPreset.values` | Node label values to match. Ignored if `attu.affinity` is set | `[]` | -| `attu.affinity` | Affinity for Attu pods assignment | `{}` | -| `attu.nodeSelector` | Node labels for Attu pods assignment | `{}` | -| `attu.tolerations` | Tolerations for Attu pods assignment | `[]` | -| `attu.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | -| `attu.priorityClassName` | Attu pods' priorityClassName | `""` | -| `attu.schedulerName` | Kubernetes pod scheduler registry | `""` | -| `attu.updateStrategy.type` | Attu statefulset strategy type | `RollingUpdate` | -| `attu.updateStrategy.rollingUpdate` | Attu statefulset rolling update configuration parameters | `{}` | -| `attu.extraVolumes` | Optionally specify extra list of additional volumes for the Attu pod(s) | `[]` | -| `attu.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Attu container(s) | `[]` | -| `attu.sidecars` | Add additional sidecar containers to the Attu pod(s) | `[]` | -| `attu.enableDefaultInitContainers` | Deploy default init containers | `true` | -| `attu.initContainers` | Add additional init containers to the Attu pod(s) | `[]` | -| `attu.serviceAccount.create` | Enable creation of ServiceAccount for Attu pods | `false` | -| `attu.serviceAccount.name` | The name of the ServiceAccount to use | `""` | -| `attu.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | -| `attu.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `attu.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `attu.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `attu.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| Name | Description | Value | +| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | ---------------------- | +| `attu.enabled` | Enable Attu deployment | `true` | +| `attu.image.registry` | Attu image registry | `REGISTRY_NAME` | +| `attu.image.repository` | Attu image repository | `REPOSITORY_NAME/attu` | +| `attu.image.tag` | Attu image tag (immutable tags are recommended) | `2.3.1-debian-11-r22` | +| `attu.image.digest` | Attu image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `attu.image.pullPolicy` | Attu image pull policy | `IfNotPresent` | +| `attu.image.pullSecrets` | Attu image pull secrets | `[]` | +| `attu.image.debug` | Enable debug mode | `false` | +| `attu.extraEnvVars` | Array with extra environment variables to add to attu nodes | `[]` | +| `attu.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for attu nodes | `""` | +| `attu.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for attu nodes | `""` | +| `attu.command` | Override default container command (useful when using custom images) | `[]` | +| `attu.args` | Override default container args (useful when using custom images) | `[]` | +| `attu.replicaCount` | Number of Attu replicas to deploy | `1` | +| `attu.containerPorts.http` | HTTP port for Attu | `3000` | +| `attu.livenessProbe.enabled` | Enable livenessProbe on Attu nodes | `true` | +| `attu.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `attu.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `attu.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `attu.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `attu.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `attu.readinessProbe.enabled` | Enable readinessProbe on Attu nodes | `true` | +| `attu.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `attu.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `attu.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `attu.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `attu.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `attu.startupProbe.enabled` | Enable startupProbe on Attu containers | `false` | +| `attu.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `attu.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `attu.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `attu.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `attu.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `attu.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `attu.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `attu.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `attu.resources.limits` | The resources limits for the attu containers | `{}` | +| `attu.resources.requests` | The requested resources for the attu containers | `{}` | +| `attu.podSecurityContext.enabled` | Enabled Attu pods' Security Context | `true` | +| `attu.podSecurityContext.fsGroup` | Set Attu pod's Security Context fsGroup | `1001` | +| `attu.podSecurityContext.seccompProfile.type` | Set Attu container's Security Context seccomp profile | `RuntimeDefault` | +| `attu.containerSecurityContext.enabled` | Enabled Attu containers' Security Context | `true` | +| `attu.containerSecurityContext.runAsUser` | Set Attu containers' Security Context runAsUser | `1001` | +| `attu.containerSecurityContext.runAsNonRoot` | Set Attu containers' Security Context runAsNonRoot | `true` | +| `attu.containerSecurityContext.readOnlyRootFilesystem` | Set Attu containers' Security Context runAsNonRoot | `true` | +| `attu.containerSecurityContext.allowPrivilegeEscalation` | Set Attu container's privilege escalation | `false` | +| `attu.containerSecurityContext.capabilities.drop` | Set Attu container's Security Context runAsNonRoot | `["ALL"]` | +| `attu.lifecycleHooks` | for the attu container(s) to automate configuration before or after startup | `{}` | +| `attu.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `attu.hostAliases` | attu pods host aliases | `[]` | +| `attu.podLabels` | Extra labels for attu pods | `{}` | +| `attu.podAnnotations` | Annotations for attu pods | `{}` | +| `attu.podAffinityPreset` | Pod affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `attu.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `attu.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `attu.nodeAffinityPreset.key` | Node label key to match. Ignored if `attu.affinity` is set | `""` | +| `attu.nodeAffinityPreset.values` | Node label values to match. Ignored if `attu.affinity` is set | `[]` | +| `attu.affinity` | Affinity for Attu pods assignment | `{}` | +| `attu.nodeSelector` | Node labels for Attu pods assignment | `{}` | +| `attu.tolerations` | Tolerations for Attu pods assignment | `[]` | +| `attu.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `[]` | +| `attu.priorityClassName` | Attu pods' priorityClassName | `""` | +| `attu.schedulerName` | Kubernetes pod scheduler registry | `""` | +| `attu.updateStrategy.type` | Attu statefulset strategy type | `RollingUpdate` | +| `attu.updateStrategy.rollingUpdate` | Attu statefulset rolling update configuration parameters | `{}` | +| `attu.extraVolumes` | Optionally specify extra list of additional volumes for the Attu pod(s) | `[]` | +| `attu.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Attu container(s) | `[]` | +| `attu.sidecars` | Add additional sidecar containers to the Attu pod(s) | `[]` | +| `attu.enableDefaultInitContainers` | Deploy default init containers | `true` | +| `attu.initContainers` | Add additional init containers to the Attu pod(s) | `[]` | +| `attu.serviceAccount.create` | Enable creation of ServiceAccount for Attu pods | `false` | +| `attu.serviceAccount.name` | The name of the ServiceAccount to use | `""` | +| `attu.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `false` | +| `attu.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `attu.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `attu.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `attu.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | ### Attu Autoscaling configuration @@ -1381,20 +1385,20 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `waitContainer.image.registry` | Init container wait-container image registry | `docker.io` | -| `waitContainer.image.repository` | Init container wait-container image name | `bitnami/os-shell` | -| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | -| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | -| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `waitContainer.containerSecurityContext.enabled` | Enabled Milvus containers' Security Context | `true` | -| `waitContainer.containerSecurityContext.runAsUser` | Set Milvus containers' Security Context runAsUser | `1001` | -| `waitContainer.containerSecurityContext.runAsNonRoot` | Set Milvus containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set Milvus containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set Milvus container's privilege escalation | `false` | -| `waitContainer.containerSecurityContext.capabilities.drop` | Set Milvus container's Security Context runAsNonRoot | `["ALL"]` | +| Name | Description | Value | +| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `waitContainer.image.registry` | Init container wait-container image registry | `REGISTRY_NAME` | +| `waitContainer.image.repository` | Init container wait-container image name | `REPOSITORY_NAME/os-shell` | +| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | +| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | +| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `waitContainer.containerSecurityContext.enabled` | Enabled Milvus containers' Security Context | `true` | +| `waitContainer.containerSecurityContext.runAsUser` | Set Milvus containers' Security Context runAsUser | `1001` | +| `waitContainer.containerSecurityContext.runAsNonRoot` | Set Milvus containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set Milvus containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set Milvus container's privilege escalation | `false` | +| `waitContainer.containerSecurityContext.capabilities.drop` | Set Milvus container's Security Context runAsNonRoot | `["ALL"]` | ### External etcd parameters @@ -1482,17 +1486,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set loki.traces.jaeger.grpc=true \ - oci://registry-1.docker.io/bitnamicharts/milvus + oci://REGISTRY_NAME/REPOSITORY_NAME/milvus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables the Jaeger GRPC traces. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/milvus +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/milvus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/milvus/values.yaml b/bitnami/milvus/values.yaml index fdd749c0555d78..dafede9d316019 100644 --- a/bitnami/milvus/values.yaml +++ b/bitnami/milvus/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: milvus: ## Bitnami Milvus image ## ref: https://hub.docker.com/r/bitnami/milvus/tags/ - ## @param milvus.image.registry Milvus image registry - ## @param milvus.image.repository Milvus image repository + ## @param milvus.image.registry [default: REGISTRY_NAME] Milvus image registry + ## @param milvus.image.repository [default: REPOSITORY_NAME/milvus] Milvus image repository ## @param milvus.image.tag Milvus image tag (immutable tags are recommended) ## @param milvus.image.digest Milvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param milvus.image.pullPolicy Milvus image pull policy @@ -245,8 +245,8 @@ initJob: forceRun: false ## Bitnami PyMilvus image ## ref: https://hub.docker.com/r/bitnami/jwt-cli/tags/ - ## @param initJob.image.registry PyMilvus image registry - ## @param initJob.image.repository PyMilvus image repository + ## @param initJob.image.registry [default: REGISTRY_NAME] PyMilvus image registry + ## @param initJob.image.repository [default: REPOSITORY_NAME/pymilvus] PyMilvus image repository ## @param initJob.image.tag PyMilvus image tag (immutable tags are recommended) ## @param initJob.image.digest PyMilvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param initJob.image.pullPolicy PyMilvus image pull policy @@ -4253,8 +4253,8 @@ attu: enabled: true ## Bitnami Attu image ## ref: https://hub.docker.com/r/bitnami/attu/tags/ - ## @param attu.image.registry Attu image registry - ## @param attu.image.repository Attu image repository + ## @param attu.image.registry [default: REGISTRY_NAME] Attu image registry + ## @param attu.image.repository [default: REPOSITORY_NAME/attu] Attu image repository ## @param attu.image.tag Attu image tag (immutable tags are recommended) ## @param attu.image.digest Attu image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param attu.image.pullPolicy Attu image pull policy @@ -4795,8 +4795,8 @@ attu: ## waitContainer: - ## @param waitContainer.image.registry Init container wait-container image registry - ## @param waitContainer.image.repository Init container wait-container image name + ## @param waitContainer.image.registry [default: REGISTRY_NAME] Init container wait-container image registry + ## @param waitContainer.image.repository [default: REPOSITORY_NAME/os-shell] Init container wait-container image name ## @param waitContainer.image.tag Init container wait-container image tag ## @param waitContainer.image.digest Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/minio/README.md b/bitnami/minio/README.md index 63a7d3bc0345f9..682a21ef822ed2 100644 --- a/bitnami/minio/README.md +++ b/bitnami/minio/README.md @@ -11,9 +11,11 @@ Disclaimer: All software products, projects and company names are trademark(TM) ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/minio +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/minio ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MinIO®](https://github.com/bitnami/containers/tree/main/bitnami/minio) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Bitnami Object Storage based on MinIOreg; in production? Try [VMw To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/minio +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/minio ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy MinIO® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -74,37 +78,37 @@ The command removes all the Kubernetes components associated with the chart and ### MinIO® parameters -| Name | Description | Value | -| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `image.registry` | MinIO® image registry | `docker.io` | -| `image.repository` | MinIO® image repository | `bitnami/minio` | -| `image.tag` | MinIO® image tag (immutable tags are recommended) | `2023.10.16-debian-11-r0` | -| `image.digest` | MinIO® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `clientImage.registry` | MinIO® Client image registry | `docker.io` | -| `clientImage.repository` | MinIO® Client image repository | `bitnami/minio-client` | -| `clientImage.tag` | MinIO® Client image tag (immutable tags are recommended) | `2023.10.14-debian-11-r0` | -| `clientImage.digest` | MinIO® Client image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `mode` | MinIO® server mode (`standalone` or `distributed`) | `standalone` | -| `auth.rootUser` | MinIO® root username | `admin` | -| `auth.rootPassword` | Password for MinIO® root user | `""` | -| `auth.existingSecret` | Use existing secret for credentials details (`auth.rootUser` and `auth.rootPassword` will be ignored and picked up from this secret). The secret has to contain the keys `root-user` and `root-password`) | `""` | -| `auth.forcePassword` | Force users to specify required passwords | `false` | -| `auth.useCredentialsFiles` | Mount credentials as a files instead of using an environment variable | `false` | -| `auth.forceNewKeys` | Force root credentials (user and password) to be reconfigured every time they change in the secrets | `false` | -| `defaultBuckets` | Comma, semi-colon or space separated list of buckets to create at initialization (only in standalone mode) | `""` | -| `disableWebUI` | Disable MinIO® Web UI | `false` | -| `tls.enabled` | Enable tls in front of the container | `false` | -| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `tls.existingSecret` | Name of an existing secret holding the certificate information | `""` | -| `tls.mountPath` | The mount path where the secret will be located | `""` | -| `extraEnvVars` | Extra environment variables to be set on MinIO® container | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `command` | Default container command (useful when using custom images). Use array form | `[]` | -| `args` | Default container args (useful when using custom images). Use array form | `[]` | +| Name | Description | Value | +| -------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `image.registry` | MinIO® image registry | `REGISTRY_NAME` | +| `image.repository` | MinIO® image repository | `REPOSITORY_NAME/minio` | +| `image.tag` | MinIO® image tag (immutable tags are recommended) | `2023.10.16-debian-11-r0` | +| `image.digest` | MinIO® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `clientImage.registry` | MinIO® Client image registry | `REGISTRY_NAME` | +| `clientImage.repository` | MinIO® Client image repository | `REPOSITORY_NAME/minio-client` | +| `clientImage.tag` | MinIO® Client image tag (immutable tags are recommended) | `2023.10.14-debian-11-r0` | +| `clientImage.digest` | MinIO® Client image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `mode` | MinIO® server mode (`standalone` or `distributed`) | `standalone` | +| `auth.rootUser` | MinIO® root username | `admin` | +| `auth.rootPassword` | Password for MinIO® root user | `""` | +| `auth.existingSecret` | Use existing secret for credentials details (`auth.rootUser` and `auth.rootPassword` will be ignored and picked up from this secret). The secret has to contain the keys `root-user` and `root-password`) | `""` | +| `auth.forcePassword` | Force users to specify required passwords | `false` | +| `auth.useCredentialsFiles` | Mount credentials as a files instead of using an environment variable | `false` | +| `auth.forceNewKeys` | Force root credentials (user and password) to be reconfigured every time they change in the secrets | `false` | +| `defaultBuckets` | Comma, semi-colon or space separated list of buckets to create at initialization (only in standalone mode) | `""` | +| `disableWebUI` | Disable MinIO® Web UI | `false` | +| `tls.enabled` | Enable tls in front of the container | `false` | +| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | +| `tls.existingSecret` | Name of an existing secret holding the certificate information | `""` | +| `tls.mountPath` | The mount path where the secret will be located | `""` | +| `extraEnvVars` | Extra environment variables to be set on MinIO® container | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `command` | Default container command (useful when using custom images). Use array form | `[]` | +| `args` | Default container args (useful when using custom images). Use array form | `[]` | ### MinIO® deployment/statefulset parameters @@ -255,18 +259,18 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### RBAC parameters @@ -314,17 +318,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set auth.rootUser=minio-admin \ --set auth.rootPassword=minio-secret-password \ - oci://registry-1.docker.io/bitnamicharts/minio + oci://REGISTRY_NAME/REPOSITORY_NAME/minio ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MinIO® Server root user and password to `minio-admin` and `minio-secret-password`, respectively. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/minio +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/minio ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/minio/values.yaml b/bitnami/minio/values.yaml index 966cfb592c4890..c08d58c90c401c 100644 --- a/bitnami/minio/values.yaml +++ b/bitnami/minio/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami MinIO® image version ## ref: https://hub.docker.com/r/bitnami/minio/tags/ -## @param image.registry MinIO® image registry -## @param image.repository MinIO® image repository +## @param image.registry [default: REGISTRY_NAME] MinIO® image registry +## @param image.repository [default: REPOSITORY_NAME/minio] MinIO® image repository ## @param image.tag MinIO® image tag (immutable tags are recommended) ## @param image.digest MinIO® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Image pull policy @@ -78,8 +78,8 @@ image: debug: false ## Bitnami MinIO® Client image version ## ref: https://hub.docker.com/r/bitnami/minio-client/tags/ -## @param clientImage.registry MinIO® Client image registry -## @param clientImage.repository MinIO® Client image repository +## @param clientImage.registry [default: REGISTRY_NAME] MinIO® Client image registry +## @param clientImage.repository [default: REPOSITORY_NAME/minio-client] MinIO® Client image repository ## @param clientImage.tag MinIO® Client image tag (immutable tags are recommended) ## @param clientImage.digest MinIO® Client image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -935,8 +935,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/mlflow/README.md b/bitnami/mlflow/README.md index 1dfb018e1b0e80..c22bc0beb28dff 100644 --- a/bitnami/mlflow/README.md +++ b/bitnami/mlflow/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mlflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mlflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MLflow](https://github.com/bitnami/containers/tree/main/bitnami/mlflow) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use MLflow in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mlflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mlflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys mlflow on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -81,21 +85,21 @@ The command removes all the Kubernetes components associated with the chart and ### MLflow common Parameters -| Name | Description | Value | -| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | mlflow image registry | `docker.io` | -| `image.repository` | mlflow image repository | `bitnami/mlflow` | -| `image.tag` | mlflow image tag (immutable tags are recommended) | `2.7.1-debian-11-r0` | -| `image.digest` | mlflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `image.pullPolicy` | mlflow image pull policy | `IfNotPresent` | -| `image.pullSecrets` | mlflow image pull secrets | `[]` | -| `image.debug` | Enable mlflow image debug mode | `false` | -| `gitImage.registry` | Git image registry | `docker.io` | -| `gitImage.repository` | Git image repository | `bitnami/git` | -| `gitImage.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | -| `gitImage.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `gitImage.pullPolicy` | Git image pull policy | `IfNotPresent` | -| `gitImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| Name | Description | Value | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | mlflow image registry | `REGISTRY_NAME` | +| `image.repository` | mlflow image repository | `REPOSITORY_NAME/mlflow` | +| `image.tag` | mlflow image tag (immutable tags are recommended) | `2.7.1-debian-11-r0` | +| `image.digest` | mlflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `image.pullPolicy` | mlflow image pull policy | `IfNotPresent` | +| `image.pullSecrets` | mlflow image pull secrets | `[]` | +| `image.debug` | Enable mlflow image debug mode | `false` | +| `gitImage.registry` | Git image registry | `REGISTRY_NAME` | +| `gitImage.repository` | Git image repository | `REPOSITORY_NAME/git` | +| `gitImage.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | +| `gitImage.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `gitImage.pullPolicy` | Git image pull policy | `IfNotPresent` | +| `gitImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | ### MLflow Tracking parameters @@ -378,30 +382,30 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Set container security context settings | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `waitContainer.image.registry` | Init container wait-container image registry | `docker.io` | -| `waitContainer.image.repository` | Init container wait-container image name | `bitnami/os-shell` | -| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | -| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | -| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` | -| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` | -| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` | -| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` | -| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | +| Name | Description | Value | +| ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Set container security context settings | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| `waitContainer.image.registry` | Init container wait-container image registry | `REGISTRY_NAME` | +| `waitContainer.image.repository` | Init container wait-container image name | `REPOSITORY_NAME/os-shell` | +| `waitContainer.image.tag` | Init container wait-container image tag | `11-debian-11-r90` | +| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` | +| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` | +| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` | +| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` | +| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` | +| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | ### PostgreSQL chart configuration @@ -498,4 +502,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/bitnami/mlflow/values.yaml b/bitnami/mlflow/values.yaml index 52e2f6852082e6..8ae43ebe2f68e6 100644 --- a/bitnami/mlflow/values.yaml +++ b/bitnami/mlflow/values.yaml @@ -68,8 +68,8 @@ diagnosticMode: ## Bitnami mlflow image ## ref: https://hub.docker.com/r/bitnami/mlflow/tags/ -## @param image.registry mlflow image registry -## @param image.repository mlflow image repository +## @param image.registry [default: REGISTRY_NAME] mlflow image registry +## @param image.repository [default: REPOSITORY_NAME/mlflow] mlflow image repository ## @param image.tag mlflow image tag (immutable tags are recommended) ## @param image.digest mlflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param image.pullPolicy mlflow image pull policy @@ -100,8 +100,8 @@ image: ## Bitnami git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ -## @param gitImage.registry Git image registry -## @param gitImage.repository Git image repository +## @param gitImage.registry [default: REGISTRY_NAME] Git image registry +## @param gitImage.repository [default: REPOSITORY_NAME/git] Git image repository ## @param gitImage.tag Git image tag (immutable tags are recommended) ## @param gitImage.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param gitImage.pullPolicy Git image pull policy @@ -1149,8 +1149,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets @@ -1189,8 +1189,8 @@ volumePermissions: runAsUser: 0 waitContainer: - ## @param waitContainer.image.registry Init container wait-container image registry - ## @param waitContainer.image.repository Init container wait-container image name + ## @param waitContainer.image.registry [default: REGISTRY_NAME] Init container wait-container image registry + ## @param waitContainer.image.repository [default: REPOSITORY_NAME/os-shell] Init container wait-container image name ## @param waitContainer.image.tag Init container wait-container image tag ## @param waitContainer.image.digest Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/mongodb-sharded/README.md b/bitnami/mongodb-sharded/README.md index 9887c149736d59..efa3605a69328b 100644 --- a/bitnami/mongodb-sharded/README.md +++ b/bitnami/mongodb-sharded/README.md @@ -11,9 +11,11 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mongodb-sharded +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb-sharded ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MongoDB(®) Sharded](https://github.com/bitnami/containers/tree/main/bitnami/mongodb-sharded) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -38,9 +40,11 @@ Looking to use MongoDBreg; Sharded in production? Try [VMware Application Catalo To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mongodb-sharded +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb-sharded ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys MongoDB® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -83,67 +87,67 @@ The command removes all the Kubernetes components associated with the chart and ### MongoDB(®) Sharded parameters -| Name | Description | Value | -| ---------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `image.registry` | MongoDB(®) Sharded image registry | `docker.io` | -| `image.repository` | MongoDB(®) Sharded Image name | `bitnami/mongodb-sharded` | -| `image.tag` | MongoDB(®) Sharded image tag (immutable tags are recommended) | `7.0.2-debian-11-r6` | -| `image.digest` | MongoDB(®) Sharded image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MongoDB(®) Sharded image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `auth.enabled` | Enable authentication | `true` | -| `auth.rootUser` | MongoDB(®) root user | `root` | -| `auth.rootPassword` | MongoDB(®) root password | `""` | -| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | `""` | -| `auth.existingSecret` | Existing secret with MongoDB(®) credentials (keys: `mongodb-password`, `mongodb-root-password`, `mongodb-replica-set-key`) | `""` | -| `auth.usePasswordFile` | Mount credentials as files instead of using environment variables | `false` | -| `shards` | Number of shards to be created | `2` | -| `common.mongodbEnableNumactl` | Enable launch MongoDB instance prefixed with "numactl --interleave=all" | `false` | -| `common.useHostnames` | Enable DNS hostnames in the replica set config | `true` | -| `common.mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB® | `false` | -| `common.mongodbDirectoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB® | `false` | -| `common.mongodbSystemLogVerbosity` | MongoDB® system log verbosity level | `0` | -| `common.mongodbDisableSystemLog` | Whether to disable MongoDB® system log or not | `false` | -| `common.mongodbMaxWaitTimeout` | Maximum time (in seconds) for MongoDB® nodes to wait for another MongoDB® node to be ready | `120` | -| `common.initScriptsCM` | Configmap with init scripts to execute | `""` | -| `common.initScriptsSecret` | Secret with init scripts to execute (for sensitive data) | `""` | -| `common.extraEnvVars` | An array to add extra env vars | `[]` | -| `common.extraEnvVarsCM` | Name of a ConfigMap containing extra env vars | `""` | -| `common.extraEnvVarsSecret` | Name of a Secret containing extra env vars | `""` | -| `common.sidecars` | Add sidecars to the pod | `[]` | -| `common.initContainers` | Add init containers to the pod | `[]` | -| `common.podAnnotations` | Additional pod annotations | `{}` | -| `common.podLabels` | Additional pod labels | `{}` | -| `common.extraVolumes` | Array to add extra volumes | `[]` | -| `common.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | -| `common.containerPorts.mongodb` | MongoDB container port | `27017` | -| `common.serviceAccount.create` | Whether to create a Service Account for all pods automatically | `false` | -| `common.serviceAccount.name` | Name of a Service Account to be used by all Pods | `""` | -| `common.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | -| `common.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources` | Init container resource requests/limit | `{}` | -| `service.name` | Specify an explicit service name | `""` | -| `service.annotations` | Additional service annotations (evaluate as a template) | `{}` | -| `service.type` | Service type | `ClusterIP` | -| `service.externalTrafficPolicy` | External traffic policy | `Cluster` | -| `service.ports.mongodb` | MongoDB® service port | `27017` | -| `service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `service.nodePorts.mongodb` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` | -| `service.loadBalancerIP` | Static IP Address to use for LoadBalancer service type | `""` | -| `service.loadBalancerSourceRanges` | List of IP ranges allowed access to load balancer (if supported) | `[]` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.headless.annotations` | Annotations for the headless service. | `{}` | +| Name | Description | Value | +| ---------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `image.registry` | MongoDB(®) Sharded image registry | `REGISTRY_NAME` | +| `image.repository` | MongoDB(®) Sharded Image name | `REPOSITORY_NAME/mongodb-sharded` | +| `image.tag` | MongoDB(®) Sharded image tag (immutable tags are recommended) | `7.0.2-debian-11-r6` | +| `image.digest` | MongoDB(®) Sharded image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | MongoDB(®) Sharded image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `auth.enabled` | Enable authentication | `true` | +| `auth.rootUser` | MongoDB(®) root user | `root` | +| `auth.rootPassword` | MongoDB(®) root password | `""` | +| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | `""` | +| `auth.existingSecret` | Existing secret with MongoDB(®) credentials (keys: `mongodb-password`, `mongodb-root-password`, `mongodb-replica-set-key`) | `""` | +| `auth.usePasswordFile` | Mount credentials as files instead of using environment variables | `false` | +| `shards` | Number of shards to be created | `2` | +| `common.mongodbEnableNumactl` | Enable launch MongoDB instance prefixed with "numactl --interleave=all" | `false` | +| `common.useHostnames` | Enable DNS hostnames in the replica set config | `true` | +| `common.mongodbEnableIPv6` | Switch to enable/disable IPv6 on MongoDB® | `false` | +| `common.mongodbDirectoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB® | `false` | +| `common.mongodbSystemLogVerbosity` | MongoDB® system log verbosity level | `0` | +| `common.mongodbDisableSystemLog` | Whether to disable MongoDB® system log or not | `false` | +| `common.mongodbMaxWaitTimeout` | Maximum time (in seconds) for MongoDB® nodes to wait for another MongoDB® node to be ready | `120` | +| `common.initScriptsCM` | Configmap with init scripts to execute | `""` | +| `common.initScriptsSecret` | Secret with init scripts to execute (for sensitive data) | `""` | +| `common.extraEnvVars` | An array to add extra env vars | `[]` | +| `common.extraEnvVarsCM` | Name of a ConfigMap containing extra env vars | `""` | +| `common.extraEnvVarsSecret` | Name of a Secret containing extra env vars | `""` | +| `common.sidecars` | Add sidecars to the pod | `[]` | +| `common.initContainers` | Add init containers to the pod | `[]` | +| `common.podAnnotations` | Additional pod annotations | `{}` | +| `common.podLabels` | Additional pod labels | `{}` | +| `common.extraVolumes` | Array to add extra volumes | `[]` | +| `common.extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes) | `[]` | +| `common.containerPorts.mongodb` | MongoDB container port | `27017` | +| `common.serviceAccount.create` | Whether to create a Service Account for all pods automatically | `false` | +| `common.serviceAccount.name` | Name of a Service Account to be used by all Pods | `""` | +| `common.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `common.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources` | Init container resource requests/limit | `{}` | +| `service.name` | Specify an explicit service name | `""` | +| `service.annotations` | Additional service annotations (evaluate as a template) | `{}` | +| `service.type` | Service type | `ClusterIP` | +| `service.externalTrafficPolicy` | External traffic policy | `Cluster` | +| `service.ports.mongodb` | MongoDB® service port | `27017` | +| `service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `service.nodePorts.mongodb` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `service.externalIPs` | External IP list to use with ClusterIP service type | `[]` | +| `service.loadBalancerIP` | Static IP Address to use for LoadBalancer service type | `""` | +| `service.loadBalancerSourceRanges` | List of IP ranges allowed access to load balancer (if supported) | `[]` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.headless.annotations` | Annotations for the headless service. | `{}` | ### Config Server parameters @@ -467,67 +471,70 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | MongoDB® exporter image registry | `docker.io` | -| `metrics.image.repository` | MongoDB® exporter image name | `bitnami/mongodb-exporter` | -| `metrics.image.tag` | MongoDB® exporter image tag | `0.39.0-debian-11-r123` | -| `metrics.image.digest` | MongoDB® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | MongoDB® exporter image pull policy | `Always` | -| `metrics.image.pullSecrets` | MongoDB® exporter image pull secrets | `[]` | -| `metrics.useTLS` | Whether to connect to MongoDB® with TLS | `false` | -| `metrics.extraArgs` | String with extra arguments to the metrics exporter | `""` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `false` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `false` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `false` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.containerPorts.metrics` | Port of the Prometheus metrics container | `9216` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation | `{}` | -| `metrics.podMonitor.enabled` | Create PodMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.podMonitor.namespace` | Namespace where podmonitor resource should be created | `monitoring` | -| `metrics.podMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | -| `metrics.podMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.podMonitor.additionalLabels` | Additional labels that can be used so PodMonitors will be discovered by Prometheus | `{}` | +| Name | Description | Value | +| --------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | MongoDB® exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | MongoDB® exporter image name | `REPOSITORY_NAME/mongodb-exporter` | +| `metrics.image.tag` | MongoDB® exporter image tag | `0.39.0-debian-11-r123` | +| `metrics.image.digest` | MongoDB® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | MongoDB® exporter image pull policy | `Always` | +| `metrics.image.pullSecrets` | MongoDB® exporter image pull secrets | `[]` | +| `metrics.useTLS` | Whether to connect to MongoDB® with TLS | `false` | +| `metrics.extraArgs` | String with extra arguments to the metrics exporter | `""` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.readOnlyRootFilesystem` | Set containers' Security Context runAsNonRoot | `false` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe | `false` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe | `false` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.containerPorts.metrics` | Port of the Prometheus metrics container | `9216` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation | `{}` | +| `metrics.podMonitor.enabled` | Create PodMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.podMonitor.namespace` | Namespace where podmonitor resource should be created | `monitoring` | +| `metrics.podMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | +| `metrics.podMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.podMonitor.additionalLabels` | Additional labels that can be used so PodMonitors will be discovered by Prometheus | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set shards=4,configsvr.replicaCount=3,shardsvr.dataNode.replicaCount=2 \ - oci://registry-1.docker.io/bitnamicharts/mongodb-sharded + oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb-sharded ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the number of shards to 4, the number of replicas for the config servers to 3 and number of replicas for data nodes to 2. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mongodb-sharded +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb-sharded ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -631,9 +638,10 @@ Find more information about how to deal with common errors related to Bitnami's If authentication is enabled, it's necessary to set the `auth.rootPassword` and `auth.replicaSetKey` when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use. Please note down the password, and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mongodb-sharded --set auth.rootPassword=[PASSWORD] (--set auth.replicaSetKey=[auth.replicaSetKey]) +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb-sharded --set auth.rootPassword=[PASSWORD] (--set auth.replicaSetKey=[auth.replicaSetKey]) ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders [PASSWORD] and [auth.replicaSetKey] with the values obtained in the installation notes. ### To 7.0.0 diff --git a/bitnami/mongodb-sharded/values.yaml b/bitnami/mongodb-sharded/values.yaml index 0a5624491ff09f..a378b707ae05e0 100644 --- a/bitnami/mongodb-sharded/values.yaml +++ b/bitnami/mongodb-sharded/values.yaml @@ -68,8 +68,8 @@ diagnosticMode: ## Bitnami MongoDB(®) Sharded image version ## ref: https://hub.docker.com/r/bitnami/mongodb-sharded/tags/ -## @param image.registry MongoDB(®) Sharded image registry -## @param image.repository MongoDB(®) Sharded Image name +## @param image.registry [default: REGISTRY_NAME] MongoDB(®) Sharded image registry +## @param image.repository [default: REPOSITORY_NAME/mongodb-sharded] MongoDB(®) Sharded Image name ## @param image.tag MongoDB(®) Sharded image tag (immutable tags are recommended) ## @param image.digest MongoDB(®) Sharded image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy MongoDB(®) Sharded image pull policy @@ -238,8 +238,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -1540,8 +1540,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry MongoDB® exporter image registry - ## @param metrics.image.repository MongoDB® exporter image name + ## @param metrics.image.registry [default: REGISTRY_NAME] MongoDB® exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/mongodb-exporter] MongoDB® exporter image name ## @param metrics.image.tag MongoDB® exporter image tag ## @param metrics.image.digest MongoDB® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy MongoDB® exporter image pull policy diff --git a/bitnami/mongodb/README.md b/bitnami/mongodb/README.md index fab39e59afa82f..8d3a9a61b39be1 100644 --- a/bitnami/mongodb/README.md +++ b/bitnami/mongodb/README.md @@ -11,9 +11,11 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mongodb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MongoDB(®)](https://github.com/bitnami/containers/tree/main/bitnami/mongodb) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use MongoDBreg; in production? Try [VMware Application Catalog](https To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mongodb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys MongoDB(®) on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -92,59 +96,59 @@ Refer to the [chart documentation for more information on each of these architec ### MongoDB(®) parameters -| Name | Description | Value | -| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | MongoDB(®) image registry | `docker.io` | -| `image.repository` | MongoDB(®) image registry | `bitnami/mongodb` | -| `image.tag` | MongoDB(®) image tag (immutable tags are recommended) | `7.0.2-debian-11-r6` | -| `image.digest` | MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MongoDB(®) image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Set to true if you would like to see extra information on logs | `false` | -| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `""` | -| `architecture` | MongoDB(®) architecture (`standalone` or `replicaset`) | `standalone` | -| `useStatefulSet` | Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`) | `false` | -| `auth.enabled` | Enable authentication | `true` | -| `auth.rootUser` | MongoDB(®) root user | `root` | -| `auth.rootPassword` | MongoDB(®) root password | `""` | -| `auth.usernames` | List of custom users to be created during the initialization | `[]` | -| `auth.passwords` | List of passwords for the custom users set at `auth.usernames` | `[]` | -| `auth.databases` | List of custom databases to be created during the initialization | `[]` | -| `auth.username` | DEPRECATED: use `auth.usernames` instead | `""` | -| `auth.password` | DEPRECATED: use `auth.passwords` instead | `""` | -| `auth.database` | DEPRECATED: use `auth.databases` instead | `""` | -| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | `""` | -| `auth.existingSecret` | Existing secret with MongoDB(®) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`) | `""` | -| `tls.enabled` | Enable MongoDB(®) TLS support between nodes in the cluster as well as between mongo clients and nodes | `false` | -| `tls.autoGenerated` | Generate a custom CA and self-signed certificates | `true` | -| `tls.existingSecret` | Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`) | `""` | -| `tls.caCert` | Custom CA certificated (base64 encoded) | `""` | -| `tls.caKey` | CA certificate private key (base64 encoded) | `""` | -| `tls.pemChainIncluded` | Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert. | `false` | -| `tls.standalone.existingSecret` | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `""` | -| `tls.replicaset.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `[]` | -| `tls.hidden.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `[]` | -| `tls.arbiter.existingSecret` | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `""` | -| `tls.image.registry` | Init container TLS certs setup image registry | `docker.io` | -| `tls.image.repository` | Init container TLS certs setup image repository | `bitnami/nginx` | -| `tls.image.tag` | Init container TLS certs setup image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `tls.image.digest` | Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `tls.image.pullPolicy` | Init container TLS certs setup image pull policy | `IfNotPresent` | -| `tls.image.pullSecrets` | Init container TLS certs specify docker-registry secret names as an array | `[]` | -| `tls.extraDnsNames` | Add extra dns names to the CA, can solve x509 auth issue for pod clients | `[]` | -| `tls.mode` | Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`) | `requireTLS` | -| `tls.resources.limits` | Init container generate-tls-certs resource limits | `{}` | -| `tls.resources.requests` | Init container generate-tls-certs resource requests | `{}` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `replicaSetName` | Name of the replica set (only when `architecture=replicaset`) | `rs0` | -| `replicaSetHostnames` | Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`) | `true` | -| `enableIPv6` | Switch to enable/disable IPv6 on MongoDB(®) | `false` | -| `directoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB(®) | `false` | -| `systemLogVerbosity` | MongoDB(®) system log verbosity level | `0` | -| `disableSystemLog` | Switch to enable/disable MongoDB(®) system log | `false` | -| `disableJavascript` | Switch to enable/disable MongoDB(®) server-side JavaScript execution | `false` | -| `enableJournal` | Switch to enable/disable MongoDB(®) Journaling | `true` | -| `configuration` | MongoDB(®) configuration file to be used for Primary and Secondary nodes | `""` | +| Name | Description | Value | +| -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | MongoDB(®) image registry | `REGISTRY_NAME` | +| `image.repository` | MongoDB(®) image registry | `REPOSITORY_NAME/mongodb` | +| `image.tag` | MongoDB(®) image tag (immutable tags are recommended) | `7.0.2-debian-11-r6` | +| `image.digest` | MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | MongoDB(®) image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Set to true if you would like to see extra information on logs | `false` | +| `schedulerName` | Name of the scheduler (other than default) to dispatch pods | `""` | +| `architecture` | MongoDB(®) architecture (`standalone` or `replicaset`) | `standalone` | +| `useStatefulSet` | Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`) | `false` | +| `auth.enabled` | Enable authentication | `true` | +| `auth.rootUser` | MongoDB(®) root user | `root` | +| `auth.rootPassword` | MongoDB(®) root password | `""` | +| `auth.usernames` | List of custom users to be created during the initialization | `[]` | +| `auth.passwords` | List of passwords for the custom users set at `auth.usernames` | `[]` | +| `auth.databases` | List of custom databases to be created during the initialization | `[]` | +| `auth.username` | DEPRECATED: use `auth.usernames` instead | `""` | +| `auth.password` | DEPRECATED: use `auth.passwords` instead | `""` | +| `auth.database` | DEPRECATED: use `auth.databases` instead | `""` | +| `auth.replicaSetKey` | Key used for authentication in the replicaset (only when `architecture=replicaset`) | `""` | +| `auth.existingSecret` | Existing secret with MongoDB(®) credentials (keys: `mongodb-passwords`, `mongodb-root-password`, `mongodb-metrics-password`, `mongodb-replica-set-key`) | `""` | +| `tls.enabled` | Enable MongoDB(®) TLS support between nodes in the cluster as well as between mongo clients and nodes | `false` | +| `tls.autoGenerated` | Generate a custom CA and self-signed certificates | `true` | +| `tls.existingSecret` | Existing secret with TLS certificates (keys: `mongodb-ca-cert`, `mongodb-ca-key`) | `""` | +| `tls.caCert` | Custom CA certificated (base64 encoded) | `""` | +| `tls.caKey` | CA certificate private key (base64 encoded) | `""` | +| `tls.pemChainIncluded` | Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert. | `false` | +| `tls.standalone.existingSecret` | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `""` | +| `tls.replicaset.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `[]` | +| `tls.hidden.existingSecrets` | Array of existing secrets with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `[]` | +| `tls.arbiter.existingSecret` | Existing secret with TLS certificates (`tls.key`, `tls.crt`, `ca.crt`) or (`tls.key`, `tls.crt`) with tls.pemChainIncluded set as enabled. | `""` | +| `tls.image.registry` | Init container TLS certs setup image registry | `REGISTRY_NAME` | +| `tls.image.repository` | Init container TLS certs setup image repository | `REPOSITORY_NAME/nginx` | +| `tls.image.tag` | Init container TLS certs setup image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `tls.image.digest` | Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `tls.image.pullPolicy` | Init container TLS certs setup image pull policy | `IfNotPresent` | +| `tls.image.pullSecrets` | Init container TLS certs specify docker-registry secret names as an array | `[]` | +| `tls.extraDnsNames` | Add extra dns names to the CA, can solve x509 auth issue for pod clients | `[]` | +| `tls.mode` | Allows to set the tls mode which should be used when tls is enabled (options: `allowTLS`, `preferTLS`, `requireTLS`) | `requireTLS` | +| `tls.resources.limits` | Init container generate-tls-certs resource limits | `{}` | +| `tls.resources.requests` | Init container generate-tls-certs resource requests | `{}` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `replicaSetName` | Name of the replica set (only when `architecture=replicaset`) | `rs0` | +| `replicaSetHostnames` | Enable DNS hostnames in the replicaset config (only when `architecture=replicaset`) | `true` | +| `enableIPv6` | Switch to enable/disable IPv6 on MongoDB(®) | `false` | +| `directoryPerDB` | Switch to enable/disable DirectoryPerDB on MongoDB(®) | `false` | +| `systemLogVerbosity` | MongoDB(®) system log verbosity level | `0` | +| `disableSystemLog` | Switch to enable/disable MongoDB(®) system log | `false` | +| `disableJavascript` | Switch to enable/disable MongoDB(®) server-side JavaScript execution | `false` | +| `enableJournal` | Switch to enable/disable MongoDB(®) Journaling | `true` | +| `configuration` | MongoDB(®) configuration file to be used for Primary and Secondary nodes | `""` | ### replicaSetConfigurationSettings settings applied during runtime (not via configuration file) @@ -230,67 +234,67 @@ Refer to the [chart documentation for more information on each of these architec ### Traffic exposure parameters -| Name | Description | Value | -| ------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `service.nameOverride` | MongoDB(®) service name | `""` | -| `service.type` | Kubernetes Service type (only for standalone architecture) | `ClusterIP` | -| `service.portName` | MongoDB(®) service port name (only for standalone architecture) | `mongodb` | -| `service.ports.mongodb` | MongoDB(®) service port. | `27017` | -| `service.nodePorts.mongodb` | Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture) | `""` | -| `service.clusterIP` | MongoDB(®) service cluster IP (only for standalone architecture) | `""` | -| `service.externalIPs` | Specify the externalIP value ClusterIP service type (only for standalone architecture) | `[]` | -| `service.loadBalancerIP` | loadBalancerIP for MongoDB(®) Service (only for standalone architecture) | `""` | -| `service.loadBalancerClass` | loadBalancerClass for MongoDB(®) Service (only for standalone architecture) | `""` | -| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer (only for standalone architecture) | `[]` | -| `service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Provide any additional annotations that may be required | `{}` | -| `service.externalTrafficPolicy` | service external traffic policy (only for standalone architecture) | `Local` | -| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.headless.annotations` | Annotations for the headless service. | `{}` | -| `externalAccess.enabled` | Enable Kubernetes external cluster access to MongoDB(®) nodes (only for replicaset architecture) | `false` | -| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs by querying the K8s API | `false` | -| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` | -| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` | -| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | -| `externalAccess.autoDiscovery.image.digest` | Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | -| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | -| `externalAccess.autoDiscovery.resources.limits` | Init container auto-discovery resource limits | `{}` | -| `externalAccess.autoDiscovery.resources.requests` | Init container auto-discovery resource requests | `{}` | -| `externalAccess.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `externalAccess.externalMaster.host` | External master host to bootstrap from | `""` | -| `externalAccess.externalMaster.port` | Port for MongoDB(®) service external master host | `27017` | -| `externalAccess.service.type` | Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | -| `externalAccess.service.portName` | MongoDB(®) port name used for external access when service type is LoadBalancer | `mongodb` | -| `externalAccess.service.ports.mongodb` | MongoDB(®) port used for external access when service type is LoadBalancer | `27017` | -| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for MongoDB(®) nodes | `[]` | -| `externalAccess.service.loadBalancerClass` | loadBalancerClass when service type is LoadBalancer | `""` | -| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | -| `externalAccess.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | -| `externalAccess.service.externalTrafficPolicy` | MongoDB(®) service external traffic policy | `Local` | -| `externalAccess.service.nodePorts` | Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort | `[]` | -| `externalAccess.service.domain` | Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort | `""` | -| `externalAccess.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `externalAccess.service.annotations` | Service annotations for external access | `{}` | -| `externalAccess.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `externalAccess.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `externalAccess.hidden.enabled` | Enable Kubernetes external cluster access to MongoDB(®) hidden nodes | `false` | -| `externalAccess.hidden.service.type` | Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer | `LoadBalancer` | -| `externalAccess.hidden.service.portName` | MongoDB(®) port name used for external access when service type is LoadBalancer | `mongodb` | -| `externalAccess.hidden.service.ports.mongodb` | MongoDB(®) port used for external access when service type is LoadBalancer | `27017` | -| `externalAccess.hidden.service.loadBalancerIPs` | Array of load balancer IPs for MongoDB(®) nodes | `[]` | -| `externalAccess.hidden.service.loadBalancerClass` | loadBalancerClass when service type is LoadBalancer | `""` | -| `externalAccess.hidden.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | -| `externalAccess.hidden.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | -| `externalAccess.hidden.service.externalTrafficPolicy` | MongoDB(®) service external traffic policy | `Local` | -| `externalAccess.hidden.service.nodePorts` | Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort. Length must be the same as replicaCount | `[]` | -| `externalAccess.hidden.service.domain` | Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort | `""` | -| `externalAccess.hidden.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `externalAccess.hidden.service.annotations` | Service annotations for external access | `{}` | -| `externalAccess.hidden.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `externalAccess.hidden.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| ------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `service.nameOverride` | MongoDB(®) service name | `""` | +| `service.type` | Kubernetes Service type (only for standalone architecture) | `ClusterIP` | +| `service.portName` | MongoDB(®) service port name (only for standalone architecture) | `mongodb` | +| `service.ports.mongodb` | MongoDB(®) service port. | `27017` | +| `service.nodePorts.mongodb` | Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture) | `""` | +| `service.clusterIP` | MongoDB(®) service cluster IP (only for standalone architecture) | `""` | +| `service.externalIPs` | Specify the externalIP value ClusterIP service type (only for standalone architecture) | `[]` | +| `service.loadBalancerIP` | loadBalancerIP for MongoDB(®) Service (only for standalone architecture) | `""` | +| `service.loadBalancerClass` | loadBalancerClass for MongoDB(®) Service (only for standalone architecture) | `""` | +| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer (only for standalone architecture) | `[]` | +| `service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Provide any additional annotations that may be required | `{}` | +| `service.externalTrafficPolicy` | service external traffic policy (only for standalone architecture) | `Local` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.headless.annotations` | Annotations for the headless service. | `{}` | +| `externalAccess.enabled` | Enable Kubernetes external cluster access to MongoDB(®) nodes (only for replicaset architecture) | `false` | +| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs by querying the K8s API | `false` | +| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `REGISTRY_NAME` | +| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `REPOSITORY_NAME/kubectl` | +| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | +| `externalAccess.autoDiscovery.image.digest` | Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | +| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | +| `externalAccess.autoDiscovery.resources.limits` | Init container auto-discovery resource limits | `{}` | +| `externalAccess.autoDiscovery.resources.requests` | Init container auto-discovery resource requests | `{}` | +| `externalAccess.externalMaster.enabled` | Use external master for bootstrapping | `false` | +| `externalAccess.externalMaster.host` | External master host to bootstrap from | `""` | +| `externalAccess.externalMaster.port` | Port for MongoDB(®) service external master host | `27017` | +| `externalAccess.service.type` | Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | +| `externalAccess.service.portName` | MongoDB(®) port name used for external access when service type is LoadBalancer | `mongodb` | +| `externalAccess.service.ports.mongodb` | MongoDB(®) port used for external access when service type is LoadBalancer | `27017` | +| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for MongoDB(®) nodes | `[]` | +| `externalAccess.service.loadBalancerClass` | loadBalancerClass when service type is LoadBalancer | `""` | +| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | +| `externalAccess.service.externalTrafficPolicy` | MongoDB(®) service external traffic policy | `Local` | +| `externalAccess.service.nodePorts` | Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort | `[]` | +| `externalAccess.service.domain` | Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort | `""` | +| `externalAccess.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `externalAccess.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `externalAccess.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `externalAccess.hidden.enabled` | Enable Kubernetes external cluster access to MongoDB(®) hidden nodes | `false` | +| `externalAccess.hidden.service.type` | Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer | `LoadBalancer` | +| `externalAccess.hidden.service.portName` | MongoDB(®) port name used for external access when service type is LoadBalancer | `mongodb` | +| `externalAccess.hidden.service.ports.mongodb` | MongoDB(®) port used for external access when service type is LoadBalancer | `27017` | +| `externalAccess.hidden.service.loadBalancerIPs` | Array of load balancer IPs for MongoDB(®) nodes | `[]` | +| `externalAccess.hidden.service.loadBalancerClass` | loadBalancerClass when service type is LoadBalancer | `""` | +| `externalAccess.hidden.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.hidden.service.allocateLoadBalancerNodePorts` | Wheter to allocate node ports when service type is LoadBalancer | `true` | +| `externalAccess.hidden.service.externalTrafficPolicy` | MongoDB(®) service external traffic policy | `Local` | +| `externalAccess.hidden.service.nodePorts` | Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort. Length must be the same as replicaCount | `[]` | +| `externalAccess.hidden.service.domain` | Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort | `""` | +| `externalAccess.hidden.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `externalAccess.hidden.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.hidden.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `externalAccess.hidden.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### Persistence parameters @@ -359,18 +363,18 @@ Refer to the [chart documentation for more information on each of these architec ### Volume Permissions parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.securityContext.runAsUser` | User ID for the volumePermissions container | `0` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.securityContext.runAsUser` | User ID for the volumePermissions container | `0` | ### Arbiter parameters @@ -548,83 +552,85 @@ Refer to the [chart documentation for more information on each of these architec ### Metrics parameters -| Name | Description | Value | -| -------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `metrics.enabled` | Enable using a sidecar Prometheus exporter | `false` | -| `metrics.image.registry` | MongoDB(®) Prometheus exporter image registry | `docker.io` | -| `metrics.image.repository` | MongoDB(®) Prometheus exporter image repository | `bitnami/mongodb-exporter` | -| `metrics.image.tag` | MongoDB(®) Prometheus exporter image tag (immutable tags are recommended) | `0.39.0-debian-11-r123` | -| `metrics.image.digest` | MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | MongoDB(®) Prometheus exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.username` | String with username for the metrics exporter | `""` | -| `metrics.password` | String with password for the metrics exporter | `""` | -| `metrics.compatibleMode` | Enables old style mongodb-exporter metrics | `true` | -| `metrics.collector.all` | Enable all collectors. Same as enabling all individual metrics | `false` | -| `metrics.collector.diagnosticdata` | Boolean Enable collecting metrics from getDiagnosticData | `true` | -| `metrics.collector.replicasetstatus` | Boolean Enable collecting metrics from replSetGetStatus | `true` | -| `metrics.collector.dbstats` | Boolean Enable collecting metrics from dbStats | `false` | -| `metrics.collector.topmetrics` | Boolean Enable collecting metrics from top admin command | `false` | -| `metrics.collector.indexstats` | Boolean Enable collecting metrics from $indexStats | `false` | -| `metrics.collector.collstats` | Boolean Enable collecting metrics from $collStats | `false` | -| `metrics.collector.collstatsColls` | List of \.\ to get $collStats | `[]` | -| `metrics.collector.indexstatsColls` | List - List of \.\ to get $indexStats | `[]` | -| `metrics.collector.collstatsLimit` | Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \ collections. 0=No limit | `0` | -| `metrics.extraFlags` | String with extra flags to the metrics exporter | `""` | -| `metrics.command` | Override default container command (useful when using custom images) | `[]` | -| `metrics.args` | Override default container args (useful when using custom images) | `[]` | -| `metrics.resources.limits` | The resources limits for Prometheus exporter containers | `{}` | -| `metrics.resources.requests` | The requested resources for Prometheus exporter containers | `{}` | -| `metrics.containerPort` | Port of the Prometheus metrics container | `9216` | -| `metrics.service.annotations` | Annotations for Prometheus Exporter pods. Evaluated as a template. | `{}` | -| `metrics.service.type` | Type of the Prometheus metrics service | `ClusterIP` | -| `metrics.service.ports.metrics` | Port of the Prometheus metrics service | `9216` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `10` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `10` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Override default liveness probe for MongoDB(®) containers | `{}` | -| `metrics.customReadinessProbe` | Override default readiness probe for MongoDB(®) containers | `{}` | -| `metrics.customStartupProbe` | Override default startup probe for MongoDB(®) containers | `{}` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the metrics container(s) | `[]` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricsRelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.prometheusRule.enabled` | Set this to true to create prometheusRules for Prometheus operator | `false` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.namespace` | Namespace where prometheusRules resource should be created | `""` | -| `metrics.prometheusRule.rules` | Rules to be created, check values for an example | `[]` | +| Name | Description | Value | +| -------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `metrics.enabled` | Enable using a sidecar Prometheus exporter | `false` | +| `metrics.image.registry` | MongoDB(®) Prometheus exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | MongoDB(®) Prometheus exporter image repository | `REPOSITORY_NAME/mongodb-exporter` | +| `metrics.image.tag` | MongoDB(®) Prometheus exporter image tag (immutable tags are recommended) | `0.39.0-debian-11-r123` | +| `metrics.image.digest` | MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | MongoDB(®) Prometheus exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.username` | String with username for the metrics exporter | `""` | +| `metrics.password` | String with password for the metrics exporter | `""` | +| `metrics.compatibleMode` | Enables old style mongodb-exporter metrics | `true` | +| `metrics.collector.all` | Enable all collectors. Same as enabling all individual metrics | `false` | +| `metrics.collector.diagnosticdata` | Boolean Enable collecting metrics from getDiagnosticData | `true` | +| `metrics.collector.replicasetstatus` | Boolean Enable collecting metrics from replSetGetStatus | `true` | +| `metrics.collector.dbstats` | Boolean Enable collecting metrics from dbStats | `false` | +| `metrics.collector.topmetrics` | Boolean Enable collecting metrics from top admin command | `false` | +| `metrics.collector.indexstats` | Boolean Enable collecting metrics from $indexStats | `false` | +| `metrics.collector.collstats` | Boolean Enable collecting metrics from $collStats | `false` | +| `metrics.collector.collstatsColls` | List of \.\ to get $collStats | `[]` | +| `metrics.collector.indexstatsColls` | List - List of \.\ to get $indexStats | `[]` | +| `metrics.collector.collstatsLimit` | Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \ collections. 0=No limit | `0` | +| `metrics.extraFlags` | String with extra flags to the metrics exporter | `""` | +| `metrics.command` | Override default container command (useful when using custom images) | `[]` | +| `metrics.args` | Override default container args (useful when using custom images) | `[]` | +| `metrics.resources.limits` | The resources limits for Prometheus exporter containers | `{}` | +| `metrics.resources.requests` | The requested resources for Prometheus exporter containers | `{}` | +| `metrics.containerPort` | Port of the Prometheus metrics container | `9216` | +| `metrics.service.annotations` | Annotations for Prometheus Exporter pods. Evaluated as a template. | `{}` | +| `metrics.service.type` | Type of the Prometheus metrics service | `ClusterIP` | +| `metrics.service.ports.metrics` | Port of the Prometheus metrics service | `9216` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `10` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `10` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `30` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Override default liveness probe for MongoDB(®) containers | `{}` | +| `metrics.customReadinessProbe` | Override default readiness probe for MongoDB(®) containers | `{}` | +| `metrics.customStartupProbe` | Override default startup probe for MongoDB(®) containers | `{}` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the metrics container(s) | `[]` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricsRelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.prometheusRule.enabled` | Set this to true to create prometheusRules for Prometheus operator | `false` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.namespace` | Namespace where prometheusRules resource should be created | `""` | +| `metrics.prometheusRule.rules` | Rules to be created, check values for an example | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set auth.rootPassword=secretpassword,auth.username=my-user,auth.password=my-password,auth.database=my-database \ - oci://registry-1.docker.io/bitnamicharts/mongodb + oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MongoDB(®) `root` account password to `secretpassword`. Additionally, it creates a standard database user named `my-user`, with the password `my-password`, who has access to a database named `my-database`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -632,9 +638,10 @@ The above command sets the MongoDB(®) `root` account password to `secretpass Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mongodb +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -729,9 +736,10 @@ Find more information about how to deal with common errors related to Bitnami's If authentication is enabled, it's necessary to set the `auth.rootPassword` (also `auth.replicaSetKey` when using a replicaset architecture) when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Credentials' section. Please note down the password, and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mongodb --set auth.rootPassword=[PASSWORD] (--set auth.replicaSetKey=[REPLICASETKEY]) +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mongodb --set auth.rootPassword=[PASSWORD] (--set auth.replicaSetKey=[REPLICASETKEY]) ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders [PASSWORD] and [REPLICASETKEY] with the values obtained in the installation notes. ### To 12.0.0 diff --git a/bitnami/mongodb/values.yaml b/bitnami/mongodb/values.yaml index 1dc4d2da95b369..2aba4cc28c9b81 100644 --- a/bitnami/mongodb/values.yaml +++ b/bitnami/mongodb/values.yaml @@ -109,8 +109,8 @@ diagnosticMode: ## Bitnami MongoDB(®) image ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/ -## @param image.registry MongoDB(®) image registry -## @param image.repository MongoDB(®) image registry +## @param image.registry [default: REGISTRY_NAME] MongoDB(®) image registry +## @param image.repository [default: REPOSITORY_NAME/mongodb] MongoDB(®) image registry ## @param image.tag MongoDB(®) image tag (immutable tags are recommended) ## @param image.digest MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy MongoDB(®) image pull policy @@ -233,8 +233,8 @@ tls: ## existingSecret: "" ## Bitnami Nginx image - ## @param tls.image.registry Init container TLS certs setup image registry - ## @param tls.image.repository Init container TLS certs setup image repository + ## @param tls.image.registry [default: REGISTRY_NAME] Init container TLS certs setup image registry + ## @param tls.image.repository [default: REPOSITORY_NAME/nginx] Init container TLS certs setup image repository ## @param tls.image.tag Init container TLS certs setup image tag (immutable tags are recommended) ## @param tls.image.digest Init container TLS certs setup image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param tls.image.pullPolicy Init container TLS certs setup image pull policy @@ -799,8 +799,8 @@ externalAccess: enabled: false ## Bitnami Kubectl image ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ - ## @param externalAccess.autoDiscovery.image.registry Init container auto-discovery image registry - ## @param externalAccess.autoDiscovery.image.repository Init container auto-discovery image repository + ## @param externalAccess.autoDiscovery.image.registry [default: REGISTRY_NAME] Init container auto-discovery image registry + ## @param externalAccess.autoDiscovery.image.repository [default: REPOSITORY_NAME/kubectl] Init container auto-discovery image repository ## @param externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended) ## @param externalAccess.autoDiscovery.image.digest Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy @@ -1279,8 +1279,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -2060,8 +2060,8 @@ metrics: enabled: false ## Bitnami MongoDB(®) Promtheus Exporter image ## ref: https://hub.docker.com/r/bitnami/mongodb-exporter/tags/ - ## @param metrics.image.registry MongoDB(®) Prometheus exporter image registry - ## @param metrics.image.repository MongoDB(®) Prometheus exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] MongoDB(®) Prometheus exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/mongodb-exporter] MongoDB(®) Prometheus exporter image repository ## @param metrics.image.tag MongoDB(®) Prometheus exporter image tag (immutable tags are recommended) ## @param metrics.image.digest MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy MongoDB(®) Prometheus exporter image pull policy diff --git a/bitnami/moodle/README.md b/bitnami/moodle/README.md index 89402b0e5cfcd3..828db0d3e26afa 100644 --- a/bitnami/moodle/README.md +++ b/bitnami/moodle/README.md @@ -11,9 +11,11 @@ Disclaimer: The respective trademarks mentioned in the offering are owned by the ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/moodle +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/moodle ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Moodle™](https://github.com/bitnami/containers/tree/main/bitnami/moodle) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Bitnami LMS powered by Moodle## Prerequisitestrade; LMS in produc To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/moodle +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/moodle ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Moodle™ on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,95 +80,95 @@ The command removes all the Kubernetes components associated with the chart and ### Moodle™ parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Moodle image registry | `docker.io` | -| `image.repository` | Moodle image repository | `bitnami/moodle` | -| `image.tag` | Moodle image tag (immutable tags are recommended) | `4.3.0-debian-11-r0` | -| `image.digest` | Moodle image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Moodle image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of Moodle replicas (requires ReadWriteMany PVC support) | `1` | -| `moodleSkipInstall` | Skip Moodle™ installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `moodleSiteName` | Site name | `""` | -| `moodleLang` | Site language | `""` | -| `moodleUsername` | User of the application | `user` | -| `moodlePassword` | Application password | `""` | -| `moodleEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | An array to add extra env vars | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Extra init containers to add to the deployment | `[]` | -| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `hostAliases` | Moodle™ pods host aliases | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `priorityClassName` | Moodle™ pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.customStorageClass` | Create a custom storage class | `{}` | -| `persistence.storageClass` | PVC Storage Class for Moodle | `""` | -| `persistence.accessModes` | PVC Access Mode for Moodle | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for Moodle | `8Gi` | -| `persistence.existingClaim` | An Existing PVC name | `""` | -| `persistence.hostPath` | Host mount path for Moodle | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset | `soft` | -| `nodeAffinityPreset.type` | Node affinity type | `""` | -| `nodeAffinityPreset.key` | Node label key to match | `""` | -| `nodeAffinityPreset.values` | Node label values to match | `[]` | -| `affinity` | Map of node/pod affinities | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `resources.requests` | CPU/Memory resource requests | `{}` | -| `resources.limits` | CPU/Memory resource limits | `{}` | -| `podSecurityContext.enabled` | Enable Moodle™ pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Moodle™ pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable Moodle™ containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Moodle™ containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Moodle™ containers' Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/login/index.php` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/login/index.php` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/login/index.php` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `""` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | Moodle image registry | `REGISTRY_NAME` | +| `image.repository` | Moodle image repository | `REPOSITORY_NAME/moodle` | +| `image.tag` | Moodle image tag (immutable tags are recommended) | `4.3.0-debian-11-r0` | +| `image.digest` | Moodle image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Moodle image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of Moodle replicas (requires ReadWriteMany PVC support) | `1` | +| `moodleSkipInstall` | Skip Moodle™ installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `moodleSiteName` | Site name | `""` | +| `moodleLang` | Site language | `""` | +| `moodleUsername` | User of the application | `user` | +| `moodlePassword` | Application password | `""` | +| `moodleEmail` | Admin email | `user@example.com` | +| `allowEmptyPassword` | Allow DB blank passwords | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | An array to add extra env vars | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Extra init containers to add to the deployment | `[]` | +| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `hostAliases` | Moodle™ pods host aliases | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `priorityClassName` | Moodle™ pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts` | Container ports | `{}` | +| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.customStorageClass` | Create a custom storage class | `{}` | +| `persistence.storageClass` | PVC Storage Class for Moodle | `""` | +| `persistence.accessModes` | PVC Access Mode for Moodle | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for Moodle | `8Gi` | +| `persistence.existingClaim` | An Existing PVC name | `""` | +| `persistence.hostPath` | Host mount path for Moodle | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset | `soft` | +| `nodeAffinityPreset.type` | Node affinity type | `""` | +| `nodeAffinityPreset.key` | Node label key to match | `""` | +| `nodeAffinityPreset.values` | Node label values to match | `[]` | +| `affinity` | Map of node/pod affinities | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `resources.requests` | CPU/Memory resource requests | `{}` | +| `resources.limits` | CPU/Memory resource limits | `{}` | +| `podSecurityContext.enabled` | Enable Moodle™ pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Moodle™ pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable Moodle™ containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Moodle™ containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Moodle™ containers' Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/login/index.php` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/login/index.php` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/login/index.php` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `""` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -223,40 +227,40 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.service.type` | Prometheus metrics service type | `LoadBalancer` | -| `metrics.service.port` | Prometheus metrics service port | `9117` | -| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer`, otherwise leave blank | `""` | -| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service service Load Balancer sources | `[]` | -| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` | -| `metrics.service.externalTrafficPolicy` | Prometheus metrics service service external traffic policy | `Cluster` | -| `metrics.service.annotations` | Annotations for Prometheus Exporter pods. Evaluated as a template. | `{}` | -| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.service.type` | Prometheus metrics service type | `LoadBalancer` | +| `metrics.service.port` | Prometheus metrics service port | `9117` | +| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer`, otherwise leave blank | `""` | +| `metrics.service.loadBalancerSourceRanges` | Prometheus metrics service service Load Balancer sources | `[]` | +| `metrics.service.clusterIP` | Prometheus metrics service Cluster IP | `""` | +| `metrics.service.externalTrafficPolicy` | Prometheus metrics service service external traffic policy | `Cluster` | +| `metrics.service.annotations` | Annotations for Prometheus Exporter pods. Evaluated as a template. | `{}` | +| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | ### Certificate injection parameters @@ -274,8 +278,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables (eg proxy) | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | | `certificates.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -306,9 +310,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set moodleUsername=admin,moodlePassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/moodle + oci://REGISTRY_NAME/REPOSITORY_NAME/moodle ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Moodle™ administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -316,9 +322,10 @@ The above command sets the Moodle™ administrator account username and pass Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/moodle +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/moodle ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -465,15 +472,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=moo Upgrade your release (maintaining the version) disabling MariaDB and scaling Moodle™ replicas to 0: ```console -helm upgrade moodle oci://registry-1.docker.io/bitnamicharts/moodle --set moodlePassword=$MOODLE_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.1.6 +helm upgrade moodle oci://REGISTRY_NAME/REPOSITORY_NAME/moodle --set moodlePassword=$MOODLE_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.1.6 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 9.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade moodle oci://registry-1.docker.io/bitnamicharts/moodle --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set moodlePassword=$MOODLE_PASSWORD +helm upgrade moodle oci://REGISTRY_NAME/REPOSITORY_NAME/moodle --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set moodlePassword=$MOODLE_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/moodle/values.yaml b/bitnami/moodle/values.yaml index ca7a7a56c7c527..6012eaaf4dee81 100644 --- a/bitnami/moodle/values.yaml +++ b/bitnami/moodle/values.yaml @@ -44,8 +44,8 @@ extraDeploy: [] ## Bitnami Moodle™ image version ## ref: https://hub.docker.com/r/bitnami/moodle/tags/ -## @param image.registry Moodle image registry -## @param image.repository Moodle image repository +## @param image.registry [default: REGISTRY_NAME] Moodle image registry +## @param image.repository [default: REPOSITORY_NAME/moodle] Moodle image repository ## @param image.tag Moodle image tag (immutable tags are recommended) ## @param image.digest Moodle image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Moodle image pull policy @@ -639,8 +639,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -685,8 +685,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Apache exporter image pull policy @@ -802,8 +802,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret with extra environment variables ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image repository ## @param certificates.image.tag Container sidecar image tag (immutable tags are recommended) ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/multus-cni/README.md b/bitnami/multus-cni/README.md index 71aa1ebca7fd3c..7fc07f5d59028d 100644 --- a/bitnami/multus-cni/README.md +++ b/bitnami/multus-cni/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/multus-cni +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/multus-cni ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Multus CNI](https://github.com/bitnami/containers/tree/main/bitnami/multus-cni) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Multus CNI in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/multus-cni +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/multus-cni ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Multus CNI on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,73 +82,73 @@ The command removes all the Kubernetes components associated with the chart and ### Multus CNI parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `image.registry` | Multus CNI image registry | `docker.io` | -| `image.repository` | Multus CNI Image name | `bitnami/multus-cni` | -| `image.tag` | Multus CNI Image tag | `4.0.2-debian-11-r127` | -| `image.digest` | Multus CNI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Multus CNI image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `CNIVersion` | CNI version | `0.3.0` | -| `hostCNIBinDir` | CNI binary dir in the host machine to mount | `/opt/cni/bin` | -| `hostCNINetDir` | CNI net.d dir in the host machine to mount | `/etc/cni/net.d` | -| `CNIMountPath` | Path inside the container to mount the CNI dirs | `/bitnami/multus-cni/host` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Multus CNI pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the init container | `{}` | -| `resources.limits` | The resources limits for the init container | `{}` | -| `podSecurityContext.enabled` | Enable Multus CNI pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Multus CNI pods' group ID | `0` | -| `containerSecurityContext.enabled` | Enable Multus CNI containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Multus CNI containers' Security Context | `0` | -| `containerSecurityContext.runAsNonRoot` | Set Multus CNI container's Security Context runAsNonRoot | `false` | -| `containerSecurityContext.privileged` | Set Multus CNI container's Security Context privileged | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `false` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | Multus CNI image registry | `REGISTRY_NAME` | +| `image.repository` | Multus CNI Image name | `REPOSITORY_NAME/multus-cni` | +| `image.tag` | Multus CNI Image tag | `4.0.2-debian-11-r127` | +| `image.digest` | Multus CNI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Multus CNI image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `CNIVersion` | CNI version | `0.3.0` | +| `hostCNIBinDir` | CNI binary dir in the host machine to mount | `/opt/cni/bin` | +| `hostCNINetDir` | CNI net.d dir in the host machine to mount | `/etc/cni/net.d` | +| `CNIMountPath` | Path inside the container to mount the CNI dirs | `/bitnami/multus-cni/host` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | Multus CNI pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the init container | `{}` | +| `resources.limits` | The resources limits for the init container | `{}` | +| `podSecurityContext.enabled` | Enable Multus CNI pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Multus CNI pods' group ID | `0` | +| `containerSecurityContext.enabled` | Enable Multus CNI containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Multus CNI containers' Security Context | `0` | +| `containerSecurityContext.runAsNonRoot` | Set Multus CNI container's Security Context runAsNonRoot | `false` | +| `containerSecurityContext.privileged` | Set Multus CNI container's Security Context privileged | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `false` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Other Parameters @@ -161,17 +165,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set schedulerName=high-priority \ - oci://registry-1.docker.io/bitnamicharts/multus-cni + oci://REGISTRY_NAME/REPOSITORY_NAME/multus-cni ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Multus CNI scheduler to high-priority. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/multus-cni +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/multus-cni ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/multus-cni/values.yaml b/bitnami/multus-cni/values.yaml index 3d572d5efd1dc9..e7d38c9eaad8cb 100644 --- a/bitnami/multus-cni/values.yaml +++ b/bitnami/multus-cni/values.yaml @@ -66,8 +66,8 @@ diagnosticMode: ## Bitnami Multus CNI image version ## ref: https://hub.docker.com/r/bitnami/multus-cni/tags/ -## @param image.registry Multus CNI image registry -## @param image.repository Multus CNI Image name +## @param image.registry [default: REGISTRY_NAME] Multus CNI image registry +## @param image.repository [default: REPOSITORY_NAME/multus-cni] Multus CNI Image name ## @param image.tag Multus CNI Image tag ## @param image.digest Multus CNI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Multus CNI image pull policy diff --git a/bitnami/mxnet/README.md b/bitnami/mxnet/README.md index c9e9f7c52b107f..94f412e8cd1875 100644 --- a/bitnami/mxnet/README.md +++ b/bitnami/mxnet/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mxnet +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mxnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [Apache MXNet (Incubating)](https://github.com/bitnami/containers/tree/main/bitnami/mxnet) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Apache MXNet (Incubating) in production? Try [VMware Application To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mxnet +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mxnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Apache MXNet (Incubating) on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured. > **Tip**: List all releases using `helm list` @@ -79,37 +83,37 @@ The command removes all the Kubernetes components associated with the chart and ### Common Mxnet parameters -| Name | Description | Value | -| ------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Apache MXNet (Incubating) image registry | `docker.io` | -| `image.repository` | Apache MXNet (Incubating) image repository | `bitnami/mxnet` | -| `image.tag` | Apache MXNet (Incubating) image tag (immutable tags are recommended) | `1.9.1-debian-11-r410` | -| `image.digest` | Apache MXNet (Incubating) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Apache MXNet (Incubating) image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `entrypoint` | The main entrypoint of your app, this will be executed as: | `{}` | -| `mode` | Apache MXNet (Incubating) deployment mode. Can be `standalone` or `distributed` | `standalone` | -| `existingSecret` | Name of a secret with sensitive data to mount in the pods | `""` | -| `configMap` | Name of an existing config map containing all the files you want to load in Apache MXNet (Incubating) | `""` | -| `cloneFilesFromGit.enabled` | Enable in order to download files from git repository | `false` | -| `cloneFilesFromGit.repository` | Repository to clone | `""` | -| `cloneFilesFromGit.revision` | Branch name to clone | `master` | -| `cloneFilesFromGit.extraVolumeMounts` | Add extra volume mounts for the GIT container | `[]` | -| `persistence.enabled` | Use a PVC to persist data | `false` | -| `persistence.storageClass` | discourse & sidekiq data Persistent Volume Storage Class | `""` | -| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mxnet` | -| `persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` | -| `persistence.size` | Size of data volume | `8Gi` | -| `persistence.annotations` | Persistent Volume annotations | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to all the pods | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for all the pods | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for all the pods | `""` | -| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | -| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pods (scheduler, worker and server nodes) | `[]` | -| `initContainers` | Attach additional init containers to the pods (scheduler, worker and server nodes) | `[]` | +| Name | Description | Value | +| ------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Apache MXNet (Incubating) image registry | `REGISTRY_NAME` | +| `image.repository` | Apache MXNet (Incubating) image repository | `REPOSITORY_NAME/mxnet` | +| `image.tag` | Apache MXNet (Incubating) image tag (immutable tags are recommended) | `1.9.1-debian-11-r410` | +| `image.digest` | Apache MXNet (Incubating) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Apache MXNet (Incubating) image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `entrypoint` | The main entrypoint of your app, this will be executed as: | `{}` | +| `mode` | Apache MXNet (Incubating) deployment mode. Can be `standalone` or `distributed` | `standalone` | +| `existingSecret` | Name of a secret with sensitive data to mount in the pods | `""` | +| `configMap` | Name of an existing config map containing all the files you want to load in Apache MXNet (Incubating) | `""` | +| `cloneFilesFromGit.enabled` | Enable in order to download files from git repository | `false` | +| `cloneFilesFromGit.repository` | Repository to clone | `""` | +| `cloneFilesFromGit.revision` | Branch name to clone | `master` | +| `cloneFilesFromGit.extraVolumeMounts` | Add extra volume mounts for the GIT container | `[]` | +| `persistence.enabled` | Use a PVC to persist data | `false` | +| `persistence.storageClass` | discourse & sidekiq data Persistent Volume Storage Class | `""` | +| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `persistence.mountPath` | Path to mount the volume at | `/bitnami/mxnet` | +| `persistence.accessModes` | Persistent Volume Access Mode | `["ReadWriteOnce"]` | +| `persistence.size` | Size of data volume | `8Gi` | +| `persistence.annotations` | Persistent Volume annotations | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to all the pods | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for all the pods | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for all the pods | `""` | +| `extraVolumes` | Array to add extra volumes (evaluated as a template) | `[]` | +| `extraVolumeMounts` | Array to add extra mounts (normally used with extraVolumes, evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pods (scheduler, worker and server nodes) | `[]` | +| `initContainers` | Attach additional init containers to the pods (scheduler, worker and server nodes) | `[]` | ### Mxnet Standalone parameters (only for standalone mode) @@ -366,23 +370,23 @@ The command removes all the Kubernetes components associated with the chart and ### Init containers parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `git.registry` | Git image registry | `docker.io` | -| `git.repository` | Git image repository | `bitnami/git` | -| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | -| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | -| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `git.registry` | Git image registry | `REGISTRY_NAME` | +| `git.repository` | Git image repository | `REPOSITORY_NAME/git` | +| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | +| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | +| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, @@ -391,17 +395,20 @@ helm install my-release \ --set mode=distributed \ --set server.replicaCount=2 \ --set worker.replicaCount=3 \ - oci://registry-1.docker.io/bitnamicharts/mxnet + oci://REGISTRY_NAME/REPOSITORY_NAME/mxnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command creates 6 pods for Apache MXNet (Incubating): one scheduler, two servers, and three workers. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mxnet +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mxnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -430,7 +437,7 @@ Finally, if you want to clone a git repository you can use the following paramet ```console cloneFilesFromGit.enabled=true -cloneFilesFromGit.repository=https://github.com/my-user/oci://registry-1.docker.io/bitnamicharts +cloneFilesFromGit.repository=https://github.com/my-user/oci://REGISTRY_NAME/REPOSITORY_NAME cloneFilesFromGit.revision=master ``` diff --git a/bitnami/mxnet/values.yaml b/bitnami/mxnet/values.yaml index 01a633079cbbbf..b7e8fac476ef54 100644 --- a/bitnami/mxnet/values.yaml +++ b/bitnami/mxnet/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami Apache MXNet (Incubating) image version ## ref: https://hub.docker.com/r/bitnami/mxnet/tags/ -## @param image.registry Apache MXNet (Incubating) image registry -## @param image.repository Apache MXNet (Incubating) image repository +## @param image.registry [default: REGISTRY_NAME] Apache MXNet (Incubating) image registry +## @param image.repository [default: REPOSITORY_NAME/mxnet] Apache MXNet (Incubating) image repository ## @param image.tag Apache MXNet (Incubating) image tag (immutable tags are recommended) ## @param image.digest Apache MXNet (Incubating) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Apache MXNet (Incubating) image pull policy @@ -1167,8 +1167,8 @@ scheduler: ## @section Init containers parameters ## Bitnami git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ -## @param git.registry Git image registry -## @param git.repository Git image repository +## @param git.registry [default: REGISTRY_NAME] Git image registry +## @param git.repository [default: REPOSITORY_NAME/git] Git image repository ## @param git.tag Git image tag (immutable tags are recommended) ## @param git.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param git.pullPolicy Git image pull policy @@ -1195,8 +1195,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/mysql/README.md b/bitnami/mysql/README.md index f253e5e58678ca..6e2674e2edff69 100644 --- a/bitnami/mysql/README.md +++ b/bitnami/mysql/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mysql +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mysql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [MySQL](https://github.com/bitnami/containers/tree/main/bitnami/mysql) replication cluster deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use MySQL in production? Try [VMware Application Catalog](https://bit To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/mysql +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mysql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy MySQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -79,30 +83,30 @@ The command removes all the Kubernetes components associated with the chart and ### MySQL common parameters -| Name | Description | Value | -| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | MySQL image registry | `docker.io` | -| `image.repository` | MySQL image repository | `bitnami/mysql` | -| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r75` | -| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `architecture` | MySQL architecture (`standalone` or `replication`) | `standalone` | -| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided | `""` | -| `auth.createDatabase` | Whether to create the .Values.auth.database or not | `true` | -| `auth.database` | Name for a custom database to create | `my_database` | -| `auth.username` | Name for a custom user to create | `""` | -| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | -| `auth.replicationUser` | MySQL replication user | `replicator` | -| `auth.replicationPassword` | MySQL replication user password. Ignored if existing secret is provided | `""` | -| `auth.existingSecret` | Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` | `""` | -| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` | -| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | -| `initdbScripts` | Dictionary of initdb scripts | `{}` | -| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | -| `startdbScripts` | Dictionary of startdb scripts | `{}` | -| `startdbScriptsConfigMap` | ConfigMap with the startdb scripts (Note: Overrides `startdbScripts`) | `""` | +| Name | Description | Value | +| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | MySQL image registry | `REGISTRY_NAME` | +| `image.repository` | MySQL image repository | `REPOSITORY_NAME/mysql` | +| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r75` | +| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `architecture` | MySQL architecture (`standalone` or `replication`) | `standalone` | +| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided | `""` | +| `auth.createDatabase` | Whether to create the .Values.auth.database or not | `true` | +| `auth.database` | Name for a custom database to create | `my_database` | +| `auth.username` | Name for a custom user to create | `""` | +| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` | +| `auth.replicationUser` | MySQL replication user | `replicator` | +| `auth.replicationPassword` | MySQL replication user password. Ignored if existing secret is provided | `""` | +| `auth.existingSecret` | Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` | `""` | +| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` | +| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` | +| `initdbScripts` | Dictionary of initdb scripts | `{}` | +| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` | +| `startdbScripts` | Dictionary of startdb scripts | `{}` | +| `startdbScriptsConfigMap` | ConfigMap with the startdb scripts (Note: Overrides `startdbScripts`) | `""` | ### MySQL Primary parameters @@ -304,66 +308,66 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources` | Init container volume-permissions resources | `{}` | +| Name | Description | Value | +| ------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources` | Init container volume-permissions resources | `{}` | ### Metrics parameters -| Name | Description | Value | -| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Exporter image registry | `docker.io` | -| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | -| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.containerSecurityContext.enabled` | MySQL metrics container securityContext | `true` | -| `metrics.containerSecurityContext.runAsUser` | User ID for the MySQL metrics container | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set MySQL metrics container's Security Context runAsNonRoot | `true` | -| `metrics.service.type` | Kubernetes service type for MySQL Prometheus Exporter | `ClusterIP` | -| `metrics.service.clusterIP` | Kubernetes service clusterIP for MySQL Prometheus Exporter | `""` | -| `metrics.service.port` | MySQL Prometheus Exporter service port | `9104` | -| `metrics.service.annotations` | Prometheus exporter service annotations | `{}` | -| `metrics.extraArgs.primary` | Extra args to be passed to mysqld_exporter on Primary pods | `[]` | -| `metrics.extraArgs.secondary` | Extra args to be passed to mysqld_exporter on Secondary pods | `[]` | -| `metrics.resources.limits` | The resources limits for MySQL prometheus exporter containers | `{}` | -| `metrics.resources.requests` | The requested resources for MySQL prometheus exporter containers | `{}` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | -| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` | -| `metrics.prometheusRule.enabled` | Creates a Prometheus Operator prometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the prometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Exporter image repository | `REPOSITORY_NAME/mysqld-exporter` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r70` | +| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.containerSecurityContext.enabled` | MySQL metrics container securityContext | `true` | +| `metrics.containerSecurityContext.runAsUser` | User ID for the MySQL metrics container | `1001` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set MySQL metrics container's Security Context runAsNonRoot | `true` | +| `metrics.service.type` | Kubernetes service type for MySQL Prometheus Exporter | `ClusterIP` | +| `metrics.service.clusterIP` | Kubernetes service clusterIP for MySQL Prometheus Exporter | `""` | +| `metrics.service.port` | MySQL Prometheus Exporter service port | `9104` | +| `metrics.service.annotations` | Prometheus exporter service annotations | `{}` | +| `metrics.extraArgs.primary` | Extra args to be passed to mysqld_exporter on Primary pods | `[]` | +| `metrics.extraArgs.secondary` | Extra args to be passed to mysqld_exporter on Secondary pods | `[]` | +| `metrics.resources.limits` | The resources limits for MySQL prometheus exporter containers | `{}` | +| `metrics.resources.requests` | The requested resources for MySQL prometheus exporter containers | `{}` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.labels` | Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with | `{}` | +| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` | +| `metrics.prometheusRule.enabled` | Creates a Prometheus Operator prometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the prometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | The above parameters map to the env variables defined in [bitnami/mysql](https://github.com/bitnami/containers/tree/main/bitnami/mysql). For more information please refer to the [bitnami/mysql](https://github.com/bitnami/containers/tree/main/bitnami/mysql) image documentation. @@ -372,9 +376,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.rootPassword=secretpassword,auth.database=app_database \ - oci://registry-1.docker.io/bitnamicharts/mysql + oci://REGISTRY_NAME/REPOSITORY_NAME/mysql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the MySQL `root` account password to `secretpassword`. Additionally it creates a database named `app_database`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -382,9 +388,10 @@ The above command sets the MySQL `root` account password to `secretpassword`. Ad Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/mysql +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/mysql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -473,9 +480,11 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/mysql --set auth.rootPassword=[ROOT_PASSWORD] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/mysql --set auth.rootPassword=[ROOT_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes. ### To 9.0.0 @@ -516,9 +525,11 @@ Consequences: - Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mysql`: ```console -helm install mysql oci://registry-1.docker.io/bitnamicharts/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] +helm install mysql oci://REGISTRY_NAME/REPOSITORY_NAME/mysql --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release. ### To 7.0.0 diff --git a/bitnami/mysql/values.yaml b/bitnami/mysql/values.yaml index 5a08be96bc7925..1b60608aa6d9c0 100644 --- a/bitnami/mysql/values.yaml +++ b/bitnami/mysql/values.yaml @@ -74,8 +74,8 @@ diagnosticMode: ## Bitnami MySQL image ## ref: https://hub.docker.com/r/bitnami/mysql/tags/ -## @param image.registry MySQL image registry -## @param image.repository MySQL image repository +## @param image.registry [default: REGISTRY_NAME] MySQL image registry +## @param image.repository [default: REPOSITORY_NAME/mysql] MySQL image repository ## @param image.tag MySQL image tag (immutable tags are recommended) ## @param image.digest MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy MySQL image pull policy @@ -1009,8 +1009,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -1043,8 +1043,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Exporter image registry - ## @param metrics.image.repository Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/mysqld-exporter] Exporter image repository ## @param metrics.image.tag Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Exporter image pull policy diff --git a/bitnami/nats/README.md b/bitnami/nats/README.md index ecb624bef82686..8ab53c91013c16 100644 --- a/bitnami/nats/README.md +++ b/bitnami/nats/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nats +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nats ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [NATS](https://github.com/bitnami/containers/tree/main/bitnami/nats) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use NATS in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nats +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nats ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys NATS on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -75,44 +79,44 @@ The command removes all the Kubernetes components associated with the chart and ### NATS parameters -| Name | Description | Value | -| ------------------------ | ----------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | NATS image registry | `docker.io` | -| `image.repository` | NATS image repository | `bitnami/nats` | -| `image.tag` | NATS image tag (immutable tags are recommended) | `2.10.3-debian-11-r0` | -| `image.digest` | NATS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | NATS image pull policy | `IfNotPresent` | -| `image.pullSecrets` | NATS image pull secrets | `[]` | -| `image.debug` | Enable NATS image debug mode | `false` | -| `auth.enabled` | Switch to enable/disable client authentication | `true` | -| `auth.user` | Client authentication user | `nats_client` | -| `auth.password` | Client authentication password | `""` | -| `auth.token` | Client authentication token | `""` | -| `auth.timeout` | Client authentication timeout (seconds) | `1` | -| `auth.usersCredentials` | Client authentication users credentials collection | `[]` | -| `auth.noAuthUser` | Client authentication username from auth.usersCredentials map to be used when no credentials provided | `""` | -| `cluster.name` | Cluster name | `nats` | -| `cluster.connectRetries` | Configure number of connect retries for implicit routes, otherwise leave blank | `""` | -| `cluster.auth.enabled` | Switch to enable/disable cluster authentication | `true` | -| `cluster.auth.user` | Cluster authentication user | `nats_cluster` | -| `cluster.auth.password` | Cluster authentication password | `""` | -| `jetstream.enabled` | Switch to enable/disable JetStream | `false` | -| `jetstream.maxMemory` | Max memory usage for JetStream | `1G` | -| `debug.enabled` | Switch to enable/disable debug on logging | `false` | -| `debug.trace` | Switch to enable/disable trace debug level on logging | `false` | -| `debug.logtime` | Switch to enable/disable logtime on logging | `false` | -| `maxConnections` | Max. number of client connections | `""` | -| `maxControlLine` | Max. protocol control line | `""` | -| `maxPayload` | Max. payload | `""` | -| `writeDeadline` | Duration the server can block on a socket write to a client | `""` | -| `natsFilename` | Filename used by several NATS files (binary, configuration file, and pid file) | `nats-server` | -| `configuration` | Specify content for NATS configuration file (generated based on other parameters otherwise) | `""` | -| `existingSecret` | The name of an existing Secret with your custom configuration for NATS | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Extra environment variables to be set on NATS container | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| Name | Description | Value | +| ------------------------ | ----------------------------------------------------------------------------------------------------- | ---------------------- | +| `image.registry` | NATS image registry | `REGISTRY_NAME` | +| `image.repository` | NATS image repository | `REPOSITORY_NAME/nats` | +| `image.tag` | NATS image tag (immutable tags are recommended) | `2.10.3-debian-11-r0` | +| `image.digest` | NATS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | NATS image pull policy | `IfNotPresent` | +| `image.pullSecrets` | NATS image pull secrets | `[]` | +| `image.debug` | Enable NATS image debug mode | `false` | +| `auth.enabled` | Switch to enable/disable client authentication | `true` | +| `auth.user` | Client authentication user | `nats_client` | +| `auth.password` | Client authentication password | `""` | +| `auth.token` | Client authentication token | `""` | +| `auth.timeout` | Client authentication timeout (seconds) | `1` | +| `auth.usersCredentials` | Client authentication users credentials collection | `[]` | +| `auth.noAuthUser` | Client authentication username from auth.usersCredentials map to be used when no credentials provided | `""` | +| `cluster.name` | Cluster name | `nats` | +| `cluster.connectRetries` | Configure number of connect retries for implicit routes, otherwise leave blank | `""` | +| `cluster.auth.enabled` | Switch to enable/disable cluster authentication | `true` | +| `cluster.auth.user` | Cluster authentication user | `nats_cluster` | +| `cluster.auth.password` | Cluster authentication password | `""` | +| `jetstream.enabled` | Switch to enable/disable JetStream | `false` | +| `jetstream.maxMemory` | Max memory usage for JetStream | `1G` | +| `debug.enabled` | Switch to enable/disable debug on logging | `false` | +| `debug.trace` | Switch to enable/disable trace debug level on logging | `false` | +| `debug.logtime` | Switch to enable/disable logtime on logging | `false` | +| `maxConnections` | Max. number of client connections | `""` | +| `maxControlLine` | Max. protocol control line | `""` | +| `maxPayload` | Max. payload | `""` | +| `writeDeadline` | Duration the server can block on a socket write to a client | `""` | +| `natsFilename` | Filename used by several NATS files (binary, configuration file, and pid file) | `nats-server` | +| `configuration` | Specify content for NATS configuration file (generated based on other parameters otherwise) | `""` | +| `existingSecret` | The name of an existing Secret with your custom configuration for NATS | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Extra environment variables to be set on NATS container | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | ### NATS deployment/statefulset parameters @@ -212,32 +216,32 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `metrics.enabled` | Enable Prometheus metrics via exporter side-car | `false` | -| `metrics.image.registry` | Prometheus metrics exporter image registry | `docker.io` | -| `metrics.image.repository` | Prometheus metrics exporter image repository | `bitnami/nats-exporter` | -| `metrics.image.tag` | Prometheus metrics exporter image tag (immutable tags are recommended) | `0.12.0-debian-11-r97` | -| `metrics.image.digest` | NATS Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Prometheus metrics image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Prometheus metrics image pull secrets | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.containerPort` | Prometheus metrics exporter port | `7777` | -| `metrics.flags` | Flags to be passed to Prometheus metrics | `[]` | -| `metrics.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | -| `metrics.service.port` | Prometheus metrics service port | `7777` | -| `metrics.service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank | `""` | -| `metrics.service.annotations` | Annotations for Prometheus metrics service | `{}` | -| `metrics.service.labels` | Labels for Prometheus metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | Specify if a ServiceMonitor will be deployed for Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `monitoring` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | -| `metrics.serviceMonitor.interval` | How frequently to scrape metrics | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | -| `metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| Name | Description | Value | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `metrics.enabled` | Enable Prometheus metrics via exporter side-car | `false` | +| `metrics.image.registry` | Prometheus metrics exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Prometheus metrics exporter image repository | `REPOSITORY_NAME/nats-exporter` | +| `metrics.image.tag` | Prometheus metrics exporter image tag (immutable tags are recommended) | `0.12.0-debian-11-r97` | +| `metrics.image.digest` | NATS Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Prometheus metrics image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Prometheus metrics image pull secrets | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.containerPort` | Prometheus metrics exporter port | `7777` | +| `metrics.flags` | Flags to be passed to Prometheus metrics | `[]` | +| `metrics.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) | `ClusterIP` | +| `metrics.service.port` | Prometheus metrics service port | `7777` | +| `metrics.service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank | `""` | +| `metrics.service.annotations` | Annotations for Prometheus metrics service | `{}` | +| `metrics.service.labels` | Labels for Prometheus metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Specify if a ServiceMonitor will be deployed for Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `monitoring` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `metrics.serviceMonitor.interval` | How frequently to scrape metrics | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | ### Persistence parameters @@ -263,9 +267,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.enabled=true,auth.user=my-user,auth.password=T0pS3cr3t \ - oci://registry-1.docker.io/bitnamicharts/nats + oci://REGISTRY_NAME/REPOSITORY_NAME/nats ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enables NATS client authentication with `my-user` as user and `T0pS3cr3t` as password credentials. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -273,9 +279,10 @@ The above command enables NATS client authentication with `my-user` as user and Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/nats +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/nats ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -326,9 +333,11 @@ NATS version 2.0.0 has renamed the server binary filename from `gnatsd` to `nats however, it is still possible to use the chart to deploy NATS version 1.x.x using the `natsFilename` property. ```console -helm install nats-v1 --set natsFilename=gnatsd --set image.tag=1.4.1 oci://registry-1.docker.io/bitnamicharts/nats +helm install nats-v1 --set natsFilename=gnatsd --set image.tag=1.4.1 oci://REGISTRY_NAME/REPOSITORY_NAME/nats ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 7.0.0 This new version updates the NATS image to a [new version that has support to configure NATS based on bash logic](https://github.com/bitnami/containers/tree/main/bitnami/nats#264-r13), although this chart overwrites the configuration file so that shouldn't affect the functionality. It also adds several standardizations that were missing in the chart: diff --git a/bitnami/nats/values.yaml b/bitnami/nats/values.yaml index 9665d0d277a262..0650d809bae4e9 100644 --- a/bitnami/nats/values.yaml +++ b/bitnami/nats/values.yaml @@ -56,8 +56,8 @@ diagnosticMode: ## Bitnami NATS image version ## ref: https://hub.docker.com/r/bitnami/nats/tags/ -## @param image.registry NATS image registry -## @param image.repository NATS image repository +## @param image.registry [default: REGISTRY_NAME] NATS image registry +## @param image.repository [default: REPOSITORY_NAME/nats] NATS image repository ## @param image.tag NATS image tag (immutable tags are recommended) ## @param image.digest NATS image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy NATS image pull policy @@ -690,8 +690,8 @@ metrics: ## @param metrics.enabled Enable Prometheus metrics via exporter side-car ## enabled: false - ## @param metrics.image.registry Prometheus metrics exporter image registry - ## @param metrics.image.repository Prometheus metrics exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Prometheus metrics exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/nats-exporter] Prometheus metrics exporter image repository ## @param metrics.image.tag Prometheus metrics exporter image tag (immutable tags are recommended) ## @param metrics.image.digest NATS Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Prometheus metrics image pull policy diff --git a/bitnami/nginx-ingress-controller/README.md b/bitnami/nginx-ingress-controller/README.md index 08eff166130b05..36521ac0d27853 100644 --- a/bitnami/nginx-ingress-controller/README.md +++ b/bitnami/nginx-ingress-controller/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nginx-ingress-controller +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nginx-ingress-controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -34,9 +36,11 @@ Looking to use NGINX Ingress Controller in production? Try [VMware Application C To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nginx-ingress-controller +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nginx-ingress-controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy nginx-ingress-controller on the Kubernetes cluster in the default configuration. > **Tip**: List all releases using `helm list` @@ -75,46 +79,46 @@ The command removes all the Kubernetes components associated with the chart and ### Nginx Ingress Controller parameters -| Name | Description | Value | -| -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | -| `image.registry` | Nginx Ingress Controller image registry | `docker.io` | -| `image.repository` | Nginx Ingress Controller image repository | `bitnami/nginx-ingress-controller` | -| `image.tag` | Nginx Ingress Controller image tag (immutable tags are recommended) | `1.9.3-debian-11-r0` | -| `image.digest` | Nginx Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Nginx Ingress Controller image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `containerPorts` | Controller container ports to open | `{}` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `config` | Custom configuration options for NGINX | `{}` | -| `proxySetHeaders` | Custom headers before sending traffic to backends | `{}` | -| `addHeaders` | Custom headers before sending response traffic to the client | `{}` | -| `defaultBackendService` | Default 404 backend service; required only if `defaultBackend.enabled = false` | `""` | -| `electionID` | Election ID to use for status update | `ingress-controller-leader` | -| `reportNodeInternalIp` | If using `hostNetwork=true`, setting `reportNodeInternalIp=true`, will pass the flag `report-node-internal-ip-address` to Nginx Ingress Controller | `false` | -| `watchIngressWithoutClass` | Process Ingress objects without ingressClass annotation/ingressClassName field | `false` | -| `ingressClassResource.name` | Name of the IngressClass resource | `nginx` | -| `ingressClassResource.enabled` | Create the IngressClass resource | `true` | -| `ingressClassResource.default` | Set the created IngressClass resource as default class | `false` | -| `ingressClassResource.controllerClass` | IngressClass identifier for the controller | `k8s.io/ingress-nginx` | -| `ingressClassResource.parameters` | Optional parameters for the controller | `{}` | -| `publishService.enabled` | Set the endpoint records on the Ingress objects to reflect those on the service | `false` | -| `publishService.pathOverride` | Allows overriding of the publish service to bind to | `""` | -| `scope.enabled` | Limit the scope of the controller. | `false` | -| `scope.namespace` | Scope namespace. Defaults to `.Release.Namespace` | `""` | -| `configMapNamespace` | Allows customization of the configmap / nginx-configmap namespace | `""` | -| `tcpConfigMapNamespace` | Allows customization of the tcp-services-configmap namespace | `""` | -| `udpConfigMapNamespace` | Allows customization of the udp-services-configmap namespace | `""` | -| `maxmindLicenseKey` | License key used to download Geolite2 database | `""` | -| `dhParam` | A base64ed Diffie-Hellman parameter | `""` | -| `tcp` | TCP service key:value pairs | `{}` | -| `udp` | UDP service key:value pairs | `{}` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | -| `extraArgs` | Additional command line arguments to pass to nginx-ingress-controller | `{}` | -| `extraEnvVars` | Extra environment variables to be set on Nginx Ingress container | `[]` | -| `extraEnvVarsCM` | Name of a existing ConfigMap containing extra environment variables | `""` | -| `extraEnvVarsSecret` | Name of a existing Secret containing extra environment variables | `""` | +| Name | Description | Value | +| -------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ | +| `image.registry` | Nginx Ingress Controller image registry | `REGISTRY_NAME` | +| `image.repository` | Nginx Ingress Controller image repository | `REPOSITORY_NAME/nginx-ingress-controller` | +| `image.tag` | Nginx Ingress Controller image tag (immutable tags are recommended) | `1.9.3-debian-11-r0` | +| `image.digest` | Nginx Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Nginx Ingress Controller image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `containerPorts` | Controller container ports to open | `{}` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `config` | Custom configuration options for NGINX | `{}` | +| `proxySetHeaders` | Custom headers before sending traffic to backends | `{}` | +| `addHeaders` | Custom headers before sending response traffic to the client | `{}` | +| `defaultBackendService` | Default 404 backend service; required only if `defaultBackend.enabled = false` | `""` | +| `electionID` | Election ID to use for status update | `ingress-controller-leader` | +| `reportNodeInternalIp` | If using `hostNetwork=true`, setting `reportNodeInternalIp=true`, will pass the flag `report-node-internal-ip-address` to Nginx Ingress Controller | `false` | +| `watchIngressWithoutClass` | Process Ingress objects without ingressClass annotation/ingressClassName field | `false` | +| `ingressClassResource.name` | Name of the IngressClass resource | `nginx` | +| `ingressClassResource.enabled` | Create the IngressClass resource | `true` | +| `ingressClassResource.default` | Set the created IngressClass resource as default class | `false` | +| `ingressClassResource.controllerClass` | IngressClass identifier for the controller | `k8s.io/ingress-nginx` | +| `ingressClassResource.parameters` | Optional parameters for the controller | `{}` | +| `publishService.enabled` | Set the endpoint records on the Ingress objects to reflect those on the service | `false` | +| `publishService.pathOverride` | Allows overriding of the publish service to bind to | `""` | +| `scope.enabled` | Limit the scope of the controller. | `false` | +| `scope.namespace` | Scope namespace. Defaults to `.Release.Namespace` | `""` | +| `configMapNamespace` | Allows customization of the configmap / nginx-configmap namespace | `""` | +| `tcpConfigMapNamespace` | Allows customization of the tcp-services-configmap namespace | `""` | +| `udpConfigMapNamespace` | Allows customization of the udp-services-configmap namespace | `""` | +| `maxmindLicenseKey` | License key used to download Geolite2 database | `""` | +| `dhParam` | A base64ed Diffie-Hellman parameter | `""` | +| `tcp` | TCP service key:value pairs | `{}` | +| `udp` | UDP service key:value pairs | `{}` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | +| `extraArgs` | Additional command line arguments to pass to nginx-ingress-controller | `{}` | +| `extraEnvVars` | Extra environment variables to be set on Nginx Ingress container | `[]` | +| `extraEnvVarsCM` | Name of a existing ConfigMap containing extra environment variables | `""` | +| `extraEnvVarsSecret` | Name of a existing Secret containing extra environment variables | `""` | ### Nginx Ingress deployment / daemonset parameters @@ -185,78 +189,78 @@ The command removes all the Kubernetes components associated with the chart and ### Default backend parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `defaultBackend.enabled` | Enable a default backend based on NGINX | `true` | -| `defaultBackend.hostAliases` | Add deployment host aliases | `[]` | -| `defaultBackend.image.registry` | Default backend image registry | `docker.io` | -| `defaultBackend.image.repository` | Default backend image repository | `bitnami/nginx` | -| `defaultBackend.image.tag` | Default backend image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `defaultBackend.image.digest` | Default backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `defaultBackend.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `defaultBackend.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `defaultBackend.extraArgs` | Additional command line arguments to pass to Nginx container | `{}` | -| `defaultBackend.containerPort` | HTTP container port number | `8080` | -| `defaultBackend.serverBlockConfig` | NGINX backend default server block configuration | `""` | -| `defaultBackend.replicaCount` | Desired number of default backend pods | `1` | -| `defaultBackend.podSecurityContext.enabled` | Enable Default backend pods' Security Context | `true` | -| `defaultBackend.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | -| `defaultBackend.containerSecurityContext.enabled` | Enable Default backend containers' Security Context | `true` | -| `defaultBackend.containerSecurityContext.runAsUser` | User ID for the Default backend container | `1001` | -| `defaultBackend.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `defaultBackend.resources.limits` | The resources limits for the Default backend container | `{}` | -| `defaultBackend.resources.requests` | The requested resources for the Default backend container | `{}` | -| `defaultBackend.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `defaultBackend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `defaultBackend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `defaultBackend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `defaultBackend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `defaultBackend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `defaultBackend.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `defaultBackend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | -| `defaultBackend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `defaultBackend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `defaultBackend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `defaultBackend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `defaultBackend.startupProbe.enabled` | Enable startupProbe | `false` | -| `defaultBackend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `defaultBackend.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `defaultBackend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `defaultBackend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `defaultBackend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `defaultBackend.customStartupProbe` | Custom liveness probe for the Web component | `{}` | -| `defaultBackend.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | -| `defaultBackend.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | -| `defaultBackend.podLabels` | Extra labels for Controller pods | `{}` | -| `defaultBackend.podAnnotations` | Annotations for Controller pods | `{}` | -| `defaultBackend.priorityClassName` | priorityClassName | `""` | -| `defaultBackend.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `defaultBackend.terminationGracePeriodSeconds` | In seconds, time the given to the pod to terminate gracefully | `60` | -| `defaultBackend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `defaultBackend.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `defaultBackend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `defaultBackend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `defaultBackend.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `defaultBackend.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `defaultBackend.command` | Override default container command (useful when using custom images) | `[]` | -| `defaultBackend.args` | Override default container args (useful when using custom images) | `[]` | -| `defaultBackend.lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | -| `defaultBackend.extraEnvVars` | Array with extra environment variables to add to %%MAIN_CONTAINER_NAME%% nodes | `[]` | -| `defaultBackend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for %%MAIN_CONTAINER_NAME%% nodes | `""` | -| `defaultBackend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for %%MAIN_CONTAINER_NAME%% nodes | `""` | -| `defaultBackend.extraVolumes` | Optionally specify extra list of additional volumes for the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | -| `defaultBackend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the %%MAIN_CONTAINER_NAME%% container(s) | `[]` | -| `defaultBackend.sidecars` | Add additional sidecar containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | -| `defaultBackend.initContainers` | Add additional init containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | -| `defaultBackend.affinity` | Affinity for pod assignment | `{}` | -| `defaultBackend.nodeSelector` | Node labels for pod assignment | `{}` | -| `defaultBackend.tolerations` | Tolerations for pod assignment | `[]` | -| `defaultBackend.service.type` | Kubernetes Service type for default backend | `ClusterIP` | -| `defaultBackend.service.ports.http` | Default backend service HTTP port | `80` | -| `defaultBackend.service.annotations` | Annotations for the default backend service | `{}` | -| `defaultBackend.pdb.create` | Enable/disable a Pod Disruption Budget creation for Default backend | `false` | -| `defaultBackend.pdb.minAvailable` | Minimum number/percentage of Default backend pods that should remain scheduled | `1` | -| `defaultBackend.pdb.maxUnavailable` | Maximum number/percentage of Default backend pods that may be made unavailable | `""` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `defaultBackend.enabled` | Enable a default backend based on NGINX | `true` | +| `defaultBackend.hostAliases` | Add deployment host aliases | `[]` | +| `defaultBackend.image.registry` | Default backend image registry | `REGISTRY_NAME` | +| `defaultBackend.image.repository` | Default backend image repository | `REPOSITORY_NAME/nginx` | +| `defaultBackend.image.tag` | Default backend image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `defaultBackend.image.digest` | Default backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `defaultBackend.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `defaultBackend.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `defaultBackend.extraArgs` | Additional command line arguments to pass to Nginx container | `{}` | +| `defaultBackend.containerPort` | HTTP container port number | `8080` | +| `defaultBackend.serverBlockConfig` | NGINX backend default server block configuration | `""` | +| `defaultBackend.replicaCount` | Desired number of default backend pods | `1` | +| `defaultBackend.podSecurityContext.enabled` | Enable Default backend pods' Security Context | `true` | +| `defaultBackend.podSecurityContext.fsGroup` | Group ID for the container filesystem | `1001` | +| `defaultBackend.containerSecurityContext.enabled` | Enable Default backend containers' Security Context | `true` | +| `defaultBackend.containerSecurityContext.runAsUser` | User ID for the Default backend container | `1001` | +| `defaultBackend.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `defaultBackend.resources.limits` | The resources limits for the Default backend container | `{}` | +| `defaultBackend.resources.requests` | The requested resources for the Default backend container | `{}` | +| `defaultBackend.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `defaultBackend.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `defaultBackend.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `defaultBackend.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `defaultBackend.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `defaultBackend.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `defaultBackend.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `defaultBackend.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `0` | +| `defaultBackend.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `defaultBackend.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `defaultBackend.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `defaultBackend.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `defaultBackend.startupProbe.enabled` | Enable startupProbe | `false` | +| `defaultBackend.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `defaultBackend.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `defaultBackend.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `defaultBackend.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `defaultBackend.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `defaultBackend.customStartupProbe` | Custom liveness probe for the Web component | `{}` | +| `defaultBackend.customLivenessProbe` | Custom liveness probe for the Web component | `{}` | +| `defaultBackend.customReadinessProbe` | Custom readiness probe for the Web component | `{}` | +| `defaultBackend.podLabels` | Extra labels for Controller pods | `{}` | +| `defaultBackend.podAnnotations` | Annotations for Controller pods | `{}` | +| `defaultBackend.priorityClassName` | priorityClassName | `""` | +| `defaultBackend.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `defaultBackend.terminationGracePeriodSeconds` | In seconds, time the given to the pod to terminate gracefully | `60` | +| `defaultBackend.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `defaultBackend.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `defaultBackend.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `defaultBackend.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `defaultBackend.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `defaultBackend.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `defaultBackend.command` | Override default container command (useful when using custom images) | `[]` | +| `defaultBackend.args` | Override default container args (useful when using custom images) | `[]` | +| `defaultBackend.lifecycleHooks` | for the %%MAIN_CONTAINER_NAME%% container(s) to automate configuration before or after startup | `{}` | +| `defaultBackend.extraEnvVars` | Array with extra environment variables to add to %%MAIN_CONTAINER_NAME%% nodes | `[]` | +| `defaultBackend.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for %%MAIN_CONTAINER_NAME%% nodes | `""` | +| `defaultBackend.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for %%MAIN_CONTAINER_NAME%% nodes | `""` | +| `defaultBackend.extraVolumes` | Optionally specify extra list of additional volumes for the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | +| `defaultBackend.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the %%MAIN_CONTAINER_NAME%% container(s) | `[]` | +| `defaultBackend.sidecars` | Add additional sidecar containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | +| `defaultBackend.initContainers` | Add additional init containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | +| `defaultBackend.affinity` | Affinity for pod assignment | `{}` | +| `defaultBackend.nodeSelector` | Node labels for pod assignment | `{}` | +| `defaultBackend.tolerations` | Tolerations for pod assignment | `[]` | +| `defaultBackend.service.type` | Kubernetes Service type for default backend | `ClusterIP` | +| `defaultBackend.service.ports.http` | Default backend service HTTP port | `80` | +| `defaultBackend.service.annotations` | Annotations for the default backend service | `{}` | +| `defaultBackend.pdb.create` | Enable/disable a Pod Disruption Budget creation for Default backend | `false` | +| `defaultBackend.pdb.minAvailable` | Minimum number/percentage of Default backend pods that should remain scheduled | `1` | +| `defaultBackend.pdb.maxUnavailable` | Maximum number/percentage of Default backend pods that may be made unavailable | `""` | ### Traffic exposure parameters @@ -334,17 +338,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set image.pullPolicy=Always \ - oci://registry-1.docker.io/bitnamicharts/nginx-ingress-controller + oci://REGISTRY_NAME/REPOSITORY_NAME/nginx-ingress-controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `image.pullPolicy` to `Always`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/nginx-ingress-controller +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/nginx-ingress-controller ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/nginx-ingress-controller/values.yaml b/bitnami/nginx-ingress-controller/values.yaml index 1b2ead2b5661cc..4b523c92cbe6aa 100644 --- a/bitnami/nginx-ingress-controller/values.yaml +++ b/bitnami/nginx-ingress-controller/values.yaml @@ -48,8 +48,8 @@ clusterDomain: cluster.local ## Bitnami NGINX Ingress controller image version ## ref: https://hub.docker.com/r/bitnami/nginx-ingress-controller/tags/ -## @param image.registry Nginx Ingress Controller image registry -## @param image.repository Nginx Ingress Controller image repository +## @param image.registry [default: REGISTRY_NAME] Nginx Ingress Controller image registry +## @param image.repository [default: REPOSITORY_NAME/nginx-ingress-controller] Nginx Ingress Controller image repository ## @param image.tag Nginx Ingress Controller image tag (immutable tags are recommended) ## @param image.digest Nginx Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Nginx Ingress Controller image pull policy @@ -479,8 +479,8 @@ defaultBackend: hostAliases: [] ## Bitnami NGINX image ## ref: https://hub.docker.com/r/bitnami/nginx/tags/ - ## @param defaultBackend.image.registry Default backend image registry - ## @param defaultBackend.image.repository Default backend image repository + ## @param defaultBackend.image.registry [default: REGISTRY_NAME] Default backend image registry + ## @param defaultBackend.image.repository [default: REPOSITORY_NAME/nginx] Default backend image repository ## @param defaultBackend.image.tag Default backend image tag (immutable tags are recommended) ## @param defaultBackend.image.digest Default backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param defaultBackend.image.pullPolicy Image pull policy diff --git a/bitnami/nginx/README.md b/bitnami/nginx/README.md index 6b69defe6b9415..fcadf08792669d 100644 --- a/bitnami/nginx/README.md +++ b/bitnami/nginx/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nginx +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nginx ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -34,9 +36,11 @@ Looking to use NGINX Open Source in production? Try [VMware Application Catalog] To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/nginx +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/nginx ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy NGINX Open Source on the Kubernetes cluster in the default configuration. > **Tip**: List all releases using `helm list` @@ -78,21 +82,21 @@ The command removes all the Kubernetes components associated with the chart and ### NGINX parameters -| Name | Description | Value | -| -------------------- | ----------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | NGINX image registry | `docker.io` | -| `image.repository` | NGINX image repository | `bitnami/nginx` | -| `image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | -| `image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Set to true if you would like to see extra information on logs | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Extra environment variables to be set on NGINX containers | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| Name | Description | Value | +| -------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | NGINX image registry | `REGISTRY_NAME` | +| `image.repository` | NGINX image repository | `REPOSITORY_NAME/nginx` | +| `image.tag` | NGINX image tag (immutable tags are recommended) | `1.25.2-debian-11-r47` | +| `image.digest` | NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | NGINX image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Set to true if you would like to see extra information on logs | `false` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Extra environment variables to be set on NGINX containers | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | ### NGINX deployment parameters @@ -174,8 +178,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | --------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ---------------------- | | `cloneStaticSiteFromGit.enabled` | Get the server static content from a Git repository | `false` | -| `cloneStaticSiteFromGit.image.registry` | Git image registry | `docker.io` | -| `cloneStaticSiteFromGit.image.repository` | Git image repository | `bitnami/git` | +| `cloneStaticSiteFromGit.image.registry` | Git image registry | `REGISTRY_NAME` | +| `cloneStaticSiteFromGit.image.repository` | Git image repository | `REPOSITORY_NAME/git` | | `cloneStaticSiteFromGit.image.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | | `cloneStaticSiteFromGit.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `cloneStaticSiteFromGit.image.pullPolicy` | Git image pull policy | `IfNotPresent` | @@ -244,54 +248,57 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `metrics.enabled` | Start a Prometheus exporter sidecar container | `false` | -| `metrics.port` | NGINX Container Status Port scraped by Prometheus Exporter | `""` | -| `metrics.image.registry` | NGINX Prometheus exporter image registry | `docker.io` | -| `metrics.image.repository` | NGINX Prometheus exporter image repository | `bitnami/nginx-exporter` | -| `metrics.image.tag` | NGINX Prometheus exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r369` | -| `metrics.image.digest` | NGINX Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | NGINX Prometheus exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.podAnnotations` | Additional annotations for NGINX Prometheus exporter pod(s) | `{}` | -| `metrics.securityContext.enabled` | Enabled NGINX Exporter containers' Security Context | `false` | -| `metrics.securityContext.runAsUser` | Set NGINX Exporter container's Security Context runAsUser | `1001` | -| `metrics.service.port` | NGINX Prometheus exporter service port | `9113` | -| `metrics.service.annotations` | Annotations for the Prometheus exporter service | `{}` | -| `metrics.resources.limits` | The resources limits for the NGINX Prometheus exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the NGINX Prometheus exporter container | `{}` | -| `metrics.serviceMonitor.enabled` | Creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so PodMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | +| Name | Description | Value | +| ------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `metrics.enabled` | Start a Prometheus exporter sidecar container | `false` | +| `metrics.port` | NGINX Container Status Port scraped by Prometheus Exporter | `""` | +| `metrics.image.registry` | NGINX Prometheus exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | NGINX Prometheus exporter image repository | `REPOSITORY_NAME/nginx-exporter` | +| `metrics.image.tag` | NGINX Prometheus exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r369` | +| `metrics.image.digest` | NGINX Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | NGINX Prometheus exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.podAnnotations` | Additional annotations for NGINX Prometheus exporter pod(s) | `{}` | +| `metrics.securityContext.enabled` | Enabled NGINX Exporter containers' Security Context | `false` | +| `metrics.securityContext.runAsUser` | Set NGINX Exporter container's Security Context runAsUser | `1001` | +| `metrics.service.port` | NGINX Prometheus exporter service port | `9113` | +| `metrics.service.annotations` | Annotations for the Prometheus exporter service | `{}` | +| `metrics.resources.limits` | The resources limits for the NGINX Prometheus exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the NGINX Prometheus exporter container | `{}` | +| `metrics.serviceMonitor.enabled` | Creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so PodMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set imagePullPolicy=Always \ - oci://registry-1.docker.io/bitnamicharts/nginx + oci://REGISTRY_NAME/REPOSITORY_NAME/nginx ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `imagePullPolicy` to `Always`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/nginx +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/nginx ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -446,9 +453,11 @@ Use the workaround below to upgrade from versions previous to 5.0.0. The followi ```console kubectl delete deployment nginx --cascade=false -helm upgrade nginx oci://registry-1.docker.io/bitnamicharts/nginx +helm upgrade nginx oci://REGISTRY_NAME/REPOSITORY_NAME/nginx ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/nginx/values.yaml b/bitnami/nginx/values.yaml index de1913e7415458..bde244f6101ceb 100644 --- a/bitnami/nginx/values.yaml +++ b/bitnami/nginx/values.yaml @@ -63,8 +63,8 @@ diagnosticMode: ## Bitnami NGINX image version ## ref: https://hub.docker.com/r/bitnami/nginx/tags/ -## @param image.registry NGINX image registry -## @param image.repository NGINX image repository +## @param image.registry [default: REGISTRY_NAME] NGINX image registry +## @param image.repository [default: REPOSITORY_NAME/nginx] NGINX image repository ## @param image.tag NGINX image tag (immutable tags are recommended) ## @param image.digest NGINX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy NGINX image pull policy @@ -418,8 +418,8 @@ cloneStaticSiteFromGit: enabled: false ## Bitnami Git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ - ## @param cloneStaticSiteFromGit.image.registry Git image registry - ## @param cloneStaticSiteFromGit.image.repository Git image repository + ## @param cloneStaticSiteFromGit.image.registry [default: REGISTRY_NAME] Git image registry + ## @param cloneStaticSiteFromGit.image.repository [default: REPOSITORY_NAME/git] Git image repository ## @param cloneStaticSiteFromGit.image.tag Git image tag (immutable tags are recommended) ## @param cloneStaticSiteFromGit.image.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param cloneStaticSiteFromGit.image.pullPolicy Git image pull policy @@ -781,8 +781,8 @@ metrics: port: "" ## Bitnami NGINX Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/nginx-exporter/tags/ - ## @param metrics.image.registry NGINX Prometheus exporter image registry - ## @param metrics.image.repository NGINX Prometheus exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] NGINX Prometheus exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/nginx-exporter] NGINX Prometheus exporter image repository ## @param metrics.image.tag NGINX Prometheus exporter image tag (immutable tags are recommended) ## @param metrics.image.digest NGINX Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy NGINX Prometheus exporter image pull policy diff --git a/bitnami/node-exporter/README.md b/bitnami/node-exporter/README.md index 60e2dcaaaeecad..4ef15be961be4d 100644 --- a/bitnami/node-exporter/README.md +++ b/bitnami/node-exporter/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/node-exporter +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/node-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps [Node Exporter](https://github.com/bitnami/containers/tree/main/bitnami/node-exporter) on [Kubernetes](https://kubernetes.io) using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Node Exporter in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/node-exporter +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/node-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Node Exporter on the Kubernetes cluster in the default configuration. The [configuration](#configuration-and-installation-details) section lists the parameters that can be configured during installation. ## Uninstalling the Chart @@ -75,117 +79,120 @@ The command removes all the Kubernetes components associated with the chart and ### Node Exporter parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------- | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `rbac.create` | Whether to create and use RBAC resources or not | `true` | -| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `image.registry` | Node Exporter image registry | `docker.io` | -| `image.repository` | Node Exporter image repository | `bitnami/node-exporter` | -| `image.tag` | Node Exporter image tag (immutable tags are recommended) | `1.6.1-debian-11-r78` | -| `image.digest` | Node Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Node Exporter image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `containerPorts.metrics` | Node Exporter container port | `9100` | -| `sidecars` | Add additional sidecar containers to the Node exporter pod(s) | `[]` | -| `initContainers` | Add additional init containers to the Node exporter pod(s) | `[]` | -| `extraArgs` | Additional command line arguments to pass to node-exporter | `{}` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the Node exporter container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to Node exporter container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Node exporter container | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Node exporter container | `""` | -| `extraVolumes` | Additional volumes to the node-exporter pods | `[]` | -| `extraVolumeMounts` | Additional volumeMounts to the node-exporter container | `[]` | -| `podSecurityContext.enabled` | Enabled Node exporter pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Node exporter pod's Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled Node exporter containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set Node exporter containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Node exporter container's Security Context runAsNonRoot | `true` | -| `service.type` | Kubernetes service type | `ClusterIP` | -| `service.ports.metrics` | Node Exporter metrics service port | `9100` | -| `service.nodePorts.metrics` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | -| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | -| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | Address that are allowed when service is `LoadBalancer` | `[]` | -| `service.externalTrafficPolicy` | Node exporter service external traffic policy | `Cluster` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.addPrometheusScrapeAnnotation` | Add the `prometheus.io/scrape: "true"` annotation to the service | `true` | -| `service.annotations` | Additional annotations for Node Exporter service | `{}` | -| `service.labels` | Additional labels for Node Exporter service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `updateStrategy.type` | The update strategy type to apply to the DaemonSet | `RollingUpdate` | -| `updateStrategy.rollingUpdate.maxUnavailable` | Maximum number of pods that may be made unavailable | `1` | -| `hostNetwork` | Expose the service to the host network | `true` | -| `hostPID` | Allows visibility of processes on the host, potentially leaking information such as environment variables and configuration | `true` | -| `minReadySeconds` | `minReadySeconds` to avoid killing pods before we are ready | `0` | -| `priorityClassName` | Priority class assigned to the Pods | `""` | -| `terminationGracePeriodSeconds` | In seconds, time the given to the Node exporter pod needs to terminate gracefully | `""` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `podLabels` | Pod labels | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customStartupProbe` | Custom liveness probe for the Node exporter container | `{}` | -| `customLivenessProbe` | Custom liveness probe for the Node exporter container | `{}` | -| `customReadinessProbe` | Custom readiness probe for the Node exporter container | `{}` | -| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Node Exporter | `false` | -| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | -| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `serviceMonitor.basicAuth` | Use basic auth for scraping | `{}` | -| `serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `serviceMonitor.attachMetadata` | Attaches node metadata to discovered targets | `{}` | -| `serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------- | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `rbac.create` | Whether to create and use RBAC resources or not | `true` | +| `rbac.pspEnabled` | Whether to create a PodSecurityPolicy and bound it with RBAC. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `true` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `image.registry` | Node Exporter image registry | `REGISTRY_NAME` | +| `image.repository` | Node Exporter image repository | `REPOSITORY_NAME/node-exporter` | +| `image.tag` | Node Exporter image tag (immutable tags are recommended) | `1.6.1-debian-11-r78` | +| `image.digest` | Node Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Node Exporter image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `containerPorts.metrics` | Node Exporter container port | `9100` | +| `sidecars` | Add additional sidecar containers to the Node exporter pod(s) | `[]` | +| `initContainers` | Add additional init containers to the Node exporter pod(s) | `[]` | +| `extraArgs` | Additional command line arguments to pass to node-exporter | `{}` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the Node exporter container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to Node exporter container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Node exporter container | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Node exporter container | `""` | +| `extraVolumes` | Additional volumes to the node-exporter pods | `[]` | +| `extraVolumeMounts` | Additional volumeMounts to the node-exporter container | `[]` | +| `podSecurityContext.enabled` | Enabled Node exporter pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Node exporter pod's Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled Node exporter containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set Node exporter containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Node exporter container's Security Context runAsNonRoot | `true` | +| `service.type` | Kubernetes service type | `ClusterIP` | +| `service.ports.metrics` | Node Exporter metrics service port | `9100` | +| `service.nodePorts.metrics` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | +| `service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` for headless service | `""` | +| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | Address that are allowed when service is `LoadBalancer` | `[]` | +| `service.externalTrafficPolicy` | Node exporter service external traffic policy | `Cluster` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.addPrometheusScrapeAnnotation` | Add the `prometheus.io/scrape: "true"` annotation to the service | `true` | +| `service.annotations` | Additional annotations for Node Exporter service | `{}` | +| `service.labels` | Additional labels for Node Exporter service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `updateStrategy.type` | The update strategy type to apply to the DaemonSet | `RollingUpdate` | +| `updateStrategy.rollingUpdate.maxUnavailable` | Maximum number of pods that may be made unavailable | `1` | +| `hostNetwork` | Expose the service to the host network | `true` | +| `hostPID` | Allows visibility of processes on the host, potentially leaking information such as environment variables and configuration | `true` | +| `minReadySeconds` | `minReadySeconds` to avoid killing pods before we are ready | `0` | +| `priorityClassName` | Priority class assigned to the Pods | `""` | +| `terminationGracePeriodSeconds` | In seconds, time the given to the Node exporter pod needs to terminate gracefully | `""` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `podLabels` | Pod labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customStartupProbe` | Custom liveness probe for the Node exporter container | `{}` | +| `customLivenessProbe` | Custom liveness probe for the Node exporter container | `{}` | +| `customReadinessProbe` | Custom readiness probe for the Node exporter container | `{}` | +| `serviceMonitor.enabled` | Creates a ServiceMonitor to monitor Node Exporter | `false` | +| `serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `serviceMonitor.interval` | Scrape interval (use by default, falling back to Prometheus' default) | `""` | +| `serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `serviceMonitor.basicAuth` | Use basic auth for scraping | `{}` | +| `serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `serviceMonitor.attachMetadata` | Attaches node metadata to discovered targets | `{}` | +| `serviceMonitor.sampleLimit` | Per-scrape limit on number of scraped samples that will be accepted. | `""` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example the following command sets the `minReadySeconds` of the Node Exporter Pods to `120` seconds. ```console -helm install my-release --set minReadySeconds=120 oci://registry-1.docker.io/bitnamicharts/node-exporter +helm install my-release --set minReadySeconds=120 oci://REGISTRY_NAME/REPOSITORY_NAME/node-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/node-exporter +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/node-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -209,9 +216,11 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/node-exporter +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/node-exporter ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 3.0.0 This major release renames several values in this chart and adds missing features, in order to be aligned with the rest of the assets in the Bitnami charts repository. diff --git a/bitnami/node-exporter/values.yaml b/bitnami/node-exporter/values.yaml index 548822269f444a..1764e0ac661a05 100644 --- a/bitnami/node-exporter/values.yaml +++ b/bitnami/node-exporter/values.yaml @@ -92,8 +92,8 @@ serviceAccount: ## Bitnami Node Exporter image version ## ref: https://hub.docker.com/r/bitnami/node-exporter/tags/ -## @param image.registry Node Exporter image registry -## @param image.repository Node Exporter image repository +## @param image.registry [default: REGISTRY_NAME] Node Exporter image registry +## @param image.repository [default: REPOSITORY_NAME/node-exporter] Node Exporter image repository ## @param image.tag Node Exporter image tag (immutable tags are recommended) ## @param image.digest Node Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Node Exporter image pull policy diff --git a/bitnami/oauth2-proxy/README.md b/bitnami/oauth2-proxy/README.md index eee9ba669833c2..fbdf4d9caa3479 100644 --- a/bitnami/oauth2-proxy/README.md +++ b/bitnami/oauth2-proxy/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/oauth2-proxy +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/oauth2-proxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -36,9 +38,11 @@ Looking to use OAuth2 Proxy in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/oauth2-proxy +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/oauth2-proxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys OAuth2 Proxy on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -112,14 +116,14 @@ The command removes all the Kubernetes components associated with the chart and ### OAuth2 Proxy Image parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------------ | ---------------------- | -| `image.registry` | OAuth2 Proxy image registry | `docker.io` | -| `image.repository` | OAuth2 Proxy image repository | `bitnami/oauth2-proxy` | -| `image.tag` | OAuth2 Proxy image tag (immutable tags are recommended) | `7.5.1-debian-11-r10` | -| `image.digest` | OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | OAuth2 Proxy image pull policy | `IfNotPresent` | -| `image.pullSecrets` | OAuth2 Proxy image pull secrets | `[]` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------ | +| `image.registry` | OAuth2 Proxy image registry | `REGISTRY_NAME` | +| `image.repository` | OAuth2 Proxy image repository | `REPOSITORY_NAME/oauth2-proxy` | +| `image.tag` | OAuth2 Proxy image tag (immutable tags are recommended) | `7.5.1-debian-11-r10` | +| `image.digest` | OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | OAuth2 Proxy image pull policy | `IfNotPresent` | +| `image.pullSecrets` | OAuth2 Proxy image pull secrets | `[]` | ### OAuth2 Proxy configuration parameters @@ -251,9 +255,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set replicaCount=2 \ - oci://registry-1.docker.io/bitnamicharts/oauth2-proxy + oci://REGISTRY_NAME/REPOSITORY_NAME/oauth2-proxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command increase the default number of replicas. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -261,9 +267,10 @@ The above command increase the default number of replicas. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/oauth2-proxy +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/oauth2-proxy ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/oauth2-proxy/values.yaml b/bitnami/oauth2-proxy/values.yaml index 310a81fb4aedc7..c8eeb59b034855 100644 --- a/bitnami/oauth2-proxy/values.yaml +++ b/bitnami/oauth2-proxy/values.yaml @@ -238,8 +238,8 @@ ingress: ## Bitnami OAuth2 Proxy image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry OAuth2 Proxy image registry -## @param image.repository OAuth2 Proxy image repository +## @param image.registry [default: REGISTRY_NAME] OAuth2 Proxy image registry +## @param image.repository [default: REPOSITORY_NAME/oauth2-proxy] OAuth2 Proxy image repository ## @param image.tag OAuth2 Proxy image tag (immutable tags are recommended) ## @param image.digest OAuth2 Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy OAuth2 Proxy image pull policy diff --git a/bitnami/odoo/README.md b/bitnami/odoo/README.md index bdaac6341cfe26..12edee392f345f 100644 --- a/bitnami/odoo/README.md +++ b/bitnami/odoo/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/odoo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/odoo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Odoo](https://github.com/bitnami/containers/tree/main/bitnami/odoo) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Odoo in production? Try [VMware Application Catalog](https://bitn To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/odoo +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/odoo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Odoo on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,8 +82,8 @@ The command removes all the Kubernetes components associated with the chart and | `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | | `diagnosticMode.command` | Command to override all containers in the the statefulset | `["sleep"]` | | `diagnosticMode.args` | Args to override all containers in the the statefulset | `["infinity"]` | -| `image.registry` | Odoo image registry | `docker.io` | -| `image.repository` | Odoo image repository | `bitnami/odoo` | +| `image.registry` | Odoo image registry | `REGISTRY_NAME` | +| `image.repository` | Odoo image repository | `REPOSITORY_NAME/odoo` | | `image.tag` | Odoo image tag (immutable tags are recommended) | `16.0.20231015-debian-11-r0` | | `image.digest` | Odoo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Odoo image pull policy | `IfNotPresent` | @@ -287,9 +291,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set odooPassword=password,postgresql.postgresPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/odoo + oci://REGISTRY_NAME/REPOSITORY_NAME/odoo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Odoo administrator account password to `password` and the PostgreSQL `postgres` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -297,9 +303,10 @@ The above command sets the Odoo administrator account password to `password` and Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/odoo +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/odoo ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/odoo/values.yaml b/bitnami/odoo/values.yaml index 00871b12b7df2f..25bb49e3cb022d 100644 --- a/bitnami/odoo/values.yaml +++ b/bitnami/odoo/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami Odoo image ## ref: https://hub.docker.com/r/bitnami/odoo/tags/ -## @param image.registry Odoo image registry -## @param image.repository Odoo image repository +## @param image.registry [default: REGISTRY_NAME] Odoo image registry +## @param image.repository [default: REPOSITORY_NAME/odoo] Odoo image repository ## @param image.tag Odoo image tag (immutable tags are recommended) ## @param image.digest Odoo image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Odoo image pull policy diff --git a/bitnami/opencart/README.md b/bitnami/opencart/README.md index 9772f5c549ac82..4e75492d382bf9 100644 --- a/bitnami/opencart/README.md +++ b/bitnami/opencart/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/opencart +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/opencart ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [OpenCart](https://github.com/bitnami/containers/tree/main/bitnami/opencart) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use OpenCart in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/opencart +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/opencart ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys OpenCart on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,93 +81,93 @@ The command removes all the Kubernetes components associated with the chart and ### OpenCart parameters -| Name | Description | Value | -| --------------------------------------- | -------------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | OpenCart image registry | `docker.io` | -| `image.repository` | OpenCart image repository | `bitnami/opencart` | -| `image.tag` | OpenCart image tag (immutable tags are recommended) | `4.0.2-3-debian-11-r21` | -| `image.digest` | OpenCart image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | OpenCart image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | -| `opencartSkipInstall` | Skip OpenCart installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `opencartHost` | OpenCart host to create application URLs | `""` | -| `opencartUsername` | User of the application | `user` | -| `opencartPassword` | Application password | `""` | -| `opencartEmail` | Admin email | `user@example.com` | -| `opencartEnableHttps` | Whether to use HTTPS by default, default is false. | `false` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | OpenCart pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `extraEnvVars` | An array to add extra env vars | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Extra init containers to add to the deployment | `[]` | -| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | OpenCart Data Persistent Volume Storage Class | `""` | -| `persistence.accessModes` | PVC Access Mode for OpenCart volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for OpenCart volume | `8Gi` | -| `persistence.existingClaim` | An Existing PVC name | `""` | -| `persistence.hostPath` | Host mount path for OpenCart volume | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `resources.limits` | The resources limits for the container | `{}` | -| `podSecurityContext.enabled` | Enable OpenCart pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | OpenCart pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable OpenCart containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | OpenCart containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | OpenCart containers' Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/administration/` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/administration/` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/administration/` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | -------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | OpenCart image registry | `REGISTRY_NAME` | +| `image.repository` | OpenCart image repository | `REPOSITORY_NAME/opencart` | +| `image.tag` | OpenCart image tag (immutable tags are recommended) | `4.0.2-3-debian-11-r21` | +| `image.digest` | OpenCart image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | OpenCart image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | +| `opencartSkipInstall` | Skip OpenCart installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `opencartHost` | OpenCart host to create application URLs | `""` | +| `opencartUsername` | User of the application | `user` | +| `opencartPassword` | Application password | `""` | +| `opencartEmail` | Admin email | `user@example.com` | +| `opencartEnableHttps` | Whether to use HTTPS by default, default is false. | `false` | +| `allowEmptyPassword` | Allow DB blank passwords | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | OpenCart pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `extraEnvVars` | An array to add extra env vars | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Extra init containers to add to the deployment | `[]` | +| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts` | Container ports | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | OpenCart Data Persistent Volume Storage Class | `""` | +| `persistence.accessModes` | PVC Access Mode for OpenCart volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for OpenCart volume | `8Gi` | +| `persistence.existingClaim` | An Existing PVC name | `""` | +| `persistence.hostPath` | Host mount path for OpenCart volume | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `resources.limits` | The resources limits for the container | `{}` | +| `podSecurityContext.enabled` | Enable OpenCart pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | OpenCart pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable OpenCart containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | OpenCart containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | OpenCart containers' Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/administration/` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/administration/` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/administration/` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Traffic Exposure Parameters @@ -221,31 +225,31 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | ### Certificate injection parameters @@ -263,8 +267,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | | `certificates.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -311,9 +315,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set opencartUsername=admin,opencartPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/opencart + oci://REGISTRY_NAME/REPOSITORY_NAME/opencart ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the OpenCart administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -321,9 +327,10 @@ The above command sets the OpenCart administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/opencart +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/opencart ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -372,9 +379,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/prestashop +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -388,9 +397,11 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry- 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/prestashop + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `prestashop-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the PrestaShop file directory permissions yourself and disable or clear PrestaShop cache. diff --git a/bitnami/opencart/values.yaml b/bitnami/opencart/values.yaml index 02627695969f49..4d7bb0cef1853d 100644 --- a/bitnami/opencart/values.yaml +++ b/bitnami/opencart/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami OpenCart image version ## ref: https://hub.docker.com/r/bitnami/opencart/tags/ -## @param image.registry OpenCart image registry -## @param image.repository OpenCart image repository +## @param image.registry [default: REGISTRY_NAME] OpenCart image registry +## @param image.repository [default: REPOSITORY_NAME/opencart] OpenCart image repository ## @param image.tag OpenCart image tag (immutable tags are recommended) ## @param image.digest OpenCart image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy OpenCart image pull policy @@ -627,8 +627,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -677,8 +677,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -749,8 +749,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret with extra environment variables ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image repository ## @param certificates.image.tag Container sidecar image tag (immutable tags are recommended) ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/opensearch/README.md b/bitnami/opensearch/README.md index 9833861c45824b..16c004fa67ce2d 100644 --- a/bitnami/opensearch/README.md +++ b/bitnami/opensearch/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/opensearch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/opensearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [OpenSearch](https://github.com/bitnami/containers/tree/main/bitnami/opensearch) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use OpenSearch in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/opensearch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/opensearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy OpenSearch on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -82,39 +86,39 @@ helm delete --purge my-release ### OpenSearch cluster Parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `clusterName` | OpenSearch cluster name | `open` | -| `containerPorts.restAPI` | OpenSearch REST API port | `9200` | -| `containerPorts.transport` | OpenSearch Transport port | `9300` | -| `plugins` | Comma, semi-colon or space separated list of plugins to install at initialization | `""` | -| `snapshotRepoPath` | File System snapshot repository path | `""` | -| `config` | Override opensearch configuration | `{}` | -| `extraConfig` | Append extra configuration to the opensearch node configuration | `{}` | -| `extraHosts` | A list of external hosts which are part of this cluster | `[]` | -| `extraVolumes` | A list of volumes to be added to the pod | `[]` | -| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | -| `initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` | -| `initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` | -| `initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` | -| `extraEnvVars` | Array containing extra env vars to be added to all pods (evaluated as a template) | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all pods (evaluated as a template) | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all pods (evaluated as a template) | `""` | -| `sidecars` | Add additional sidecar containers to the all opensearch node pod(s) | `[]` | -| `initContainers` | Add additional init containers to the all opensearch node pod(s) | `[]` | -| `useIstioLabels` | Use this variable to add Istio labels to all pods | `true` | -| `image.registry` | OpenSearch image registry | `docker.io` | -| `image.repository` | OpenSearch image repository | `bitnami/opensearch` | -| `image.tag` | OpenSearch image tag (immutable tags are recommended) | `2.11.0-debian-11-r0` | -| `image.digest` | OpenSearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | OpenSearch image pull policy | `IfNotPresent` | -| `image.pullSecrets` | OpenSearch image pull secrets | `[]` | -| `image.debug` | Enable OpenSearch image debug mode | `false` | -| `security.enabled` | Enable X-Pack Security settings | `false` | -| `security.adminPassword` | Password for 'admin' user | `""` | -| `security.logstashPassword` | Password for Logstash | `""` | -| `security.existingSecret` | Name of the existing secret containing the OpenSearch password and | `""` | -| `security.fipsMode` | Configure opensearch with FIPS 140 compliant mode | `false` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `clusterName` | OpenSearch cluster name | `open` | +| `containerPorts.restAPI` | OpenSearch REST API port | `9200` | +| `containerPorts.transport` | OpenSearch Transport port | `9300` | +| `plugins` | Comma, semi-colon or space separated list of plugins to install at initialization | `""` | +| `snapshotRepoPath` | File System snapshot repository path | `""` | +| `config` | Override opensearch configuration | `{}` | +| `extraConfig` | Append extra configuration to the opensearch node configuration | `{}` | +| `extraHosts` | A list of external hosts which are part of this cluster | `[]` | +| `extraVolumes` | A list of volumes to be added to the pod | `[]` | +| `extraVolumeMounts` | A list of volume mounts to be added to the pod | `[]` | +| `initScripts` | Dictionary of init scripts. Evaluated as a template. | `{}` | +| `initScriptsCM` | ConfigMap with the init scripts. Evaluated as a template. | `""` | +| `initScriptsSecret` | Secret containing `/docker-entrypoint-initdb.d` scripts to be executed at initialization time that contain sensitive data. Evaluated as a template. | `""` | +| `extraEnvVars` | Array containing extra env vars to be added to all pods (evaluated as a template) | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars to be added to all pods (evaluated as a template) | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars to be added to all pods (evaluated as a template) | `""` | +| `sidecars` | Add additional sidecar containers to the all opensearch node pod(s) | `[]` | +| `initContainers` | Add additional init containers to the all opensearch node pod(s) | `[]` | +| `useIstioLabels` | Use this variable to add Istio labels to all pods | `true` | +| `image.registry` | OpenSearch image registry | `REGISTRY_NAME` | +| `image.repository` | OpenSearch image repository | `REPOSITORY_NAME/opensearch` | +| `image.tag` | OpenSearch image tag (immutable tags are recommended) | `2.11.0-debian-11-r0` | +| `image.digest` | OpenSearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | OpenSearch image pull policy | `IfNotPresent` | +| `image.pullSecrets` | OpenSearch image pull secrets | `[]` | +| `image.debug` | Enable OpenSearch image debug mode | `false` | +| `security.enabled` | Enable X-Pack Security settings | `false` | +| `security.adminPassword` | Password for 'admin' user | `""` | +| `security.logstashPassword` | Password for Logstash | `""` | +| `security.existingSecret` | Name of the existing secret containing the OpenSearch password and | `""` | +| `security.fipsMode` | Configure opensearch with FIPS 140 compliant mode | `false` | ### OpenSearch admin parameters @@ -593,157 +597,160 @@ helm delete --purge my-release ### Init Container Parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | -| `sysctlImage.enabled` | Enable kernel settings modifier image | `true` | -| `sysctlImage.registry` | Kernel settings modifier image registry | `docker.io` | -| `sysctlImage.repository` | Kernel settings modifier image repository | `bitnami/os-shell` | -| `sysctlImage.tag` | Kernel settings modifier image tag | `11-debian-11-r90` | -| `sysctlImage.digest` | Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctlImage.pullPolicy` | Kernel settings modifier image pull policy | `IfNotPresent` | -| `sysctlImage.pullSecrets` | Kernel settings modifier image pull secrets | `[]` | -| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | -| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| `sysctlImage.enabled` | Enable kernel settings modifier image | `true` | +| `sysctlImage.registry` | Kernel settings modifier image registry | `REGISTRY_NAME` | +| `sysctlImage.repository` | Kernel settings modifier image repository | `REPOSITORY_NAME/os-shell` | +| `sysctlImage.tag` | Kernel settings modifier image tag | `11-debian-11-r90` | +| `sysctlImage.digest` | Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctlImage.pullPolicy` | Kernel settings modifier image pull policy | `IfNotPresent` | +| `sysctlImage.pullSecrets` | Kernel settings modifier image pull secrets | `[]` | +| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | +| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | ### OpenSearch Dashborads Parameters -| Name | Description | Value | -| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | -| `dashboards.enabled` | Enables OpenSearch Dashboards deployment | `false` | -| `dashboards.image.registry` | OpenSearch Dashboards image registry | `docker.io` | -| `dashboards.image.repository` | OpenSearch Dashboards image repository | `bitnami/opensearch-dashboards` | -| `dashboards.image.tag` | OpenSearch Dashboards image tag (immutable tags are recommended) | `2.10.0-debian-11-r11` | -| `dashboards.image.digest` | OpenSearch Dashboards image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `dashboards.image.pullPolicy` | OpenSearch Dashboards image pull policy | `IfNotPresent` | -| `dashboards.image.pullSecrets` | OpenSearch Dashboards image pull secrets | `[]` | -| `dashboards.image.debug` | Enable OpenSearch Dashboards image debug mode | `false` | -| `dashboards.service.type` | OpenSearch Dashboards service type | `ClusterIP` | -| `dashboards.service.ports.http` | OpenSearch Dashboards service web UI port | `5601` | -| `dashboards.service.nodePorts.http` | Node port for web UI | `""` | -| `dashboards.service.clusterIP` | OpenSearch Dashboards service Cluster IP | `""` | -| `dashboards.service.loadBalancerIP` | OpenSearch Dashboards service Load Balancer IP | `""` | -| `dashboards.service.loadBalancerSourceRanges` | OpenSearch Dashboards service Load Balancer sources | `[]` | -| `dashboards.service.externalTrafficPolicy` | OpenSearch Dashboards service external traffic policy | `Cluster` | -| `dashboards.service.annotations` | Additional custom annotations for OpenSearch Dashboards service | `{}` | -| `dashboards.service.extraPorts` | Extra ports to expose in OpenSearch Dashboards service (normally used with the `sidecars` value) | `[]` | -| `dashboards.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `dashboards.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `dashboards.containerPorts.http` | OpenSearch Dashboards HTTP port | `5601` | -| `dashboards.password` | Password for OpenSearch Dashboards | `""` | -| `dashboards.replicaCount` | Number of data-only replicas to deploy | `1` | -| `dashboards.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `dashboards.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `dashboards.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `dashboards.nameOverride` | String to partially override opensearch.dashboards.fullname | `""` | -| `dashboards.fullnameOverride` | String to fully override opensearch.dashboards.fullname | `""` | -| `dashboards.servicenameOverride` | String to fully override opensearch.dashboards.servicename | `""` | -| `dashboards.updateStrategy.type` | Data-only nodes statefulset stategy type | `RollingUpdate` | -| `dashboards.resources.limits` | The resources limits for the data containers | `{}` | -| `dashboards.resources.requests` | The requested resources for the data containers | `{}` | -| `dashboards.heapSize` | OpenSearch data node heap size. | `1024m` | -| `dashboards.podSecurityContext.enabled` | Enabled data pods' Security Context | `true` | -| `dashboards.podSecurityContext.fsGroup` | Set dashboards pod's Security Context fsGroup | `1001` | -| `dashboards.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` | -| `dashboards.containerSecurityContext.enabled` | Enabled data containers' Security Context | `true` | -| `dashboards.containerSecurityContext.runAsUser` | Set data containers' Security Context runAsUser | `1001` | -| `dashboards.containerSecurityContext.runAsNonRoot` | Set data containers' Security Context runAsNonRoot | `true` | -| `dashboards.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | -| `dashboards.hostAliases` | data pods host aliases | `[]` | -| `dashboards.podLabels` | Extra labels for data pods | `{}` | -| `dashboards.podAnnotations` | Annotations for data pods | `{}` | -| `dashboards.podAffinityPreset` | Pod affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboards.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboards.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboards.nodeAffinityPreset.key` | Node label key to match. Ignored if `dashboards.affinity` is set | `""` | -| `dashboards.nodeAffinityPreset.values` | Node label values to match. Ignored if `dashboards.affinity` is set | `[]` | -| `dashboards.affinity` | Affinity for data pods assignment | `{}` | -| `dashboards.nodeSelector` | Node labels for data pods assignment | `{}` | -| `dashboards.tolerations` | Tolerations for data pods assignment | `[]` | -| `dashboards.priorityClassName` | data pods' priorityClassName | `""` | -| `dashboards.schedulerName` | Name of the k8s scheduler (other than default) for data pods | `""` | -| `dashboards.terminationGracePeriodSeconds` | In seconds, time the given to the OpenSearch data pod needs to terminate gracefully | `""` | -| `dashboards.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `dashboards.startupProbe.enabled` | Enable/disable the startup probe (data nodes pod) | `false` | -| `dashboards.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (data nodes pod) | `120` | -| `dashboards.startupProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` | -| `dashboards.startupProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | -| `dashboards.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | -| `dashboards.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | -| `dashboards.livenessProbe.enabled` | Enable/disable the liveness probe (data nodes pod) | `true` | -| `dashboards.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (data nodes pod) | `180` | -| `dashboards.livenessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `20` | -| `dashboards.livenessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | -| `dashboards.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | -| `dashboards.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `8` | -| `dashboards.readinessProbe.enabled` | Enable/disable the readiness probe (data nodes pod) | `true` | -| `dashboards.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (data nodes pod) | `120` | -| `dashboards.readinessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` | -| `dashboards.readinessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | -| `dashboards.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | -| `dashboards.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | -| `dashboards.customStartupProbe` | Override default startup probe | `{}` | -| `dashboards.customLivenessProbe` | Override default liveness probe | `{}` | -| `dashboards.customReadinessProbe` | Override default readiness probe | `{}` | -| `dashboards.command` | Override default container command (useful when using custom images) | `[]` | -| `dashboards.args` | Override default container args (useful when using custom images) | `[]` | -| `dashboards.lifecycleHooks` | for the data container(s) to automate configuration before or after startup | `{}` | -| `dashboards.extraEnvVars` | Array with extra environment variables to add to data nodes | `[]` | -| `dashboards.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for data nodes | `""` | -| `dashboards.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for data nodes | `""` | -| `dashboards.extraVolumes` | Optionally specify extra list of additional volumes for the data pod(s) | `[]` | -| `dashboards.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the data container(s) | `[]` | -| `dashboards.sidecars` | Add additional sidecar containers to the data pod(s) | `[]` | -| `dashboards.initContainers` | Add additional init containers to the data pod(s) | `[]` | -| `dashboards.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | -| `dashboards.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `dashboards.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | -| `dashboards.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | -| `dashboards.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | -| `dashboards.networkPolicy.allowExternal` | The Policy model to apply | `true` | -| `dashboards.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `dashboards.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `dashboards.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `dashboards.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `dashboards.autoscaling.vpa.enabled` | Enable VPA | `false` | -| `dashboards.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | -| `dashboards.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | -| `dashboards.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | -| `dashboards.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | -| `dashboards.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` | -| `dashboards.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` | -| `dashboards.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` | -| `dashboards.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` | -| `dashboards.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | -| `dashboards.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | -| `dashboards.tls.enabled` | Enable TLS for OpenSearch Dashboards webserver | `false` | -| `dashboards.tls.existingSecret` | Existing secret containing the certificates for OpenSearch Dashboards webserver | `""` | -| `dashboards.tls.autoGenerated` | Create self-signed TLS certificates. | `true` | +| Name | Description | Value | +| -------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------- | +| `dashboards.enabled` | Enables OpenSearch Dashboards deployment | `false` | +| `dashboards.image.registry` | OpenSearch Dashboards image registry | `REGISTRY_NAME` | +| `dashboards.image.repository` | OpenSearch Dashboards image repository | `REPOSITORY_NAME/opensearch-dashboards` | +| `dashboards.image.tag` | OpenSearch Dashboards image tag (immutable tags are recommended) | `2.10.0-debian-11-r11` | +| `dashboards.image.digest` | OpenSearch Dashboards image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `dashboards.image.pullPolicy` | OpenSearch Dashboards image pull policy | `IfNotPresent` | +| `dashboards.image.pullSecrets` | OpenSearch Dashboards image pull secrets | `[]` | +| `dashboards.image.debug` | Enable OpenSearch Dashboards image debug mode | `false` | +| `dashboards.service.type` | OpenSearch Dashboards service type | `ClusterIP` | +| `dashboards.service.ports.http` | OpenSearch Dashboards service web UI port | `5601` | +| `dashboards.service.nodePorts.http` | Node port for web UI | `""` | +| `dashboards.service.clusterIP` | OpenSearch Dashboards service Cluster IP | `""` | +| `dashboards.service.loadBalancerIP` | OpenSearch Dashboards service Load Balancer IP | `""` | +| `dashboards.service.loadBalancerSourceRanges` | OpenSearch Dashboards service Load Balancer sources | `[]` | +| `dashboards.service.externalTrafficPolicy` | OpenSearch Dashboards service external traffic policy | `Cluster` | +| `dashboards.service.annotations` | Additional custom annotations for OpenSearch Dashboards service | `{}` | +| `dashboards.service.extraPorts` | Extra ports to expose in OpenSearch Dashboards service (normally used with the `sidecars` value) | `[]` | +| `dashboards.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `dashboards.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `dashboards.containerPorts.http` | OpenSearch Dashboards HTTP port | `5601` | +| `dashboards.password` | Password for OpenSearch Dashboards | `""` | +| `dashboards.replicaCount` | Number of data-only replicas to deploy | `1` | +| `dashboards.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `dashboards.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `dashboards.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `dashboards.nameOverride` | String to partially override opensearch.dashboards.fullname | `""` | +| `dashboards.fullnameOverride` | String to fully override opensearch.dashboards.fullname | `""` | +| `dashboards.servicenameOverride` | String to fully override opensearch.dashboards.servicename | `""` | +| `dashboards.updateStrategy.type` | Data-only nodes statefulset stategy type | `RollingUpdate` | +| `dashboards.resources.limits` | The resources limits for the data containers | `{}` | +| `dashboards.resources.requests` | The requested resources for the data containers | `{}` | +| `dashboards.heapSize` | OpenSearch data node heap size. | `1024m` | +| `dashboards.podSecurityContext.enabled` | Enabled data pods' Security Context | `true` | +| `dashboards.podSecurityContext.fsGroup` | Set dashboards pod's Security Context fsGroup | `1001` | +| `dashboards.podSecurityContext.seccompProfile.type` | Set Proxy container's Security Context seccomp profile | `RuntimeDefault` | +| `dashboards.containerSecurityContext.enabled` | Enabled data containers' Security Context | `true` | +| `dashboards.containerSecurityContext.runAsUser` | Set data containers' Security Context runAsUser | `1001` | +| `dashboards.containerSecurityContext.runAsNonRoot` | Set data containers' Security Context runAsNonRoot | `true` | +| `dashboards.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` | +| `dashboards.hostAliases` | data pods host aliases | `[]` | +| `dashboards.podLabels` | Extra labels for data pods | `{}` | +| `dashboards.podAnnotations` | Annotations for data pods | `{}` | +| `dashboards.podAffinityPreset` | Pod affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboards.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboards.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `dashboards.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboards.nodeAffinityPreset.key` | Node label key to match. Ignored if `dashboards.affinity` is set | `""` | +| `dashboards.nodeAffinityPreset.values` | Node label values to match. Ignored if `dashboards.affinity` is set | `[]` | +| `dashboards.affinity` | Affinity for data pods assignment | `{}` | +| `dashboards.nodeSelector` | Node labels for data pods assignment | `{}` | +| `dashboards.tolerations` | Tolerations for data pods assignment | `[]` | +| `dashboards.priorityClassName` | data pods' priorityClassName | `""` | +| `dashboards.schedulerName` | Name of the k8s scheduler (other than default) for data pods | `""` | +| `dashboards.terminationGracePeriodSeconds` | In seconds, time the given to the OpenSearch data pod needs to terminate gracefully | `""` | +| `dashboards.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `dashboards.startupProbe.enabled` | Enable/disable the startup probe (data nodes pod) | `false` | +| `dashboards.startupProbe.initialDelaySeconds` | Delay before startup probe is initiated (data nodes pod) | `120` | +| `dashboards.startupProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` | +| `dashboards.startupProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | +| `dashboards.startupProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | +| `dashboards.startupProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | +| `dashboards.livenessProbe.enabled` | Enable/disable the liveness probe (data nodes pod) | `true` | +| `dashboards.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (data nodes pod) | `180` | +| `dashboards.livenessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `20` | +| `dashboards.livenessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | +| `dashboards.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | +| `dashboards.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `8` | +| `dashboards.readinessProbe.enabled` | Enable/disable the readiness probe (data nodes pod) | `true` | +| `dashboards.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (data nodes pod) | `120` | +| `dashboards.readinessProbe.periodSeconds` | How often to perform the probe (data nodes pod) | `10` | +| `dashboards.readinessProbe.timeoutSeconds` | When the probe times out (data nodes pod) | `5` | +| `dashboards.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (data nodes pod) | `1` | +| `dashboards.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded | `5` | +| `dashboards.customStartupProbe` | Override default startup probe | `{}` | +| `dashboards.customLivenessProbe` | Override default liveness probe | `{}` | +| `dashboards.customReadinessProbe` | Override default readiness probe | `{}` | +| `dashboards.command` | Override default container command (useful when using custom images) | `[]` | +| `dashboards.args` | Override default container args (useful when using custom images) | `[]` | +| `dashboards.lifecycleHooks` | for the data container(s) to automate configuration before or after startup | `{}` | +| `dashboards.extraEnvVars` | Array with extra environment variables to add to data nodes | `[]` | +| `dashboards.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for data nodes | `""` | +| `dashboards.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for data nodes | `""` | +| `dashboards.extraVolumes` | Optionally specify extra list of additional volumes for the data pod(s) | `[]` | +| `dashboards.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the data container(s) | `[]` | +| `dashboards.sidecars` | Add additional sidecar containers to the data pod(s) | `[]` | +| `dashboards.initContainers` | Add additional init containers to the data pod(s) | `[]` | +| `dashboards.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | +| `dashboards.serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `dashboards.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` | +| `dashboards.serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| `dashboards.networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | +| `dashboards.networkPolicy.allowExternal` | The Policy model to apply | `true` | +| `dashboards.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `dashboards.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `dashboards.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `dashboards.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `dashboards.autoscaling.vpa.enabled` | Enable VPA | `false` | +| `dashboards.autoscaling.vpa.annotations` | Annotations for VPA resource | `{}` | +| `dashboards.autoscaling.vpa.controlledResources` | VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory | `[]` | +| `dashboards.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` | +| `dashboards.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` | +| `dashboards.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` | +| `dashboards.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` | +| `dashboards.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `3` | +| `dashboards.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `11` | +| `dashboards.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` | +| `dashboards.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` | +| `dashboards.tls.enabled` | Enable TLS for OpenSearch Dashboards webserver | `false` | +| `dashboards.tls.existingSecret` | Existing secret containing the certificates for OpenSearch Dashboards webserver | `""` | +| `dashboards.tls.autoGenerated` | Create self-signed TLS certificates. | `true` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set name=my-open,client.service.port=8080 \ - oci://registry-1.docker.io/bitnamicharts/opensearch + oci://REGISTRY_NAME/REPOSITORY_NAME/opensearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the OpenSearch cluster name to `my-open` and REST port number to `8080`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/opensearch +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/opensearch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml). ## Configuration and installation details diff --git a/bitnami/opensearch/values.yaml b/bitnami/opensearch/values.yaml index d7ef5c73ff09ed..8a8e90f084cb47 100644 --- a/bitnami/opensearch/values.yaml +++ b/bitnami/opensearch/values.yaml @@ -168,8 +168,8 @@ initContainers: [] useIstioLabels: true ## Bitnami OpenSearch image -## @param image.registry OpenSearch image registry -## @param image.repository OpenSearch image repository +## @param image.registry [default: REGISTRY_NAME] OpenSearch image registry +## @param image.repository [default: REPOSITORY_NAME/opensearch] OpenSearch image repository ## @param image.tag OpenSearch image tag (immutable tags are recommended) ## @param image.digest OpenSearch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy OpenSearch image pull policy @@ -2156,8 +2156,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -2204,8 +2204,8 @@ sysctlImage: ## @param sysctlImage.enabled Enable kernel settings modifier image ## enabled: true - ## @param sysctlImage.registry Kernel settings modifier image registry - ## @param sysctlImage.repository Kernel settings modifier image repository + ## @param sysctlImage.registry [default: REGISTRY_NAME] Kernel settings modifier image registry + ## @param sysctlImage.repository [default: REPOSITORY_NAME/os-shell] Kernel settings modifier image repository ## @param sysctlImage.tag Kernel settings modifier image tag ## @param sysctlImage.digest Kernel settings modifier image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctlImage.pullPolicy Kernel settings modifier image pull policy @@ -2256,8 +2256,8 @@ dashboards: ## enabled: false ## Bitnami OpenSearch Dashboards image - ## @param dashboards.image.registry OpenSearch Dashboards image registry - ## @param dashboards.image.repository OpenSearch Dashboards image repository + ## @param dashboards.image.registry [default: REGISTRY_NAME] OpenSearch Dashboards image registry + ## @param dashboards.image.repository [default: REPOSITORY_NAME/opensearch-dashboards] OpenSearch Dashboards image repository ## @param dashboards.image.tag OpenSearch Dashboards image tag (immutable tags are recommended) ## @param dashboards.image.digest OpenSearch Dashboards image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param dashboards.image.pullPolicy OpenSearch Dashboards image pull policy diff --git a/bitnami/osclass/README.md b/bitnami/osclass/README.md index 1d00138b65a9fc..93dde05a80cebd 100644 --- a/bitnami/osclass/README.md +++ b/bitnami/osclass/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/osclass +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/osclass ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [Osclass](https://github.com/bitnami/containers/tree/main/bitnami/osclass) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Osclass in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/osclass +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/osclass ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Osclass on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,15 +80,15 @@ The command removes all the Kubernetes components associated with the chart and ### Osclass Image parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | Osclass image registry | `docker.io` | -| `image.repository` | Osclass image repository | `bitnami/osclass` | -| `image.tag` | Osclass image tag (immutable tags are recommended) | `8.1.2-debian-11-r100` | -| `image.digest` | Osclass image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Osclass image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Osclass image pull secrets | `[]` | -| `image.debug` | Enable Bitnami debug mode in Osclass image | `false` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | Osclass image registry | `REGISTRY_NAME` | +| `image.repository` | Osclass image repository | `REPOSITORY_NAME/osclass` | +| `image.tag` | Osclass image tag (immutable tags are recommended) | `8.1.2-debian-11-r100` | +| `image.digest` | Osclass image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Osclass image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Osclass image pull secrets | `[]` | +| `image.debug` | Enable Bitnami debug mode in Osclass image | `false` | ### Osclass Configuration parameters @@ -149,8 +153,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | An array to add extra env vars | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | | `certificates.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `certificates.image.registry` | Apache Exporter image registry | `docker.io` | -| `certificates.image.repository` | Apache Exporter image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Apache Exporter image registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Apache Exporter image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Apache Exporter image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Apache Exporter image pull policy | `IfNotPresent` | @@ -219,40 +223,40 @@ The command removes all the Kubernetes components associated with the chart and ### Database Parameters -| Name | Description | Value | -| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `externalDatabase.host` | External Database server host | `""` | -| `externalDatabase.port` | External Database server port | `3306` | -| `externalDatabase.user` | External Database username | `bn_osclass` | -| `externalDatabase.password` | External Database user password | `""` | -| `externalDatabase.database` | External Database database name | `bitnami_osclass` | -| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password | `""` | -| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` | -| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | -| `mariadb.auth.rootPassword` | MariaDB root password | `""` | -| `mariadb.auth.database` | MariaDB custom database | `bitnami_osclass` | -| `mariadb.auth.username` | MariaDB custom user name | `bn_osclass` | -| `mariadb.auth.password` | MariaDB custom user password | `""` | -| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` | -| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` | -| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` | -| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Persistent Volume size | `8Gi` | -| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | -| `persistence.hostPath` | If defined, the osclass-data volume will mount to the specified hostPath. | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| Name | Description | Value | +| ------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `externalDatabase.host` | External Database server host | `""` | +| `externalDatabase.port` | External Database server port | `3306` | +| `externalDatabase.user` | External Database username | `bn_osclass` | +| `externalDatabase.password` | External Database user password | `""` | +| `externalDatabase.database` | External Database database name | `bitnami_osclass` | +| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password | `""` | +| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | MariaDB root password | `""` | +| `mariadb.auth.database` | MariaDB custom database | `bitnami_osclass` | +| `mariadb.auth.username` | MariaDB custom user name | `bn_osclass` | +| `mariadb.auth.password` | MariaDB custom user password | `""` | +| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` | +| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` | +| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` | +| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Persistent Volume size | `8Gi` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.hostPath` | If defined, the osclass-data volume will mount to the specified hostPath. | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | ### Other Parameters @@ -269,31 +273,31 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | -| `metrics.image.registry` | Apache Exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache Exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache Exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Apache Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Apache Exporter image pull secrets | `[]` | -| `metrics.resources.limits` | The resources limits for the Prometheus exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the Prometheus exporter container | `{}` | -| `metrics.podAnnotations` | Annotations to add | `{}` | -| `metrics.service.type` | Metrics service type | `ClusterIP` | -| `metrics.service.port` | Metrics service port | `9117` | -| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Labels to honor to add to the scrape endpoint | `false` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | +| `metrics.image.registry` | Apache Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache Exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache Exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache Exporter image pull secrets | `[]` | +| `metrics.resources.limits` | The resources limits for the Prometheus exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the Prometheus exporter container | `{}` | +| `metrics.podAnnotations` | Annotations to add | `{}` | +| `metrics.service.type` | Metrics service type | `ClusterIP` | +| `metrics.service.port` | Metrics service port | `9117` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Labels to honor to add to the scrape endpoint | `false` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | ### NetworkPolicy parameters @@ -322,9 +326,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set osclassUsername=admin,osclassPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/osclass + oci://REGISTRY_NAME/REPOSITORY_NAME/osclass ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Osclass administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -332,9 +338,10 @@ The above command sets the Osclass administrator account username and password t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/osclass +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/osclass ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -469,9 +476,11 @@ export APP_PASSWORD=$(kubectl get secret --namespace default osclass -o jsonpath export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) export MARIADB_PASSWORD=$(kubectl get secret --namespace default osclass-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) kubectl delete deployments.apps osclass -helm upgrade osclass oci://registry-1.docker.io/bitnamicharts/osclass --set osclassHost=$APP_HOST,osclassPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +helm upgrade osclass oci://REGISTRY_NAME/REPOSITORY_NAME/osclass --set osclassHost=$APP_HOST,osclassPassword=$APP_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 8.0.0 In this major there were two main changes introduced: @@ -533,9 +542,11 @@ Delete the Osclass deployment and delete the MariaDB statefulset. Notice the opt Now the upgrade works: ```console -helm upgrade osclass oci://registry-1.docker.io/bitnamicharts/osclass --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set osclassPassword=$OSCLASS_PASSWORD --set osclassHost=$OSCLASS_HOST +helm upgrade osclass oci://REGISTRY_NAME/REPOSITORY_NAME/osclass --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set osclassPassword=$OSCLASS_PASSWORD --set osclassHost=$OSCLASS_HOST ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You will have to delete the existing MariaDB pod and the new statefulset is going to create a new one ```console diff --git a/bitnami/osclass/values.yaml b/bitnami/osclass/values.yaml index 93ecffcd006edf..60bfe4993ef1a0 100644 --- a/bitnami/osclass/values.yaml +++ b/bitnami/osclass/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami Osclass image version ## ref: https://hub.docker.com/r/bitnami/osclass/tags/ -## @param image.registry Osclass image registry -## @param image.repository Osclass image repository +## @param image.registry [default: REGISTRY_NAME] Osclass image registry +## @param image.repository [default: REPOSITORY_NAME/osclass] Osclass image repository ## @param image.tag Osclass image tag (immutable tags are recommended) ## @param image.digest Osclass image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Osclass image pull policy @@ -249,8 +249,8 @@ certificates: extraEnvVarsSecret: "" ## Bitnami Apache Exporter image ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ - ## @param certificates.image.registry Apache Exporter image registry - ## @param certificates.image.repository Apache Exporter image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Apache Exporter image registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Apache Exporter image repository ## @param certificates.image.tag Apache Exporter image tag (immutable tags are recommended) ## @param certificates.image.digest Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Apache Exporter image pull policy @@ -697,8 +697,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -775,8 +775,8 @@ metrics: enabled: false ## Bitnami Apache Exporter image ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ - ## @param metrics.image.registry Apache Exporter image registry - ## @param metrics.image.repository Apache Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache Exporter image repository ## @param metrics.image.tag Apache Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Apache Exporter image pull policy diff --git a/bitnami/parse/README.md b/bitnami/parse/README.md index 358094539ff6db..9992dc0ebeadf0 100644 --- a/bitnami/parse/README.md +++ b/bitnami/parse/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/parse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/parse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Parse](https://github.com/bitnami/containers/tree/main/bitnami/parse) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Parse Server in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/parse +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/parse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Parse on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,171 +82,171 @@ The command removes all the Kubernetes components associated with the chart and ### Parse server parameters -| Name | Description | Value | -| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | -| `server.image.registry` | Parse image registry | `docker.io` | -| `server.image.repository` | Parse image repository | `bitnami/parse` | -| `server.image.tag` | Parse image tag (immutable tags are recommended) | `6.3.0-debian-11-r20` | -| `server.image.digest` | Parse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `server.image.debug` | Enable image debug mode | `false` | -| `server.hostAliases` | Deployment pod host aliases | `[]` | -| `server.podLabels` | Extra labels for Parse pods | `{}` | -| `server.podAnnotations` | Annotations for Parse pods | `{}` | -| `server.podSecurityContext.enabled` | Enabled Parse Dashboard pods' Security Context | `true` | -| `server.podSecurityContext.fsGroup` | Set Parse Dashboard pod's Security Context fsGroup | `1001` | -| `server.containerSecurityContext.enabled` | Enabled Parse Dashboard containers' Security Context | `true` | -| `server.containerSecurityContext.runAsUser` | Set Parse Dashboard containers' Security Context runAsUser | `1001` | -| `server.containerSecurityContext.runAsNonRoot` | Set Parse Dashboard containers' Security Context runAsNonRoot | `true` | -| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Parse Dashboard containers' Security Context runAsNonRoot | `false` | -| `server.command` | Override default container command (useful when using custom images) | `[]` | -| `server.args` | Override default container args (useful when using custom images) | `[]` | -| `server.containerPorts.http` | Parse server port | `1337` | -| `server.mountPath` | Parse server API mount path | `/parse` | -| `server.appId` | Parse server App ID | `myappID` | -| `server.masterKey` | Parse server Master Key | `""` | -| `server.extraEnvVars` | An array to add extra env vars | `[]` | -| `server.extraEnvVarsCM` | Name of a ConfigMap containing extra environment variables | `""` | -| `server.extraEnvVarsSecret` | Name of a Secret containing extra environment variables | `""` | -| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Parse pod(s) | `[]` | -| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Parse container(s) | `[]` | -| `server.sidecars` | Add additional sidecar containers to the Parse pod(s) | `[]` | -| `server.initContainers` | Add additional init containers to the Parse pod(s) | `[]` | -| `server.enableCloudCode` | Enable Parse Cloud Code | `false` | -| `server.cloudCodeScripts` | Cloud Code scripts | `{}` | -| `server.existingCloudCodeScriptsCM` | ConfigMap with Cloud Code scripts (Note: Overrides `cloudCodeScripts`). | `""` | -| `server.resources` | Parse Server pods' resource requests and limits | `{}` | -| `server.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `server.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `server.startupProbe.enabled` | Enable startupProbe on Parse containers | `false` | -| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `3` | -| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `server.podAffinityPreset` | Parse server pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.podAntiAffinityPreset` | Parse server pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `server.nodeAffinityPreset.type` | Parse server node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.nodeAffinityPreset.key` | Parse server node label key to match Ignored if `affinity` is set. | `""` | -| `server.nodeAffinityPreset.values` | Parse server node label values to match. Ignored if `affinity` is set. | `[]` | -| `server.affinity` | Parse server affinity for pod assignment | `{}` | -| `server.nodeSelector` | Parse server node labels for pod assignment | `{}` | -| `server.tolerations` | Parse server tolerations for pod assignment | `[]` | -| `server.updateStrategy.type` | Parse statefulset strategy type | `RollingUpdate` | -| `server.priorityClassName` | Parse pods' priorityClassName | `""` | -| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `server.schedulerName` | Name of the k8s scheduler (other than default) for Parse pods | `""` | -| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `server.lifecycleHooks` | for the Parse container(s) to automate configuration before or after startup | `{}` | -| `server.service.type` | Kubernetes Service type | `LoadBalancer` | -| `server.service.ports.http` | Service HTTP port (Dashboard) | `1337` | -| `server.service.nodePorts.http` | Kubernetes HTTP node port | `""` | -| `server.service.clusterIP` | Service Cluster IP | `""` | -| `server.service.loadBalancerIP` | Service Load Balancer IP | `""` | -| `server.service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | -| `server.service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | -| `server.service.annotations` | Additional custom annotations for Service | `{}` | -| `server.service.extraPorts` | Extra ports to expose in Service (normally used with the `sidecars` value) | `[]` | -| `server.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ----------------------- | +| `server.image.registry` | Parse image registry | `REGISTRY_NAME` | +| `server.image.repository` | Parse image repository | `REPOSITORY_NAME/parse` | +| `server.image.tag` | Parse image tag (immutable tags are recommended) | `6.3.0-debian-11-r20` | +| `server.image.digest` | Parse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `server.image.debug` | Enable image debug mode | `false` | +| `server.hostAliases` | Deployment pod host aliases | `[]` | +| `server.podLabels` | Extra labels for Parse pods | `{}` | +| `server.podAnnotations` | Annotations for Parse pods | `{}` | +| `server.podSecurityContext.enabled` | Enabled Parse Dashboard pods' Security Context | `true` | +| `server.podSecurityContext.fsGroup` | Set Parse Dashboard pod's Security Context fsGroup | `1001` | +| `server.containerSecurityContext.enabled` | Enabled Parse Dashboard containers' Security Context | `true` | +| `server.containerSecurityContext.runAsUser` | Set Parse Dashboard containers' Security Context runAsUser | `1001` | +| `server.containerSecurityContext.runAsNonRoot` | Set Parse Dashboard containers' Security Context runAsNonRoot | `true` | +| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Parse Dashboard containers' Security Context runAsNonRoot | `false` | +| `server.command` | Override default container command (useful when using custom images) | `[]` | +| `server.args` | Override default container args (useful when using custom images) | `[]` | +| `server.containerPorts.http` | Parse server port | `1337` | +| `server.mountPath` | Parse server API mount path | `/parse` | +| `server.appId` | Parse server App ID | `myappID` | +| `server.masterKey` | Parse server Master Key | `""` | +| `server.extraEnvVars` | An array to add extra env vars | `[]` | +| `server.extraEnvVarsCM` | Name of a ConfigMap containing extra environment variables | `""` | +| `server.extraEnvVarsSecret` | Name of a Secret containing extra environment variables | `""` | +| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Parse pod(s) | `[]` | +| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Parse container(s) | `[]` | +| `server.sidecars` | Add additional sidecar containers to the Parse pod(s) | `[]` | +| `server.initContainers` | Add additional init containers to the Parse pod(s) | `[]` | +| `server.enableCloudCode` | Enable Parse Cloud Code | `false` | +| `server.cloudCodeScripts` | Cloud Code scripts | `{}` | +| `server.existingCloudCodeScriptsCM` | ConfigMap with Cloud Code scripts (Note: Overrides `cloudCodeScripts`). | `""` | +| `server.resources` | Parse Server pods' resource requests and limits | `{}` | +| `server.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `server.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `server.startupProbe.enabled` | Enable startupProbe on Parse containers | `false` | +| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `3` | +| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `server.podAffinityPreset` | Parse server pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.podAntiAffinityPreset` | Parse server pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `server.nodeAffinityPreset.type` | Parse server node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.nodeAffinityPreset.key` | Parse server node label key to match Ignored if `affinity` is set. | `""` | +| `server.nodeAffinityPreset.values` | Parse server node label values to match. Ignored if `affinity` is set. | `[]` | +| `server.affinity` | Parse server affinity for pod assignment | `{}` | +| `server.nodeSelector` | Parse server node labels for pod assignment | `{}` | +| `server.tolerations` | Parse server tolerations for pod assignment | `[]` | +| `server.updateStrategy.type` | Parse statefulset strategy type | `RollingUpdate` | +| `server.priorityClassName` | Parse pods' priorityClassName | `""` | +| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `server.schedulerName` | Name of the k8s scheduler (other than default) for Parse pods | `""` | +| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `server.lifecycleHooks` | for the Parse container(s) to automate configuration before or after startup | `{}` | +| `server.service.type` | Kubernetes Service type | `LoadBalancer` | +| `server.service.ports.http` | Service HTTP port (Dashboard) | `1337` | +| `server.service.nodePorts.http` | Kubernetes HTTP node port | `""` | +| `server.service.clusterIP` | Service Cluster IP | `""` | +| `server.service.loadBalancerIP` | Service Load Balancer IP | `""` | +| `server.service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | +| `server.service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | +| `server.service.annotations` | Additional custom annotations for Service | `{}` | +| `server.service.extraPorts` | Extra ports to expose in Service (normally used with the `sidecars` value) | `[]` | +| `server.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### Dashboard Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------- | -| `dashboard.enabled` | Enable parse dashboard | `true` | -| `dashboard.image.registry` | Dashboard image registry | `docker.io` | -| `dashboard.image.repository` | Dashboard image repository | `bitnami/parse-dashboard` | -| `dashboard.image.tag` | Dashboard image tag (immutable tags are recommended) | `5.2.0-debian-11-r21` | -| `dashboard.image.digest` | Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `dashboard.image.pullPolicy` | image pull policy | `IfNotPresent` | -| `dashboard.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `dashboard.image.debug` | Enable Parse Dashboard image debug mode | `false` | -| `dashboard.replicaCount` | Number of Parse Dashboard replicas to deploy | `1` | -| `dashboard.containerPorts.http` | Parse Dashboard HTTP container port | `4040` | -| `dashboard.hostAliases` | Deployment pod host aliases | `[]` | -| `dashboard.podSecurityContext.enabled` | Enabled Parse Dashboard pods' Security Context | `true` | -| `dashboard.podSecurityContext.fsGroup` | Set Parse Dashboard pod's Security Context fsGroup | `1001` | -| `dashboard.containerSecurityContext.enabled` | Enabled Parse Dashboard containers' Security Context | `true` | -| `dashboard.containerSecurityContext.runAsUser` | Set Parse Dashboard containers' Security Context runAsUser | `1001` | -| `dashboard.containerSecurityContext.runAsNonRoot` | Set Parse Dashboard containers' Security Context runAsNonRoot | `true` | -| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set Parse Dashboard containers' Security Context runAsNonRoot | `false` | -| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | -| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | -| `dashboard.username` | Parse Dashboard application username | `user` | -| `dashboard.password` | Parse Dashboard application password | `""` | -| `dashboard.appName` | Parse Dashboard application name | `MyDashboard` | -| `dashboard.resources` | Parse Dashboard pods' resource requests and limits | `{}` | -| `dashboard.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `240` | -| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `dashboard.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `dashboard.startupProbe.enabled` | Enable startupProbe on Parse Dashboard containers | `false` | -| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `3` | -| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | -| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `dashboard.podLabels` | Extra labels for Parse Dashboard pods | `{}` | -| `dashboard.podAnnotations` | Annotations for Parse Dashboard pods | `{}` | -| `dashboard.podAffinityPreset` | Parse dashboard pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.podAntiAffinityPreset` | Parse dashboard pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `dashboard.nodeAffinityPreset.type` | Parse dashboard node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `dashboard.nodeAffinityPreset.key` | Parse dashboard node label key to match Ignored if `affinity` is set. | `""` | -| `dashboard.nodeAffinityPreset.values` | Parse dashboard node label values to match. Ignored if `affinity` is set. | `[]` | -| `dashboard.affinity` | Parse dashboard affinity for pod assignment | `{}` | -| `dashboard.nodeSelector` | Parse dashboard node labels for pod assignment | `{}` | -| `dashboard.tolerations` | Parse dashboard tolerations for pod assignment | `[]` | -| `dashboard.updateStrategy.type` | Parse statefulset strategy type | `RollingUpdate` | -| `dashboard.priorityClassName` | Parse pods' priorityClassName | `""` | -| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) for Parse pods | `""` | -| `dashboard.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `dashboard.lifecycleHooks` | for the Parse container(s) to automate configuration before or after startup | `{}` | -| `dashboard.parseServerUrlProtocol` | Protocol used by Parse Dashboard to form the URLs to Parse server | `http` | -| `dashboard.extraEnvVars` | An array to add extra env vars | `[]` | -| `dashboard.extraEnvVarsCM` | Name of a ConfigMap containing extra environment variables | `""` | -| `dashboard.extraEnvVarsSecret` | Name of a Secret containing extra environment variables | `""` | -| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for the Parse pod(s) | `[]` | -| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Parse container(s) | `[]` | -| `dashboard.sidecars` | Add additional sidecar containers to the Parse pod(s) | `[]` | -| `dashboard.initContainers` | Add additional init containers to the Parse pod(s) | `[]` | -| `dashboard.service.type` | Kubernetes Service type | `LoadBalancer` | -| `dashboard.service.ports.http` | Service HTTP port (Dashboard) | `80` | -| `dashboard.service.nodePorts.http` | Kubernetes HTTP node port | `""` | -| `dashboard.service.clusterIP` | Service Cluster IP | `""` | -| `dashboard.service.loadBalancerIP` | Service Load Balancer IP | `""` | -| `dashboard.service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | -| `dashboard.service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | -| `dashboard.service.annotations` | Additional custom annotations for Service | `{}` | -| `dashboard.service.extraPorts` | Extra ports to expose in Service (normally used with the `sidecars` value) | `[]` | -| `dashboard.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `dashboard.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------------- | +| `dashboard.enabled` | Enable parse dashboard | `true` | +| `dashboard.image.registry` | Dashboard image registry | `REGISTRY_NAME` | +| `dashboard.image.repository` | Dashboard image repository | `REPOSITORY_NAME/parse-dashboard` | +| `dashboard.image.tag` | Dashboard image tag (immutable tags are recommended) | `5.2.0-debian-11-r21` | +| `dashboard.image.digest` | Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `dashboard.image.pullPolicy` | image pull policy | `IfNotPresent` | +| `dashboard.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `dashboard.image.debug` | Enable Parse Dashboard image debug mode | `false` | +| `dashboard.replicaCount` | Number of Parse Dashboard replicas to deploy | `1` | +| `dashboard.containerPorts.http` | Parse Dashboard HTTP container port | `4040` | +| `dashboard.hostAliases` | Deployment pod host aliases | `[]` | +| `dashboard.podSecurityContext.enabled` | Enabled Parse Dashboard pods' Security Context | `true` | +| `dashboard.podSecurityContext.fsGroup` | Set Parse Dashboard pod's Security Context fsGroup | `1001` | +| `dashboard.containerSecurityContext.enabled` | Enabled Parse Dashboard containers' Security Context | `true` | +| `dashboard.containerSecurityContext.runAsUser` | Set Parse Dashboard containers' Security Context runAsUser | `1001` | +| `dashboard.containerSecurityContext.runAsNonRoot` | Set Parse Dashboard containers' Security Context runAsNonRoot | `true` | +| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set Parse Dashboard containers' Security Context runAsNonRoot | `false` | +| `dashboard.command` | Override default container command (useful when using custom images) | `[]` | +| `dashboard.args` | Override default container args (useful when using custom images) | `[]` | +| `dashboard.username` | Parse Dashboard application username | `user` | +| `dashboard.password` | Parse Dashboard application password | `""` | +| `dashboard.appName` | Parse Dashboard application name | `MyDashboard` | +| `dashboard.resources` | Parse Dashboard pods' resource requests and limits | `{}` | +| `dashboard.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `240` | +| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `dashboard.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `dashboard.startupProbe.enabled` | Enable startupProbe on Parse Dashboard containers | `false` | +| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `3` | +| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | +| `dashboard.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `dashboard.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `dashboard.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `dashboard.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `dashboard.podLabels` | Extra labels for Parse Dashboard pods | `{}` | +| `dashboard.podAnnotations` | Annotations for Parse Dashboard pods | `{}` | +| `dashboard.podAffinityPreset` | Parse dashboard pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.podAntiAffinityPreset` | Parse dashboard pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `dashboard.nodeAffinityPreset.type` | Parse dashboard node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `dashboard.nodeAffinityPreset.key` | Parse dashboard node label key to match Ignored if `affinity` is set. | `""` | +| `dashboard.nodeAffinityPreset.values` | Parse dashboard node label values to match. Ignored if `affinity` is set. | `[]` | +| `dashboard.affinity` | Parse dashboard affinity for pod assignment | `{}` | +| `dashboard.nodeSelector` | Parse dashboard node labels for pod assignment | `{}` | +| `dashboard.tolerations` | Parse dashboard tolerations for pod assignment | `[]` | +| `dashboard.updateStrategy.type` | Parse statefulset strategy type | `RollingUpdate` | +| `dashboard.priorityClassName` | Parse pods' priorityClassName | `""` | +| `dashboard.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `dashboard.schedulerName` | Name of the k8s scheduler (other than default) for Parse pods | `""` | +| `dashboard.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `dashboard.lifecycleHooks` | for the Parse container(s) to automate configuration before or after startup | `{}` | +| `dashboard.parseServerUrlProtocol` | Protocol used by Parse Dashboard to form the URLs to Parse server | `http` | +| `dashboard.extraEnvVars` | An array to add extra env vars | `[]` | +| `dashboard.extraEnvVarsCM` | Name of a ConfigMap containing extra environment variables | `""` | +| `dashboard.extraEnvVarsSecret` | Name of a Secret containing extra environment variables | `""` | +| `dashboard.extraVolumes` | Optionally specify extra list of additional volumes for the Parse pod(s) | `[]` | +| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Parse container(s) | `[]` | +| `dashboard.sidecars` | Add additional sidecar containers to the Parse pod(s) | `[]` | +| `dashboard.initContainers` | Add additional init containers to the Parse pod(s) | `[]` | +| `dashboard.service.type` | Kubernetes Service type | `LoadBalancer` | +| `dashboard.service.ports.http` | Service HTTP port (Dashboard) | `80` | +| `dashboard.service.nodePorts.http` | Kubernetes HTTP node port | `""` | +| `dashboard.service.clusterIP` | Service Cluster IP | `""` | +| `dashboard.service.loadBalancerIP` | Service Load Balancer IP | `""` | +| `dashboard.service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | +| `dashboard.service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | +| `dashboard.service.annotations` | Additional custom annotations for Service | `{}` | +| `dashboard.service.extraPorts` | Extra ports to expose in Service (normally used with the `sidecars` value) | `[]` | +| `dashboard.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `dashboard.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### Traffic Exposure Parameters @@ -282,20 +286,20 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources` | The resources for the container | `{}` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources` | The resources for the container | `{}` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | ### MongoDB® Parameters @@ -331,9 +335,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set dashboard.username=admin,dashboard.password=password \ - oci://registry-1.docker.io/bitnamicharts/parse + oci://REGISTRY_NAME/REPOSITORY_NAME/parse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Parse administrator account username and password to `admin` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -341,9 +347,10 @@ The above command sets the Parse administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/parse +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/parse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -517,15 +524,19 @@ Backwards compatibility is not guaranteed. The following notables changes were i Parse & Parse Dashboard containers were moved to a non-root approach. There shouldn't be any issue when upgrading since the corresponding `securityContext` is enabled by default. Both container images and chart can be upgraded by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/parse +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/parse ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you use a previous container image (previous to **3.1.2-r14** for Parse or **1.2.0-r69** for Parse Dashboard), disable the `securityContext` by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/parse --set server.securityContext.enabled=false,dashboard.securityContext.enabled=false,server.image.tag=XXX,dashboard.image.tag=YYY +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/parse --set server.securityContext.enabled=false,dashboard.securityContext.enabled=false,server.image.tag=XXX,dashboard.image.tag=YYY ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 3.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/parse/values.yaml b/bitnami/parse/values.yaml index ca831127b2e593..38790be87fe5eb 100644 --- a/bitnami/parse/values.yaml +++ b/bitnami/parse/values.yaml @@ -68,8 +68,8 @@ diagnosticMode: server: ## Bitnami Parse image version ## ref: https://hub.docker.com/r/bitnami/parse/tags/ - ## @param server.image.registry Parse image registry - ## @param server.image.repository Parse image repository + ## @param server.image.registry [default: REGISTRY_NAME] Parse image registry + ## @param server.image.repository [default: REPOSITORY_NAME/parse] Parse image repository ## @param server.image.tag Parse image tag (immutable tags are recommended) ## @param server.image.digest Parse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param server.image.pullPolicy Image pull policy @@ -403,8 +403,8 @@ dashboard: enabled: true ## Bitnami Parse Dashboard image version ## ref: https://hub.docker.com/r/bitnami/parse-dashboard/tags/ - ## @param dashboard.image.registry Dashboard image registry - ## @param dashboard.image.repository Dashboard image repository + ## @param dashboard.image.registry [default: REGISTRY_NAME] Dashboard image registry + ## @param dashboard.image.repository [default: REPOSITORY_NAME/parse-dashboard] Dashboard image repository ## @param dashboard.image.tag Dashboard image tag (immutable tags are recommended) ## @param dashboard.image.digest Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param dashboard.image.pullPolicy image pull policy @@ -894,8 +894,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image name + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image name ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/phpbb/README.md b/bitnami/phpbb/README.md index df732cd66c87d4..533d6349092484 100644 --- a/bitnami/phpbb/README.md +++ b/bitnami/phpbb/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/phpbb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [phpBB](https://github.com/bitnami/containers/tree/main/bitnami/phpbb) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use phpBB in production? Try [VMware Application Catalog](https://bit To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/phpbb +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys phpBB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,98 +81,98 @@ The command removes all the Kubernetes components associated with the chart and ### phpBB parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | phpBB image registry | `docker.io` | -| `image.repository` | phpBB image repository | `bitnami/phpbb` | -| `image.tag` | phpBB image tag (immutable tags are recommended) | `3.3.10-debian-11-r120` | -| `image.digest` | phpBB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | phpBB image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | -| `phpbbSkipInstall` | Skip phpBB installation wizard. Useful for migrations and restoring from SQL dump | `no` | -| `phpbbDisableSessionValidation` | Disable session validation | `yes` | -| `phpbbUsername` | User of the application | `user` | -| `phpbbPassword` | Application password | `""` | -| `phpbbEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `no` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | An array to add extra env vars | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | -| `initContainers` | Extra init containers to add to the deployment | `[]` | -| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `existingSecret` | Use existing secret for the application password | `""` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts` | Container ports | `{}` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | Database data Persistent Volume Storage Class | `""` | -| `persistence.accessModes` | PVC Access Mode for phpBB volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for phpBB volume | `8Gi` | -| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | -| `persistence.hostPath` | Host mount path for phpBB volume | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `resources.limits` | The resources limits for the container | `{}` | -| `podSecurityContext.enabled` | Enable phpBB pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | phpBB pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable phpBB containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | phpBB containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | phpBB containers' Security Context runAsNonRoot | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `priorityClassName` | Define the priority class name to use for the phpbb pods | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `lifecycleHooks` | LifecycleHook to set additional configuration before or after startup | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod extra labels | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | phpBB image registry | `REGISTRY_NAME` | +| `image.repository` | phpBB image repository | `REPOSITORY_NAME/phpbb` | +| `image.tag` | phpBB image tag (immutable tags are recommended) | `3.3.10-debian-11-r120` | +| `image.digest` | phpBB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | phpBB image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | +| `phpbbSkipInstall` | Skip phpBB installation wizard. Useful for migrations and restoring from SQL dump | `no` | +| `phpbbDisableSessionValidation` | Disable session validation | `yes` | +| `phpbbUsername` | User of the application | `user` | +| `phpbbPassword` | Application password | `""` | +| `phpbbEmail` | Admin email | `user@example.com` | +| `allowEmptyPassword` | Allow DB blank passwords | `no` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | An array to add extra env vars | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | +| `initContainers` | Extra init containers to add to the deployment | `[]` | +| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `existingSecret` | Use existing secret for the application password | `""` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts` | Container ports | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | Database data Persistent Volume Storage Class | `""` | +| `persistence.accessModes` | PVC Access Mode for phpBB volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for phpBB volume | `8Gi` | +| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | +| `persistence.hostPath` | Host mount path for phpBB volume | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `resources.limits` | The resources limits for the container | `{}` | +| `podSecurityContext.enabled` | Enable phpBB pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | phpBB pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable phpBB containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | phpBB containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | phpBB containers' Security Context runAsNonRoot | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `priorityClassName` | Define the priority class name to use for the phpbb pods | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `lifecycleHooks` | LifecycleHook to set additional configuration before or after startup | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod extra labels | `{}` | ### Traffic Exposure Parameters @@ -226,17 +230,17 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| --------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| Name | Description | Value | +| --------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | ### NetworkPolicy parameters @@ -265,9 +269,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set phpbbUsername=admin,phpbbPassword=password,mariadb.mariadbRootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/phpbb + oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the phpBB administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -275,9 +281,10 @@ The above command sets the phpBB administrator account username and password to Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/phpbb +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -433,15 +440,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=php Upgrade your release (maintaining the version) disabling MariaDB and scaling phpBB replicas to 0: ```console -helm upgrade phpbb oci://registry-1.docker.io/bitnamicharts/phpbb --set phpbbPassword=$PHPBB_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.0.5 +helm upgrade phpbb oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb --set phpbbPassword=$PHPBB_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.0.5 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 9.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade phpbb oci://registry-1.docker.io/bitnamicharts/phpbb --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set phpbbPassword=$PHPBB_PASSWORD +helm upgrade phpbb oci://REGISTRY_NAME/REPOSITORY_NAME/phpbb --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set phpbbPassword=$PHPBB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/phpbb/values.yaml b/bitnami/phpbb/values.yaml index 893713b58dcca2..cdde9202dfbfa8 100644 --- a/bitnami/phpbb/values.yaml +++ b/bitnami/phpbb/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami phpBB image version ## ref: https://hub.docker.com/r/bitnami/phpbb/tags/ -## @param image.registry phpBB image registry -## @param image.repository phpBB image repository +## @param image.registry [default: REGISTRY_NAME] phpBB image registry +## @param image.repository [default: REPOSITORY_NAME/phpbb] phpBB image repository ## @param image.tag phpBB image tag (immutable tags are recommended) ## @param image.digest phpBB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy phpBB image pull policy @@ -164,8 +164,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -661,8 +661,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy diff --git a/bitnami/phpmyadmin/README.md b/bitnami/phpmyadmin/README.md index 77683dce920992..b78189703b3036 100644 --- a/bitnami/phpmyadmin/README.md +++ b/bitnami/phpmyadmin/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/phpmyadmin +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [phpMyAdmin](https://github.com/bitnami/containers/tree/main/bitnami/phpmyadmin) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use phpMyAdmin in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/phpmyadmin +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys phpMyAdmin on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -74,21 +78,21 @@ The command removes all the Kubernetes components associated with the chart and ### phpMyAdmin parameters -| Name | Description | Value | -| -------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | phpMyAdmin image registry | `docker.io` | -| `image.repository` | phpMyAdmin image repository | `bitnami/phpmyadmin` | -| `image.tag` | phpMyAdmin image tag (immutable tags are recommended) | `5.2.1-debian-11-r123` | -| `image.digest` | phpMyAdmin image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable phpmyadmin image debug mode | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the phpmyadmin container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Extra environment variables to be set on PhpMyAdmin container | `[]` | -| `extraEnvVarsCM` | Name of a existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of a existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| -------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | phpMyAdmin image registry | `REGISTRY_NAME` | +| `image.repository` | phpMyAdmin image repository | `REPOSITORY_NAME/phpmyadmin` | +| `image.tag` | phpMyAdmin image tag (immutable tags are recommended) | `5.2.1-debian-11-r123` | +| `image.digest` | phpMyAdmin image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable phpmyadmin image debug mode | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the phpmyadmin container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Extra environment variables to be set on PhpMyAdmin container | `[]` | +| `extraEnvVarsCM` | Name of a existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of a existing Secret containing extra env vars | `""` | ### phpMyAdmin deployment parameters @@ -210,35 +214,35 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r8` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` | -| `metrics.service.port` | Prometheus metrics service port | `9117` | -| `metrics.service.annotations` | Annotations for Prometheus metrics service | `{}` | -| `metrics.service.clusterIP` | phpmyadmin service Cluster IP | `""` | -| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` | -| `metrics.service.loadBalancerSourceRanges` | phpmyadmin service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | phpmyadmin service external traffic policy | `Cluster` | -| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r8` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.service.type` | Prometheus metrics service type | `ClusterIP` | +| `metrics.service.port` | Prometheus metrics service port | `9117` | +| `metrics.service.annotations` | Annotations for Prometheus metrics service | `{}` | +| `metrics.service.clusterIP` | phpmyadmin service Cluster IP | `""` | +| `metrics.service.loadBalancerIP` | Load Balancer IP if the Prometheus metrics server type is `LoadBalancer` | `""` | +| `metrics.service.loadBalancerSourceRanges` | phpmyadmin service Load Balancer sources | `[]` | +| `metrics.service.externalTrafficPolicy` | phpmyadmin service external traffic policy | `Cluster` | +| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Specify the interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Specify Metric Relabelings to add to the scrape endpoint | `[]` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | ### NetworkPolicy parameters @@ -266,17 +270,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set db.host=mymariadb,db.port=3306 oci://registry-1.docker.io/bitnamicharts/phpmyadmin + --set db.host=mymariadb,db.port=3306 oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the phpMyAdmin to connect to a database in `mymariadb` host and `3306` port respectively. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/phpmyadmin +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -432,9 +439,11 @@ Consequences: export MARIADB_ROOT_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-root-password}" | base64 -d) export MARIADB_PASSWORD=$(kubectl get secret --namespace default phpmyadmin-mariadb -o jsonpath="{.data.mariadb-password}" | base64 -d) kubectl delete deployments.apps phpmyadmin -helm upgrade phpmyadmin oci://registry-1.docker.io/bitnamicharts/phpmyadmin --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD +helm upgrade phpmyadmin oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 7.0.0 In this major there were two main changes introduced: @@ -497,9 +506,11 @@ Delete the phpMyAdmin deployment and delete the MariaDB statefulsets: Now the upgrade works: ```console -helm upgrade phpmyadmin oci://registry-1.docker.io/bitnamicharts/phpmyadmin --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set db.bundleTestDB=true +helm upgrade phpmyadmin oci://REGISTRY_NAME/REPOSITORY_NAME/phpmyadmin --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set db.bundleTestDB=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, you should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/phpmyadmin/values.yaml b/bitnami/phpmyadmin/values.yaml index d65bc462ab74fa..f8e1f5b1fd6af3 100644 --- a/bitnami/phpmyadmin/values.yaml +++ b/bitnami/phpmyadmin/values.yaml @@ -45,8 +45,8 @@ extraDeploy: [] ## Bitnami WordPress image version ## ref: https://hub.docker.com/r/bitnami/phpmyadmin/tags/ -## @param image.registry phpMyAdmin image registry -## @param image.repository phpMyAdmin image repository +## @param image.registry [default: REGISTRY_NAME] phpMyAdmin image registry +## @param image.repository [default: REPOSITORY_NAME/phpmyadmin] phpMyAdmin image repository ## @param image.tag phpMyAdmin image tag (immutable tags are recommended) ## @param image.digest phpMyAdmin image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Image pull policy @@ -572,8 +572,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy diff --git a/bitnami/pinniped/README.md b/bitnami/pinniped/README.md index cafdf85ba5b886..1e5661e1e1eb59 100644 --- a/bitnami/pinniped/README.md +++ b/bitnami/pinniped/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/pinniped +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/pinniped ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -36,9 +38,11 @@ Looking to use Pinniped in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/pinniped +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/pinniped ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys pinniped on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -65,22 +69,22 @@ The command removes all the Kubernetes components associated with the chart and ### Common parameters -| Name | Description | Value | -| ------------------- | -------------------------------------------------------------------------------------------------------- | --------------------- | -| `kubeVersion` | Override Kubernetes version | `""` | -| `nameOverride` | String to partially override common.names.name | `""` | -| `fullnameOverride` | String to fully override common.names.fullname | `""` | -| `namespaceOverride` | String to fully override common.names.namespace | `""` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | -| `image.registry` | Pinniped image registry | `docker.io` | -| `image.repository` | Pinniped image repository | `bitnami/pinniped` | -| `image.tag` | Pinniped image tag (immutable tags are recommended) | `0.27.0-debian-11-r0` | -| `image.digest` | Pinniped image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Pinniped image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Pinniped image pull secrets | `[]` | +| Name | Description | Value | +| ------------------- | -------------------------------------------------------------------------------------------------------- | -------------------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.name | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `image.registry` | Pinniped image registry | `REGISTRY_NAME` | +| `image.repository` | Pinniped image repository | `REPOSITORY_NAME/pinniped` | +| `image.tag` | Pinniped image tag (immutable tags are recommended) | `0.27.0-debian-11-r0` | +| `image.digest` | Pinniped image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Pinniped image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Pinniped image pull secrets | `[]` | ### Concierge Parameters @@ -318,17 +322,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set supervisor.enabled=false \ - oci://registry-1.docker.io/bitnamicharts/pinniped + oci://REGISTRY_NAME/REPOSITORY_NAME/pinniped ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets disables the supervisor compoment deployment. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/pinniped +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/pinniped ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/pinniped/values.yaml b/bitnami/pinniped/values.yaml index 0150085e33a3b4..d654640987900e 100644 --- a/bitnami/pinniped/values.yaml +++ b/bitnami/pinniped/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] ## Bitnami Pinniped image ## ref: https://hub.docker.com/r/bitnami/pinniped/tags/ -## @param image.registry Pinniped image registry -## @param image.repository Pinniped image repository +## @param image.registry [default: REGISTRY_NAME] Pinniped image registry +## @param image.repository [default: REPOSITORY_NAME/pinniped] Pinniped image repository ## @param image.tag Pinniped image tag (immutable tags are recommended) ## @param image.digest Pinniped image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Pinniped image pull policy diff --git a/bitnami/postgresql-ha/README.md b/bitnami/postgresql-ha/README.md index e06d163eea3f35..da909f60a31cdb 100644 --- a/bitnami/postgresql-ha/README.md +++ b/bitnami/postgresql-ha/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql-ha +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This [Helm](https://github.com/kubernetes/helm) chart installs [PostgreSQL](https://www.postgresql.org/) with HA architecture in a Kubernetes cluster. Welcome to [contribute](https://github.com/bitnami/charts/blob/main/CONTRIBUTING.md) to Helm Chart for PostgreSQL HA. @@ -37,9 +39,11 @@ Looking to use PostgreSQL HA in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql-ha +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Uninstalling the Chart To uninstall/delete the `my-release` deployment: @@ -90,356 +94,356 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua ### PostgreSQL with Repmgr parameters -| Name | Description | Value | -| -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `postgresql.image.registry` | PostgreSQL with Repmgr image registry | `docker.io` | -| `postgresql.image.repository` | PostgreSQL with Repmgr image repository | `bitnami/postgresql-repmgr` | -| `postgresql.image.tag` | PostgreSQL with Repmgr image tag | `16.0.0-debian-11-r11` | -| `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `postgresql.image.pullPolicy` | PostgreSQL with Repmgr image pull policy | `IfNotPresent` | -| `postgresql.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `postgresql.image.debug` | Specify if debug logs should be enabled | `false` | -| `postgresql.labels` | Labels to add to the StatefulSet. Evaluated as template | `{}` | -| `postgresql.podLabels` | Labels to add to the StatefulSet pods. Evaluated as template | `{}` | -| `postgresql.serviceAnnotations` | Provide any additional annotations for PostgreSQL service | `{}` | -| `postgresql.replicaCount` | Number of replicas to deploy. Use an odd number. Having 3 replicas is the minimum to get quorum when promoting a new primary. | `3` | -| `postgresql.updateStrategy.type` | Postgresql statefulset strategy type | `RollingUpdate` | -| `postgresql.containerPorts.postgresql` | PostgreSQL port | `5432` | -| `postgresql.hostAliases` | Deployment pod host aliases | `[]` | -| `postgresql.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod | `false` | -| `postgresql.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod | `false` | -| `postgresql.podAnnotations` | Additional pod annotations | `{}` | -| `postgresql.podAffinityPreset` | PostgreSQL pod affinity preset. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `postgresql.podAntiAffinityPreset` | PostgreSQL pod anti-affinity preset. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `postgresql.nodeAffinityPreset.type` | PostgreSQL node affinity preset type. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `postgresql.nodeAffinityPreset.key` | PostgreSQL node label key to match Ignored if `postgresql.affinity` is set. | `""` | -| `postgresql.nodeAffinityPreset.values` | PostgreSQL node label values to match. Ignored if `postgresql.affinity` is set. | `[]` | -| `postgresql.affinity` | Affinity for PostgreSQL pods assignment | `{}` | -| `postgresql.nodeSelector` | Node labels for PostgreSQL pods assignment | `{}` | -| `postgresql.tolerations` | Tolerations for PostgreSQL pods assignment | `[]` | -| `postgresql.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `postgresql.priorityClassName` | Pod priority class | `""` | -| `postgresql.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `postgresql.terminationGracePeriodSeconds` | Seconds PostgreSQL pod needs to terminate gracefully | `""` | -| `postgresql.podSecurityContext.enabled` | Enable security context for PostgreSQL with Repmgr | `true` | -| `postgresql.podSecurityContext.fsGroup` | Group ID for the PostgreSQL with Repmgr filesystem | `1001` | -| `postgresql.containerSecurityContext.enabled` | Enable container security context | `true` | -| `postgresql.containerSecurityContext.runAsUser` | User ID for the PostgreSQL with Repmgr container | `1001` | -| `postgresql.containerSecurityContext.runAsGroup` | Group ID for the PostgreSQL with Repmgr container | `0` | -| `postgresql.containerSecurityContext.runAsNonRoot` | Set PostgreSQL with Repmgr containers' Security Context runAsNonRoot | `true` | -| `postgresql.containerSecurityContext.readOnlyRootFilesystem` | Set PostgreSQL with Repmgr containers' Security Context runAsNonRoot | `false` | -| `postgresql.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL with Repmgr container's Security Context allowPrivilegeEscalation | `false` | -| `postgresql.containerSecurityContext.seccompProfile.type` | Set PostgreSQL with Repmgr container's Security Context seccompProfile | `RuntimeDefault` | -| `postgresql.containerSecurityContext.capabilities.drop` | Set PostgreSQL with Repmgr container's Security Context capabilities to drop | `["ALL"]` | -| `postgresql.command` | Override default container command (useful when using custom images) | `[]` | -| `postgresql.args` | Override default container args (useful when using custom images) | `[]` | -| `postgresql.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | -| `postgresql.extraEnvVars` | Array containing extra environment variables | `[]` | -| `postgresql.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `postgresql.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `postgresql.extraVolumes` | Extra volumes to add to the deployment | `[]` | -| `postgresql.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | -| `postgresql.initContainers` | Extra init containers to add to the deployment | `[]` | -| `postgresql.sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `postgresql.resources.limits` | The resources limits for the container | `{}` | -| `postgresql.resources.requests` | The requested resources for the container | `{}` | -| `postgresql.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `postgresql.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `postgresql.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `postgresql.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `postgresql.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `postgresql.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `postgresql.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `postgresql.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `postgresql.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `postgresql.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `postgresql.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `postgresql.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `postgresql.startupProbe.enabled` | Enable startupProbe | `false` | -| `postgresql.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `postgresql.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `postgresql.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `postgresql.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `postgresql.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `postgresql.customLivenessProbe` | Override default liveness probe | `{}` | -| `postgresql.customReadinessProbe` | Override default readiness probe | `{}` | -| `postgresql.customStartupProbe` | Override default startup probe | `{}` | -| `postgresql.pdb.create` | Specifies whether to create a Pod disruption budget for PostgreSQL with Repmgr | `false` | -| `postgresql.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `postgresql.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `postgresql.username` | PostgreSQL username | `postgres` | -| `postgresql.password` | PostgreSQL password | `""` | -| `postgresql.database` | PostgreSQL database | `""` | -| `postgresql.existingSecret` | PostgreSQL password using existing secret | `""` | -| `postgresql.postgresPassword` | PostgreSQL password for the `postgres` user when `username` is not `postgres` | `""` | -| `postgresql.usePasswordFile` | Set to `true` to mount PostgreSQL secret as a file instead of passing environment variable | `""` | -| `postgresql.repmgrUsePassfile` | Set to `true` to configure repmgrl to use `passfile` instead of `password` vars*:*:*:username:password" and use it to configure Repmgr instead of using password (Requires Postgresql 10+, otherwise ignored) | `""` | -| `postgresql.repmgrPassfilePath` | Custom path where `passfile` will be stored | `""` | -| `postgresql.upgradeRepmgrExtension` | Upgrade repmgr extension in the database | `false` | -| `postgresql.pgHbaTrustAll` | Configures PostgreSQL HBA to trust every user | `false` | -| `postgresql.syncReplication` | Make the replication synchronous. This will wait until the data is synchronized in all the replicas before other query can be run. This ensures the data availability at the expenses of speed. | `false` | -| `postgresql.syncReplicationMode` | This specifies the method to choose synchronous standbys from the listed servers. Valid values: empty, FIRST, ANY. | `""` | -| `postgresql.repmgrUsername` | PostgreSQL Repmgr username | `repmgr` | -| `postgresql.repmgrPassword` | PostgreSQL Repmgr password | `""` | -| `postgresql.repmgrDatabase` | PostgreSQL Repmgr database | `repmgr` | -| `postgresql.repmgrLogLevel` | Repmgr log level (DEBUG, INFO, NOTICE, WARNING, ERROR, ALERT, CRIT or EMERG) | `NOTICE` | -| `postgresql.repmgrConnectTimeout` | Repmgr backend connection timeout (in seconds) | `5` | -| `postgresql.repmgrReconnectAttempts` | Repmgr backend reconnection attempts | `2` | -| `postgresql.repmgrReconnectInterval` | Repmgr backend reconnection interval (in seconds) | `3` | -| `postgresql.repmgrFenceOldPrimary` | Set if fencing of old primary in multiple primary situation is desired | `false` | -| `postgresql.repmgrChildNodesCheckInterval` | Repmgr child nodes check interval (in seconds) | `5` | -| `postgresql.repmgrChildNodesConnectedMinCount` | Repmgr minimum number of connected child nodes before being considered as failed primary for fencing | `1` | -| `postgresql.repmgrChildNodesDisconnectTimeout` | Repmgr time before node will be fenced when insufficient child nodes are detected (in seconds) | `30` | -| `postgresql.usePgRewind` | Use pg_rewind for standby failover (experimental) | `false` | -| `postgresql.audit.logHostname` | Add client hostnames to the log file | `true` | -| `postgresql.audit.logConnections` | Add client log-in operations to the log file | `false` | -| `postgresql.audit.logDisconnections` | Add client log-outs operations to the log file | `false` | -| `postgresql.audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | -| `postgresql.audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | -| `postgresql.audit.clientMinMessages` | Message log level to share with the user | `error` | -| `postgresql.audit.logLinePrefix` | Template string for the log line prefix | `""` | -| `postgresql.audit.logTimezone` | Timezone for the log timestamps | `""` | -| `postgresql.sharedPreloadLibraries` | Shared preload libraries (comma-separated list) | `pgaudit, repmgr` | -| `postgresql.maxConnections` | Maximum total connections | `""` | -| `postgresql.postgresConnectionLimit` | Maximum connections for the postgres user | `""` | -| `postgresql.dbUserConnectionLimit` | Maximum connections for the created user | `""` | -| `postgresql.tcpKeepalivesInterval` | TCP keepalives interval | `""` | -| `postgresql.tcpKeepalivesIdle` | TCP keepalives idle | `""` | -| `postgresql.tcpKeepalivesCount` | TCP keepalives count | `""` | -| `postgresql.statementTimeout` | Statement timeout | `""` | -| `postgresql.pghbaRemoveFilters` | Comma-separated list of patterns to remove from the pg_hba.conf file | `""` | -| `postgresql.extraInitContainers` | Extra init containers | `[]` | -| `postgresql.repmgrConfiguration` | Repmgr configuration | `""` | -| `postgresql.configuration` | PostgreSQL configuration | `""` | -| `postgresql.pgHbaConfiguration` | PostgreSQL client authentication configuration | `""` | -| `postgresql.configurationCM` | Name of existing ConfigMap with configuration files | `""` | -| `postgresql.extendedConf` | Extended PostgreSQL configuration (appended to main or default configuration). Implies `volumePermissions.enabled`. | `""` | -| `postgresql.extendedConfCM` | ConfigMap with PostgreSQL extended configuration | `""` | -| `postgresql.initdbScripts` | Dictionary of initdb scripts | `{}` | -| `postgresql.initdbScriptsCM` | ConfigMap with scripts to be run at first boot | `""` | -| `postgresql.initdbScriptsSecret` | Secret with scripts to be run at first boot | `""` | -| `postgresql.tls.enabled` | Enable TLS traffic support for end-client connections | `false` | -| `postgresql.tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | -| `postgresql.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | -| `postgresql.tls.certFilename` | Certificate filename | `""` | -| `postgresql.tls.certKeyFilename` | Certificate key filename | `""` | -| `postgresql.preStopDelayAfterPgStopSeconds` | Minimal number of seconds preStop hook waits after postgres instance is stopped | `25` | -| `postgresql.headlessWithNotReadyAddresses` | set postgres headless service into publishNotReadyAddresses mode | `false` | -| `witness.create` | Create PostgreSQL witness nodes | `false` | -| `witness.labels` | Labels to add to the StatefulSet. Evaluated as template | `{}` | -| `witness.podLabels` | Labels to add to the StatefulSet pods. Evaluated as template | `{}` | -| `witness.replicaCount` | Number of replicas to deploy. | `1` | -| `witness.updateStrategy.type` | Postgresql statefulset strategy type | `RollingUpdate` | -| `witness.containerPorts.postgresql` | PostgreSQL witness port | `5432` | -| `witness.hostAliases` | Deployment pod host aliases | `[]` | -| `witness.hostNetwork` | Specify if host network should be enabled for PostgreSQL witness pod | `false` | -| `witness.hostIPC` | Specify if host IPC should be enabled for PostgreSQL witness pod | `false` | -| `witness.podAnnotations` | Additional pod annotations | `{}` | -| `witness.podAffinityPreset` | PostgreSQL witness pod affinity preset. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `witness.podAntiAffinityPreset` | PostgreSQL witness pod anti-affinity preset. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `witness.nodeAffinityPreset.type` | PostgreSQL witness node affinity preset type. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `witness.nodeAffinityPreset.key` | PostgreSQL witness node label key to match Ignored if `witness.affinity` is set. | `""` | -| `witness.nodeAffinityPreset.values` | PostgreSQL witness node label values to match. Ignored if `witness.affinity` is set. | `[]` | -| `witness.affinity` | Affinity for PostgreSQL witness pods assignment | `{}` | -| `witness.nodeSelector` | Node labels for PostgreSQL witness pods assignment | `{}` | -| `witness.tolerations` | Tolerations for PostgreSQL witness pods assignment | `[]` | -| `witness.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `witness.priorityClassName` | Pod priority class | `""` | -| `witness.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `witness.terminationGracePeriodSeconds` | Seconds PostgreSQL witness pod needs to terminate gracefully | `""` | -| `witness.podSecurityContext.enabled` | Enable security context for PostgreSQL witness with Repmgr | `true` | -| `witness.podSecurityContext.fsGroup` | Group ID for the PostgreSQL witness with Repmgr filesystem | `1001` | -| `witness.containerSecurityContext.enabled` | Enable container security context | `true` | -| `witness.containerSecurityContext.runAsUser` | User ID for the PostgreSQL witness with Repmgr container | `1001` | -| `witness.containerSecurityContext.runAsGroup` | Group ID for the PostgreSQL witness with Repmgr container | `0` | -| `witness.containerSecurityContext.runAsNonRoot` | Set PostgreSQL witness with Repmgr containers' Security Context runAsNonRoot | `true` | -| `witness.containerSecurityContext.readOnlyRootFilesystem` | Set PostgreSQL witness with Repmgr containers' Security Context runAsNonRoot | `false` | -| `witness.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL witness with Repmgr container's Security Context allowPrivilegeEscalation | `false` | -| `witness.containerSecurityContext.seccompProfile.type` | Set PostgreSQL witness with Repmgr container's Security Context seccompProfile | `RuntimeDefault` | -| `witness.containerSecurityContext.capabilities.drop` | Set PostgreSQL witness with Repmgr container's Security Context capabilities to drop | `["ALL"]` | -| `witness.command` | Override default container command (useful when using custom images) | `[]` | -| `witness.args` | Override default container args (useful when using custom images) | `[]` | -| `witness.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | -| `witness.extraEnvVars` | Array containing extra environment variables | `[]` | -| `witness.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `witness.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `witness.extraVolumes` | Extra volumes to add to the deployment | `[]` | -| `witness.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | -| `witness.initContainers` | Extra init containers to add to the deployment | `[]` | -| `witness.sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `witness.resources.limits` | The resources limits for the container | `{}` | -| `witness.resources.requests` | The requested resources for the container | `{}` | -| `witness.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `witness.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `witness.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `witness.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `witness.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `witness.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `witness.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `witness.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `witness.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `witness.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `witness.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `witness.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `witness.startupProbe.enabled` | Enable startupProbe | `false` | -| `witness.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `witness.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `witness.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `witness.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `witness.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `witness.customLivenessProbe` | Override default liveness probe | `{}` | -| `witness.customReadinessProbe` | Override default readiness probe | `{}` | -| `witness.customStartupProbe` | Override default startup probe | `{}` | -| `witness.pdb.create` | Specifies whether to create a Pod disruption budget for PostgreSQL witness with Repmgr | `false` | -| `witness.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `witness.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `witness.upgradeRepmgrExtension` | Upgrade repmgr extension in the database | `false` | -| `witness.pgHbaTrustAll` | Configures PostgreSQL HBA to trust every user | `false` | -| `witness.repmgrLogLevel` | Repmgr log level (DEBUG, INFO, NOTICE, WARNING, ERROR, ALERT, CRIT or EMERG) | `NOTICE` | -| `witness.repmgrConnectTimeout` | Repmgr backend connection timeout (in seconds) | `5` | -| `witness.repmgrReconnectAttempts` | Repmgr backend reconnection attempts | `2` | -| `witness.repmgrReconnectInterval` | Repmgr backend reconnection interval (in seconds) | `3` | -| `witness.audit.logHostname` | Add client hostnames to the log file | `true` | -| `witness.audit.logConnections` | Add client log-in operations to the log file | `false` | -| `witness.audit.logDisconnections` | Add client log-outs operations to the log file | `false` | -| `witness.audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | -| `witness.audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | -| `witness.audit.clientMinMessages` | Message log level to share with the user | `error` | -| `witness.audit.logLinePrefix` | Template string for the log line prefix | `""` | -| `witness.audit.logTimezone` | Timezone for the log timestamps | `""` | -| `witness.maxConnections` | Maximum total connections | `""` | -| `witness.postgresConnectionLimit` | Maximum connections for the postgres user | `""` | -| `witness.dbUserConnectionLimit` | Maximum connections for the created user | `""` | -| `witness.tcpKeepalivesInterval` | TCP keepalives interval | `""` | -| `witness.tcpKeepalivesIdle` | TCP keepalives idle | `""` | -| `witness.tcpKeepalivesCount` | TCP keepalives count | `""` | -| `witness.statementTimeout` | Statement timeout | `""` | -| `witness.pghbaRemoveFilters` | Comma-separated list of patterns to remove from the pg_hba.conf file | `""` | -| `witness.extraInitContainers` | Extra init containers | `[]` | -| `witness.repmgrConfiguration` | Repmgr configuration | `""` | -| `witness.configuration` | PostgreSQL configuration | `""` | -| `witness.pgHbaConfiguration` | PostgreSQL client authentication configuration | `""` | -| `witness.configurationCM` | Name of existing ConfigMap with configuration files | `""` | -| `witness.extendedConf` | Extended PostgreSQL configuration (appended to main or default configuration). Implies `volumePermissions.enabled`. | `""` | -| `witness.extendedConfCM` | ConfigMap with PostgreSQL extended configuration | `""` | -| `witness.initdbScripts` | Dictionary of initdb scripts | `{}` | -| `witness.initdbScriptsCM` | ConfigMap with scripts to be run at first boot | `""` | -| `witness.initdbScriptsSecret` | Secret with scripts to be run at first boot | `""` | +| Name | Description | Value | +| -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `postgresql.image.registry` | PostgreSQL with Repmgr image registry | `REGISTRY_NAME` | +| `postgresql.image.repository` | PostgreSQL with Repmgr image repository | `REPOSITORY_NAME/postgresql-repmgr` | +| `postgresql.image.tag` | PostgreSQL with Repmgr image tag | `16.0.0-debian-11-r11` | +| `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `postgresql.image.pullPolicy` | PostgreSQL with Repmgr image pull policy | `IfNotPresent` | +| `postgresql.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `postgresql.image.debug` | Specify if debug logs should be enabled | `false` | +| `postgresql.labels` | Labels to add to the StatefulSet. Evaluated as template | `{}` | +| `postgresql.podLabels` | Labels to add to the StatefulSet pods. Evaluated as template | `{}` | +| `postgresql.serviceAnnotations` | Provide any additional annotations for PostgreSQL service | `{}` | +| `postgresql.replicaCount` | Number of replicas to deploy. Use an odd number. Having 3 replicas is the minimum to get quorum when promoting a new primary. | `3` | +| `postgresql.updateStrategy.type` | Postgresql statefulset strategy type | `RollingUpdate` | +| `postgresql.containerPorts.postgresql` | PostgreSQL port | `5432` | +| `postgresql.hostAliases` | Deployment pod host aliases | `[]` | +| `postgresql.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod | `false` | +| `postgresql.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod | `false` | +| `postgresql.podAnnotations` | Additional pod annotations | `{}` | +| `postgresql.podAffinityPreset` | PostgreSQL pod affinity preset. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `postgresql.podAntiAffinityPreset` | PostgreSQL pod anti-affinity preset. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `postgresql.nodeAffinityPreset.type` | PostgreSQL node affinity preset type. Ignored if `postgresql.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `postgresql.nodeAffinityPreset.key` | PostgreSQL node label key to match Ignored if `postgresql.affinity` is set. | `""` | +| `postgresql.nodeAffinityPreset.values` | PostgreSQL node label values to match. Ignored if `postgresql.affinity` is set. | `[]` | +| `postgresql.affinity` | Affinity for PostgreSQL pods assignment | `{}` | +| `postgresql.nodeSelector` | Node labels for PostgreSQL pods assignment | `{}` | +| `postgresql.tolerations` | Tolerations for PostgreSQL pods assignment | `[]` | +| `postgresql.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `postgresql.priorityClassName` | Pod priority class | `""` | +| `postgresql.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `postgresql.terminationGracePeriodSeconds` | Seconds PostgreSQL pod needs to terminate gracefully | `""` | +| `postgresql.podSecurityContext.enabled` | Enable security context for PostgreSQL with Repmgr | `true` | +| `postgresql.podSecurityContext.fsGroup` | Group ID for the PostgreSQL with Repmgr filesystem | `1001` | +| `postgresql.containerSecurityContext.enabled` | Enable container security context | `true` | +| `postgresql.containerSecurityContext.runAsUser` | User ID for the PostgreSQL with Repmgr container | `1001` | +| `postgresql.containerSecurityContext.runAsGroup` | Group ID for the PostgreSQL with Repmgr container | `0` | +| `postgresql.containerSecurityContext.runAsNonRoot` | Set PostgreSQL with Repmgr containers' Security Context runAsNonRoot | `true` | +| `postgresql.containerSecurityContext.readOnlyRootFilesystem` | Set PostgreSQL with Repmgr containers' Security Context runAsNonRoot | `false` | +| `postgresql.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL with Repmgr container's Security Context allowPrivilegeEscalation | `false` | +| `postgresql.containerSecurityContext.seccompProfile.type` | Set PostgreSQL with Repmgr container's Security Context seccompProfile | `RuntimeDefault` | +| `postgresql.containerSecurityContext.capabilities.drop` | Set PostgreSQL with Repmgr container's Security Context capabilities to drop | `["ALL"]` | +| `postgresql.command` | Override default container command (useful when using custom images) | `[]` | +| `postgresql.args` | Override default container args (useful when using custom images) | `[]` | +| `postgresql.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | +| `postgresql.extraEnvVars` | Array containing extra environment variables | `[]` | +| `postgresql.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `postgresql.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `postgresql.extraVolumes` | Extra volumes to add to the deployment | `[]` | +| `postgresql.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | +| `postgresql.initContainers` | Extra init containers to add to the deployment | `[]` | +| `postgresql.sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `postgresql.resources.limits` | The resources limits for the container | `{}` | +| `postgresql.resources.requests` | The requested resources for the container | `{}` | +| `postgresql.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `postgresql.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `postgresql.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `postgresql.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `postgresql.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `postgresql.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `postgresql.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `postgresql.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `postgresql.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `postgresql.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `postgresql.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `postgresql.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `postgresql.startupProbe.enabled` | Enable startupProbe | `false` | +| `postgresql.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `postgresql.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `postgresql.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `postgresql.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | +| `postgresql.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `postgresql.customLivenessProbe` | Override default liveness probe | `{}` | +| `postgresql.customReadinessProbe` | Override default readiness probe | `{}` | +| `postgresql.customStartupProbe` | Override default startup probe | `{}` | +| `postgresql.pdb.create` | Specifies whether to create a Pod disruption budget for PostgreSQL with Repmgr | `false` | +| `postgresql.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `postgresql.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `postgresql.username` | PostgreSQL username | `postgres` | +| `postgresql.password` | PostgreSQL password | `""` | +| `postgresql.database` | PostgreSQL database | `""` | +| `postgresql.existingSecret` | PostgreSQL password using existing secret | `""` | +| `postgresql.postgresPassword` | PostgreSQL password for the `postgres` user when `username` is not `postgres` | `""` | +| `postgresql.usePasswordFile` | Set to `true` to mount PostgreSQL secret as a file instead of passing environment variable | `""` | +| `postgresql.repmgrUsePassfile` | Set to `true` to configure repmgrl to use `passfile` instead of `password` vars*:*:*:username:password" and use it to configure Repmgr instead of using password (Requires Postgresql 10+, otherwise ignored) | `""` | +| `postgresql.repmgrPassfilePath` | Custom path where `passfile` will be stored | `""` | +| `postgresql.upgradeRepmgrExtension` | Upgrade repmgr extension in the database | `false` | +| `postgresql.pgHbaTrustAll` | Configures PostgreSQL HBA to trust every user | `false` | +| `postgresql.syncReplication` | Make the replication synchronous. This will wait until the data is synchronized in all the replicas before other query can be run. This ensures the data availability at the expenses of speed. | `false` | +| `postgresql.syncReplicationMode` | This specifies the method to choose synchronous standbys from the listed servers. Valid values: empty, FIRST, ANY. | `""` | +| `postgresql.repmgrUsername` | PostgreSQL Repmgr username | `repmgr` | +| `postgresql.repmgrPassword` | PostgreSQL Repmgr password | `""` | +| `postgresql.repmgrDatabase` | PostgreSQL Repmgr database | `repmgr` | +| `postgresql.repmgrLogLevel` | Repmgr log level (DEBUG, INFO, NOTICE, WARNING, ERROR, ALERT, CRIT or EMERG) | `NOTICE` | +| `postgresql.repmgrConnectTimeout` | Repmgr backend connection timeout (in seconds) | `5` | +| `postgresql.repmgrReconnectAttempts` | Repmgr backend reconnection attempts | `2` | +| `postgresql.repmgrReconnectInterval` | Repmgr backend reconnection interval (in seconds) | `3` | +| `postgresql.repmgrFenceOldPrimary` | Set if fencing of old primary in multiple primary situation is desired | `false` | +| `postgresql.repmgrChildNodesCheckInterval` | Repmgr child nodes check interval (in seconds) | `5` | +| `postgresql.repmgrChildNodesConnectedMinCount` | Repmgr minimum number of connected child nodes before being considered as failed primary for fencing | `1` | +| `postgresql.repmgrChildNodesDisconnectTimeout` | Repmgr time before node will be fenced when insufficient child nodes are detected (in seconds) | `30` | +| `postgresql.usePgRewind` | Use pg_rewind for standby failover (experimental) | `false` | +| `postgresql.audit.logHostname` | Add client hostnames to the log file | `true` | +| `postgresql.audit.logConnections` | Add client log-in operations to the log file | `false` | +| `postgresql.audit.logDisconnections` | Add client log-outs operations to the log file | `false` | +| `postgresql.audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | +| `postgresql.audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | +| `postgresql.audit.clientMinMessages` | Message log level to share with the user | `error` | +| `postgresql.audit.logLinePrefix` | Template string for the log line prefix | `""` | +| `postgresql.audit.logTimezone` | Timezone for the log timestamps | `""` | +| `postgresql.sharedPreloadLibraries` | Shared preload libraries (comma-separated list) | `pgaudit, repmgr` | +| `postgresql.maxConnections` | Maximum total connections | `""` | +| `postgresql.postgresConnectionLimit` | Maximum connections for the postgres user | `""` | +| `postgresql.dbUserConnectionLimit` | Maximum connections for the created user | `""` | +| `postgresql.tcpKeepalivesInterval` | TCP keepalives interval | `""` | +| `postgresql.tcpKeepalivesIdle` | TCP keepalives idle | `""` | +| `postgresql.tcpKeepalivesCount` | TCP keepalives count | `""` | +| `postgresql.statementTimeout` | Statement timeout | `""` | +| `postgresql.pghbaRemoveFilters` | Comma-separated list of patterns to remove from the pg_hba.conf file | `""` | +| `postgresql.extraInitContainers` | Extra init containers | `[]` | +| `postgresql.repmgrConfiguration` | Repmgr configuration | `""` | +| `postgresql.configuration` | PostgreSQL configuration | `""` | +| `postgresql.pgHbaConfiguration` | PostgreSQL client authentication configuration | `""` | +| `postgresql.configurationCM` | Name of existing ConfigMap with configuration files | `""` | +| `postgresql.extendedConf` | Extended PostgreSQL configuration (appended to main or default configuration). Implies `volumePermissions.enabled`. | `""` | +| `postgresql.extendedConfCM` | ConfigMap with PostgreSQL extended configuration | `""` | +| `postgresql.initdbScripts` | Dictionary of initdb scripts | `{}` | +| `postgresql.initdbScriptsCM` | ConfigMap with scripts to be run at first boot | `""` | +| `postgresql.initdbScriptsSecret` | Secret with scripts to be run at first boot | `""` | +| `postgresql.tls.enabled` | Enable TLS traffic support for end-client connections | `false` | +| `postgresql.tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | +| `postgresql.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | +| `postgresql.tls.certFilename` | Certificate filename | `""` | +| `postgresql.tls.certKeyFilename` | Certificate key filename | `""` | +| `postgresql.preStopDelayAfterPgStopSeconds` | Minimal number of seconds preStop hook waits after postgres instance is stopped | `25` | +| `postgresql.headlessWithNotReadyAddresses` | set postgres headless service into publishNotReadyAddresses mode | `false` | +| `witness.create` | Create PostgreSQL witness nodes | `false` | +| `witness.labels` | Labels to add to the StatefulSet. Evaluated as template | `{}` | +| `witness.podLabels` | Labels to add to the StatefulSet pods. Evaluated as template | `{}` | +| `witness.replicaCount` | Number of replicas to deploy. | `1` | +| `witness.updateStrategy.type` | Postgresql statefulset strategy type | `RollingUpdate` | +| `witness.containerPorts.postgresql` | PostgreSQL witness port | `5432` | +| `witness.hostAliases` | Deployment pod host aliases | `[]` | +| `witness.hostNetwork` | Specify if host network should be enabled for PostgreSQL witness pod | `false` | +| `witness.hostIPC` | Specify if host IPC should be enabled for PostgreSQL witness pod | `false` | +| `witness.podAnnotations` | Additional pod annotations | `{}` | +| `witness.podAffinityPreset` | PostgreSQL witness pod affinity preset. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `witness.podAntiAffinityPreset` | PostgreSQL witness pod anti-affinity preset. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `witness.nodeAffinityPreset.type` | PostgreSQL witness node affinity preset type. Ignored if `witness.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `witness.nodeAffinityPreset.key` | PostgreSQL witness node label key to match Ignored if `witness.affinity` is set. | `""` | +| `witness.nodeAffinityPreset.values` | PostgreSQL witness node label values to match. Ignored if `witness.affinity` is set. | `[]` | +| `witness.affinity` | Affinity for PostgreSQL witness pods assignment | `{}` | +| `witness.nodeSelector` | Node labels for PostgreSQL witness pods assignment | `{}` | +| `witness.tolerations` | Tolerations for PostgreSQL witness pods assignment | `[]` | +| `witness.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `witness.priorityClassName` | Pod priority class | `""` | +| `witness.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `witness.terminationGracePeriodSeconds` | Seconds PostgreSQL witness pod needs to terminate gracefully | `""` | +| `witness.podSecurityContext.enabled` | Enable security context for PostgreSQL witness with Repmgr | `true` | +| `witness.podSecurityContext.fsGroup` | Group ID for the PostgreSQL witness with Repmgr filesystem | `1001` | +| `witness.containerSecurityContext.enabled` | Enable container security context | `true` | +| `witness.containerSecurityContext.runAsUser` | User ID for the PostgreSQL witness with Repmgr container | `1001` | +| `witness.containerSecurityContext.runAsGroup` | Group ID for the PostgreSQL witness with Repmgr container | `0` | +| `witness.containerSecurityContext.runAsNonRoot` | Set PostgreSQL witness with Repmgr containers' Security Context runAsNonRoot | `true` | +| `witness.containerSecurityContext.readOnlyRootFilesystem` | Set PostgreSQL witness with Repmgr containers' Security Context runAsNonRoot | `false` | +| `witness.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL witness with Repmgr container's Security Context allowPrivilegeEscalation | `false` | +| `witness.containerSecurityContext.seccompProfile.type` | Set PostgreSQL witness with Repmgr container's Security Context seccompProfile | `RuntimeDefault` | +| `witness.containerSecurityContext.capabilities.drop` | Set PostgreSQL witness with Repmgr container's Security Context capabilities to drop | `["ALL"]` | +| `witness.command` | Override default container command (useful when using custom images) | `[]` | +| `witness.args` | Override default container args (useful when using custom images) | `[]` | +| `witness.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | +| `witness.extraEnvVars` | Array containing extra environment variables | `[]` | +| `witness.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `witness.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `witness.extraVolumes` | Extra volumes to add to the deployment | `[]` | +| `witness.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes`. | `[]` | +| `witness.initContainers` | Extra init containers to add to the deployment | `[]` | +| `witness.sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `witness.resources.limits` | The resources limits for the container | `{}` | +| `witness.resources.requests` | The requested resources for the container | `{}` | +| `witness.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `witness.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `witness.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `witness.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `witness.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `witness.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `witness.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `witness.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `witness.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `witness.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `witness.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `witness.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `witness.startupProbe.enabled` | Enable startupProbe | `false` | +| `witness.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `witness.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `witness.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `witness.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | +| `witness.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `witness.customLivenessProbe` | Override default liveness probe | `{}` | +| `witness.customReadinessProbe` | Override default readiness probe | `{}` | +| `witness.customStartupProbe` | Override default startup probe | `{}` | +| `witness.pdb.create` | Specifies whether to create a Pod disruption budget for PostgreSQL witness with Repmgr | `false` | +| `witness.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `witness.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `witness.upgradeRepmgrExtension` | Upgrade repmgr extension in the database | `false` | +| `witness.pgHbaTrustAll` | Configures PostgreSQL HBA to trust every user | `false` | +| `witness.repmgrLogLevel` | Repmgr log level (DEBUG, INFO, NOTICE, WARNING, ERROR, ALERT, CRIT or EMERG) | `NOTICE` | +| `witness.repmgrConnectTimeout` | Repmgr backend connection timeout (in seconds) | `5` | +| `witness.repmgrReconnectAttempts` | Repmgr backend reconnection attempts | `2` | +| `witness.repmgrReconnectInterval` | Repmgr backend reconnection interval (in seconds) | `3` | +| `witness.audit.logHostname` | Add client hostnames to the log file | `true` | +| `witness.audit.logConnections` | Add client log-in operations to the log file | `false` | +| `witness.audit.logDisconnections` | Add client log-outs operations to the log file | `false` | +| `witness.audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | +| `witness.audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | +| `witness.audit.clientMinMessages` | Message log level to share with the user | `error` | +| `witness.audit.logLinePrefix` | Template string for the log line prefix | `""` | +| `witness.audit.logTimezone` | Timezone for the log timestamps | `""` | +| `witness.maxConnections` | Maximum total connections | `""` | +| `witness.postgresConnectionLimit` | Maximum connections for the postgres user | `""` | +| `witness.dbUserConnectionLimit` | Maximum connections for the created user | `""` | +| `witness.tcpKeepalivesInterval` | TCP keepalives interval | `""` | +| `witness.tcpKeepalivesIdle` | TCP keepalives idle | `""` | +| `witness.tcpKeepalivesCount` | TCP keepalives count | `""` | +| `witness.statementTimeout` | Statement timeout | `""` | +| `witness.pghbaRemoveFilters` | Comma-separated list of patterns to remove from the pg_hba.conf file | `""` | +| `witness.extraInitContainers` | Extra init containers | `[]` | +| `witness.repmgrConfiguration` | Repmgr configuration | `""` | +| `witness.configuration` | PostgreSQL configuration | `""` | +| `witness.pgHbaConfiguration` | PostgreSQL client authentication configuration | `""` | +| `witness.configurationCM` | Name of existing ConfigMap with configuration files | `""` | +| `witness.extendedConf` | Extended PostgreSQL configuration (appended to main or default configuration). Implies `volumePermissions.enabled`. | `""` | +| `witness.extendedConfCM` | ConfigMap with PostgreSQL extended configuration | `""` | +| `witness.initdbScripts` | Dictionary of initdb scripts | `{}` | +| `witness.initdbScriptsCM` | ConfigMap with scripts to be run at first boot | `""` | +| `witness.initdbScriptsSecret` | Secret with scripts to be run at first boot | `""` | ### Pgpool parameters -| Name | Description | Value | -| ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `pgpool.image.registry` | Pgpool image registry | `docker.io` | -| `pgpool.image.repository` | Pgpool image repository | `bitnami/pgpool` | -| `pgpool.image.tag` | Pgpool image tag | `4.4.4-debian-11-r45` | -| `pgpool.image.digest` | Pgpool image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `pgpool.image.pullPolicy` | Pgpool image pull policy | `IfNotPresent` | -| `pgpool.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `pgpool.image.debug` | Specify if debug logs should be enabled | `false` | -| `pgpool.customUsers.usernames` | Comma or semicolon separated list of additional users that will be performing connections to the database using pgpool. | `""` | -| `pgpool.customUsers.passwords` | Comma or semicolon separated list of the associated passwords for the users above. Must have the same number of elements as the usernames list. | `""` | -| `pgpool.hostAliases` | Deployment pod host aliases | `[]` | -| `pgpool.customUsersSecret` | Name of a secret containing the usernames and passwords of accounts that will be added to pgpool_passwd | `""` | -| `pgpool.existingSecret` | Pgpool admin password using existing secret | `""` | -| `pgpool.srCheckDatabase` | Name of the database to perform streaming replication checks | `postgres` | -| `pgpool.labels` | Labels to add to the Deployment. Evaluated as template | `{}` | -| `pgpool.podLabels` | Labels to add to the pods. Evaluated as template | `{}` | -| `pgpool.serviceLabels` | Labels to add to the service. Evaluated as template | `{}` | -| `pgpool.serviceAnnotations` | Provide any additional annotations for Pgpool service | `{}` | -| `pgpool.customLivenessProbe` | Override default liveness probe | `{}` | -| `pgpool.customReadinessProbe` | Override default readiness probe | `{}` | -| `pgpool.customStartupProbe` | Override default startup probe | `{}` | -| `pgpool.command` | Override default container command (useful when using custom images) | `[]` | -| `pgpool.args` | Override default container args (useful when using custom images) | `[]` | -| `pgpool.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | -| `pgpool.extraEnvVars` | Array containing extra environment variables | `[]` | -| `pgpool.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `pgpool.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `pgpool.extraVolumes` | Extra volumes to add to the deployment | `[]` | -| `pgpool.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | -| `pgpool.initContainers` | Extra init containers to add to the deployment | `[]` | -| `pgpool.sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `pgpool.replicaCount` | The number of replicas to deploy | `1` | -| `pgpool.podAnnotations` | Additional pod annotations | `{}` | -| `pgpool.priorityClassName` | Pod priority class | `""` | -| `pgpool.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `pgpool.terminationGracePeriodSeconds` | Seconds pgpool pod needs to terminate gracefully | `""` | -| `pgpool.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `pgpool.podAffinityPreset` | Pgpool pod affinity preset. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `pgpool.podAntiAffinityPreset` | Pgpool pod anti-affinity preset. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `pgpool.nodeAffinityPreset.type` | Pgpool node affinity preset type. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `pgpool.nodeAffinityPreset.key` | Pgpool node label key to match Ignored if `pgpool.affinity` is set. | `""` | -| `pgpool.nodeAffinityPreset.values` | Pgpool node label values to match. Ignored if `pgpool.affinity` is set. | `[]` | -| `pgpool.affinity` | Affinity for Pgpool pods assignment | `{}` | -| `pgpool.nodeSelector` | Node labels for Pgpool pods assignment | `{}` | -| `pgpool.tolerations` | Tolerations for Pgpool pods assignment | `[]` | -| `pgpool.podSecurityContext.enabled` | Enable security context for Pgpool | `true` | -| `pgpool.podSecurityContext.fsGroup` | Group ID for the Pgpool filesystem | `1001` | -| `pgpool.containerSecurityContext.enabled` | Enable container security context | `true` | -| `pgpool.containerSecurityContext.runAsUser` | User ID for the Pgpool container | `1001` | -| `pgpool.containerSecurityContext.runAsGroup` | User ID for the Pgpool container | `0` | -| `pgpool.containerSecurityContext.runAsNonRoot` | Set Pgpool containers' Security Context runAsNonRoot | `true` | -| `pgpool.containerSecurityContext.readOnlyRootFilesystem` | Set Pgpool containers' Security Context runAsNonRoot | `false` | -| `pgpool.containerSecurityContext.allowPrivilegeEscalation` | Set Pgpool container's Security Context allowPrivilegeEscalation | `false` | -| `pgpool.containerSecurityContext.seccompProfile.type` | Set Pgpool container's Security Context seccompProfile | `RuntimeDefault` | -| `pgpool.containerSecurityContext.capabilities.drop` | Set Pgpool container's Security Context capabilities to drop | `["ALL"]` | -| `pgpool.resources.limits` | The resources limits for the container | `{}` | -| `pgpool.resources.requests` | The requested resources for the container | `{}` | -| `pgpool.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `pgpool.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `pgpool.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `pgpool.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `pgpool.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `pgpool.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `pgpool.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `pgpool.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `pgpool.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `pgpool.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `pgpool.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `pgpool.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `pgpool.startupProbe.enabled` | Enable startupProbe | `false` | -| `pgpool.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `pgpool.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `pgpool.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `pgpool.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `pgpool.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `pgpool.pdb.create` | Specifies whether a Pod disruption budget should be created for Pgpool pods | `false` | -| `pgpool.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | -| `pgpool.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | -| `pgpool.updateStrategy` | Strategy used to replace old Pods by new ones | `{}` | -| `pgpool.containerPorts.postgresql` | Pgpool port | `5432` | -| `pgpool.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `""` | -| `pgpool.adminUsername` | Pgpool Admin username | `admin` | -| `pgpool.adminPassword` | Pgpool Admin password | `""` | -| `pgpool.usePasswordFile` | Set to `true` to mount pgpool secret as a file instead of passing environment variable | `""` | -| `pgpool.authenticationMethod` | Pgpool authentication method. Use 'md5' for PSQL < 14. | `scram-sha-256` | -| `pgpool.logConnections` | Log all client connections (PGPOOL_ENABLE_LOG_CONNECTIONS) | `false` | -| `pgpool.logHostname` | Log the client hostname instead of IP address (PGPOOL_ENABLE_LOG_HOSTNAME) | `true` | -| `pgpool.logPerNodeStatement` | Log every SQL statement for each DB node separately (PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT) | `false` | -| `pgpool.logLinePrefix` | Format of the log entry lines (PGPOOL_LOG_LINE_PREFIX) | `""` | -| `pgpool.clientMinMessages` | Log level for clients | `error` | -| `pgpool.numInitChildren` | The number of preforked Pgpool-II server processes. It is also the concurrent | `""` | -| `pgpool.reservedConnections` | Number of reserved connections. When zero, excess connection block. When non-zero, excess connections are refused with an error message. | `1` | -| `pgpool.maxPool` | The maximum number of cached connections in each child process (PGPOOL_MAX_POOL) | `""` | -| `pgpool.childMaxConnections` | The maximum number of client connections in each child process (PGPOOL_CHILD_MAX_CONNECTIONS) | `""` | -| `pgpool.childLifeTime` | The time in seconds to terminate a Pgpool-II child process if it remains idle (PGPOOL_CHILD_LIFE_TIME) | `""` | -| `pgpool.clientIdleLimit` | The time in seconds to disconnect a client if it remains idle since the last query (PGPOOL_CLIENT_IDLE_LIMIT) | `""` | -| `pgpool.connectionLifeTime` | The time in seconds to terminate the cached connections to the PostgreSQL backend (PGPOOL_CONNECTION_LIFE_TIME) | `""` | -| `pgpool.useLoadBalancing` | Use Pgpool Load-Balancing | `true` | -| `pgpool.disableLoadBalancingOnWrite` | LoadBalancer on write actions behavior | `transaction` | -| `pgpool.configuration` | Pgpool configuration | `""` | -| `pgpool.configurationCM` | ConfigMap with Pgpool configuration | `""` | -| `pgpool.initdbScripts` | Dictionary of initdb scripts | `{}` | -| `pgpool.initdbScriptsCM` | ConfigMap with scripts to be run every time Pgpool container is initialized | `""` | -| `pgpool.initdbScriptsSecret` | Secret with scripts to be run every time Pgpool container is initialized | `""` | -| `pgpool.tls.enabled` | Enable TLS traffic support for end-client connections | `false` | -| `pgpool.tls.autoGenerated` | Create self-signed TLS certificates. Currently only supports PEM certificates | `false` | -| `pgpool.tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | -| `pgpool.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | -| `pgpool.tls.certFilename` | Certificate filename | `""` | -| `pgpool.tls.certKeyFilename` | Certificate key filename | `""` | -| `pgpool.tls.certCAFilename` | CA Certificate filename | `""` | +| Name | Description | Value | +| ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `pgpool.image.registry` | Pgpool image registry | `REGISTRY_NAME` | +| `pgpool.image.repository` | Pgpool image repository | `REPOSITORY_NAME/pgpool` | +| `pgpool.image.tag` | Pgpool image tag | `4.4.4-debian-11-r45` | +| `pgpool.image.digest` | Pgpool image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `pgpool.image.pullPolicy` | Pgpool image pull policy | `IfNotPresent` | +| `pgpool.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `pgpool.image.debug` | Specify if debug logs should be enabled | `false` | +| `pgpool.customUsers.usernames` | Comma or semicolon separated list of additional users that will be performing connections to the database using pgpool. | `""` | +| `pgpool.customUsers.passwords` | Comma or semicolon separated list of the associated passwords for the users above. Must have the same number of elements as the usernames list. | `""` | +| `pgpool.hostAliases` | Deployment pod host aliases | `[]` | +| `pgpool.customUsersSecret` | Name of a secret containing the usernames and passwords of accounts that will be added to pgpool_passwd | `""` | +| `pgpool.existingSecret` | Pgpool admin password using existing secret | `""` | +| `pgpool.srCheckDatabase` | Name of the database to perform streaming replication checks | `postgres` | +| `pgpool.labels` | Labels to add to the Deployment. Evaluated as template | `{}` | +| `pgpool.podLabels` | Labels to add to the pods. Evaluated as template | `{}` | +| `pgpool.serviceLabels` | Labels to add to the service. Evaluated as template | `{}` | +| `pgpool.serviceAnnotations` | Provide any additional annotations for Pgpool service | `{}` | +| `pgpool.customLivenessProbe` | Override default liveness probe | `{}` | +| `pgpool.customReadinessProbe` | Override default readiness probe | `{}` | +| `pgpool.customStartupProbe` | Override default startup probe | `{}` | +| `pgpool.command` | Override default container command (useful when using custom images) | `[]` | +| `pgpool.args` | Override default container args (useful when using custom images) | `[]` | +| `pgpool.lifecycleHooks` | LifecycleHook to set additional configuration at startup, e.g. LDAP settings via REST API. Evaluated as a template | `{}` | +| `pgpool.extraEnvVars` | Array containing extra environment variables | `[]` | +| `pgpool.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `pgpool.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `pgpool.extraVolumes` | Extra volumes to add to the deployment | `[]` | +| `pgpool.extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | +| `pgpool.initContainers` | Extra init containers to add to the deployment | `[]` | +| `pgpool.sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `pgpool.replicaCount` | The number of replicas to deploy | `1` | +| `pgpool.podAnnotations` | Additional pod annotations | `{}` | +| `pgpool.priorityClassName` | Pod priority class | `""` | +| `pgpool.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `pgpool.terminationGracePeriodSeconds` | Seconds pgpool pod needs to terminate gracefully | `""` | +| `pgpool.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `pgpool.podAffinityPreset` | Pgpool pod affinity preset. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `pgpool.podAntiAffinityPreset` | Pgpool pod anti-affinity preset. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `pgpool.nodeAffinityPreset.type` | Pgpool node affinity preset type. Ignored if `pgpool.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `pgpool.nodeAffinityPreset.key` | Pgpool node label key to match Ignored if `pgpool.affinity` is set. | `""` | +| `pgpool.nodeAffinityPreset.values` | Pgpool node label values to match. Ignored if `pgpool.affinity` is set. | `[]` | +| `pgpool.affinity` | Affinity for Pgpool pods assignment | `{}` | +| `pgpool.nodeSelector` | Node labels for Pgpool pods assignment | `{}` | +| `pgpool.tolerations` | Tolerations for Pgpool pods assignment | `[]` | +| `pgpool.podSecurityContext.enabled` | Enable security context for Pgpool | `true` | +| `pgpool.podSecurityContext.fsGroup` | Group ID for the Pgpool filesystem | `1001` | +| `pgpool.containerSecurityContext.enabled` | Enable container security context | `true` | +| `pgpool.containerSecurityContext.runAsUser` | User ID for the Pgpool container | `1001` | +| `pgpool.containerSecurityContext.runAsGroup` | User ID for the Pgpool container | `0` | +| `pgpool.containerSecurityContext.runAsNonRoot` | Set Pgpool containers' Security Context runAsNonRoot | `true` | +| `pgpool.containerSecurityContext.readOnlyRootFilesystem` | Set Pgpool containers' Security Context runAsNonRoot | `false` | +| `pgpool.containerSecurityContext.allowPrivilegeEscalation` | Set Pgpool container's Security Context allowPrivilegeEscalation | `false` | +| `pgpool.containerSecurityContext.seccompProfile.type` | Set Pgpool container's Security Context seccompProfile | `RuntimeDefault` | +| `pgpool.containerSecurityContext.capabilities.drop` | Set Pgpool container's Security Context capabilities to drop | `["ALL"]` | +| `pgpool.resources.limits` | The resources limits for the container | `{}` | +| `pgpool.resources.requests` | The requested resources for the container | `{}` | +| `pgpool.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `pgpool.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `pgpool.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `pgpool.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `pgpool.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `pgpool.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `pgpool.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `pgpool.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `pgpool.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `pgpool.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `pgpool.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `pgpool.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `pgpool.startupProbe.enabled` | Enable startupProbe | `false` | +| `pgpool.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `pgpool.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `pgpool.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `pgpool.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | +| `pgpool.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `pgpool.pdb.create` | Specifies whether a Pod disruption budget should be created for Pgpool pods | `false` | +| `pgpool.pdb.minAvailable` | Minimum number / percentage of pods that should remain scheduled | `1` | +| `pgpool.pdb.maxUnavailable` | Maximum number / percentage of pods that may be made unavailable | `""` | +| `pgpool.updateStrategy` | Strategy used to replace old Pods by new ones | `{}` | +| `pgpool.containerPorts.postgresql` | Pgpool port | `5432` | +| `pgpool.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `""` | +| `pgpool.adminUsername` | Pgpool Admin username | `admin` | +| `pgpool.adminPassword` | Pgpool Admin password | `""` | +| `pgpool.usePasswordFile` | Set to `true` to mount pgpool secret as a file instead of passing environment variable | `""` | +| `pgpool.authenticationMethod` | Pgpool authentication method. Use 'md5' for PSQL < 14. | `scram-sha-256` | +| `pgpool.logConnections` | Log all client connections (PGPOOL_ENABLE_LOG_CONNECTIONS) | `false` | +| `pgpool.logHostname` | Log the client hostname instead of IP address (PGPOOL_ENABLE_LOG_HOSTNAME) | `true` | +| `pgpool.logPerNodeStatement` | Log every SQL statement for each DB node separately (PGPOOL_ENABLE_LOG_PER_NODE_STATEMENT) | `false` | +| `pgpool.logLinePrefix` | Format of the log entry lines (PGPOOL_LOG_LINE_PREFIX) | `""` | +| `pgpool.clientMinMessages` | Log level for clients | `error` | +| `pgpool.numInitChildren` | The number of preforked Pgpool-II server processes. It is also the concurrent | `""` | +| `pgpool.reservedConnections` | Number of reserved connections. When zero, excess connection block. When non-zero, excess connections are refused with an error message. | `1` | +| `pgpool.maxPool` | The maximum number of cached connections in each child process (PGPOOL_MAX_POOL) | `""` | +| `pgpool.childMaxConnections` | The maximum number of client connections in each child process (PGPOOL_CHILD_MAX_CONNECTIONS) | `""` | +| `pgpool.childLifeTime` | The time in seconds to terminate a Pgpool-II child process if it remains idle (PGPOOL_CHILD_LIFE_TIME) | `""` | +| `pgpool.clientIdleLimit` | The time in seconds to disconnect a client if it remains idle since the last query (PGPOOL_CLIENT_IDLE_LIMIT) | `""` | +| `pgpool.connectionLifeTime` | The time in seconds to terminate the cached connections to the PostgreSQL backend (PGPOOL_CONNECTION_LIFE_TIME) | `""` | +| `pgpool.useLoadBalancing` | Use Pgpool Load-Balancing | `true` | +| `pgpool.disableLoadBalancingOnWrite` | LoadBalancer on write actions behavior | `transaction` | +| `pgpool.configuration` | Pgpool configuration | `""` | +| `pgpool.configurationCM` | ConfigMap with Pgpool configuration | `""` | +| `pgpool.initdbScripts` | Dictionary of initdb scripts | `{}` | +| `pgpool.initdbScriptsCM` | ConfigMap with scripts to be run every time Pgpool container is initialized | `""` | +| `pgpool.initdbScriptsSecret` | Secret with scripts to be run every time Pgpool container is initialized | `""` | +| `pgpool.tls.enabled` | Enable TLS traffic support for end-client connections | `false` | +| `pgpool.tls.autoGenerated` | Create self-signed TLS certificates. Currently only supports PEM certificates | `false` | +| `pgpool.tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | +| `pgpool.tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | +| `pgpool.tls.certFilename` | Certificate filename | `""` | +| `pgpool.tls.certKeyFilename` | Certificate key filename | `""` | +| `pgpool.tls.certCAFilename` | CA Certificate filename | `""` | ### LDAP parameters @@ -470,86 +474,86 @@ Additionally, if `persistence.resourcePolicy` is set to `keep`, you should manua ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `metrics.enabled` | Enable PostgreSQL Prometheus exporter | `false` | -| `metrics.image.registry` | PostgreSQL Prometheus exporter image registry | `docker.io` | -| `metrics.image.repository` | PostgreSQL Prometheus exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus exporter image tag | `0.14.0-debian-11-r15` | -| `metrics.image.digest` | PostgreSQL Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | PostgreSQL Prometheus exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.image.debug` | Specify if debug logs should be enabled | `false` | -| `metrics.podSecurityContext.enabled` | Enable security context for PostgreSQL Prometheus exporter | `true` | -| `metrics.podSecurityContext.runAsUser` | User ID for the PostgreSQL Prometheus exporter container | `1001` | -| `metrics.podSecurityContext.runAsGroup` | Group ID for the PostgreSQL Prometheus exporter container | `0` | -| `metrics.podSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter container's Security Context runAsNonRoot | `true` | -| `metrics.podSecurityContext.seccompProfile.type` | Set PostgreSQL Prometheus exporter container's Security Context seccompProfile | `RuntimeDefault` | -| `metrics.resources.limits` | The resources limits for the container | `{}` | -| `metrics.resources.requests` | The requested resources for the container | `{}` | -| `metrics.containerPorts.http` | Prometheus metrics exporter port | `9187` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Override default liveness probe | `{}` | -| `metrics.customReadinessProbe` | Override default readiness probe | `{}` | -| `metrics.customStartupProbe` | Override default startup probe | `{}` | -| `metrics.service.type` | PostgreSQL Prometheus exporter metrics service type | `ClusterIP` | -| `metrics.service.ports.metrics` | PostgreSQL Prometheus exporter metrics service port | `9187` | -| `metrics.service.nodePorts.metrics` | PostgreSQL Prometheus exporter Node Port | `""` | -| `metrics.service.clusterIP` | PostgreSQL Prometheus exporter metrics service Cluster IP | `""` | -| `metrics.service.loadBalancerIP` | PostgreSQL Prometheus exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | PostgreSQL Prometheus exporter service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | PostgreSQL Prometheus exporter service external traffic policy | `Cluster` | -| `metrics.annotations` | Annotations for PostgreSQL Prometheus exporter service | `{}` | -| `metrics.customMetrics` | Additional custom metrics | `{}` | -| `metrics.extraEnvVars` | Array containing extra environment variables | `[]` | -| `metrics.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `metrics.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Service monitor scrape timeout | `""` | -| `metrics.serviceMonitor.annotations` | Additional annotations for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Defaults to what's used if you follow CoreOS Prometheus Install Instructions () | `{}` | -| `metrics.serviceMonitor.relabelings` | ServiceMonitor relabelings. Value is evaluated as a template | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings. Value is evaluated as a template | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| Name | Description | Value | +| ------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `metrics.enabled` | Enable PostgreSQL Prometheus exporter | `false` | +| `metrics.image.registry` | PostgreSQL Prometheus exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | PostgreSQL Prometheus exporter image repository | `REPOSITORY_NAME/postgres-exporter` | +| `metrics.image.tag` | PostgreSQL Prometheus exporter image tag | `0.14.0-debian-11-r15` | +| `metrics.image.digest` | PostgreSQL Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | PostgreSQL Prometheus exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.image.debug` | Specify if debug logs should be enabled | `false` | +| `metrics.podSecurityContext.enabled` | Enable security context for PostgreSQL Prometheus exporter | `true` | +| `metrics.podSecurityContext.runAsUser` | User ID for the PostgreSQL Prometheus exporter container | `1001` | +| `metrics.podSecurityContext.runAsGroup` | Group ID for the PostgreSQL Prometheus exporter container | `0` | +| `metrics.podSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter container's Security Context runAsNonRoot | `true` | +| `metrics.podSecurityContext.seccompProfile.type` | Set PostgreSQL Prometheus exporter container's Security Context seccompProfile | `RuntimeDefault` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.containerPorts.http` | Prometheus metrics exporter port | `9187` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Override default liveness probe | `{}` | +| `metrics.customReadinessProbe` | Override default readiness probe | `{}` | +| `metrics.customStartupProbe` | Override default startup probe | `{}` | +| `metrics.service.type` | PostgreSQL Prometheus exporter metrics service type | `ClusterIP` | +| `metrics.service.ports.metrics` | PostgreSQL Prometheus exporter metrics service port | `9187` | +| `metrics.service.nodePorts.metrics` | PostgreSQL Prometheus exporter Node Port | `""` | +| `metrics.service.clusterIP` | PostgreSQL Prometheus exporter metrics service Cluster IP | `""` | +| `metrics.service.loadBalancerIP` | PostgreSQL Prometheus exporter service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | PostgreSQL Prometheus exporter service Load Balancer sources | `[]` | +| `metrics.service.externalTrafficPolicy` | PostgreSQL Prometheus exporter service external traffic policy | `Cluster` | +| `metrics.annotations` | Annotations for PostgreSQL Prometheus exporter service | `{}` | +| `metrics.customMetrics` | Additional custom metrics | `{}` | +| `metrics.extraEnvVars` | Array containing extra environment variables | `[]` | +| `metrics.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `metrics.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Service monitor scrape timeout | `""` | +| `metrics.serviceMonitor.annotations` | Additional annotations for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Defaults to what's used if you follow CoreOS Prometheus Install Instructions () | `{}` | +| `metrics.serviceMonitor.relabelings` | ServiceMonitor relabelings. Value is evaluated as a template | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | ServiceMonitor metricRelabelings. Value is evaluated as a template | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | ### Volume permissions parameters -| Name | Description | Value | -| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container to adapt volume permissions | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.podSecurityContext.runAsUser` | Init container volume-permissions User ID | `0` | -| `volumePermissions.podSecurityContext.runAsGroup` | Group ID for the init container volume-permissions container | `0` | -| `volumePermissions.podSecurityContext.runAsNonRoot` | Set Security Context runAsNonRoot for the init container volume-permissions container | `false` | -| `volumePermissions.podSecurityContext.seccompProfile.type` | Set Security Context seccompProfile for the init container volume-permissions container | `RuntimeDefault` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container to adapt volume permissions | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.podSecurityContext.runAsUser` | Init container volume-permissions User ID | `0` | +| `volumePermissions.podSecurityContext.runAsGroup` | Group ID for the init container volume-permissions container | `0` | +| `volumePermissions.podSecurityContext.runAsNonRoot` | Set Security Context runAsNonRoot for the init container volume-permissions container | `false` | +| `volumePermissions.podSecurityContext.seccompProfile.type` | Set Security Context seccompProfile for the init container volume-permissions container | `RuntimeDefault` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Persistence parameters @@ -593,9 +597,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set postgresql.password=password \ - oci://registry-1.docker.io/bitnamicharts/postgresql-ha + oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the password for user `postgres` to `password`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -775,11 +781,12 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to specify the existing passwords while performing a upgrade to ensure the secrets are not updated with invalid randomly generated passwords. Remember to specify the existing values of the `postgresql.password` and `postgresql.repmgrPassword` parameters when upgrading the chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRES_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders *[POSTGRES_PASSWORD]*, and *[REPMGR_PASSWORD]* with the values obtained from instructions in the installation notes. > Note: As general rule, it is always wise to do a backup before the upgrading procedures. @@ -822,22 +829,25 @@ A new major version of repmgr (5.3) was included. To upgrade to this major versi - Reduce your PostgreSQL setup to one replica (primary node) and upgrade to `8.0.0`, enabling the repmgr extension upgrade: ```console -helm upgrade my-release --version 8.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 8.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=1 \ --set postgresql.upgradeRepmgrExtension=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Scale your PostgreSQL setup to the original number of replicas: ```console -helm upgrade my-release --version 8.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 8.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=[NUMBER_OF_REPLICAS] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders *[POSTGRESQL_PASSWORD]*, and *[REPMGR_PASSWORD]* with the values obtained from instructions in the installation notes. ### To 6.4.0 @@ -875,22 +885,25 @@ A new version of repmgr (5.2.0) was included. To upgrade to this version, it's - Reduce your PostgreSQL setup to one replica (primary node) and upgrade to `5.2.0`, enabling the repmgr extension upgrade: ```console -helm upgrade my-release --version 5.2.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 5.2.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=1 \ --set postgresql.upgradeRepmgrExtension=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Scale your PostgreSQL setup to the original number of replicas: ```console -helm upgrade my-release --version 5.2.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 5.2.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=[NUMBER_OF_REPLICAS] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders *[POSTGRESQL_PASSWORD]*, and *[REPMGR_PASSWORD]* with the values obtained from instructions in the installation notes (`helm get notes RELEASE_NAME`). ### To 5.0.0 @@ -905,7 +918,7 @@ $ # e.g. Previous deployment v3.9.1 helm install my-release \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ - oci://registry-1.docker.io/bitnamicharts/postgresql-ha --version 3.9.1 + oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha --version 3.9.1 $ # Update repository information helm repo update @@ -915,9 +928,11 @@ helm delete my-release helm install my-release \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ - oci://registry-1.docker.io/bitnamicharts/postgresql-ha --version 5.0.0 + oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha --version 5.0.0 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 4.0.x Due to an error handling the version numbers these versions are actually part of the 3.x versions and not a new major version. @@ -929,22 +944,25 @@ A new major version of repmgr (5.1.0) was included. To upgrade to this major ver - Reduce your PostgreSQL setup to one replica (primary node) and upgrade to `3.0.0`, enabling the repmgr extension upgrade: ```console -helm upgrade my-release --version 3.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 3.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=1 \ --set postgresql.upgradeRepmgrExtension=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Scale your PostgreSQL setup to the original number of replicas: ```console -helm upgrade my-release --version 3.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 3.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=[NUMBER_OF_REPLICAS] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders *[POSTGRESQL_PASSWORD]*, and *[REPMGR_PASSWORD]* with the values obtained from instructions in the installation notes. ### To 2.0.0 @@ -963,22 +981,25 @@ A new major version of repmgr (5.0.0) was included. To upgrade to this major ver - Reduce your PostgreSQL setup to one replica (primary node) and upgrade to `1.0.0`, enabling the repmgr extension upgrade: ```console -helm upgrade my-release --version 1.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 1.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=1 \ --set postgresql.upgradeRepmgrExtension=true ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Scale your PostgreSQL setup to the original number of replicas: ```console -helm upgrade my-release --version 1.0.0 oci://registry-1.docker.io/bitnamicharts/postgresql-ha \ +helm upgrade my-release --version 1.0.0 oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql-ha \ --set postgresql.password=[POSTGRESQL_PASSWORD] \ --set postgresql.repmgrPassword=[REPMGR_PASSWORD] \ --set postgresql.replicaCount=[NUMBER_OF_REPLICAS] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Note: you need to substitute the placeholders *[POSTGRESQL_PASSWORD]*, and *[REPMGR_PASSWORD]* with the values obtained from instructions in the installation notes. ### To 0.4.0 diff --git a/bitnami/postgresql-ha/values.yaml b/bitnami/postgresql-ha/values.yaml index 2ae899b07b0dfc..b31cedf445d633 100644 --- a/bitnami/postgresql-ha/values.yaml +++ b/bitnami/postgresql-ha/values.yaml @@ -93,8 +93,8 @@ diagnosticMode: ## postgresql: ## ref: https://hub.docker.com/r/bitnami/postgresql/tags/ - ## @param postgresql.image.registry PostgreSQL with Repmgr image registry - ## @param postgresql.image.repository PostgreSQL with Repmgr image repository + ## @param postgresql.image.registry [default: REGISTRY_NAME] PostgreSQL with Repmgr image registry + ## @param postgresql.image.repository [default: REPOSITORY_NAME/postgresql-repmgr] PostgreSQL with Repmgr image repository ## @param postgresql.image.tag PostgreSQL with Repmgr image tag ## @param postgresql.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param postgresql.image.pullPolicy PostgreSQL with Repmgr image pull policy @@ -1032,8 +1032,8 @@ witness: pgpool: ## Bitnami Pgpool image ## ref: https://hub.docker.com/r/bitnami/pgpool/tags/ - ## @param pgpool.image.registry Pgpool image registry - ## @param pgpool.image.repository Pgpool image repository + ## @param pgpool.image.registry [default: REGISTRY_NAME] Pgpool image registry + ## @param pgpool.image.repository [default: REPOSITORY_NAME/pgpool] Pgpool image repository ## @param pgpool.image.tag Pgpool image tag ## @param pgpool.image.digest Pgpool image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param pgpool.image.pullPolicy Pgpool image pull policy @@ -1551,8 +1551,8 @@ metrics: ## enabled: false ## ref: https://hub.docker.com/r/bitnami/pgpool/tags/ - ## @param metrics.image.registry PostgreSQL Prometheus exporter image registry - ## @param metrics.image.repository PostgreSQL Prometheus exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] PostgreSQL Prometheus exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/postgres-exporter] PostgreSQL Prometheus exporter image repository ## @param metrics.image.tag PostgreSQL Prometheus exporter image tag ## @param metrics.image.digest PostgreSQL Prometheus exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy PostgreSQL Prometheus exporter image pull policy @@ -1801,8 +1801,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container to adapt volume permissions ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/postgresql/README.md b/bitnami/postgresql/README.md index 6bf879d6c9aad7..b2829a04a2e170 100644 --- a/bitnami/postgresql/README.md +++ b/bitnami/postgresql/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [PostgreSQL](https://github.com/bitnami/containers/tree/main/bitnami/postgresql) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -35,9 +37,11 @@ Looking to use PostgreSQL in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/postgresql +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys PostgreSQL on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -96,65 +100,65 @@ kubectl delete pvc -l release=my-release ### PostgreSQL common parameters -| Name | Description | Value | -| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `image.registry` | PostgreSQL image registry | `docker.io` | -| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `16.0.0-debian-11-r13` | -| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify image pull secrets | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `auth.enablePostgresUser` | Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user | `true` | -| `auth.postgresPassword` | Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.username` | Name for a custom user to create | `""` | -| `auth.password` | Password for the custom user to create. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.database` | Name for a custom database to create | `""` | -| `auth.replicationUsername` | Name of the replication user | `repl_user` | -| `auth.replicationPassword` | Password for the replication user. Ignored if `auth.existingSecret` is provided | `""` | -| `auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. | `""` | -| `auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `postgres-password` | -| `auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `password` | -| `auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `replication-password` | -| `auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` | -| `architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | -| `replication.synchronousCommit` | Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off` | `off` | -| `replication.numSynchronousReplicas` | Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`. | `0` | -| `replication.applicationName` | Cluster application name. Useful for advanced replication settings | `my_application` | -| `containerPorts.postgresql` | PostgreSQL container port | `5432` | -| `audit.logHostname` | Log client hostnames | `false` | -| `audit.logConnections` | Add client log-in operations to the log file | `false` | -| `audit.logDisconnections` | Add client log-outs operations to the log file | `false` | -| `audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | -| `audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | -| `audit.clientMinMessages` | Message log level to share with the user | `error` | -| `audit.logLinePrefix` | Template for log line prefix (default if not set) | `""` | -| `audit.logTimezone` | Timezone for the log timestamps | `""` | -| `ldap.enabled` | Enable LDAP support | `false` | -| `ldap.server` | IP address or name of the LDAP server. | `""` | -| `ldap.port` | Port number on the LDAP server to connect to | `""` | -| `ldap.prefix` | String to prepend to the user name when forming the DN to bind | `""` | -| `ldap.suffix` | String to append to the user name when forming the DN to bind | `""` | -| `ldap.basedn` | Root DN to begin the search for the user in | `""` | -| `ldap.binddn` | DN of user to bind to LDAP | `""` | -| `ldap.bindpw` | Password for the user to bind to LDAP | `""` | -| `ldap.searchAttribute` | Attribute to match against the user name in the search | `""` | -| `ldap.searchFilter` | The search filter to use when doing search+bind authentication | `""` | -| `ldap.scheme` | Set to `ldaps` to use LDAPS | `""` | -| `ldap.tls.enabled` | Se to true to enable TLS encryption | `false` | -| `ldap.uri` | LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored. | `""` | -| `postgresqlDataDir` | PostgreSQL data dir folder | `/bitnami/postgresql/data` | -| `postgresqlSharedPreloadLibraries` | Shared preload libraries (comma-separated list) | `pgaudit` | -| `shmVolume.enabled` | Enable emptyDir volume for /dev/shm for PostgreSQL pod(s) | `true` | -| `shmVolume.sizeLimit` | Set this to enable a size limit on the shm tmpfs | `""` | -| `tls.enabled` | Enable TLS traffic support | `false` | -| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | -| `tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `tls.crlFilename` | File containing a Certificate Revocation List | `""` | +| Name | Description | Value | +| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | PostgreSQL image registry | `REGISTRY_NAME` | +| `image.repository` | PostgreSQL image repository | `REPOSITORY_NAME/postgresql` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `16.0.0-debian-11-r13` | +| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `auth.enablePostgresUser` | Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user | `true` | +| `auth.postgresPassword` | Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided | `""` | +| `auth.username` | Name for a custom user to create | `""` | +| `auth.password` | Password for the custom user to create. Ignored if `auth.existingSecret` is provided | `""` | +| `auth.database` | Name for a custom database to create | `""` | +| `auth.replicationUsername` | Name of the replication user | `repl_user` | +| `auth.replicationPassword` | Password for the replication user. Ignored if `auth.existingSecret` is provided | `""` | +| `auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. | `""` | +| `auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `postgres-password` | +| `auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `password` | +| `auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `replication-password` | +| `auth.usePasswordFiles` | Mount credentials as a files instead of using an environment variable | `false` | +| `architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | +| `replication.synchronousCommit` | Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off` | `off` | +| `replication.numSynchronousReplicas` | Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`. | `0` | +| `replication.applicationName` | Cluster application name. Useful for advanced replication settings | `my_application` | +| `containerPorts.postgresql` | PostgreSQL container port | `5432` | +| `audit.logHostname` | Log client hostnames | `false` | +| `audit.logConnections` | Add client log-in operations to the log file | `false` | +| `audit.logDisconnections` | Add client log-outs operations to the log file | `false` | +| `audit.pgAuditLog` | Add operations to log using the pgAudit extension | `""` | +| `audit.pgAuditLogCatalog` | Log catalog using pgAudit | `off` | +| `audit.clientMinMessages` | Message log level to share with the user | `error` | +| `audit.logLinePrefix` | Template for log line prefix (default if not set) | `""` | +| `audit.logTimezone` | Timezone for the log timestamps | `""` | +| `ldap.enabled` | Enable LDAP support | `false` | +| `ldap.server` | IP address or name of the LDAP server. | `""` | +| `ldap.port` | Port number on the LDAP server to connect to | `""` | +| `ldap.prefix` | String to prepend to the user name when forming the DN to bind | `""` | +| `ldap.suffix` | String to append to the user name when forming the DN to bind | `""` | +| `ldap.basedn` | Root DN to begin the search for the user in | `""` | +| `ldap.binddn` | DN of user to bind to LDAP | `""` | +| `ldap.bindpw` | Password for the user to bind to LDAP | `""` | +| `ldap.searchAttribute` | Attribute to match against the user name in the search | `""` | +| `ldap.searchFilter` | The search filter to use when doing search+bind authentication | `""` | +| `ldap.scheme` | Set to `ldaps` to use LDAPS | `""` | +| `ldap.tls.enabled` | Se to true to enable TLS encryption | `false` | +| `ldap.uri` | LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored. | `""` | +| `postgresqlDataDir` | PostgreSQL data dir folder | `/bitnami/postgresql/data` | +| `postgresqlSharedPreloadLibraries` | Shared preload libraries (comma-separated list) | `pgaudit` | +| `shmVolume.enabled` | Enable emptyDir volume for /dev/shm for PostgreSQL pod(s) | `true` | +| `shmVolume.sizeLimit` | Set this to enable a size limit on the shm tmpfs | `""` | +| `tls.enabled` | Enable TLS traffic support | `false` | +| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | +| `tls.preferServerCiphers` | Whether to use the server's TLS cipher preferences rather than the client's | `true` | +| `tls.certificatesSecret` | Name of an existing secret that contains the certificates | `""` | +| `tls.certFilename` | Certificate filename | `""` | +| `tls.certKeyFilename` | Certificate key filename | `""` | +| `tls.certCAFilename` | CA Certificate filename | `""` | +| `tls.crlFilename` | File containing a Certificate Revocation List | `""` | ### PostgreSQL Primary parameters @@ -425,21 +429,21 @@ kubectl delete pvc -l release=my-release ### Volume Permissions parameters -| Name | Description | Value | -| ---------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | -| `volumePermissions.containerSecurityContext.runAsGroup` | Group ID for the init container | `0` | -| `volumePermissions.containerSecurityContext.runAsNonRoot` | runAsNonRoot for the init container | `false` | -| `volumePermissions.containerSecurityContext.seccompProfile.type` | seccompProfile.type for the init container | `RuntimeDefault` | +| Name | Description | Value | +| ---------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| `volumePermissions.containerSecurityContext.runAsGroup` | Group ID for the init container | `0` | +| `volumePermissions.containerSecurityContext.runAsNonRoot` | runAsNonRoot for the init container | `false` | +| `volumePermissions.containerSecurityContext.seccompProfile.type` | seccompProfile.type for the init container | `RuntimeDefault` | ### Other Parameters @@ -456,75 +460,77 @@ kubectl delete pvc -l release=my-release ### Metrics Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------- | -| `metrics.enabled` | Start a prometheus exporter | `false` | -| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | -| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r15` | -| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | -| `metrics.customMetrics` | Define additional custom metrics | `{}` | -| `metrics.extraEnvVars` | Extra environment variables to add to PostgreSQL Prometheus exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enable PostgreSQL Prometheus exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set PostgreSQL Prometheus exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup | `0` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type | `RuntimeDefault` | -| `metrics.containerSecurityContext.capabilities.drop` | Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop | `["ALL"]` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe on PostgreSQL Prometheus exporter containers | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.containerPorts.metrics` | PostgreSQL Prometheus exporter metrics container port | `9187` | -| `metrics.resources.limits` | The resources limits for the PostgreSQL Prometheus exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the PostgreSQL Prometheus exporter container | `{}` | -| `metrics.service.ports.metrics` | PostgreSQL Prometheus Exporter service port | `9187` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metrics.service.annotations` | Annotations for Prometheus to auto-discover the metrics endpoint | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.prometheusRule.enabled` | Create a PrometheusRule for Prometheus Operator | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `metrics.enabled` | Start a prometheus exporter | `false` | +| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `REPOSITORY_NAME/postgres-exporter` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r15` | +| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | +| `metrics.customMetrics` | Define additional custom metrics | `{}` | +| `metrics.extraEnvVars` | Extra environment variables to add to PostgreSQL Prometheus exporter | `[]` | +| `metrics.containerSecurityContext.enabled` | Enable PostgreSQL Prometheus exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set PostgreSQL Prometheus exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsGroup` | Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup | `0` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type | `RuntimeDefault` | +| `metrics.containerSecurityContext.capabilities.drop` | Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop | `["ALL"]` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on PostgreSQL Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.containerPorts.metrics` | PostgreSQL Prometheus exporter metrics container port | `9187` | +| `metrics.resources.limits` | The resources limits for the PostgreSQL Prometheus exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the PostgreSQL Prometheus exporter container | `{}` | +| `metrics.service.ports.metrics` | PostgreSQL Prometheus Exporter service port | `9187` | +| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.service.annotations` | Annotations for Prometheus to auto-discover the metrics endpoint | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.prometheusRule.enabled` | Create a PrometheusRule for Prometheus Operator | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set auth.postgresPassword=secretpassword - oci://registry-1.docker.io/bitnamicharts/postgresql + oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the PostgreSQL `postgres` account password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -533,9 +539,10 @@ The above command sets the PostgreSQL `postgres` account password to `secretpass Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/postgresql +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/postgresql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/postgresql/values.yaml b/bitnami/postgresql/values.yaml index 1c371fde7d7efe..f8ac9a8edf4910 100644 --- a/bitnami/postgresql/values.yaml +++ b/bitnami/postgresql/values.yaml @@ -87,8 +87,8 @@ diagnosticMode: ## Bitnami PostgreSQL image version ## ref: https://hub.docker.com/r/bitnami/postgresql/tags/ -## @param image.registry PostgreSQL image registry -## @param image.repository PostgreSQL image repository +## @param image.registry [default: REGISTRY_NAME] PostgreSQL image registry +## @param image.repository [default: REPOSITORY_NAME/postgresql] PostgreSQL image repository ## @param image.tag PostgreSQL image tag (immutable tags are recommended) ## @param image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy PostgreSQL image pull policy @@ -1289,8 +1289,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -1390,8 +1390,8 @@ metrics: ## @param metrics.enabled Start a prometheus exporter ## enabled: false - ## @param metrics.image.registry PostgreSQL Prometheus Exporter image registry - ## @param metrics.image.repository PostgreSQL Prometheus Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] PostgreSQL Prometheus Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/postgres-exporter] PostgreSQL Prometheus Exporter image repository ## @param metrics.image.tag PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy PostgreSQL Prometheus Exporter image pull policy diff --git a/bitnami/prestashop/README.md b/bitnami/prestashop/README.md index 4a38187ab97555..3773658defa40d 100644 --- a/bitnami/prestashop/README.md +++ b/bitnami/prestashop/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/prestashop +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [PrestaShop](https://github.com/bitnami/containers/tree/main/bitnami/prestashop) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use PrestaShop in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/prestashop +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys PrestaShop on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,99 +81,99 @@ The command removes all the Kubernetes components associated with the chart and ### PrestaShop parameters -| Name | Description | Value | -| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | PrestaShop image registry | `docker.io` | -| `image.repository` | PrestaShop image repository | `bitnami/prestashop` | -| `image.tag` | PrestaShop image tag (immutable tags are recommended) | `8.1.2-debian-11-r8` | -| `image.digest` | PrestaShop image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | PrestaShop image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `replicaCount` | Number of PrestaShop Pods to run (requires ReadWriteMany PVC support) | `1` | -| `prestashopSkipInstall` | Skip PrestaShop installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `prestashopHost` | PrestaShop host to create application URLs (when ingress, it will be ignored) | `""` | -| `prestashopUsername` | User of the application | `user@example.com` | -| `prestashopPassword` | Application password | `""` | -| `prestashopEmail` | Admin email | `user@example.com` | -| `prestashopFirstName` | First Name | `Bitnami` | -| `prestashopLastName` | Last Name | `User` | -| `prestashopCookieCheckIP` | Whether to check the cookie's IP address or not | `no` | -| `prestashopCountry` | Default country of the store | `us` | -| `prestashopLanguage` | Default language of the store (ISO code) | `en` | -| `allowEmptyPassword` | Allow DB blank passwords | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | An array to add extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | -| `initContainers` | Extra init containers to add to the deployment | `[]` | -| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `priorityClassName` | PrestaShop pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `existingSecret` | Use existing secret for the application password | `""` | -| `smtpHost` | SMTP host | `""` | -| `smtpPort` | SMTP port | `""` | -| `smtpUser` | SMTP user | `""` | -| `smtpPassword` | SMTP password | `""` | -| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | -| `containerPorts.http` | Sets HTTP port inside NGINX container | `8080` | -| `containerPorts.https` | Sets HTTPS port inside NGINX container | `8443` | -| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PrestaShop Data Persistent Volume Storage Class | `""` | -| `persistence.accessModes` | PVC Access Mode for PrestaShop volume | `["ReadWriteOnce"]` | -| `persistence.size` | PVC Storage Request for PrestaShop volume | `8Gi` | -| `persistence.existingClaim` | An Existing PVC name | `""` | -| `persistence.hostPath` | If defined, the prestashop-data volume will mount to the specified hostPath | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `resources.limits` | The resources limits for the container | `{}` | -| `podSecurityContext.enabled` | Enable PrestaShop pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | PrestaShop pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable PrestaShop containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | PrestaShop containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | PrestaShop containers' Security Context runAsNonRoot | `true` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod extra labels | `{}` | +| Name | Description | Value | +| --------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | PrestaShop image registry | `REGISTRY_NAME` | +| `image.repository` | PrestaShop image repository | `REPOSITORY_NAME/prestashop` | +| `image.tag` | PrestaShop image tag (immutable tags are recommended) | `8.1.2-debian-11-r8` | +| `image.digest` | PrestaShop image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | PrestaShop image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `replicaCount` | Number of PrestaShop Pods to run (requires ReadWriteMany PVC support) | `1` | +| `prestashopSkipInstall` | Skip PrestaShop installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `prestashopHost` | PrestaShop host to create application URLs (when ingress, it will be ignored) | `""` | +| `prestashopUsername` | User of the application | `user@example.com` | +| `prestashopPassword` | Application password | `""` | +| `prestashopEmail` | Admin email | `user@example.com` | +| `prestashopFirstName` | First Name | `Bitnami` | +| `prestashopLastName` | Last Name | `User` | +| `prestashopCookieCheckIP` | Whether to check the cookie's IP address or not | `no` | +| `prestashopCountry` | Default country of the store | `us` | +| `prestashopLanguage` | Default language of the store (ISO code) | `en` | +| `allowEmptyPassword` | Allow DB blank passwords | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | An array to add extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Extra volume mounts to add to the container. Normally used with `extraVolumes` | `[]` | +| `initContainers` | Extra init containers to add to the deployment | `[]` | +| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `priorityClassName` | PrestaShop pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `existingSecret` | Use existing secret for the application password | `""` | +| `smtpHost` | SMTP host | `""` | +| `smtpPort` | SMTP port | `""` | +| `smtpUser` | SMTP user | `""` | +| `smtpPassword` | SMTP password | `""` | +| `smtpProtocol` | SMTP Protocol (options: ssl,tls, nil) | `""` | +| `containerPorts.http` | Sets HTTP port inside NGINX container | `8080` | +| `containerPorts.https` | Sets HTTPS port inside NGINX container | `8443` | +| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PrestaShop Data Persistent Volume Storage Class | `""` | +| `persistence.accessModes` | PVC Access Mode for PrestaShop volume | `["ReadWriteOnce"]` | +| `persistence.size` | PVC Storage Request for PrestaShop volume | `8Gi` | +| `persistence.existingClaim` | An Existing PVC name | `""` | +| `persistence.hostPath` | If defined, the prestashop-data volume will mount to the specified hostPath | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `resources.limits` | The resources limits for the container | `{}` | +| `podSecurityContext.enabled` | Enable PrestaShop pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | PrestaShop pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable PrestaShop containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | PrestaShop containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | PrestaShop containers' Security Context runAsNonRoot | `true` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod extra labels | `{}` | ### Traffic Exposure Parameters @@ -227,32 +231,32 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Metrics parameters -| Name | Description | Value | -| ---------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources.requests` | The requested resources for the metrics exporter container | `{}` | -| `metrics.resources.limits` | The resources limits for the container for the metrics exporter container | `{}` | -| `metrics.podAnnotations` | Metrics exporter pod annotations | `{}` | +| Name | Description | Value | +| ---------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources.requests` | The requested resources for the metrics exporter container | `{}` | +| `metrics.resources.limits` | The resources limits for the container for the metrics exporter container | `{}` | +| `metrics.podAnnotations` | Metrics exporter pod annotations | `{}` | ### Certificate injection parameters @@ -270,8 +274,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | | `certificates.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -318,9 +322,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set prestashopUsername=admin,prestashopPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/prestashop + oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the PrestaShop administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -328,9 +334,10 @@ The above command sets the PrestaShop administrator account username and passwor Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/prestashop +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -379,9 +386,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/prestashop +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -395,9 +404,11 @@ helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry- 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/prestashop + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `prestashop-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the PrestaShop file directory permissions yourself and disable or clear PrestaShop cache. @@ -496,15 +507,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=prestashop,ap Upgrade your release (maintaining the version) disabling MariaDB and scaling Prestashop replicas to 0: ```console -helm upgrade prestashop oci://registry-1.docker.io/bitnamicharts/prestashop --set prestashopPassword=$PRESTASHOP_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 10.0.0 +helm upgrade prestashop oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop --set prestashopPassword=$PRESTASHOP_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 10.0.0 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 11.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade prestashop oci://registry-1.docker.io/bitnamicharts/prestashop --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set prestashopPassword=$PRESTASHOP_PASSWORD +helm upgrade prestashop oci://REGISTRY_NAME/REPOSITORY_NAME/prestashop --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set prestashopPassword=$PRESTASHOP_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/prestashop/values.yaml b/bitnami/prestashop/values.yaml index bf5b7b2d9af269..f9043685877132 100644 --- a/bitnami/prestashop/values.yaml +++ b/bitnami/prestashop/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami PrestaShop image version ## ref: https://hub.docker.com/r/bitnami/prestashop/tags/ -## @param image.registry PrestaShop image registry -## @param image.repository PrestaShop image repository +## @param image.registry [default: REGISTRY_NAME] PrestaShop image registry +## @param image.repository [default: REPOSITORY_NAME/prestashop] PrestaShop image repository ## @param image.tag PrestaShop image tag (immutable tags are recommended) ## @param image.digest PrestaShop image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy PrestaShop image pull policy @@ -639,8 +639,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -689,8 +689,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Apache exporter image pull policy @@ -771,8 +771,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret with extra environment variables ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image repository ## @param certificates.image.tag Container sidecar image tag (immutable tags are recommended) ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/prometheus/README.md b/bitnami/prometheus/README.md index b38b3ea7b1fb79..90d24b77094ebc 100644 --- a/bitnami/prometheus/README.md +++ b/bitnami/prometheus/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/prometheus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -38,9 +40,11 @@ Looking to use Prometheus in production? Try [VMware Application Catalog](https: To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/prometheus +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Prometheus on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -87,8 +91,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | | `alertmanager.enabled` | Alertmanager enabled | `true` | -| `alertmanager.image.registry` | Alertmanager image registry | `docker.io` | -| `alertmanager.image.repository` | Alertmanager image repository | `bitnami/alertmanager` | +| `alertmanager.image.registry` | Alertmanager image registry | `REGISTRY_NAME` | +| `alertmanager.image.repository` | Alertmanager image repository | `REPOSITORY_NAME/alertmanager` | | `alertmanager.image.tag` | Alertmanager image tag (immutable tags are recommended) | `0.26.0-debian-11-r43` | | `alertmanager.image.digest` | Alertmanager image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | | `alertmanager.image.pullPolicy` | Alertmanager image pull policy | `IfNotPresent` | @@ -200,223 +204,226 @@ The command removes all the Kubernetes components associated with the chart and ### Prometheus server Parameters -| Name | Description | Value | -| ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `server.image.registry` | Prometheus image registry | `docker.io` | -| `server.image.repository` | Prometheus image repository | `bitnami/prometheus` | -| `server.image.tag` | Prometheus image tag (immutable tags are recommended) | `2.47.2-debian-11-r0` | -| `server.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `server.image.pullPolicy` | Prometheus image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | Prometheus image pull secrets | `[]` | -| `server.configuration` | Promethus configuration. This content will be stored in the the prometheus.yaml file and the content can be a template. | `""` | -| `server.alertingRules` | Prometheus alerting rules. This content will be stored in the the rules.yaml file and the content can be a template. | `{}` | -| `server.extraScrapeConfigs` | Promethus configuration, useful to declare new scrape_configs. This content will be merged with the 'server.configuration' value and stored in the the prometheus.yaml file. | `[]` | -| `server.replicaCount` | Number of Prometheus replicas to deploy | `1` | -| `server.containerPorts.http` | Prometheus HTTP container port | `9090` | -| `server.livenessProbe.enabled` | Enable livenessProbe on Prometheus containers | `true` | -| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | -| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `server.readinessProbe.enabled` | Enable readinessProbe on Prometheus containers | `true` | -| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `2` | -| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `server.startupProbe.enabled` | Enable startupProbe on Prometheus containers | `false` | -| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `2` | -| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | -| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | -| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `server.resources.limits` | The resources limits for the Prometheus containers | `{}` | -| `server.resources.requests` | The requested resources for the Prometheus containers | `{}` | -| `server.podSecurityContext.enabled` | Enabled Prometheus pods' Security Context | `true` | -| `server.podSecurityContext.fsGroup` | Set Prometheus pod's Security Context fsGroup | `1001` | -| `server.containerSecurityContext.enabled` | Enabled Prometheus containers' Security Context | `true` | -| `server.containerSecurityContext.runAsUser` | Set Prometheus containers' Security Context runAsUser | `1001` | -| `server.containerSecurityContext.runAsNonRoot` | Set Prometheus containers' Security Context runAsNonRoot | `true` | -| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Prometheus containers' Security Context runAsNonRoot | `false` | -| `server.existingConfigmap` | The name of an existing ConfigMap with your custom configuration for Prometheus | `""` | -| `server.existingConfigmapKey` | The name of the key with the Prometheus config file | `""` | -| `server.command` | Override default container command (useful when using custom images) | `[]` | -| `server.args` | Override default container args (useful when using custom images) | `[]` | -| `server.extraArgs` | Additional arguments passed to the Prometheus server container | `[]` | -| `server.hostAliases` | Prometheus pods host aliases | `[]` | -| `server.podLabels` | Extra labels for Prometheus pods | `{}` | -| `server.podAnnotations` | Annotations for Prometheus pods | `{}` | -| `server.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `server.affinity` | Affinity for Prometheus pods assignment | `{}` | -| `server.nodeSelector` | Node labels for Prometheus pods assignment | `{}` | -| `server.tolerations` | Tolerations for Prometheus pods assignment | `[]` | -| `server.updateStrategy.type` | Prometheus deployment strategy type. If persistence is enabled, strategy type should be set to Recreate to avoid dead locks. | `RollingUpdate` | -| `server.priorityClassName` | Prometheus pods' priorityClassName | `""` | -| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `server.schedulerName` | Name of the k8s scheduler (other than default) for Prometheus pods | `""` | -| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `server.lifecycleHooks` | for the Prometheus container(s) to automate configuration before or after startup | `{}` | -| `server.extraEnvVars` | Array with extra environment variables to add to Prometheus nodes | `[]` | -| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus nodes | `""` | -| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus nodes | `""` | -| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus pod(s) | `[]` | -| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus container(s) | `[]` | -| `server.sidecars` | Add additional sidecar containers to the Prometheus pod(s) | `[]` | -| `server.initContainers` | Add additional init containers to the Prometheus pod(s) | `[]` | -| `server.routePrefix` | Prefix for the internal routes of web endpoints | `/` | -| `server.remoteWrite` | The remote_write spec configuration for Prometheus | `[]` | -| `server.scrapeInterval` | Interval between consecutive scrapes. Example: "1m" | `""` | -| `server.scrapeTimeout` | Interval between consecutive scrapes. Example: "10s" | `""` | -| `server.evaluationInterval` | Interval between consecutive evaluations. Example: "1m" | `""` | -| `server.enableAdminAPI` | Enable Prometheus adminitrative API | `false` | -| `server.enableRemoteWriteReceiver` | Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. | `false` | -| `server.enableFeatures` | Enable access to Prometheus disabled features. | `[]` | -| `server.logLevel` | Log level for Prometheus | `info` | -| `server.logFormat` | Log format for Prometheus | `logfmt` | -| `server.retention` | Metrics retention days | `10d` | -| `server.retentionSize` | Maximum size of metrics | `0` | -| `server.alertingEndpoints` | Alertmanagers to which alerts will be sent | `[]` | -| `server.externalLabels` | External labels to add to any time series or alerts when communicating with external systems | `{}` | -| `server.thanos.create` | Create a Thanos sidecar container | `false` | -| `server.thanos.image.registry` | Thanos image registry | `docker.io` | -| `server.thanos.image.repository` | Thanos image name | `bitnami/thanos` | -| `server.thanos.image.tag` | Thanos image tag | `0.32.4-debian-11-r3` | -| `server.thanos.image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.thanos.image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | -| `server.thanos.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `server.thanos.containerSecurityContext.enabled` | Enable container security context | `true` | -| `server.thanos.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | -| `server.thanos.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | -| `server.thanos.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | -| `server.thanos.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | -| `server.thanos.prometheusUrl` | Override default prometheus url `http://localhost:9090` | `""` | -| `server.thanos.extraArgs` | Additional arguments passed to the thanos sidecar container | `[]` | -| `server.thanos.objectStorageConfig.secretName` | Support mounting a Secret for the objectStorageConfig of the sideCar container. | `""` | -| `server.thanos.objectStorageConfig.secretKey` | Secret key with the configuration file. | `thanos.yaml` | -| `server.thanos.extraVolumeMounts` | Additional volumeMounts from `server.volumes` for thanos sidecar container | `[]` | -| `server.thanos.resources.limits` | The resources limits for the Thanos sidecar container | `{}` | -| `server.thanos.resources.requests` | The resources requests for the Thanos sidecar container | `{}` | -| `server.thanos.livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `server.thanos.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | -| `server.thanos.livenessProbe.periodSeconds` | How often to perform the probe | `5` | -| `server.thanos.livenessProbe.timeoutSeconds` | When the probe times out | `3` | -| `server.thanos.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `server.thanos.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `server.thanos.readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `server.thanos.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | -| `server.thanos.readinessProbe.periodSeconds` | How often to perform the probe | `5` | -| `server.thanos.readinessProbe.timeoutSeconds` | When the probe times out | `3` | -| `server.thanos.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | -| `server.thanos.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `server.thanos.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `server.thanos.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `server.thanos.service.type` | Kubernetes service type | `ClusterIP` | -| `server.thanos.service.ports.grpc` | Thanos service port | `10901` | -| `server.thanos.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | -| `server.thanos.service.nodePorts.grpc` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | -| `server.thanos.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | -| `server.thanos.service.loadBalancerClass` | Thanos service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `server.thanos.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | -| `server.thanos.service.annotations` | Additional annotations for Prometheus service | `{}` | -| `server.thanos.service.extraPorts` | Additional ports to expose from the Thanos sidecar container | `[]` | -| `server.thanos.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | -| `server.thanos.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `server.thanos.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `server.thanos.ingress.enabled` | Enable ingress controller resource | `false` | -| `server.thanos.ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `server.thanos.ingress.hostname` | Default host for the ingress record | `thanos.prometheus.local` | -| `server.thanos.ingress.path` | Default path for the ingress record | `/` | -| `server.thanos.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `server.thanos.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `server.thanos.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | -| `server.thanos.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `server.thanos.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | -| `server.thanos.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `server.thanos.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | -| `server.thanos.ingress.secrets` | Custom TLS certificates as secrets | `[]` | -| `server.thanos.ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | -| `server.ingress.enabled` | Enable ingress record generation for Prometheus | `false` | -| `server.ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `server.ingress.hostname` | Default host for the ingress record | `server.prometheus.local` | -| `server.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `server.ingress.path` | Default path for the ingress record | `/` | -| `server.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `server.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | -| `server.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | -| `server.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | -| `server.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `server.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | -| `server.ingress.secrets` | Custom TLS certificates as secrets | `[]` | -| `server.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | -| `server.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `server.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `server.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | -| `server.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `server.service.type` | Prometheus service type | `LoadBalancer` | -| `server.service.ports.http` | Prometheus service HTTP port | `80` | -| `server.service.nodePorts.http` | Node port for HTTP | `""` | -| `server.service.clusterIP` | Prometheus service Cluster IP | `""` | -| `server.service.loadBalancerIP` | Prometheus service Load Balancer IP | `""` | -| `server.service.loadBalancerClass` | Prometheus service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | -| `server.service.loadBalancerSourceRanges` | Prometheus service Load Balancer sources | `[]` | -| `server.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | -| `server.service.annotations` | Additional custom annotations for Prometheus service | `{}` | -| `server.service.extraPorts` | Extra ports to expose in Prometheus service (normally used with the `sidecars` value) | `[]` | -| `server.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin. ClientIP by default. | `ClientIP` | -| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `server.persistence.enabled` | Enable persistence using Persistent Volume Claims. If you have multiple instances (server.repicacount > 1), please considere using an external storage service like Thanos or Grafana Mimir | `false` | -| `server.persistence.mountPath` | Path to mount the volume at. | `/bitnami/prometheus/data` | -| `server.persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | -| `server.persistence.storageClass` | Storage class of backing PVC | `""` | -| `server.persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `server.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `server.persistence.size` | Size of data volume | `8Gi` | -| `server.persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | -| `server.persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | -| `server.persistence.dataSource` | Custom PVC data source | `{}` | -| `server.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `server.rbac.rules` | Custom RBAC rules to set | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `server.image.registry` | Prometheus image registry | `REGISTRY_NAME` | +| `server.image.repository` | Prometheus image repository | `REPOSITORY_NAME/prometheus` | +| `server.image.tag` | Prometheus image tag (immutable tags are recommended) | `2.47.2-debian-11-r0` | +| `server.image.digest` | Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `server.image.pullPolicy` | Prometheus image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | Prometheus image pull secrets | `[]` | +| `server.configuration` | Promethus configuration. This content will be stored in the the prometheus.yaml file and the content can be a template. | `""` | +| `server.alertingRules` | Prometheus alerting rules. This content will be stored in the the rules.yaml file and the content can be a template. | `{}` | +| `server.extraScrapeConfigs` | Promethus configuration, useful to declare new scrape_configs. This content will be merged with the 'server.configuration' value and stored in the the prometheus.yaml file. | `[]` | +| `server.replicaCount` | Number of Prometheus replicas to deploy | `1` | +| `server.containerPorts.http` | Prometheus HTTP container port | `9090` | +| `server.livenessProbe.enabled` | Enable livenessProbe on Prometheus containers | `true` | +| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `3` | +| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `server.readinessProbe.enabled` | Enable readinessProbe on Prometheus containers | `true` | +| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `2` | +| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `server.startupProbe.enabled` | Enable startupProbe on Prometheus containers | `false` | +| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `2` | +| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `2` | +| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | +| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `server.resources.limits` | The resources limits for the Prometheus containers | `{}` | +| `server.resources.requests` | The requested resources for the Prometheus containers | `{}` | +| `server.podSecurityContext.enabled` | Enabled Prometheus pods' Security Context | `true` | +| `server.podSecurityContext.fsGroup` | Set Prometheus pod's Security Context fsGroup | `1001` | +| `server.containerSecurityContext.enabled` | Enabled Prometheus containers' Security Context | `true` | +| `server.containerSecurityContext.runAsUser` | Set Prometheus containers' Security Context runAsUser | `1001` | +| `server.containerSecurityContext.runAsNonRoot` | Set Prometheus containers' Security Context runAsNonRoot | `true` | +| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Prometheus containers' Security Context runAsNonRoot | `false` | +| `server.existingConfigmap` | The name of an existing ConfigMap with your custom configuration for Prometheus | `""` | +| `server.existingConfigmapKey` | The name of the key with the Prometheus config file | `""` | +| `server.command` | Override default container command (useful when using custom images) | `[]` | +| `server.args` | Override default container args (useful when using custom images) | `[]` | +| `server.extraArgs` | Additional arguments passed to the Prometheus server container | `[]` | +| `server.hostAliases` | Prometheus pods host aliases | `[]` | +| `server.podLabels` | Extra labels for Prometheus pods | `{}` | +| `server.podAnnotations` | Annotations for Prometheus pods | `{}` | +| `server.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `server.affinity` | Affinity for Prometheus pods assignment | `{}` | +| `server.nodeSelector` | Node labels for Prometheus pods assignment | `{}` | +| `server.tolerations` | Tolerations for Prometheus pods assignment | `[]` | +| `server.updateStrategy.type` | Prometheus deployment strategy type. If persistence is enabled, strategy type should be set to Recreate to avoid dead locks. | `RollingUpdate` | +| `server.priorityClassName` | Prometheus pods' priorityClassName | `""` | +| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `server.schedulerName` | Name of the k8s scheduler (other than default) for Prometheus pods | `""` | +| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `server.lifecycleHooks` | for the Prometheus container(s) to automate configuration before or after startup | `{}` | +| `server.extraEnvVars` | Array with extra environment variables to add to Prometheus nodes | `[]` | +| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus nodes | `""` | +| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus nodes | `""` | +| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus pod(s) | `[]` | +| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus container(s) | `[]` | +| `server.sidecars` | Add additional sidecar containers to the Prometheus pod(s) | `[]` | +| `server.initContainers` | Add additional init containers to the Prometheus pod(s) | `[]` | +| `server.routePrefix` | Prefix for the internal routes of web endpoints | `/` | +| `server.remoteWrite` | The remote_write spec configuration for Prometheus | `[]` | +| `server.scrapeInterval` | Interval between consecutive scrapes. Example: "1m" | `""` | +| `server.scrapeTimeout` | Interval between consecutive scrapes. Example: "10s" | `""` | +| `server.evaluationInterval` | Interval between consecutive evaluations. Example: "1m" | `""` | +| `server.enableAdminAPI` | Enable Prometheus adminitrative API | `false` | +| `server.enableRemoteWriteReceiver` | Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. | `false` | +| `server.enableFeatures` | Enable access to Prometheus disabled features. | `[]` | +| `server.logLevel` | Log level for Prometheus | `info` | +| `server.logFormat` | Log format for Prometheus | `logfmt` | +| `server.retention` | Metrics retention days | `10d` | +| `server.retentionSize` | Maximum size of metrics | `0` | +| `server.alertingEndpoints` | Alertmanagers to which alerts will be sent | `[]` | +| `server.externalLabels` | External labels to add to any time series or alerts when communicating with external systems | `{}` | +| `server.thanos.create` | Create a Thanos sidecar container | `false` | +| `server.thanos.image.registry` | Thanos image registry | `REGISTRY_NAME` | +| `server.thanos.image.repository` | Thanos image name | `REPOSITORY_NAME/thanos` | +| `server.thanos.image.tag` | Thanos image tag | `0.32.4-debian-11-r3` | +| `server.thanos.image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.thanos.image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | +| `server.thanos.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `server.thanos.containerSecurityContext.enabled` | Enable container security context | `true` | +| `server.thanos.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem | `false` | +| `server.thanos.containerSecurityContext.allowPrivilegeEscalation` | Switch privilegeEscalation possibility on or off | `false` | +| `server.thanos.containerSecurityContext.runAsNonRoot` | Force the container to run as a non root user | `true` | +| `server.thanos.containerSecurityContext.capabilities.drop` | Linux Kernel capabilities which should be dropped | `[]` | +| `server.thanos.prometheusUrl` | Override default prometheus url `http://localhost:9090` | `""` | +| `server.thanos.extraArgs` | Additional arguments passed to the thanos sidecar container | `[]` | +| `server.thanos.objectStorageConfig.secretName` | Support mounting a Secret for the objectStorageConfig of the sideCar container. | `""` | +| `server.thanos.objectStorageConfig.secretKey` | Secret key with the configuration file. | `thanos.yaml` | +| `server.thanos.extraVolumeMounts` | Additional volumeMounts from `server.volumes` for thanos sidecar container | `[]` | +| `server.thanos.resources.limits` | The resources limits for the Thanos sidecar container | `{}` | +| `server.thanos.resources.requests` | The resources requests for the Thanos sidecar container | `{}` | +| `server.thanos.livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `server.thanos.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `0` | +| `server.thanos.livenessProbe.periodSeconds` | How often to perform the probe | `5` | +| `server.thanos.livenessProbe.timeoutSeconds` | When the probe times out | `3` | +| `server.thanos.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `server.thanos.livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `server.thanos.readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `server.thanos.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `0` | +| `server.thanos.readinessProbe.periodSeconds` | How often to perform the probe | `5` | +| `server.thanos.readinessProbe.timeoutSeconds` | When the probe times out | `3` | +| `server.thanos.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `120` | +| `server.thanos.readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `server.thanos.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `server.thanos.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `server.thanos.service.type` | Kubernetes service type | `ClusterIP` | +| `server.thanos.service.ports.grpc` | Thanos service port | `10901` | +| `server.thanos.service.clusterIP` | Specific cluster IP when service type is cluster IP. Use `None` to create headless service by default. | `None` | +| `server.thanos.service.nodePorts.grpc` | Specify the nodePort value for the LoadBalancer and NodePort service types. | `""` | +| `server.thanos.service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `""` | +| `server.thanos.service.loadBalancerClass` | Thanos service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `server.thanos.service.loadBalancerSourceRanges` | Address that are allowed when svc is `LoadBalancer` | `[]` | +| `server.thanos.service.annotations` | Additional annotations for Prometheus service | `{}` | +| `server.thanos.service.extraPorts` | Additional ports to expose from the Thanos sidecar container | `[]` | +| `server.thanos.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | +| `server.thanos.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `server.thanos.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `server.thanos.ingress.enabled` | Enable ingress controller resource | `false` | +| `server.thanos.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `server.thanos.ingress.hostname` | Default host for the ingress record | `thanos.prometheus.local` | +| `server.thanos.ingress.path` | Default path for the ingress record | `/` | +| `server.thanos.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `server.thanos.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `server.thanos.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `server.thanos.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `server.thanos.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `server.thanos.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `server.thanos.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `server.thanos.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `server.thanos.ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | +| `server.ingress.enabled` | Enable ingress record generation for Prometheus | `false` | +| `server.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `server.ingress.hostname` | Default host for the ingress record | `server.prometheus.local` | +| `server.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `server.ingress.path` | Default path for the ingress record | `/` | +| `server.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `server.ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` | +| `server.ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` | +| `server.ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` | +| `server.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `server.ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` | +| `server.ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `server.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `server.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `server.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `server.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `server.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `server.service.type` | Prometheus service type | `LoadBalancer` | +| `server.service.ports.http` | Prometheus service HTTP port | `80` | +| `server.service.nodePorts.http` | Node port for HTTP | `""` | +| `server.service.clusterIP` | Prometheus service Cluster IP | `""` | +| `server.service.loadBalancerIP` | Prometheus service Load Balancer IP | `""` | +| `server.service.loadBalancerClass` | Prometheus service Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `server.service.loadBalancerSourceRanges` | Prometheus service Load Balancer sources | `[]` | +| `server.service.externalTrafficPolicy` | Prometheus service external traffic policy | `Cluster` | +| `server.service.annotations` | Additional custom annotations for Prometheus service | `{}` | +| `server.service.extraPorts` | Extra ports to expose in Prometheus service (normally used with the `sidecars` value) | `[]` | +| `server.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin. ClientIP by default. | `ClientIP` | +| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `server.persistence.enabled` | Enable persistence using Persistent Volume Claims. If you have multiple instances (server.repicacount > 1), please considere using an external storage service like Thanos or Grafana Mimir | `false` | +| `server.persistence.mountPath` | Path to mount the volume at. | `/bitnami/prometheus/data` | +| `server.persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | +| `server.persistence.storageClass` | Storage class of backing PVC | `""` | +| `server.persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `server.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `server.persistence.size` | Size of data volume | `8Gi` | +| `server.persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `server.persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `server.persistence.dataSource` | Custom PVC data source | `{}` | +| `server.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `server.rbac.rules` | Custom RBAC rules to set | `[]` | ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release --set alertmanager.enabled=true \ - oci://registry-1.docker.io/bitnamicharts/prometheus + oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command install Prometheus chart with Alertmanager. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/prometheus +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -499,13 +506,15 @@ kubectl create namespace monitoring helm install prometheus \ --set prometheus.thanos.create=true \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/prometheus + oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus helm install thanos \ --values values.yaml \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/thanos + oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + That's all! Now you have Thanos fully integrated with Prometheus and Alertmanager. ### Integrate Prometheus with Grafana Mimir @@ -531,11 +540,13 @@ kubectl create namespace monitoring helm install prometheus \ --values values.yaml \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/prometheus + oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus helm install grafana-mimir \ - oci://registry-1.docker.io/bitnamicharts/grafana-mimir + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana-mimir ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + That's all! Now you have Prometheus integrated with Grafana Mimir. ### Integrate Prometheus with Grafana @@ -575,13 +586,15 @@ For Helm 3: kubectl create namespace monitoring helm install prometheus \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/prometheus + oci://REGISTRY_NAME/REPOSITORY_NAME/prometheus helm install grafana-mimir \ --values values.yaml \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/grafana + oci://REGISTRY_NAME/REPOSITORY_NAME/grafana ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### How to add new targets By default this helm chart will monitor its own targets: prometheus and alertmanager. Additional ones can be added setting a list with the [scrape_configs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config) in the value `server.extraScrapeConfigs`. Here there is a simple example for wordpress (deployed in the default namespace): diff --git a/bitnami/prometheus/values.yaml b/bitnami/prometheus/values.yaml index 46777822c6564a..fe5fecbf3632ed 100644 --- a/bitnami/prometheus/values.yaml +++ b/bitnami/prometheus/values.yaml @@ -72,8 +72,8 @@ ingress: ## Bitnami Alertmanager image ## ref: https://hub.docker.com/r/bitnami/alertmanager/tags/ ## @param alertmanager.enabled Alertmanager enabled -## @param alertmanager.image.registry Alertmanager image registry -## @param alertmanager.image.repository Alertmanager image repository +## @param alertmanager.image.registry [default: REGISTRY_NAME] Alertmanager image registry +## @param alertmanager.image.repository [default: REPOSITORY_NAME/alertmanager] Alertmanager image repository ## @param alertmanager.image.tag Alertmanager image tag (immutable tags are recommended) ## @param alertmanager.image.digest Alertmanager image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param alertmanager.image.pullPolicy Alertmanager image pull policy @@ -573,8 +573,8 @@ alertmanager: ## ## Bitnami Prometheus image ## ref: https://hub.docker.com/r/bitnami/prometheus/tags/ -## @param server.image.registry Prometheus image registry -## @param server.image.repository Prometheus image repository +## @param server.image.registry [default: REGISTRY_NAME] Prometheus image registry +## @param server.image.repository [default: REPOSITORY_NAME/prometheus] Prometheus image repository ## @param server.image.tag Prometheus image tag (immutable tags are recommended) ## @param server.image.digest Prometheus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param server.image.pullPolicy Prometheus image pull policy @@ -942,8 +942,8 @@ server: create: false ## Bitnami Thanos image ## ref: https://hub.docker.com/r/bitnami/thanos/tags/ - ## @param server.thanos.image.registry Thanos image registry - ## @param server.thanos.image.repository Thanos image name + ## @param server.thanos.image.registry [default: REGISTRY_NAME] Thanos image registry + ## @param server.thanos.image.repository [default: REPOSITORY_NAME/thanos] Thanos image name ## @param server.thanos.image.tag Thanos image tag ## @param server.thanos.image.digest Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param server.thanos.image.pullPolicy Thanos image pull policy @@ -1485,8 +1485,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets diff --git a/bitnami/pytorch/README.md b/bitnami/pytorch/README.md index b69a3987cda4f2..9834853d0f7823 100644 --- a/bitnami/pytorch/README.md +++ b/bitnami/pytorch/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/pytorch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/pytorch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [PyTorch](https://github.com/bitnami/containers/tree/main/bitnami/pytorch) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use PyTorch in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/pytorch +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/pytorch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy PyTorch on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured. > **Tip**: List all releases using `helm list` @@ -79,81 +83,81 @@ The command removes all the Kubernetes components associated with the chart and ### PyTorch parameters -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | -| `image.registry` | PyTorch image registry | `docker.io` | -| `image.repository` | PyTorch image repository | `bitnami/pytorch` | -| `image.tag` | PyTorch image tag (immutable tags are recommended) | `2.1.0-debian-11-r0` | -| `image.digest` | PyTorch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | PyTorch image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `worldSize` | Number of nodes that will run the code | `1` | -| `containerPorts.pytorch` | PyTorch master port. `MASTER_PORT` will be set to this value | `49875` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `true` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `podSecurityContext.enabled` | Enabled Pytorch pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Pytorch pods' Security Context fsGroup | `1001` | -| `podSecurityContext.runAsUser` | Set Pytorch pods' Security Context runAsUser | `1001` | -| `containerSecurityContext.enabled` | Enabled Pytorch containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set Pytorch containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set Pytorch containers' Security Context runAsNonRoot | `true` | -| `containerSecurityContext.readOnlyRootFilesystem` | Set Pytorch containers' Security Context runAsNonRoot | `false` | -| `resources.limits` | The resources limits for the Pytorch containers | `{}` | -| `resources.requests` | The requested resources for the Pytorch containers | `{}` | -| `entrypoint.file` | Main entrypoint to your application | `""` | -| `entrypoint.args` | Args required by your entrypoint | `[]` | -| `architecture` | Run PyTorch in standalone or distributed mode. Possible values: `standalone`, `distributed` | `standalone` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `podLabels` | Extra labels for Pytorch pods | `{}` | -| `podAnnotations` | Annotations for Pytorch pods | `{}` | -| `existingConfigmap` | Config map that contains the files you want to load in PyTorch | `""` | -| `cloneFilesFromGit.enabled` | Enable in order to download files from git repository | `false` | -| `cloneFilesFromGit.repository` | Repository that holds the files | `""` | -| `cloneFilesFromGit.revision` | Revision from the repository to checkout | `""` | -| `cloneFilesFromGit.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `updateStrategy.type` | Pytorch statefulset strategy type | `RollingUpdate` | -| `podManagementPolicy` | Statefulset Pod management policy, it needs to be Parallel to be able to complete the cluster join | `OrderedReady` | -| `priorityClassName` | Pytorch pods' priorityClassName | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `schedulerName` | Name of the k8s scheduler (other than default) for Pytorch pods | `""` | -| `terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `lifecycleHooks` | for the Pytorch container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to Pytorch nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Pytorch nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Pytorch nodes | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the Pytorch pod(s) | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Pytorch container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the Pytorch pod(s) | `[]` | -| `initContainers` | Add additional init containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------- | +| `image.registry` | PyTorch image registry | `REGISTRY_NAME` | +| `image.repository` | PyTorch image repository | `REPOSITORY_NAME/pytorch` | +| `image.tag` | PyTorch image tag (immutable tags are recommended) | `2.1.0-debian-11-r0` | +| `image.digest` | PyTorch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | PyTorch image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `worldSize` | Number of nodes that will run the code | `1` | +| `containerPorts.pytorch` | PyTorch master port. `MASTER_PORT` will be set to this value | `49875` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `true` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `podSecurityContext.enabled` | Enabled Pytorch pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Pytorch pods' Security Context fsGroup | `1001` | +| `podSecurityContext.runAsUser` | Set Pytorch pods' Security Context runAsUser | `1001` | +| `containerSecurityContext.enabled` | Enabled Pytorch containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set Pytorch containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set Pytorch containers' Security Context runAsNonRoot | `true` | +| `containerSecurityContext.readOnlyRootFilesystem` | Set Pytorch containers' Security Context runAsNonRoot | `false` | +| `resources.limits` | The resources limits for the Pytorch containers | `{}` | +| `resources.requests` | The requested resources for the Pytorch containers | `{}` | +| `entrypoint.file` | Main entrypoint to your application | `""` | +| `entrypoint.args` | Args required by your entrypoint | `[]` | +| `architecture` | Run PyTorch in standalone or distributed mode. Possible values: `standalone`, `distributed` | `standalone` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `podLabels` | Extra labels for Pytorch pods | `{}` | +| `podAnnotations` | Annotations for Pytorch pods | `{}` | +| `existingConfigmap` | Config map that contains the files you want to load in PyTorch | `""` | +| `cloneFilesFromGit.enabled` | Enable in order to download files from git repository | `false` | +| `cloneFilesFromGit.repository` | Repository that holds the files | `""` | +| `cloneFilesFromGit.revision` | Revision from the repository to checkout | `""` | +| `cloneFilesFromGit.extraVolumeMounts` | Add extra volume mounts for the Git container | `[]` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `updateStrategy.type` | Pytorch statefulset strategy type | `RollingUpdate` | +| `podManagementPolicy` | Statefulset Pod management policy, it needs to be Parallel to be able to complete the cluster join | `OrderedReady` | +| `priorityClassName` | Pytorch pods' priorityClassName | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `schedulerName` | Name of the k8s scheduler (other than default) for Pytorch pods | `""` | +| `terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `lifecycleHooks` | for the Pytorch container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to Pytorch nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Pytorch nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Pytorch nodes | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the Pytorch pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Pytorch container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the Pytorch pod(s) | `[]` | +| `initContainers` | Add additional init containers to the %%MAIN_CONTAINER_NAME%% pod(s) | `[]` | ### Traffic Exposure Parameters @@ -174,23 +178,23 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `git.registry` | Git image registry | `docker.io` | -| `git.repository` | Git image repository | `bitnami/git` | -| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | -| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | -| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `git.registry` | Git image registry | `REGISTRY_NAME` | +| `git.repository` | Git image repository | `REPOSITORY_NAME/git` | +| `git.tag` | Git image tag (immutable tags are recommended) | `2.42.0-debian-11-r45` | +| `git.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `git.pullPolicy` | Git image pull policy | `IfNotPresent` | +| `git.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Persistence Parameters @@ -213,17 +217,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm helm install my-release \ --set mode=distributed \ --set worldSize=4 \ - oci://registry-1.docker.io/bitnamicharts/pytorch + oci://REGISTRY_NAME/REPOSITORY_NAME/pytorch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command create 4 pods for PyTorch: one master and three workers. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/pytorch +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/pytorch ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -252,7 +259,7 @@ Finally, if you want to clone a git repository you can use those parameters: ```console cloneFilesFromGit.enabled=true -cloneFilesFromGit.repository=https://github.com/my-user/oci://registry-1.docker.io/bitnamicharts +cloneFilesFromGit.repository=https://github.com/my-user/oci://REGISTRY_NAME/REPOSITORY_NAME cloneFilesFromGit.revision=master ``` diff --git a/bitnami/pytorch/values.yaml b/bitnami/pytorch/values.yaml index e931bdcff06c7c..0800596c686cf0 100644 --- a/bitnami/pytorch/values.yaml +++ b/bitnami/pytorch/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami PyTorch image version ## ref: https://hub.docker.com/r/bitnami/pytorch/tags/ -## @param image.registry PyTorch image registry -## @param image.repository PyTorch image repository +## @param image.registry [default: REGISTRY_NAME] PyTorch image registry +## @param image.repository [default: REPOSITORY_NAME/pytorch] PyTorch image repository ## @param image.tag PyTorch image tag (immutable tags are recommended) ## @param image.digest PyTorch image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy PyTorch image pull policy @@ -430,8 +430,8 @@ service: ## Bitnami git image version ## ref: https://hub.docker.com/r/bitnami/git/tags/ -## @param git.registry Git image registry -## @param git.repository Git image repository +## @param git.registry [default: REGISTRY_NAME] Git image registry +## @param git.repository [default: REPOSITORY_NAME/git] Git image repository ## @param git.tag Git image tag (immutable tags are recommended) ## @param git.digest Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param git.pullPolicy Git image pull policy @@ -459,8 +459,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/rabbitmq-cluster-operator/README.md b/bitnami/rabbitmq-cluster-operator/README.md index 80a8a8f16edc7e..abaa6320276852 100644 --- a/bitnami/rabbitmq-cluster-operator/README.md +++ b/bitnami/rabbitmq-cluster-operator/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq-cluster-operator +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq-cluster-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -35,9 +37,11 @@ Looking to use RabbitMQ Cluster Operator in production? Try [VMware Application To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq-cluster-operator +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq-cluster-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploy the RabbitMQ Cluster Kubernetes Operator on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -155,90 +159,90 @@ This solution allows to easily deploy multiple RabbitMQ instances compared to th ### RabbitMQ Cluster Operator Parameters -| Name | Description | Value | -| ------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | -| `rabbitmqImage.registry` | RabbitMQ Image registry | `docker.io` | -| `rabbitmqImage.repository` | RabbitMQ Image repository | `bitnami/rabbitmq` | -| `rabbitmqImage.tag` | RabbitMQ Image tag (immutable tags are recommended) | `3.11.23-debian-11-r23` | -| `rabbitmqImage.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `rabbitmqImage.pullSecrets` | RabbitMQ Image pull secrets | `[]` | -| `credentialUpdaterImage.registry` | RabbitMQ Default User Credential Updater image registry | `docker.io` | -| `credentialUpdaterImage.repository` | RabbitMQ Default User Credential Updater image repository | `bitnami/rmq-default-credential-updater` | -| `credentialUpdaterImage.tag` | RabbitMQ Default User Credential Updater image tag (immutable tags are recommended) | `1.0.4-debian-11-r0` | -| `credentialUpdaterImage.digest` | RabbitMQ Default User Credential Updater image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `credentialUpdaterImage.pullSecrets` | RabbitMQ Default User Credential Updater image pull secrets | `[]` | -| `clusterOperator.image.registry` | RabbitMQ Cluster Operator image registry | `docker.io` | -| `clusterOperator.image.repository` | RabbitMQ Cluster Operator image repository | `bitnami/rabbitmq-cluster-operator` | -| `clusterOperator.image.tag` | RabbitMQ Cluster Operator image tag (immutable tags are recommended) | `2.5.0-debian-11-r37` | -| `clusterOperator.image.digest` | RabbitMQ Cluster Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `clusterOperator.image.pullPolicy` | RabbitMQ Cluster Operator image pull policy | `IfNotPresent` | -| `clusterOperator.image.pullSecrets` | RabbitMQ Cluster Operator image pull secrets | `[]` | -| `clusterOperator.replicaCount` | Number of RabbitMQ Cluster Operator replicas to deploy | `1` | -| `clusterOperator.schedulerName` | Alternative scheduler | `""` | -| `clusterOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `clusterOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `clusterOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Cluster Operator nodes | `true` | -| `clusterOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `clusterOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | -| `clusterOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `clusterOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `clusterOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `clusterOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Cluster Operator nodes | `true` | -| `clusterOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `clusterOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | -| `clusterOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `clusterOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `clusterOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `clusterOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Cluster Operator nodes | `false` | -| `clusterOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `clusterOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | -| `clusterOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `clusterOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `clusterOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `clusterOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `clusterOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `clusterOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `clusterOperator.resources.limits` | The resources limits for the RabbitMQ Cluster Operator containers | `{}` | -| `clusterOperator.resources.requests` | The requested resources for the RabbitMQ Cluster Operator containers | `{}` | -| `clusterOperator.podSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator pods' Security Context | `true` | -| `clusterOperator.podSecurityContext.fsGroup` | Set RabbitMQ Cluster Operator pod's Security Context fsGroup | `1001` | -| `clusterOperator.containerSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator containers' Security Context | `true` | -| `clusterOperator.containerSecurityContext.runAsUser` | Set RabbitMQ Cluster Operator containers' Security Context runAsUser | `1001` | -| `clusterOperator.containerSecurityContext.runAsNonRoot` | Force running the container as non root | `true` | -| `clusterOperator.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem on cluster operator containers | `true` | -| `clusterOperator.containerSecurityContext.capabilities.drop` | Drop all linux capabilities except the ones explicitly defined | `["ALL"]` | -| `clusterOperator.containerSecurityContext.allowPrivilegeEscalation` | Allow privilege escalation for cluster operator containers | `false` | -| `clusterOperator.containerSecurityContext.seccompProfile.type` | Enable seccomp profile for cluster operator containers | `RuntimeDefault` | -| `clusterOperator.command` | Override default container command (useful when using custom images) | `[]` | -| `clusterOperator.args` | Override default container args (useful when using custom images) | `[]` | -| `clusterOperator.hostAliases` | RabbitMQ Cluster Operator pods host aliases | `[]` | -| `clusterOperator.podLabels` | Extra labels for RabbitMQ Cluster Operator pods | `{}` | -| `clusterOperator.podAnnotations` | Annotations for RabbitMQ Cluster Operator pods | `{}` | -| `clusterOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `clusterOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `clusterOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `clusterOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `clusterOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `clusterOperator.affinity` | Affinity for RabbitMQ Cluster Operator pods assignment | `{}` | -| `clusterOperator.nodeSelector` | Node labels for RabbitMQ Cluster Operator pods assignment | `{}` | -| `clusterOperator.tolerations` | Tolerations for RabbitMQ Cluster Operator pods assignment | `[]` | -| `clusterOperator.updateStrategy.type` | RabbitMQ Cluster Operator statefulset strategy type | `RollingUpdate` | -| `clusterOperator.priorityClassName` | RabbitMQ Cluster Operator pods' priorityClassName | `""` | -| `clusterOperator.lifecycleHooks` | for the RabbitMQ Cluster Operator container(s) to automate configuration before or after startup | `{}` | -| `clusterOperator.containerPorts.metrics` | RabbitMQ Cluster Operator container port (used for metrics) | `9782` | -| `clusterOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | -| `clusterOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `clusterOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `clusterOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Cluster Operator container(s) | `[]` | -| `clusterOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.initContainers` | Add additional init containers to the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `clusterOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | -| `clusterOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `clusterOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `clusterOperator.serviceAccount.annotations` | Add annotations | `{}` | -| `clusterOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | +| Name | Description | Value | +| ------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ | +| `rabbitmqImage.registry` | RabbitMQ Image registry | `REGISTRY_NAME` | +| `rabbitmqImage.repository` | RabbitMQ Image repository | `REPOSITORY_NAME/rabbitmq` | +| `rabbitmqImage.tag` | RabbitMQ Image tag (immutable tags are recommended) | `3.11.23-debian-11-r23` | +| `rabbitmqImage.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `rabbitmqImage.pullSecrets` | RabbitMQ Image pull secrets | `[]` | +| `credentialUpdaterImage.registry` | RabbitMQ Default User Credential Updater image registry | `REGISTRY_NAME` | +| `credentialUpdaterImage.repository` | RabbitMQ Default User Credential Updater image repository | `REPOSITORY_NAME/rmq-default-credential-updater` | +| `credentialUpdaterImage.tag` | RabbitMQ Default User Credential Updater image tag (immutable tags are recommended) | `1.0.4-debian-11-r0` | +| `credentialUpdaterImage.digest` | RabbitMQ Default User Credential Updater image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `credentialUpdaterImage.pullSecrets` | RabbitMQ Default User Credential Updater image pull secrets | `[]` | +| `clusterOperator.image.registry` | RabbitMQ Cluster Operator image registry | `REGISTRY_NAME` | +| `clusterOperator.image.repository` | RabbitMQ Cluster Operator image repository | `REPOSITORY_NAME/rabbitmq-cluster-operator` | +| `clusterOperator.image.tag` | RabbitMQ Cluster Operator image tag (immutable tags are recommended) | `2.5.0-debian-11-r37` | +| `clusterOperator.image.digest` | RabbitMQ Cluster Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `clusterOperator.image.pullPolicy` | RabbitMQ Cluster Operator image pull policy | `IfNotPresent` | +| `clusterOperator.image.pullSecrets` | RabbitMQ Cluster Operator image pull secrets | `[]` | +| `clusterOperator.replicaCount` | Number of RabbitMQ Cluster Operator replicas to deploy | `1` | +| `clusterOperator.schedulerName` | Alternative scheduler | `""` | +| `clusterOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `clusterOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `clusterOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Cluster Operator nodes | `true` | +| `clusterOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `clusterOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | +| `clusterOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `clusterOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `clusterOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `clusterOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Cluster Operator nodes | `true` | +| `clusterOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `clusterOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | +| `clusterOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `clusterOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `clusterOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `clusterOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Cluster Operator nodes | `false` | +| `clusterOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `clusterOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | +| `clusterOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `clusterOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `clusterOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `clusterOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `clusterOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `clusterOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `clusterOperator.resources.limits` | The resources limits for the RabbitMQ Cluster Operator containers | `{}` | +| `clusterOperator.resources.requests` | The requested resources for the RabbitMQ Cluster Operator containers | `{}` | +| `clusterOperator.podSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator pods' Security Context | `true` | +| `clusterOperator.podSecurityContext.fsGroup` | Set RabbitMQ Cluster Operator pod's Security Context fsGroup | `1001` | +| `clusterOperator.containerSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator containers' Security Context | `true` | +| `clusterOperator.containerSecurityContext.runAsUser` | Set RabbitMQ Cluster Operator containers' Security Context runAsUser | `1001` | +| `clusterOperator.containerSecurityContext.runAsNonRoot` | Force running the container as non root | `true` | +| `clusterOperator.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem on cluster operator containers | `true` | +| `clusterOperator.containerSecurityContext.capabilities.drop` | Drop all linux capabilities except the ones explicitly defined | `["ALL"]` | +| `clusterOperator.containerSecurityContext.allowPrivilegeEscalation` | Allow privilege escalation for cluster operator containers | `false` | +| `clusterOperator.containerSecurityContext.seccompProfile.type` | Enable seccomp profile for cluster operator containers | `RuntimeDefault` | +| `clusterOperator.command` | Override default container command (useful when using custom images) | `[]` | +| `clusterOperator.args` | Override default container args (useful when using custom images) | `[]` | +| `clusterOperator.hostAliases` | RabbitMQ Cluster Operator pods host aliases | `[]` | +| `clusterOperator.podLabels` | Extra labels for RabbitMQ Cluster Operator pods | `{}` | +| `clusterOperator.podAnnotations` | Annotations for RabbitMQ Cluster Operator pods | `{}` | +| `clusterOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `clusterOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `clusterOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `clusterOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `clusterOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `clusterOperator.affinity` | Affinity for RabbitMQ Cluster Operator pods assignment | `{}` | +| `clusterOperator.nodeSelector` | Node labels for RabbitMQ Cluster Operator pods assignment | `{}` | +| `clusterOperator.tolerations` | Tolerations for RabbitMQ Cluster Operator pods assignment | `[]` | +| `clusterOperator.updateStrategy.type` | RabbitMQ Cluster Operator statefulset strategy type | `RollingUpdate` | +| `clusterOperator.priorityClassName` | RabbitMQ Cluster Operator pods' priorityClassName | `""` | +| `clusterOperator.lifecycleHooks` | for the RabbitMQ Cluster Operator container(s) to automate configuration before or after startup | `{}` | +| `clusterOperator.containerPorts.metrics` | RabbitMQ Cluster Operator container port (used for metrics) | `9782` | +| `clusterOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | +| `clusterOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `clusterOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `clusterOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Cluster Operator container(s) | `[]` | +| `clusterOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.initContainers` | Add additional init containers to the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `clusterOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | +| `clusterOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `clusterOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `clusterOperator.serviceAccount.annotations` | Add annotations | `{}` | +| `clusterOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | ### RabbitMQ Cluster Operator Metrics parameters @@ -271,93 +275,93 @@ This solution allows to easily deploy multiple RabbitMQ instances compared to th ### RabbitMQ Messaging Topology Operator Parameters -| Name | Description | Value | -| --------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------- | -| `msgTopologyOperator.enabled` | Deploy RabbitMQ Messaging Topology Operator as part of the installation | `true` | -| `msgTopologyOperator.image.registry` | RabbitMQ Messaging Topology Operator image registry | `docker.io` | -| `msgTopologyOperator.image.repository` | RabbitMQ Messaging Topology Operator image repository | `bitnami/rmq-messaging-topology-operator` | -| `msgTopologyOperator.image.tag` | RabbitMQ Messaging Topology Operator image tag (immutable tags are recommended) | `1.12.0-debian-11-r58` | -| `msgTopologyOperator.image.digest` | RabbitMQ Messaging Topology Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `msgTopologyOperator.image.pullPolicy` | RabbitMQ Messaging Topology Operator image pull policy | `IfNotPresent` | -| `msgTopologyOperator.image.pullSecrets` | RabbitMQ Messaging Topology Operator image pull secrets | `[]` | -| `msgTopologyOperator.replicaCount` | Number of RabbitMQ Messaging Topology Operator replicas to deploy | `1` | -| `msgTopologyOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `msgTopologyOperator.schedulerName` | Alternative scheduler | `""` | -| `msgTopologyOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `msgTopologyOperator.hostNetwork` | Boolean | `false` | -| `msgTopologyOperator.dnsPolicy` | Alternative DNS policy | `ClusterFirst` | -| `msgTopologyOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | -| `msgTopologyOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | -| `msgTopologyOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `msgTopologyOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | -| `msgTopologyOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | -| `msgTopologyOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `msgTopologyOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Messaging Topology Operator nodes | `false` | -| `msgTopologyOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | -| `msgTopologyOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `msgTopologyOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `msgTopologyOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `msgTopologyOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `msgTopologyOperator.existingWebhookCertSecret` | name of a secret containing the certificates (use it to avoid certManager creating one) | `""` | -| `msgTopologyOperator.existingWebhookCertCABundle` | PEM-encoded CA Bundle of the existing secret provided in existingWebhookCertSecret (only if useCertManager=false) | `""` | -| `msgTopologyOperator.resources.limits` | The resources limits for the RabbitMQ Messaging Topology Operator containers | `{}` | -| `msgTopologyOperator.resources.requests` | The requested resources for the RabbitMQ Messaging Topology Operator containers | `{}` | -| `msgTopologyOperator.podSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator pods' Security Context | `true` | -| `msgTopologyOperator.podSecurityContext.fsGroup` | Set RabbitMQ Messaging Topology Operator pod's Security Context fsGroup | `1001` | -| `msgTopologyOperator.containerSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator containers' Security Context | `true` | -| `msgTopologyOperator.containerSecurityContext.runAsUser` | Set RabbitMQ Messaging Topology Operator containers' Security Context runAsUser | `1001` | -| `msgTopologyOperator.containerSecurityContext.runAsNonRoot` | Force running the container as non root | `true` | -| `msgTopologyOperator.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem on Messaging Topology Operator | `true` | -| `msgTopologyOperator.fullnameOverride` | String to fully override rmqco.msgTopologyOperator.fullname template | `""` | -| `msgTopologyOperator.command` | Override default container command (useful when using custom images) | `[]` | -| `msgTopologyOperator.args` | Override default container args (useful when using custom images) | `[]` | -| `msgTopologyOperator.hostAliases` | RabbitMQ Messaging Topology Operator pods host aliases | `[]` | -| `msgTopologyOperator.podLabels` | Extra labels for RabbitMQ Messaging Topology Operator pods | `{}` | -| `msgTopologyOperator.podAnnotations` | Annotations for RabbitMQ Messaging Topology Operator pods | `{}` | -| `msgTopologyOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `msgTopologyOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `msgTopologyOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `msgTopologyOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `msgTopologyOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `msgTopologyOperator.affinity` | Affinity for RabbitMQ Messaging Topology Operator pods assignment | `{}` | -| `msgTopologyOperator.nodeSelector` | Node labels for RabbitMQ Messaging Topology Operator pods assignment | `{}` | -| `msgTopologyOperator.tolerations` | Tolerations for RabbitMQ Messaging Topology Operator pods assignment | `[]` | -| `msgTopologyOperator.updateStrategy.type` | RabbitMQ Messaging Topology Operator statefulset strategy type | `RollingUpdate` | -| `msgTopologyOperator.priorityClassName` | RabbitMQ Messaging Topology Operator pods' priorityClassName | `""` | -| `msgTopologyOperator.lifecycleHooks` | for the RabbitMQ Messaging Topology Operator container(s) to automate configuration before or after startup | `{}` | -| `msgTopologyOperator.containerPorts.metrics` | RabbitMQ Messaging Topology Operator container port (used for metrics) | `8080` | -| `msgTopologyOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Messaging Topology Operator nodes | `[]` | -| `msgTopologyOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | -| `msgTopologyOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | -| `msgTopologyOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Messaging Topology Operator container(s) | `[]` | -| `msgTopologyOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.initContainers` | Add additional init containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.service.type` | RabbitMQ Messaging Topology Operator webhook service type | `ClusterIP` | -| `msgTopologyOperator.service.ports.webhook` | RabbitMQ Messaging Topology Operator webhook service HTTP port | `443` | -| `msgTopologyOperator.service.nodePorts.http` | Node port for HTTP | `""` | -| `msgTopologyOperator.service.clusterIP` | RabbitMQ Messaging Topology Operator webhook service Cluster IP | `""` | -| `msgTopologyOperator.service.loadBalancerIP` | RabbitMQ Messaging Topology Operator webhook service Load Balancer IP | `""` | -| `msgTopologyOperator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `msgTopologyOperator.service.loadBalancerSourceRanges` | RabbitMQ Messaging Topology Operator webhook service Load Balancer sources | `[]` | -| `msgTopologyOperator.service.externalTrafficPolicy` | RabbitMQ Messaging Topology Operator webhook service external traffic policy | `Cluster` | -| `msgTopologyOperator.service.annotations` | Additional custom annotations for RabbitMQ Messaging Topology Operator webhook service | `{}` | -| `msgTopologyOperator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `msgTopologyOperator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `msgTopologyOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `msgTopologyOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `msgTopologyOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `msgTopologyOperator.serviceAccount.annotations` | Add annotations | `{}` | -| `msgTopologyOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | +| Name | Description | Value | +| --------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------- | +| `msgTopologyOperator.enabled` | Deploy RabbitMQ Messaging Topology Operator as part of the installation | `true` | +| `msgTopologyOperator.image.registry` | RabbitMQ Messaging Topology Operator image registry | `REGISTRY_NAME` | +| `msgTopologyOperator.image.repository` | RabbitMQ Messaging Topology Operator image repository | `REPOSITORY_NAME/rmq-messaging-topology-operator` | +| `msgTopologyOperator.image.tag` | RabbitMQ Messaging Topology Operator image tag (immutable tags are recommended) | `1.12.0-debian-11-r58` | +| `msgTopologyOperator.image.digest` | RabbitMQ Messaging Topology Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `msgTopologyOperator.image.pullPolicy` | RabbitMQ Messaging Topology Operator image pull policy | `IfNotPresent` | +| `msgTopologyOperator.image.pullSecrets` | RabbitMQ Messaging Topology Operator image pull secrets | `[]` | +| `msgTopologyOperator.replicaCount` | Number of RabbitMQ Messaging Topology Operator replicas to deploy | `1` | +| `msgTopologyOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `msgTopologyOperator.schedulerName` | Alternative scheduler | `""` | +| `msgTopologyOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `msgTopologyOperator.hostNetwork` | Boolean | `false` | +| `msgTopologyOperator.dnsPolicy` | Alternative DNS policy | `ClusterFirst` | +| `msgTopologyOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | +| `msgTopologyOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | +| `msgTopologyOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `msgTopologyOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | +| `msgTopologyOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | +| `msgTopologyOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `msgTopologyOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Messaging Topology Operator nodes | `false` | +| `msgTopologyOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | +| `msgTopologyOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `msgTopologyOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `msgTopologyOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `msgTopologyOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `msgTopologyOperator.existingWebhookCertSecret` | name of a secret containing the certificates (use it to avoid certManager creating one) | `""` | +| `msgTopologyOperator.existingWebhookCertCABundle` | PEM-encoded CA Bundle of the existing secret provided in existingWebhookCertSecret (only if useCertManager=false) | `""` | +| `msgTopologyOperator.resources.limits` | The resources limits for the RabbitMQ Messaging Topology Operator containers | `{}` | +| `msgTopologyOperator.resources.requests` | The requested resources for the RabbitMQ Messaging Topology Operator containers | `{}` | +| `msgTopologyOperator.podSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator pods' Security Context | `true` | +| `msgTopologyOperator.podSecurityContext.fsGroup` | Set RabbitMQ Messaging Topology Operator pod's Security Context fsGroup | `1001` | +| `msgTopologyOperator.containerSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator containers' Security Context | `true` | +| `msgTopologyOperator.containerSecurityContext.runAsUser` | Set RabbitMQ Messaging Topology Operator containers' Security Context runAsUser | `1001` | +| `msgTopologyOperator.containerSecurityContext.runAsNonRoot` | Force running the container as non root | `true` | +| `msgTopologyOperator.containerSecurityContext.readOnlyRootFilesystem` | mount / (root) as a readonly filesystem on Messaging Topology Operator | `true` | +| `msgTopologyOperator.fullnameOverride` | String to fully override rmqco.msgTopologyOperator.fullname template | `""` | +| `msgTopologyOperator.command` | Override default container command (useful when using custom images) | `[]` | +| `msgTopologyOperator.args` | Override default container args (useful when using custom images) | `[]` | +| `msgTopologyOperator.hostAliases` | RabbitMQ Messaging Topology Operator pods host aliases | `[]` | +| `msgTopologyOperator.podLabels` | Extra labels for RabbitMQ Messaging Topology Operator pods | `{}` | +| `msgTopologyOperator.podAnnotations` | Annotations for RabbitMQ Messaging Topology Operator pods | `{}` | +| `msgTopologyOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `msgTopologyOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `msgTopologyOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `msgTopologyOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `msgTopologyOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `msgTopologyOperator.affinity` | Affinity for RabbitMQ Messaging Topology Operator pods assignment | `{}` | +| `msgTopologyOperator.nodeSelector` | Node labels for RabbitMQ Messaging Topology Operator pods assignment | `{}` | +| `msgTopologyOperator.tolerations` | Tolerations for RabbitMQ Messaging Topology Operator pods assignment | `[]` | +| `msgTopologyOperator.updateStrategy.type` | RabbitMQ Messaging Topology Operator statefulset strategy type | `RollingUpdate` | +| `msgTopologyOperator.priorityClassName` | RabbitMQ Messaging Topology Operator pods' priorityClassName | `""` | +| `msgTopologyOperator.lifecycleHooks` | for the RabbitMQ Messaging Topology Operator container(s) to automate configuration before or after startup | `{}` | +| `msgTopologyOperator.containerPorts.metrics` | RabbitMQ Messaging Topology Operator container port (used for metrics) | `8080` | +| `msgTopologyOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Messaging Topology Operator nodes | `[]` | +| `msgTopologyOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | +| `msgTopologyOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | +| `msgTopologyOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Messaging Topology Operator container(s) | `[]` | +| `msgTopologyOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.initContainers` | Add additional init containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.service.type` | RabbitMQ Messaging Topology Operator webhook service type | `ClusterIP` | +| `msgTopologyOperator.service.ports.webhook` | RabbitMQ Messaging Topology Operator webhook service HTTP port | `443` | +| `msgTopologyOperator.service.nodePorts.http` | Node port for HTTP | `""` | +| `msgTopologyOperator.service.clusterIP` | RabbitMQ Messaging Topology Operator webhook service Cluster IP | `""` | +| `msgTopologyOperator.service.loadBalancerIP` | RabbitMQ Messaging Topology Operator webhook service Load Balancer IP | `""` | +| `msgTopologyOperator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `msgTopologyOperator.service.loadBalancerSourceRanges` | RabbitMQ Messaging Topology Operator webhook service Load Balancer sources | `[]` | +| `msgTopologyOperator.service.externalTrafficPolicy` | RabbitMQ Messaging Topology Operator webhook service external traffic policy | `Cluster` | +| `msgTopologyOperator.service.annotations` | Additional custom annotations for RabbitMQ Messaging Topology Operator webhook service | `{}` | +| `msgTopologyOperator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `msgTopologyOperator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `msgTopologyOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `msgTopologyOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `msgTopologyOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `msgTopologyOperator.serviceAccount.annotations` | Add annotations | `{}` | +| `msgTopologyOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `true` | ### RabbitMQ Messaging Topology Operator parameters @@ -399,17 +403,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set livenessProbe.enabled=false \ - oci://registry-1.docker.io/bitnamicharts/rabbitmq-cluster-operator + oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq-cluster-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command disables the Operator liveness probes. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/rabbitmq-cluster-operator +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq-cluster-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -504,9 +511,11 @@ You need to manually delete the old CRD before upgrading the release. ```console kubectl delete crd rabbitmqclusters.rabbitmq.com -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq-cluster-operator +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq-cluster-operator ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## License Copyright © 2023 VMware, Inc. diff --git a/bitnami/rabbitmq-cluster-operator/values.yaml b/bitnami/rabbitmq-cluster-operator/values.yaml index 67c188f0f94a5e..a7cd195388175a 100644 --- a/bitnami/rabbitmq-cluster-operator/values.yaml +++ b/bitnami/rabbitmq-cluster-operator/values.yaml @@ -56,8 +56,8 @@ diagnosticMode: ## Bitnami RabbitMQ Image ## ref: https://hub.docker.com/r/bitnami/rabbitmq/tags/ -## @param rabbitmqImage.registry RabbitMQ Image registry -## @param rabbitmqImage.repository RabbitMQ Image repository +## @param rabbitmqImage.registry [default: REGISTRY_NAME] RabbitMQ Image registry +## @param rabbitmqImage.repository [default: REPOSITORY_NAME/rabbitmq] RabbitMQ Image repository ## @param rabbitmqImage.tag RabbitMQ Image tag (immutable tags are recommended) ## @param rabbitmqImage.digest RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param rabbitmqImage.pullSecrets RabbitMQ Image pull secrets @@ -78,8 +78,8 @@ rabbitmqImage: ## Bitnami RabbitMQ Default User Credential Updater Image ## ref: https://hub.docker.com/r/bitnami/rmq-default-credential-updater/tags/ -## @param credentialUpdaterImage.registry RabbitMQ Default User Credential Updater image registry -## @param credentialUpdaterImage.repository RabbitMQ Default User Credential Updater image repository +## @param credentialUpdaterImage.registry [default: REGISTRY_NAME] RabbitMQ Default User Credential Updater image registry +## @param credentialUpdaterImage.repository [default: REPOSITORY_NAME/rmq-default-credential-updater] RabbitMQ Default User Credential Updater image repository ## @param credentialUpdaterImage.tag RabbitMQ Default User Credential Updater image tag (immutable tags are recommended) ## @param credentialUpdaterImage.digest RabbitMQ Default User Credential Updater image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param credentialUpdaterImage.pullSecrets RabbitMQ Default User Credential Updater image pull secrets @@ -101,8 +101,8 @@ credentialUpdaterImage: clusterOperator: ## Bitnami RabbitMQ Cluster Operator image ## ref: https://hub.docker.com/r/bitnami/rabbitmq-cluster-operator/tags/ - ## @param clusterOperator.image.registry RabbitMQ Cluster Operator image registry - ## @param clusterOperator.image.repository RabbitMQ Cluster Operator image repository + ## @param clusterOperator.image.registry [default: REGISTRY_NAME] RabbitMQ Cluster Operator image registry + ## @param clusterOperator.image.repository [default: REPOSITORY_NAME/rabbitmq-cluster-operator] RabbitMQ Cluster Operator image repository ## @param clusterOperator.image.tag RabbitMQ Cluster Operator image tag (immutable tags are recommended) ## @param clusterOperator.image.digest RabbitMQ Cluster Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param clusterOperator.image.pullPolicy RabbitMQ Cluster Operator image pull policy @@ -513,8 +513,8 @@ msgTopologyOperator: enabled: true ## Bitnami RabbitMQ Messaging Topology Operator image ## ref: https://hub.docker.com/r/bitnami/rmq-messaging-topology-operator/tags/ - ## @param msgTopologyOperator.image.registry RabbitMQ Messaging Topology Operator image registry - ## @param msgTopologyOperator.image.repository RabbitMQ Messaging Topology Operator image repository + ## @param msgTopologyOperator.image.registry [default: REGISTRY_NAME] RabbitMQ Messaging Topology Operator image registry + ## @param msgTopologyOperator.image.repository [default: REPOSITORY_NAME/rmq-messaging-topology-operator] RabbitMQ Messaging Topology Operator image repository ## @param msgTopologyOperator.image.tag RabbitMQ Messaging Topology Operator image tag (immutable tags are recommended) ## @param msgTopologyOperator.image.digest RabbitMQ Messaging Topology Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param msgTopologyOperator.image.pullPolicy RabbitMQ Messaging Topology Operator image pull policy diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index 6f725cc7eda6e6..49298583128734 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [RabbitMQ](https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use RabbitMQ in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys RabbitMQ on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -62,15 +66,15 @@ The command removes all the Kubernetes components associated with the chart and ### RabbitMQ Image parameters -| Name | Description | Value | -| ------------------- | -------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | RabbitMQ image registry | `docker.io` | -| `image.repository` | RabbitMQ image repository | `bitnami/rabbitmq` | -| `image.tag` | RabbitMQ image tag (immutable tags are recommended) | `3.12.7-debian-11-r0` | -| `image.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | RabbitMQ image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Set to true if you would like to see extra information on logs | `false` | +| Name | Description | Value | +| ------------------- | -------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | RabbitMQ image registry | `REGISTRY_NAME` | +| `image.repository` | RabbitMQ image repository | `REPOSITORY_NAME/rabbitmq` | +| `image.tag` | RabbitMQ image tag (immutable tags are recommended) | `3.12.7-debian-11-r0` | +| `image.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | RabbitMQ image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Set to true if you would like to see extra information on logs | `false` | ### Common parameters @@ -353,18 +357,18 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | The above parameters map to the env variables defined in [bitnami/rabbitmq](https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq). For more information please refer to the [bitnami/rabbitmq](https://github.com/bitnami/containers/tree/main/bitnami/rabbitmq) image documentation. @@ -373,9 +377,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.username=admin,auth.password=secretpassword,auth.erlangCookie=secretcookie \ - oci://registry-1.docker.io/bitnamicharts/rabbitmq + oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the RabbitMQ admin username and password to `admin` and `secretpassword` respectively. Additionally the secure erlang cookie is set to `secretcookie`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -383,9 +389,10 @@ The above command sets the RabbitMQ admin username and password to `admin` and ` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/rabbitmq +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -515,19 +522,21 @@ This happens if the pod management policy of the statefulset is not `Parallel` a ```console $ kubectl delete statefulset STATEFULSET_NAME --cascade=false -helm upgrade RELEASE_NAME oci://registry-1.docker.io/bitnamicharts/rabbitmq \ +helm upgrade RELEASE_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq \ --set podManagementPolicy=Parallel \ --set replicaCount=NUMBER_OF_REPLICAS \ --set auth.password=PASSWORD \ --set auth.erlangCookie=ERLANG_COOKIE ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + For a faster resyncronization of the nodes, you can temporarily disable the readiness probe by setting `readinessProbe.enabled=false`. Bear in mind that the pods will be exposed before they are actually ready to process requests. If the steps above don't bring the cluster to a healthy state, it could be possible that none of the RabbitMQ nodes think they were the last node to be up during the shutdown. In those cases, you can force the boot of the nodes by specifying the `clustering.forceBoot=true` parameter (which will execute [`rabbitmqctl force_boot`](https://www.rabbitmq.com/rabbitmqctl.8.html#force_boot) in each pod): ```console -helm upgrade RELEASE_NAME oci://registry-1.docker.io/bitnamicharts/rabbitmq \ +helm upgrade RELEASE_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq \ --set podManagementPolicy=Parallel \ --set clustering.forceBoot=true \ --set replicaCount=NUMBER_OF_REPLICAS \ @@ -535,6 +544,8 @@ helm upgrade RELEASE_NAME oci://registry-1.docker.io/bitnamicharts/rabbitmq \ --set auth.erlangCookie=ERLANG_COOKIE ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + More information: [Clustering Guide: Restarting](https://www.rabbitmq.com/clustering.html#restarting). ### Known issues @@ -554,9 +565,11 @@ The chart mounts a [Persistent Volume](https://kubernetes.io/docs/concepts/stora 3. Install the chart ```console -helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/rabbitmq +helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Adjust permissions of the persistence volume mountpoint As the image runs as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. @@ -589,9 +602,11 @@ Find more information about how to deal with common errors related to Bitnami's It's necessary to set the `auth.password` and `auth.erlangCookie` parameters when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Credentials' section. Please note down the password and the cookie, and run the command below to upgrade your chart: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/rabbitmq --set auth.password=[PASSWORD] --set auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/rabbitmq --set auth.password=[PASSWORD] --set auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholders [PASSWORD] and [RABBITMQ_ERLANG_COOKIE] with the values obtained in the installation notes. ### To 11.0.0 diff --git a/bitnami/rabbitmq/values.yaml b/bitnami/rabbitmq/values.yaml index 5b12377339f97a..9a78e0c76fcdac 100644 --- a/bitnami/rabbitmq/values.yaml +++ b/bitnami/rabbitmq/values.yaml @@ -23,8 +23,8 @@ global: ## @section RabbitMQ Image parameters ## Bitnami RabbitMQ image version ## ref: https://hub.docker.com/r/bitnami/rabbitmq/tags/ -## @param image.registry RabbitMQ image registry -## @param image.repository RabbitMQ image repository +## @param image.registry [default: REGISTRY_NAME] RabbitMQ image registry +## @param image.repository [default: REPOSITORY_NAME/rabbitmq] RabbitMQ image repository ## @param image.tag RabbitMQ image tag (immutable tags are recommended) ## @param image.digest RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy RabbitMQ image pull policy @@ -1383,8 +1383,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/redis-cluster/README.md b/bitnami/redis-cluster/README.md index a8656129a48af4..349def76bd28c0 100644 --- a/bitnami/redis-cluster/README.md +++ b/bitnami/redis-cluster/README.md @@ -11,9 +11,11 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Redis®](https://github.com/bitnami/containers/tree/main/bitnami/redis) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -45,17 +47,20 @@ Looking to use Redisreg; Cluster in production? Try [VMware Application Catalog] To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Redis® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. NOTE: if you get a timeout error waiting for the hook to complete increase the default timeout (300s) to a higher one, for example: ```console -helm install --timeout 600s myrelease oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm install --timeout 600s myrelease oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: List all releases using `helm list` ## Uninstalling the Chart @@ -81,96 +86,96 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® Cluster Common parameters -| Name | Description | Value | -| ------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | -| `fullnameOverride` | String to fully override common.names.fullname template | `""` | -| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` | -| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | -| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | -| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | -| `image.registry` | Redis® cluster image registry | `docker.io` | -| `image.repository` | Redis® cluster image repository | `bitnami/redis-cluster` | -| `image.tag` | Redis® cluster image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `image.digest` | Redis® cluster image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Redis® cluster image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | -| `networkPolicy.allowExternal` | The Policy model to apply. Don't require client label for connections | `true` | -| `networkPolicy.ingressNSMatchLabels` | Allow connections from other namespacess. Just set label for namespace and set label for pods (optional). | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | For other namespaces match by pod labels and namespace labels | `{}` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | -| `serviceAccount.name` | The name of the ServiceAccount to create | `""` | -| `serviceAccount.annotations` | Annotations for Cassandra Service Account | `{}` | -| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | -| `rbac.create` | Specifies whether RBAC resources should be created | `false` | -| `rbac.role.rules` | Rules to create. It follows the role specification | `[]` | -| `podSecurityContext.enabled` | Enable Redis® pod Security Context | `true` | -| `podSecurityContext.fsGroup` | Group ID for the pods | `1001` | -| `podSecurityContext.runAsUser` | User ID for the pods | `1001` | -| `podSecurityContext.sysctls` | Set namespaced sysctls for the pods | `[]` | -| `podDisruptionBudget` | Limits the number of pods of the replicated application that are down simultaneously from voluntary disruptions | `{}` | -| `minAvailable` | Min number of pods that must still be available after the eviction | `""` | -| `maxUnavailable` | Max number of pods that can be unavailable after the eviction | `""` | -| `containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | User ID for the containers. | `1001` | -| `containerSecurityContext.runAsNonRoot` | Run container as non root | `true` | -| `usePassword` | Use password authentication | `true` | -| `password` | Redis® password (ignored if existingSecret set) | `""` | -| `existingSecret` | Name of existing secret object (for password authentication) | `""` | -| `existingSecretPasswordKey` | Name of key containing password to be retrieved from the existing secret | `""` | -| `usePasswordFile` | Mount passwords as files instead of environment variables | `false` | -| `tls.enabled` | Enable TLS support for replication traffic | `false` | -| `tls.authClients` | Require clients to authenticate or not | `true` | -| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | -| `tls.existingSecret` | The name of the existing secret that contains the TLS certificates | `""` | -| `tls.certificatesSecret` | DEPRECATED. Use tls.existingSecret instead | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` | -| `service.ports.redis` | Kubernetes Redis service port | `6379` | -| `service.nodePorts.redis` | Node port for Redis | `""` | -| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Provide any additional annotations which may be required. | `{}` | -| `service.labels` | Additional labels for redis service | `{}` | -| `service.type` | Service type for default redis service | `ClusterIP` | -| `service.clusterIP` | Service Cluster IP | `""` | -| `service.loadBalancerIP` | Load balancer IP if `service.type` is `LoadBalancer` | `""` | -| `service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | -| `service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `service.headless.annotations` | Annotations for the headless service. | `{}` | -| `persistence.enabled` | Enable persistence on Redis® | `true` | -| `persistence.path` | Path to mount the volume at, to use other images Redis® images. | `/bitnami/redis/data` | -| `persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | -| `persistence.storageClass` | Storage class of backing PVC | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | -| `persistence.size` | Size of data volume | `8Gi` | -| `persistence.matchLabels` | Persistent Volume selectors | `{}` | -| `persistence.matchExpressions` | matchExpressions Persistent Volume selectors | `{}` | -| `persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the containers. | `0` | -| `volumePermissions.containerSecurityContext.privileged` | Run container as privileged | `false` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | -| `podSecurityPolicy.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | +| Name | Description | Value | +| ------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `""` | +| `fullnameOverride` | String to fully override common.names.fullname template | `""` | +| `clusterDomain` | Kubernetes Cluster Domain | `cluster.local` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template) | `[]` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | +| `image.registry` | Redis® cluster image registry | `REGISTRY_NAME` | +| `image.repository` | Redis® cluster image repository | `REPOSITORY_NAME/redis-cluster` | +| `image.tag` | Redis® cluster image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | +| `image.digest` | Redis® cluster image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Redis® cluster image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | +| `networkPolicy.allowExternal` | The Policy model to apply. Don't require client label for connections | `true` | +| `networkPolicy.ingressNSMatchLabels` | Allow connections from other namespacess. Just set label for namespace and set label for pods (optional). | `{}` | +| `networkPolicy.ingressNSPodMatchLabels` | For other namespaces match by pod labels and namespace labels | `{}` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | +| `serviceAccount.name` | The name of the ServiceAccount to create | `""` | +| `serviceAccount.annotations` | Annotations for Cassandra Service Account | `{}` | +| `serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | +| `rbac.create` | Specifies whether RBAC resources should be created | `false` | +| `rbac.role.rules` | Rules to create. It follows the role specification | `[]` | +| `podSecurityContext.enabled` | Enable Redis® pod Security Context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the pods | `1001` | +| `podSecurityContext.runAsUser` | User ID for the pods | `1001` | +| `podSecurityContext.sysctls` | Set namespaced sysctls for the pods | `[]` | +| `podDisruptionBudget` | Limits the number of pods of the replicated application that are down simultaneously from voluntary disruptions | `{}` | +| `minAvailable` | Min number of pods that must still be available after the eviction | `""` | +| `maxUnavailable` | Max number of pods that can be unavailable after the eviction | `""` | +| `containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | User ID for the containers. | `1001` | +| `containerSecurityContext.runAsNonRoot` | Run container as non root | `true` | +| `usePassword` | Use password authentication | `true` | +| `password` | Redis® password (ignored if existingSecret set) | `""` | +| `existingSecret` | Name of existing secret object (for password authentication) | `""` | +| `existingSecretPasswordKey` | Name of key containing password to be retrieved from the existing secret | `""` | +| `usePasswordFile` | Mount passwords as files instead of environment variables | `false` | +| `tls.enabled` | Enable TLS support for replication traffic | `false` | +| `tls.authClients` | Require clients to authenticate or not | `true` | +| `tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | +| `tls.existingSecret` | The name of the existing secret that contains the TLS certificates | `""` | +| `tls.certificatesSecret` | DEPRECATED. Use tls.existingSecret instead | `""` | +| `tls.certFilename` | Certificate filename | `""` | +| `tls.certKeyFilename` | Certificate key filename | `""` | +| `tls.certCAFilename` | CA Certificate filename | `""` | +| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` | +| `service.ports.redis` | Kubernetes Redis service port | `6379` | +| `service.nodePorts.redis` | Node port for Redis | `""` | +| `service.extraPorts` | Extra ports to expose in the service (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Provide any additional annotations which may be required. | `{}` | +| `service.labels` | Additional labels for redis service | `{}` | +| `service.type` | Service type for default redis service | `ClusterIP` | +| `service.clusterIP` | Service Cluster IP | `""` | +| `service.loadBalancerIP` | Load balancer IP if `service.type` is `LoadBalancer` | `""` | +| `service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.headless.annotations` | Annotations for the headless service. | `{}` | +| `persistence.enabled` | Enable persistence on Redis® | `true` | +| `persistence.path` | Path to mount the volume at, to use other images Redis® images. | `/bitnami/redis/data` | +| `persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` | +| `persistence.storageClass` | Storage class of backing PVC | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `persistence.size` | Size of data volume | `8Gi` | +| `persistence.matchLabels` | Persistent Volume selectors | `{}` | +| `persistence.matchExpressions` | matchExpressions Persistent Volume selectors | `{}` | +| `persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | +| `persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | +| `persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the containers. | `0` | +| `volumePermissions.containerSecurityContext.privileged` | Run container as privileged | `false` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| `podSecurityPolicy.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | ### Redis® statefulset parameters @@ -288,70 +293,72 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics sidecar parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Redis® exporter image registry | `docker.io` | -| `metrics.image.repository` | Redis® exporter image name | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® exporter image tag | `1.55.0-debian-11-r0` | -| `metrics.image.digest` | Redis® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Redis® exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.extraArgs` | Extra arguments for the binary; possible values [here](https://github.com/oliver006/redis_exporter) | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.podLabels` | Additional labels for Metrics exporter pod | `{}` | -| `metrics.containerSecurityContext.enabled` | Enable Metrics Containers' Security Context | `false` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation for metrics container | `false` | -| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | -| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` | -| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.prometheusRule.enabled` | Set this to true to create prometheusRules for Prometheus operator | `false` | -| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.namespace` | namespace where prometheusRules resource should be created | `""` | -| `metrics.prometheusRule.rules` | Create specified [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/), check values for an example. | `[]` | -| `metrics.priorityClassName` | Metrics exporter pod priorityClassName | `""` | -| `metrics.service.type` | Kubernetes Service type (redis metrics) | `ClusterIP` | -| `metrics.service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank | `""` | -| `metrics.service.annotations` | Annotations for the services to monitor. | `{}` | -| `metrics.service.labels` | Additional labels for the metrics service | `{}` | -| `metrics.service.clusterIP` | Service Cluster IP | `""` | +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Redis® exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Redis® exporter image name | `REPOSITORY_NAME/redis-exporter` | +| `metrics.image.tag` | Redis® exporter image tag | `1.55.0-debian-11-r0` | +| `metrics.image.digest` | Redis® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Redis® exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.extraArgs` | Extra arguments for the binary; possible values [here](https://github.com/oliver006/redis_exporter) | `{}` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.podLabels` | Additional labels for Metrics exporter pod | `{}` | +| `metrics.containerSecurityContext.enabled` | Enable Metrics Containers' Security Context | `false` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Allow Privilege Escalation for metrics container | `false` | +| `metrics.serviceMonitor.enabled` | If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `""` | +| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.labels` | ServiceMonitor extra labels | `{}` | +| `metrics.serviceMonitor.annotations` | ServiceMonitor annotations | `{}` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.prometheusRule.enabled` | Set this to true to create prometheusRules for Prometheus operator | `false` | +| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.namespace` | namespace where prometheusRules resource should be created | `""` | +| `metrics.prometheusRule.rules` | Create specified [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/), check values for an example. | `[]` | +| `metrics.priorityClassName` | Metrics exporter pod priorityClassName | `""` | +| `metrics.service.type` | Kubernetes Service type (redis metrics) | `ClusterIP` | +| `metrics.service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank | `""` | +| `metrics.service.annotations` | Annotations for the services to monitor. | `{}` | +| `metrics.service.labels` | Additional labels for the metrics service | `{}` | +| `metrics.service.clusterIP` | Service Cluster IP | `""` | ### Sysctl Image parameters -| Name | Description | Value | -| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` | -| `sysctlImage.command` | sysctlImage command to execute | `[]` | -| `sysctlImage.registry` | sysctlImage Init container registry | `docker.io` | -| `sysctlImage.repository` | sysctlImage Init container repository | `bitnami/os-shell` | -| `sysctlImage.tag` | sysctlImage Init container tag | `11-debian-11-r90` | -| `sysctlImage.digest` | sysctlImage Init container digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `IfNotPresent` | -| `sysctlImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `sysctlImage.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctlImage.containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | -| `sysctlImage.containerSecurityContext.runAsUser` | User ID for the containers. | `0` | -| `sysctlImage.containerSecurityContext.privileged` | Run privileged as privileged | `true` | -| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | -| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` | +| `sysctlImage.command` | sysctlImage command to execute | `[]` | +| `sysctlImage.registry` | sysctlImage Init container registry | `REGISTRY_NAME` | +| `sysctlImage.repository` | sysctlImage Init container repository | `REPOSITORY_NAME/os-shell` | +| `sysctlImage.tag` | sysctlImage Init container tag | `11-debian-11-r90` | +| `sysctlImage.digest` | sysctlImage Init container digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `IfNotPresent` | +| `sysctlImage.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `sysctlImage.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | +| `sysctlImage.containerSecurityContext.enabled` | Enable Containers' Security Context | `true` | +| `sysctlImage.containerSecurityContext.runAsUser` | User ID for the containers. | `0` | +| `sysctlImage.containerSecurityContext.privileged` | Run privileged as privileged | `true` | +| `sysctlImage.resources.limits` | The resources limits for the container | `{}` | +| `sysctlImage.resources.requests` | The requested resources for the container | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console helm install my-release \ --set password=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/redis-cluster + oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Redis® server password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -359,9 +366,10 @@ The above command sets the Redis® server password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) > **Note for minikube users**: Current versions of minikube (v0.24.1 at the time of writing) provision `hostPath` persistent volumes that are only writable by root. Using chart defaults cause pod failure for the Redis® pod as it attempts to write to the `/bitnami` directory. See minikube issue [1990](https://github.com/kubernetes/minikube/issues/1990) for more information. @@ -408,9 +416,11 @@ There is a job that will be executed using a `post-upgrade` hook that will allow The following will be an example to add one more node: ```console -helm upgrade --timeout 600s --set "password=${REDIS_PASSWORD},cluster.nodes=7,cluster.update.addNodes=true,cluster.update.currentNumberOfNodes=6" oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm upgrade --timeout 600s --set "password=${REDIS_PASSWORD},cluster.nodes=7,cluster.update.addNodes=true,cluster.update.currentNumberOfNodes=6" oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Where `REDIS_PASSWORD` is the password obtained with the command that appears after the first installation of the Helm Chart. The cluster will continue up while restarting pods one by one as the quorum is not lost. @@ -419,9 +429,10 @@ The cluster will continue up while restarting pods one by one as the quorum is n If you are using external access, to add a new node you will need to perform two upgrades. First upgrade the release to add a new Redis® node and to get a LoadBalancerIP service. For example: ```console -helm upgrade --set "password=${REDIS_PASSWORD},cluster.externalAccess.enabled=true,cluster.externalAccess.service.type=LoadBalancer,cluster.externalAccess.service.loadBalancerIP[0]=,cluster.externalAccess.service.loadBalancerIP[1]=,cluster.externalAccess.service.loadBalancerIP[2]=,cluster.externalAccess.service.loadBalancerIP[3]=,cluster.externalAccess.service.loadBalancerIP[4]=,cluster.externalAccess.service.loadBalancerIP[5]=,cluster.externalAccess.service.loadBalancerIP[6]=,cluster.nodes=7,cluster.init=false oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm upgrade --set "password=${REDIS_PASSWORD},cluster.externalAccess.enabled=true,cluster.externalAccess.service.type=LoadBalancer,cluster.externalAccess.service.loadBalancerIP[0]=,cluster.externalAccess.service.loadBalancerIP[1]=,cluster.externalAccess.service.loadBalancerIP[2]=,cluster.externalAccess.service.loadBalancerIP[3]=,cluster.externalAccess.service.loadBalancerIP[4]=,cluster.externalAccess.service.loadBalancerIP[5]=,cluster.externalAccess.service.loadBalancerIP[6]=,cluster.nodes=7,cluster.init=false oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > Important here to provide the loadBalancerIP parameters for the new nodes empty to not get an index error. As we want to add a new node, we are setting `cluster.nodes=7` and we leave empty the LoadBalancerIP for the new node, so the cluster will provide the correct one. @@ -430,9 +441,11 @@ At this point, you will have a new Redis® Pod that will remain in `crashLoop Now, wait until the cluster provides the new LoadBalancerIP for the new service and perform the second upgrade: ```console -helm upgrade --set "password=${REDIS_PASSWORD},cluster.externalAccess.enabled=true,cluster.externalAccess.service.type=LoadBalancer,cluster.externalAccess.service.loadBalancerIP[0]=,cluster.externalAccess.service.loadBalancerIP[1]=,cluster.externalAccess.service.loadBalancerIP[2]=,cluster.externalAccess.service.loadBalancerIP[3]=,cluster.externalAccess.service.loadBalancerIP[4]=,cluster.externalAccess.service.loadBalancerIP[5]=,cluster.externalAccess.service.loadBalancerIP[6]=,cluster.nodes=7,cluster.init=false,cluster.update.addNodes=true,cluster.update.newExternalIPs[0]=" oci://registry-1.docker.io/bitnamicharts/redis-cluster +helm upgrade --set "password=${REDIS_PASSWORD},cluster.externalAccess.enabled=true,cluster.externalAccess.service.type=LoadBalancer,cluster.externalAccess.service.loadBalancerIP[0]=,cluster.externalAccess.service.loadBalancerIP[1]=,cluster.externalAccess.service.loadBalancerIP[2]=,cluster.externalAccess.service.loadBalancerIP[3]=,cluster.externalAccess.service.loadBalancerIP[4]=,cluster.externalAccess.service.loadBalancerIP[5]=,cluster.externalAccess.service.loadBalancerIP[6]=,cluster.nodes=7,cluster.init=false,cluster.update.addNodes=true,cluster.update.newExternalIPs[0]=" oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Note we are providing the new IPs at `cluster.update.newExternalIPs`, the flag `cluster.update.addNodes=true` to enable the creation of the Job that adds a new node and now we are setting the LoadBalancerIP of the new service instead of leave it empty. > NOTE: To avoid the creation of the Job that initializes the Redis® Cluster again, you will need to provide `cluster.init=false`. @@ -669,9 +682,11 @@ Since this version performs changes in the statefulset, in order to upgrade from ```console kubectl delete statefulset -helm upgrade oci://registry-1.docker.io/bitnamicharts/redis-cluster --set redis.password= +helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis-cluster --set redis.password= ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 6.0.0 The cluster initialization job have been removed. Instead, the pod with index 0 from the statefulset will handle the initialization of the cluster. diff --git a/bitnami/redis-cluster/values.yaml b/bitnami/redis-cluster/values.yaml index 38d10cb156e3fd..5981317912c00f 100644 --- a/bitnami/redis-cluster/values.yaml +++ b/bitnami/redis-cluster/values.yaml @@ -62,8 +62,8 @@ diagnosticMode: ## Bitnami Redis® image version ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry Redis® cluster image registry -## @param image.repository Redis® cluster image repository +## @param image.registry [default: REGISTRY_NAME] Redis® cluster image registry +## @param image.repository [default: REPOSITORY_NAME/redis-cluster] Redis® cluster image repository ## @param image.tag Redis® cluster image tag (immutable tags are recommended) ## @param image.digest Redis® cluster image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Redis® cluster image pull policy @@ -349,8 +349,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -839,8 +839,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Redis® exporter image registry - ## @param metrics.image.repository Redis® exporter image name + ## @param metrics.image.registry [default: REGISTRY_NAME] Redis® exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/redis-exporter] Redis® exporter image name ## @param metrics.image.tag Redis® exporter image tag ## @param metrics.image.digest Redis® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Redis® exporter image pull policy @@ -1009,8 +1009,8 @@ sysctlImage: ## @param sysctlImage.command sysctlImage command to execute ## command: [] - ## @param sysctlImage.registry sysctlImage Init container registry - ## @param sysctlImage.repository sysctlImage Init container repository + ## @param sysctlImage.registry [default: REGISTRY_NAME] sysctlImage Init container registry + ## @param sysctlImage.repository [default: REPOSITORY_NAME/os-shell] sysctlImage Init container repository ## @param sysctlImage.tag sysctlImage Init container tag ## @param sysctlImage.digest sysctlImage Init container digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctlImage.pullPolicy sysctlImage Init container pull policy diff --git a/bitnami/redis/README.md b/bitnami/redis/README.md index 666ae2f6603e89..e58a2e8df2b995 100644 --- a/bitnami/redis/README.md +++ b/bitnami/redis/README.md @@ -11,9 +11,11 @@ Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Redis®](https://github.com/bitnami/containers/tree/main/bitnami/redis) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -48,9 +50,11 @@ Looking to use Redisreg; in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Redis® on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -97,15 +101,15 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® Image parameters -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Redis® image registry | `docker.io` | -| `image.repository` | Redis® image repository | `bitnami/redis` | -| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Redis® image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Redis® image registry | `REGISTRY_NAME` | +| `image.repository` | Redis® image repository | `REPOSITORY_NAME/redis` | +| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | +| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Redis® image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### Redis® common configuration parameters @@ -348,98 +352,98 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® Sentinel configuration parameters -| Name | Description | Value | -| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | -| `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | -| `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | -| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | -| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | -| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | -| `sentinel.image.debug` | Enable image debug mode | `false` | -| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | -| `sentinel.masterSet` | Master set name | `mymaster` | -| `sentinel.quorum` | Sentinel Quorum | `2` | -| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `99` | -| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | -| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | -| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | -| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | -| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | -| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | -| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | -| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | -| `sentinel.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | -| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | -| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | -| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | -| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | -| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | -| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | -| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | -| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | -| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | -| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | -| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `sentinel.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | -| `sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | -| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | -| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | -| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | -| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | -| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `0` | -| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | -| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | -| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | -| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | -| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | -| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | -| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | -| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | -| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | -| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | -| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | -| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | -| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | -| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | -| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | -| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | -| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | -| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | +| Name | Description | Value | +| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | +| `sentinel.image.registry` | Redis® Sentinel image registry | `REGISTRY_NAME` | +| `sentinel.image.repository` | Redis® Sentinel image repository | `REPOSITORY_NAME/redis-sentinel` | +| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.2.2-debian-11-r0` | +| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | +| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | +| `sentinel.image.debug` | Enable image debug mode | `false` | +| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | +| `sentinel.masterSet` | Master set name | `mymaster` | +| `sentinel.quorum` | Sentinel Quorum | `2` | +| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `99` | +| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | +| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | +| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | +| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | +| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | +| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | +| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | +| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | +| `sentinel.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | +| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | +| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | +| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | +| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | +| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | +| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | +| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | +| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | +| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | +| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | +| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | +| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | +| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | +| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | +| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | +| `sentinel.persistentVolumeClaimRetentionPolicy.enabled` | Controls if and how PVCs are deleted during the lifecycle of a StatefulSet | `false` | +| `sentinel.persistentVolumeClaimRetentionPolicy.whenScaled` | Volume retention behavior when the replica count of the StatefulSet is reduced | `Retain` | +| `sentinel.persistentVolumeClaimRetentionPolicy.whenDeleted` | Volume retention behavior that applies when the StatefulSet is deleted | `Retain` | +| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | +| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | +| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | +| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | +| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `0` | +| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | +| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | +| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | +| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | +| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | +| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | +| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | +| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | +| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | +| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | +| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | +| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | +| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | +| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | +| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | +| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | +| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | +| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | ### Other Parameters @@ -478,102 +482,102 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | -| `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | -| `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.55.0-debian-11-r0` | -| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | -| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | -| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `0` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | -| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | -| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | -| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | -| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | -| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | -| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | -| `metrics.service.port` | Redis® exporter service port | `9121` | -| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | -| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | -| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | -| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | -------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | +| `metrics.image.registry` | Redis® Exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Redis® Exporter image repository | `REPOSITORY_NAME/redis-exporter` | +| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.55.0-debian-11-r0` | +| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | +| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | +| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | +| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `0` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | +| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | +| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | +| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | +| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | +| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | +| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | +| `metrics.service.port` | Redis® exporter service port | `9121` | +| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | +| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | +| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | +| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | +| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | +| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | +| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | -| `sysctl.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `sysctl.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | -| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctl.resources.limits` | The resources limits for the init container | `{}` | -| `sysctl.resources.requests` | The requested resources for the init container | `{}` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | +| `sysctl.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `sysctl.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | +| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | +| `sysctl.resources.limits` | The resources limits for the init container | `{}` | +| `sysctl.resources.requests` | The requested resources for the init container | `{}` | ### useExternalDNS Parameters @@ -589,9 +593,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.password=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/redis + oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Redis® server password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -599,9 +605,10 @@ The above command sets the Redis® server password to `secretpassword`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -763,9 +770,11 @@ By default, the chart mounts a [Persistent Volume](https://kubernetes.io/docs/co 3. Install the chart ```console -helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/redis +helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Backup and restore Refer to the chart documentation for more information on [backing up and restoring Redis® deployments](https://docs.bitnami.com/kubernetes/infrastructure/redis/administration/backup-restore/). @@ -798,9 +807,9 @@ For example, on a rolling update `master-0` and `replica-2` are updated first fr This issue can be mitigated by splitting the upgrade into two stages: one for all replicas and another for any master. - Stage 1 (replicas only, as there's no master with an ordinal higher than 99): -`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis --set master.updateStrategy.rollingUpdate.partition=99` +`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set master.updateStrategy.rollingUpdate.partition=99` - Stage 2 (anything else that is not up to date, in this case only master): -`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis` +`helm upgrade oci://REGISTRY_NAME/REPOSITORY_NAME/redis` ### To 18.0.0 @@ -858,9 +867,11 @@ Backwards compatibility is not guaranteed. To upgrade to `14.0.0`, install a new - Reuse the PVC used to hold the master data on your previous release. To do so, use the `master.persistence.existingClaim` parameter. The following example assumes that the release name is `redis`: ```console -helm install redis oci://registry-1.docker.io/bitnamicharts/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC] +helm install redis oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set auth.password=[PASSWORD] --set master.persistence.existingClaim=[EXISTING_PVC] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + | Note: you need to substitute the placeholder *[EXISTING_PVC]* with the name of the PVC used on your previous release, and *[PASSWORD]* with the password used in your previous release. ### To 13.0.0 @@ -922,16 +933,20 @@ This version causes a change in the Redis® Master StatefulSet definition, so - Recommended: Create a clone of the Redis® Master PVC (for example, using projects like [this one](https://github.com/edseymour/pvc-transfer)). Then launch a fresh release reusing this cloned PVC. ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redis --set persistence.existingClaim= +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redis --set persistence.existingClaim= ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + - Alternative (not recommended, do at your own risk): `helm delete --purge` does not remove the PVC assigned to the Redis® Master StatefulSet. As a consequence, the following commands can be done to upgrade the release ```console helm delete --purge -helm install oci://registry-1.docker.io/bitnamicharts/redis +helm install oci://REGISTRY_NAME/REPOSITORY_NAME/redis ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Previous versions of the chart were not using persistence in the slaves, so this upgrade would add it to them. Another important change is that no values are inherited from master to slaves. For example, in 6.0.0 `slaves.readinessProbe.periodSeconds`, if empty, would be set to `master.readinessProbe.periodSeconds`. This approach lacked transparency and was difficult to maintain. From now on, all the slave parameters must be configured just as it is done with the masters. Some values have changed as well: diff --git a/bitnami/redis/values.yaml b/bitnami/redis/values.yaml index a80223e8373ccf..ccfcdfc25d99f4 100644 --- a/bitnami/redis/values.yaml +++ b/bitnami/redis/values.yaml @@ -80,8 +80,8 @@ diagnosticMode: ## Bitnami Redis® image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry Redis® image registry -## @param image.repository Redis® image repository +## @param image.registry [default: REGISTRY_NAME] Redis® image registry +## @param image.repository [default: REPOSITORY_NAME/redis] Redis® image repository ## @param image.tag Redis® image tag (immutable tags are recommended) ## @param image.digest Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Redis® image pull policy @@ -1045,8 +1045,8 @@ sentinel: enabled: false ## Bitnami Redis® Sentinel image version ## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/ - ## @param sentinel.image.registry Redis® Sentinel image registry - ## @param sentinel.image.repository Redis® Sentinel image repository + ## @param sentinel.image.registry [default: REGISTRY_NAME] Redis® Sentinel image registry + ## @param sentinel.image.repository [default: REPOSITORY_NAME/redis-sentinel] Redis® Sentinel image repository ## @param sentinel.image.tag Redis® Sentinel image tag (immutable tags are recommended) ## @param sentinel.image.digest Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sentinel.image.pullPolicy Redis® Sentinel image pull policy @@ -1525,8 +1525,8 @@ metrics: enabled: false ## Bitnami Redis® Exporter image ## ref: https://hub.docker.com/r/bitnami/redis-exporter/tags/ - ## @param metrics.image.registry Redis® Exporter image registry - ## @param metrics.image.repository Redis® Exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Redis® Exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/redis-exporter] Redis® Exporter image repository ## @param metrics.image.tag Redis® Exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Redis® Exporter image pull policy @@ -1799,8 +1799,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -1847,8 +1847,8 @@ sysctl: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param sysctl.image.registry OS Shell + Utility image registry - ## @param sysctl.image.repository OS Shell + Utility image repository + ## @param sysctl.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param sysctl.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/redmine/README.md b/bitnami/redmine/README.md index c87c0b78368dd1..a2bbe9bd977634 100644 --- a/bitnami/redmine/README.md +++ b/bitnami/redmine/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redmine +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Redmine](https://github.com/bitnami/containers/tree/main/bitnami/redmine) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Redmine in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redmine +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Redmine on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -58,9 +62,11 @@ The command removes all the Kubernetes components associated with the chart and This chart includes the option to use a PostgreSQL database for Redmine instead of MariaDB. To use this, set the `databaseType` parameter to `postgresql`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/redmine --set databaseType=postgresql +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/redmine --set databaseType=postgresql ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Parameters ### Global parameters @@ -88,33 +94,33 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/redmine --set d ### Redmine Configuration parameters -| Name | Description | Value | -| ----------------------- | ------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Redmine image registry | `docker.io` | -| `image.repository` | Redmine image repository | `bitnami/redmine` | -| `image.tag` | Redmine image tag (immutable tags are recommended) | `5.0.6-debian-11-r7` | -| `image.digest` | Redmine image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Redmine image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Redmine image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `redmineUsername` | Redmine username | `user` | -| `redminePassword` | Redmine user password | `""` | -| `redmineEmail` | Redmine user email | `user@example.com` | -| `redmineLanguage` | Redmine default data language | `en` | -| `allowEmptyPassword` | Allow the container to be started with blank passwords | `false` | -| `smtpHost` | SMTP server host | `""` | -| `smtpPort` | SMTP server port | `""` | -| `smtpUser` | SMTP username | `""` | -| `smtpPassword` | SMTP user password | `""` | -| `smtpProtocol` | SMTP protocol | `""` | -| `existingSecret` | Name of existing secret containing Redmine credentials | `""` | -| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | -| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Array with extra environment variables to add to the Redmine container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| ----------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | Redmine image registry | `REGISTRY_NAME` | +| `image.repository` | Redmine image repository | `REPOSITORY_NAME/redmine` | +| `image.tag` | Redmine image tag (immutable tags are recommended) | `5.0.6-debian-11-r7` | +| `image.digest` | Redmine image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Redmine image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Redmine image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `redmineUsername` | Redmine username | `user` | +| `redminePassword` | Redmine user password | `""` | +| `redmineEmail` | Redmine user email | `user@example.com` | +| `redmineLanguage` | Redmine default data language | `en` | +| `allowEmptyPassword` | Allow the container to be started with blank passwords | `false` | +| `smtpHost` | SMTP server host | `""` | +| `smtpPort` | SMTP server port | `""` | +| `smtpUser` | SMTP username | `""` | +| `smtpPassword` | SMTP user password | `""` | +| `smtpProtocol` | SMTP protocol | `""` | +| `existingSecret` | Name of existing secret containing Redmine credentials | `""` | +| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | +| `customPostInitScripts` | Custom post-init.d user scripts | `{}` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to the Redmine container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | ### Redmine deployment parameters @@ -336,8 +342,8 @@ helm install my-release oci://registry-1.docker.io/bitnamicharts/redmine --set d | `certificates.customCertificate.chainSecret.name` | Name of the secret containing the certificate chain | `""` | | `certificates.customCertificate.chainSecret.key` | Key of the certificate chain file inside the secret | `""` | | `certificates.customCA` | Defines a list of secrets to import into the container trust store | `[]` | -| `certificates.image.registry` | Redmine image registry | `docker.io` | -| `certificates.image.repository` | Redmine image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Redmine image registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Redmine image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Redmine image tag (immutable tags are recommended) | `11-debian-11-r90` | | `certificates.image.digest` | Redmine image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Redmine image pull policy | `IfNotPresent` | @@ -368,9 +374,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set redmineUsername=admin,redminePassword=password,mariadb.mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/redmine + oci://REGISTRY_NAME/REPOSITORY_NAME/redmine ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Redmine administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -378,9 +386,10 @@ The above command sets the Redmine administrator account username and password t Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/redmine +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/redmine ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -493,9 +502,11 @@ The following example includes two PVCs, one for Redmine and another for MariaDB 4. Install the chart ```console -helm install test --set persistence.existingClaim=PVC_REDMINE,mariadb.persistence.existingClaim=PVC_MARIADB oci://registry-1.docker.io/bitnamicharts/redmine +helm install test --set persistence.existingClaim=PVC_REDMINE,mariadb.persistence.existingClaim=PVC_MARIADB oci://REGISTRY_NAME/REPOSITORY_NAME/redmine ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Certificates ### CA Certificates diff --git a/bitnami/redmine/values.yaml b/bitnami/redmine/values.yaml index 0f8de5f7d46d28..8e183f09f5e4da 100644 --- a/bitnami/redmine/values.yaml +++ b/bitnami/redmine/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami Redmine image ## ref: https://hub.docker.com/r/bitnami/redmine/tags/ -## @param image.registry Redmine image registry -## @param image.repository Redmine image repository +## @param image.registry [default: REGISTRY_NAME] Redmine image registry +## @param image.repository [default: REPOSITORY_NAME/redmine] Redmine image repository ## @param image.tag Redmine image tag (immutable tags are recommended) ## @param image.digest Redmine image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Redmine image pull policy @@ -935,8 +935,8 @@ certificates: customCA: [] # - secret: custom-CA # - secret: more-custom-CAs - ## @param certificates.image.registry Redmine image registry - ## @param certificates.image.repository Redmine image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Redmine image registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Redmine image repository ## @param certificates.image.tag Redmine image tag (immutable tags are recommended) ## @param certificates.image.digest Redmine image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Redmine image pull policy diff --git a/bitnami/schema-registry/README.md b/bitnami/schema-registry/README.md index aff267384ad7cf..fab2c903119c5f 100644 --- a/bitnami/schema-registry/README.md +++ b/bitnami/schema-registry/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/schema-registry +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/schema-registry ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Schema Registry](https://github.com/bitnami/containers/tree/main/bitnami/schema-registry) statefulset on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use Confluent Schema Registry in production? Try [VMware Application To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/schema-registry +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/schema-registry ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Schema Registry on the Kubernetes cluster with the default configuration. The [parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,38 +80,38 @@ The command removes all the Kubernetes components associated with the chart and ### Schema Registry parameters -| Name | Description | Value | -| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `image.registry` | Schema Registry image registry | `docker.io` | -| `image.repository` | Schema Registry image repository | `bitnami/schema-registry` | -| `image.tag` | Schema Registry image tag (immutable tags are recommended) | `7.5.1-debian-11-r1` | -| `image.digest` | Schema Registry image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Schema Registry image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Schema Registry image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `hostAliases` | Schema Registry pods host aliases | `[]` | -| `podLabels` | Extra labels for Schema Registry pods | `{}` | -| `configuration` | Specify content for schema-registry.properties. Auto-generated based on other parameters when not specified | `{}` | -| `existingConfigmap` | Name of existing ConfigMap with Schema Registry configuration | `""` | -| `log4j` | Schema Registry Log4J Configuration (optional) | `{}` | -| `existingLog4jConfigMap` | Name of existing ConfigMap containing a custom log4j.properties file. | `""` | -| `auth.tls.enabled` | Enable TLS configuration to provide to be used when a listener uses HTTPS | `false` | -| `auth.tls.jksSecret` | Existing secret containing the truststore and one keystore per Schema Registry replica | `""` | -| `auth.tls.keystorePassword` | Password to access the keystore when it's password-protected | `""` | -| `auth.tls.truststorePassword` | Password to access the truststore when it's password-protected | `""` | -| `auth.tls.clientAuthentication` | Client authentication configuration. | `NONE` | -| `auth.kafka.jksSecret` | Existing secret containing the truststore and one keystore per Schema Registry replica | `""` | -| `auth.kafka.tlsEndpointIdentificationAlgorithm` | The endpoint identification algorithm used validate brokers hostnames | `https` | -| `auth.kafka.keystorePassword` | Password to access the keystore when it's password-protected | `""` | -| `auth.kafka.truststorePassword` | Password to access the truststore when it's password-protected | `""` | -| `auth.kafka.saslMechanism` | Mechanism that schema registry will use to connect to kafka. Allowed: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 | `PLAIN` | -| `listeners` | Comma-separated list of listeners that listen for API requests over either HTTP or HTTPS | `http://0.0.0.0:8081` | -| `avroCompatibilityLevel` | Avro compatibility type | `backward` | -| `extraEnvVars` | Extra environment variables to be set on Schema Registry container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | +| Name | Description | Value | +| ----------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `image.registry` | Schema Registry image registry | `REGISTRY_NAME` | +| `image.repository` | Schema Registry image repository | `REPOSITORY_NAME/schema-registry` | +| `image.tag` | Schema Registry image tag (immutable tags are recommended) | `7.5.1-debian-11-r1` | +| `image.digest` | Schema Registry image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Schema Registry image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Schema Registry image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `hostAliases` | Schema Registry pods host aliases | `[]` | +| `podLabels` | Extra labels for Schema Registry pods | `{}` | +| `configuration` | Specify content for schema-registry.properties. Auto-generated based on other parameters when not specified | `{}` | +| `existingConfigmap` | Name of existing ConfigMap with Schema Registry configuration | `""` | +| `log4j` | Schema Registry Log4J Configuration (optional) | `{}` | +| `existingLog4jConfigMap` | Name of existing ConfigMap containing a custom log4j.properties file. | `""` | +| `auth.tls.enabled` | Enable TLS configuration to provide to be used when a listener uses HTTPS | `false` | +| `auth.tls.jksSecret` | Existing secret containing the truststore and one keystore per Schema Registry replica | `""` | +| `auth.tls.keystorePassword` | Password to access the keystore when it's password-protected | `""` | +| `auth.tls.truststorePassword` | Password to access the truststore when it's password-protected | `""` | +| `auth.tls.clientAuthentication` | Client authentication configuration. | `NONE` | +| `auth.kafka.jksSecret` | Existing secret containing the truststore and one keystore per Schema Registry replica | `""` | +| `auth.kafka.tlsEndpointIdentificationAlgorithm` | The endpoint identification algorithm used validate brokers hostnames | `https` | +| `auth.kafka.keystorePassword` | Password to access the keystore when it's password-protected | `""` | +| `auth.kafka.truststorePassword` | Password to access the truststore when it's password-protected | `""` | +| `auth.kafka.saslMechanism` | Mechanism that schema registry will use to connect to kafka. Allowed: PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 | `PLAIN` | +| `listeners` | Comma-separated list of listeners that listen for API requests over either HTTP or HTTPS | `http://0.0.0.0:8081` | +| `avroCompatibilityLevel` | Avro compatibility type | `backward` | +| `extraEnvVars` | Extra environment variables to be set on Schema Registry container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `""` | ### Schema Registry statefulset parameters @@ -239,17 +243,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set replicaCount=2 \ - oci://registry-1.docker.io/bitnamicharts/schema-registry + oci://REGISTRY_NAME/REPOSITORY_NAME/schema-registry ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command installs Schema Registry chart with 2 replicas. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/schema-registry +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/schema-registry ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/schema-registry/values.yaml b/bitnami/schema-registry/values.yaml index eb231ba1f1affe..fbf29fe065f974 100644 --- a/bitnami/schema-registry/values.yaml +++ b/bitnami/schema-registry/values.yaml @@ -60,8 +60,8 @@ diagnosticMode: ## @section Schema Registry parameters ## Bitnami Schema Registry image ## ref: https://hub.docker.com/r/bitnami/schema-registry/tags/ -## @param image.registry Schema Registry image registry -## @param image.repository Schema Registry image repository +## @param image.registry [default: REGISTRY_NAME] Schema Registry image registry +## @param image.repository [default: REPOSITORY_NAME/schema-registry] Schema Registry image repository ## @param image.tag Schema Registry image tag (immutable tags are recommended) ## @param image.digest Schema Registry image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Schema Registry image pull policy diff --git a/bitnami/sealed-secrets/README.md b/bitnami/sealed-secrets/README.md index 4fcd684572d5af..5ff7477b93ab4a 100644 --- a/bitnami/sealed-secrets/README.md +++ b/bitnami/sealed-secrets/README.md @@ -9,9 +9,11 @@ Sealed Secrets are "one-way" encrypted K8s Secrets that can be created by anyone ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/sealed-secrets +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/sealed-secrets ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -32,9 +34,11 @@ Looking to use Sealed Secrets in production? Try [VMware Application Catalog](ht To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/sealed-secrets +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/sealed-secrets ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys the Sealed Secrets controller on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -74,76 +78,76 @@ The command removes all the Kubernetes components associated with the chart and ### Sealed Secrets Parameters -| Name | Description | Value | -| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | -| `image.registry` | Sealed Secrets image registry | `docker.io` | -| `image.repository` | Sealed Secrets image repository | `bitnami/sealed-secrets` | -| `image.tag` | Sealed Secrets image tag (immutable tags are recommended) | `0.24.2-debian-11-r0` | -| `image.digest` | Sealed Secrets image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Sealed Secrets image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Sealed Secrets image pull secrets | `[]` | -| `image.debug` | Enable Sealed Secrets image debug mode | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `commandArgs` | Additional args (doesn't override the default ones) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `containerPorts.http` | Controller HTTP container port to open | `8080` | -| `resources.limits` | The resources limits for the Sealed Secret containers | `{}` | -| `resources.requests` | The requested resources for the Sealed Secret containers | `{}` | -| `livenessProbe.enabled` | Enable livenessProbe on Sealed Secret containers | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe on Sealed Secret containers | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe on Sealed Secret containers | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `podSecurityContext.enabled` | Enabled Sealed Secret pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Set Sealed Secret pod's Security Context fsGroup | `1001` | -| `podSecurityContext.seccompProfile.type` | Set Sealed Secret pod's Security Context seccompProfile type | `RuntimeDefault` | -| `containerSecurityContext.enabled` | Enabled Sealed Secret containers' Security Context | `true` | -| `containerSecurityContext.allowPrivilegeEscalation` | Whether the Sealed Secret container can escalate privileges | `false` | -| `containerSecurityContext.capabilities.drop` | Which privileges to drop in the Sealed Secret container | `["ALL"]` | -| `containerSecurityContext.readOnlyRootFilesystem` | Whether the Sealed Secret container has a read-only root filesystem | `true` | -| `containerSecurityContext.runAsNonRoot` | Indicates that the Sealed Secret container must run as a non-root user | `true` | -| `containerSecurityContext.runAsUser` | Set Sealed Secret containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.seccompProfile.type` | Set Sealed Secret container's Security Context seccompProfile type | `RuntimeDefault` | -| `hostAliases` | Sealed Secret pods host aliases | `[]` | -| `podLabels` | Extra labels for Sealed Secret pods | `{}` | -| `podAnnotations` | Annotations for Sealed Secret pods | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `affinity` | Affinity for Sealed Secret pods assignment | `{}` | -| `nodeSelector` | Node labels for Sealed Secret pods assignment | `{}` | -| `tolerations` | Tolerations for Sealed Secret pods assignment | `[]` | -| `updateStrategy.type` | Sealed Secret statefulset strategy type | `RollingUpdate` | -| `priorityClassName` | Sealed Secret pods' priorityClassName | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `schedulerName` | Name of the k8s scheduler (other than default) for Sealed Secret pods | `""` | -| `terminationGracePeriodSeconds` | Seconds the pod needs to terminate gracefully | `""` | -| `lifecycleHooks` | for the Sealed Secret container(s) to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables to add to Sealed Secret nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Sealed Secret nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Sealed Secret nodes | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes for the Sealed Secret pod(s) | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Sealed Secret container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the Sealed Secret pod(s) | `{}` | -| `initContainers` | Add additional init containers to the Sealed Secret pod(s) | `{}` | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------------------- | +| `image.registry` | Sealed Secrets image registry | `REGISTRY_NAME` | +| `image.repository` | Sealed Secrets image repository | `REPOSITORY_NAME/sealed-secrets` | +| `image.tag` | Sealed Secrets image tag (immutable tags are recommended) | `0.24.2-debian-11-r0` | +| `image.digest` | Sealed Secrets image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Sealed Secrets image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Sealed Secrets image pull secrets | `[]` | +| `image.debug` | Enable Sealed Secrets image debug mode | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `commandArgs` | Additional args (doesn't override the default ones) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `containerPorts.http` | Controller HTTP container port to open | `8080` | +| `resources.limits` | The resources limits for the Sealed Secret containers | `{}` | +| `resources.requests` | The requested resources for the Sealed Secret containers | `{}` | +| `livenessProbe.enabled` | Enable livenessProbe on Sealed Secret containers | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe on Sealed Secret containers | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe on Sealed Secret containers | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `podSecurityContext.enabled` | Enabled Sealed Secret pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Set Sealed Secret pod's Security Context fsGroup | `1001` | +| `podSecurityContext.seccompProfile.type` | Set Sealed Secret pod's Security Context seccompProfile type | `RuntimeDefault` | +| `containerSecurityContext.enabled` | Enabled Sealed Secret containers' Security Context | `true` | +| `containerSecurityContext.allowPrivilegeEscalation` | Whether the Sealed Secret container can escalate privileges | `false` | +| `containerSecurityContext.capabilities.drop` | Which privileges to drop in the Sealed Secret container | `["ALL"]` | +| `containerSecurityContext.readOnlyRootFilesystem` | Whether the Sealed Secret container has a read-only root filesystem | `true` | +| `containerSecurityContext.runAsNonRoot` | Indicates that the Sealed Secret container must run as a non-root user | `true` | +| `containerSecurityContext.runAsUser` | Set Sealed Secret containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.seccompProfile.type` | Set Sealed Secret container's Security Context seccompProfile type | `RuntimeDefault` | +| `hostAliases` | Sealed Secret pods host aliases | `[]` | +| `podLabels` | Extra labels for Sealed Secret pods | `{}` | +| `podAnnotations` | Annotations for Sealed Secret pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `affinity` | Affinity for Sealed Secret pods assignment | `{}` | +| `nodeSelector` | Node labels for Sealed Secret pods assignment | `{}` | +| `tolerations` | Tolerations for Sealed Secret pods assignment | `[]` | +| `updateStrategy.type` | Sealed Secret statefulset strategy type | `RollingUpdate` | +| `priorityClassName` | Sealed Secret pods' priorityClassName | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `schedulerName` | Name of the k8s scheduler (other than default) for Sealed Secret pods | `""` | +| `terminationGracePeriodSeconds` | Seconds the pod needs to terminate gracefully | `""` | +| `lifecycleHooks` | for the Sealed Secret container(s) to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables to add to Sealed Secret nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Sealed Secret nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Sealed Secret nodes | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the Sealed Secret pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Sealed Secret container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the Sealed Secret pod(s) | `{}` | +| `initContainers` | Add additional init containers to the Sealed Secret pod(s) | `{}` | ### Traffic Exposure Parameters @@ -213,17 +217,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set livenessProbe.successThreshold=5 \ - oci://registry-1.docker.io/bitnamicharts/sealed-secrets + oci://REGISTRY_NAME/REPOSITORY_NAME/sealed-secrets ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the `livenessProbe.successThreshold` to `5`. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/sealed-secrets +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/sealed-secrets ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/sealed-secrets/values.yaml b/bitnami/sealed-secrets/values.yaml index bca85d0227afee..abd954376c542f 100644 --- a/bitnami/sealed-secrets/values.yaml +++ b/bitnami/sealed-secrets/values.yaml @@ -53,8 +53,8 @@ extraDeploy: [] ## Bitnami Sealed Secrets image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry Sealed Secrets image registry -## @param image.repository Sealed Secrets image repository +## @param image.registry [default: REGISTRY_NAME] Sealed Secrets image registry +## @param image.repository [default: REPOSITORY_NAME/sealed-secrets] Sealed Secrets image repository ## @param image.tag Sealed Secrets image tag (immutable tags are recommended) ## @param image.digest Sealed Secrets image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Sealed Secrets image pull policy diff --git a/bitnami/solr/README.md b/bitnami/solr/README.md index 988f80b1e9e9fe..425215a84b1546 100644 --- a/bitnami/solr/README.md +++ b/bitnami/solr/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/solr +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/solr ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Solr](https://github.com/bitnami/containers/tree/main/bitnami/solr) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Apache Solr in production? Try [VMware Application Catalog](https To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/solr +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/solr ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Solr on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,8 +84,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | -------------------------------- | ---------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | Solr image registry | `docker.io` | -| `image.repository` | Solr image repository | `bitnami/solr` | +| `image.registry` | Solr image registry | `REGISTRY_NAME` | +| `image.repository` | Solr image repository | `REPOSITORY_NAME/solr` | | `image.tag` | Solr image tag (immutable tags are recommended) | `9.4.0-debian-11-r0` | | `image.digest` | Solr image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | image pull policy | `IfNotPresent` | @@ -215,18 +219,18 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Other Parameters @@ -350,17 +354,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set cloudEnabled=true oci://registry-1.docker.io/bitnamicharts/solr + --set cloudEnabled=true oci://REGISTRY_NAME/REPOSITORY_NAME/solr ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command enabled the Solr Cloud mode. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/solr +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/solr ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/solr/values.yaml b/bitnami/solr/values.yaml index c2b30f6c15962e..c840aabc2e543a 100644 --- a/bitnami/solr/values.yaml +++ b/bitnami/solr/values.yaml @@ -64,8 +64,8 @@ diagnosticMode: ## Bitnami Solr image version ## ref: https://hub.docker.com/r/bitnami/solr/tags -## @param image.registry Solr image registry -## @param image.repository Solr image repository +## @param image.registry [default: REGISTRY_NAME] Solr image registry +## @param image.repository [default: REPOSITORY_NAME/solr] Solr image repository ## @param image.tag Solr image tag (immutable tags are recommended) ## @param image.digest Solr image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy image pull policy @@ -590,8 +590,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/sonarqube/README.md b/bitnami/sonarqube/README.md index fc479a5462b8b1..dc61011a92fdfc 100644 --- a/bitnami/sonarqube/README.md +++ b/bitnami/sonarqube/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/sonarqube +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/sonarqube ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [SonarQube™](https://github.com/bitnami/containers/tree/main/bitnami/sonarqube) cluster on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use SonarQube## Prerequisitestrade; in production? Try [VMware Applic To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/sonarqube +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/sonarqube ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys SonarQube™ on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -76,15 +80,15 @@ The command removes all the Kubernetes components associated with the chart and ### SonarQube™ Image parameters -| Name | Description | Value | -| ------------------- | ---------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | SonarQube™ image registry | `docker.io` | -| `image.repository` | SonarQube™ image repository | `bitnami/sonarqube` | -| `image.tag` | SonarQube™ image tag (immutable tags are recommended) | `10.2.1-debian-11-r10` | -| `image.digest` | SonarQube™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | SonarQube™ image pull policy | `IfNotPresent` | -| `image.pullSecrets` | SonarQube™ image pull secrets | `[]` | -| `image.debug` | Enable SonarQube™ image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ---------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | SonarQube™ image registry | `REGISTRY_NAME` | +| `image.repository` | SonarQube™ image repository | `REPOSITORY_NAME/sonarqube` | +| `image.tag` | SonarQube™ image tag (immutable tags are recommended) | `10.2.1-debian-11-r10` | +| `image.digest` | SonarQube™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | SonarQube™ image pull policy | `IfNotPresent` | +| `image.pullSecrets` | SonarQube™ image pull secrets | `[]` | +| `image.debug` | Enable SonarQube™ image debug mode | `false` | ### SonarQube™ Configuration parameters @@ -221,72 +225,72 @@ The command removes all the Kubernetes components associated with the chart and ### SonarQube caCerts provisioning parameters -| Name | Description | Value | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `caCerts.enabled` | Enable the use of caCerts | `false` | -| `caCerts.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `caCerts.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `caCerts.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `caCerts.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `caCerts.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `caCerts.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `caCerts.secret` | Name of the secret containing the certificates | `ca-certs-secret` | -| `caCerts.resources.limits` | The resources limits for the init container | `{}` | -| `caCerts.resources.requests` | The requested resources for the init container | `{}` | -| `caCerts.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `caCerts.enabled` | Enable the use of caCerts | `false` | +| `caCerts.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `caCerts.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `caCerts.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `caCerts.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `caCerts.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `caCerts.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `caCerts.secret` | Name of the secret containing the certificates | `ca-certs-secret` | +| `caCerts.resources.limits` | The resources limits for the init container | `{}` | +| `caCerts.resources.requests` | The requested resources for the init container | `{}` | +| `caCerts.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### SonarQube plugin provisioning parameters -| Name | Description | Value | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `plugins.install` | List of plugin URLS to download and install | `[]` | -| `plugins.netrcCreds` | .netrc secret file with a key "netrc" to use basic auth while downloading plugins | `""` | -| `plugins.noCheckCertificate` | Set to true to not validate the server's certificate to download plugin | `true` | -| `plugins.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `plugins.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `plugins.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `plugins.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `plugins.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `plugins.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `plugins.resources.limits` | The resources limits for the init container | `{}` | -| `plugins.resources.requests` | The requested resources for the init container | `{}` | -| `plugins.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `plugins.install` | List of plugin URLS to download and install | `[]` | +| `plugins.netrcCreds` | .netrc secret file with a key "netrc" to use basic auth while downloading plugins | `""` | +| `plugins.noCheckCertificate` | Set to true to not validate the server's certificate to download plugin | `true` | +| `plugins.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `plugins.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `plugins.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `plugins.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `plugins.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `plugins.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `plugins.resources.limits` | The resources limits for the init container | `{}` | +| `plugins.resources.requests` | The requested resources for the init container | `{}` | +| `plugins.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Persistence Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `false` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Persistent Volume size | `10Gi` | -| `persistence.dataSource` | Custom PVC data source | `{}` | -| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `false` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Persistent Volume size | `10Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | ### Sysctl Image parameters -| Name | Description | Value | -| --------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `sysctl.enabled` | Enable kernel settings modifier image | `true` | -| `sysctl.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `sysctl.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `sysctl.resources.limits` | The resources limits for the init container | `{}` | -| `sysctl.resources.requests` | The requested resources for the init container | `{}` | +| Name | Description | Value | +| --------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `sysctl.enabled` | Enable kernel settings modifier image | `true` | +| `sysctl.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `sysctl.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `sysctl.resources.limits` | The resources limits for the init container | `{}` | +| `sysctl.resources.requests` | The requested resources for the init container | `{}` | ### Other Parameters @@ -305,34 +309,34 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ---------------------- | -| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | -| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` | -| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` | -| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r95` | -| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | -| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.jmx.containerPorts.metrics` | JMX Exporter metrics container port | `10445` | -| `metrics.jmx.resources.limits` | The resources limits for the init container | `{}` | -| `metrics.jmx.resources.requests` | The requested resources for the init container | `{}` | -| `metrics.jmx.containerSecurityContext.enabled` | Enabled JMX Exporter containers' Security Context | `true` | -| `metrics.jmx.containerSecurityContext.runAsUser` | Set JMX Exporter containers' Security Context runAsUser | `1001` | -| `metrics.jmx.containerSecurityContext.runAsNonRoot` | Set JMX Exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.jmx.whitelistObjectNames` | Allows setting which JMX objects you want to expose to via JMX stats to JMX Exporter | `[]` | -| `metrics.jmx.configuration` | Configuration file for JMX exporter | `""` | -| `metrics.jmx.service.ports.metrics` | JMX Exporter Prometheus port | `10443` | -| `metrics.jmx.service.annotations` | Annotations for the JMX Exporter Prometheus metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.jmx.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | -| `metrics.serviceMonitor.interval` | How frequently to scrape metrics | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | -| `metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------ | +| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | +| `metrics.jmx.image.registry` | JMX exporter image registry | `REGISTRY_NAME` | +| `metrics.jmx.image.repository` | JMX exporter image repository | `REPOSITORY_NAME/jmx-exporter` | +| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r95` | +| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | +| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.jmx.containerPorts.metrics` | JMX Exporter metrics container port | `10445` | +| `metrics.jmx.resources.limits` | The resources limits for the init container | `{}` | +| `metrics.jmx.resources.requests` | The requested resources for the init container | `{}` | +| `metrics.jmx.containerSecurityContext.enabled` | Enabled JMX Exporter containers' Security Context | `true` | +| `metrics.jmx.containerSecurityContext.runAsUser` | Set JMX Exporter containers' Security Context runAsUser | `1001` | +| `metrics.jmx.containerSecurityContext.runAsNonRoot` | Set JMX Exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.jmx.whitelistObjectNames` | Allows setting which JMX objects you want to expose to via JMX stats to JMX Exporter | `[]` | +| `metrics.jmx.configuration` | Configuration file for JMX exporter | `""` | +| `metrics.jmx.service.ports.metrics` | JMX Exporter Prometheus port | `10443` | +| `metrics.jmx.service.annotations` | Annotations for the JMX Exporter Prometheus metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.jmx.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in Prometheus | `""` | +| `metrics.serviceMonitor.interval` | How frequently to scrape metrics | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `metrics.serviceMonitor.relabelings` | Specify general relabeling | `[]` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | ### PostgreSQL subchart settings @@ -371,9 +375,11 @@ helm install my-release \ --set sonarqubeUsername=admin \ --set sonarqubePassword=password \ --set postgresql.auth.password=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/sonarqube + oci://REGISTRY_NAME/REPOSITORY_NAME/sonarqube ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the sonarqube administrator account username and password to `admin` and `password` respectively. Additionally, it sets the PostgreSQL `postgres` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -381,9 +387,10 @@ The above command sets the sonarqube administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/sonarqube +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/sonarqube ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/sonarqube/values.yaml b/bitnami/sonarqube/values.yaml index ff73c7be47f08a..0b6dd19ae4abe4 100644 --- a/bitnami/sonarqube/values.yaml +++ b/bitnami/sonarqube/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami SonarQube™ image ## ref: https://hub.docker.com/r/bitnami/sonarqube/tags/ -## @param image.registry SonarQube™ image registry -## @param image.repository SonarQube™ image repository +## @param image.registry [default: REGISTRY_NAME] SonarQube™ image registry +## @param image.repository [default: REPOSITORY_NAME/sonarqube] SonarQube™ image repository ## @param image.tag SonarQube™ image tag (immutable tags are recommended) ## @param image.digest SonarQube™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy SonarQube™ image pull policy @@ -606,8 +606,8 @@ caCerts: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param caCerts.image.registry OS Shell + Utility image registry - ## @param caCerts.image.repository OS Shell + Utility image repository + ## @param caCerts.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param caCerts.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param caCerts.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param caCerts.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param caCerts.image.pullPolicy OS Shell + Utility image pull policy @@ -667,8 +667,8 @@ plugins: noCheckCertificate: true ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param plugins.image.registry OS Shell + Utility image registry - ## @param plugins.image.repository OS Shell + Utility image repository + ## @param plugins.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param plugins.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param plugins.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param plugins.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param plugins.image.pullPolicy OS Shell + Utility image pull policy @@ -748,8 +748,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -798,8 +798,8 @@ sysctl: enabled: true ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param sysctl.image.registry OS Shell + Utility image registry - ## @param sysctl.image.repository OS Shell + Utility image repository + ## @param sysctl.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param sysctl.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy @@ -878,8 +878,8 @@ metrics: enabled: false ## Bitnami JMX exporter image ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/ - ## @param metrics.jmx.image.registry JMX exporter image registry - ## @param metrics.jmx.image.repository JMX exporter image repository + ## @param metrics.jmx.image.registry [default: REGISTRY_NAME] JMX exporter image registry + ## @param metrics.jmx.image.repository [default: REPOSITORY_NAME/jmx-exporter] JMX exporter image repository ## @param metrics.jmx.image.tag JMX exporter image tag (immutable tags are recommended) ## @param metrics.jmx.image.digest JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.jmx.image.pullPolicy JMX exporter image pull policy diff --git a/bitnami/spark/README.md b/bitnami/spark/README.md index 6d3884f013b2d8..4d646997cbcddc 100644 --- a/bitnami/spark/README.md +++ b/bitnami/spark/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/spark +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spark ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps an [Apache Spark](https://github.com/bitnami/containers/tree/main/bitnami/spark) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Apache Spark in production? Try [VMware Application Catalog](http To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/spark +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spark ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Apache Spark on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -82,16 +86,16 @@ The command removes all the Kubernetes components associated with the chart and ### Spark parameters -| Name | Description | Value | -| ------------------- | ----------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | Spark image registry | `docker.io` | -| `image.repository` | Spark image repository | `bitnami/spark` | -| `image.tag` | Spark image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | -| `image.digest` | Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Spark image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Enable image debug mode | `false` | -| `hostNetwork` | Enable HOST Network | `false` | +| Name | Description | Value | +| ------------------- | ----------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Spark image registry | `REGISTRY_NAME` | +| `image.repository` | Spark image repository | `REPOSITORY_NAME/spark` | +| `image.tag` | Spark image tag (immutable tags are recommended) | `3.5.0-debian-11-r0` | +| `image.digest` | Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Spark image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `hostNetwork` | Enable HOST Network | `false` | ### Spark master parameters @@ -331,17 +335,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set master.webPort=8081 oci://registry-1.docker.io/bitnamicharts/spark + --set master.webPort=8081 oci://REGISTRY_NAME/REPOSITORY_NAME/spark ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the spark master web port to `8081`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/spark +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/spark ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/spark/values.yaml b/bitnami/spark/values.yaml index b83f3823d27507..bacc7b0f7e1fb7 100644 --- a/bitnami/spark/values.yaml +++ b/bitnami/spark/values.yaml @@ -84,8 +84,8 @@ diagnosticMode: ## Bitnami Spark image version ## ref: https://hub.docker.com/r/bitnami/spark/tags/ -## @param image.registry Spark image registry -## @param image.repository Spark image repository +## @param image.registry [default: REGISTRY_NAME] Spark image registry +## @param image.repository [default: REPOSITORY_NAME/spark] Spark image repository ## @param image.tag Spark image tag (immutable tags are recommended) ## @param image.digest Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Spark image pull policy diff --git a/bitnami/spring-cloud-dataflow/README.md b/bitnami/spring-cloud-dataflow/README.md index 9096b75b0cec43..db784ccc5c5fae 100644 --- a/bitnami/spring-cloud-dataflow/README.md +++ b/bitnami/spring-cloud-dataflow/README.md @@ -9,9 +9,11 @@ Spring Cloud Data Flow is a microservices-based toolkit for building streaming a ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Spring Cloud Data Flow](https://github.com/bitnami/containers/tree/main/bitnami/spring-cloud-dataflow) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -31,9 +33,11 @@ Looking to use Spring Cloud Data Flow in production? Try [VMware Application Cat To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Spring Cloud Data Flow on the Kubernetes cluster with the default configuration. The [parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -70,211 +74,211 @@ helm uninstall my-release ### Dataflow Server parameters -| Name | Description | Value | -| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------- | -| `server.image.registry` | Spring Cloud Dataflow image registry | `docker.io` | -| `server.image.repository` | Spring Cloud Dataflow image repository | `bitnami/spring-cloud-dataflow` | -| `server.image.tag` | Spring Cloud Dataflow image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | -| `server.image.digest` | Spring Cloud Dataflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.image.pullPolicy` | Spring Cloud Dataflow image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `server.image.debug` | Enable image debug mode | `false` | -| `server.hostAliases` | Deployment pod host aliases | `[]` | -| `server.composedTaskRunner.image.registry` | Spring Cloud Dataflow Composed Task Runner image registry | `docker.io` | -| `server.composedTaskRunner.image.repository` | Spring Cloud Dataflow Composed Task Runner image repository | `bitnami/spring-cloud-dataflow-composed-task-runner` | -| `server.composedTaskRunner.image.tag` | Spring Cloud Dataflow Composed Task Runner image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | -| `server.composedTaskRunner.image.digest` | Spring Cloud Dataflow Composed Task Runner image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.configuration.streamingEnabled` | Enables or disables streaming data processing | `true` | -| `server.configuration.batchEnabled` | Enables or disables batch data (tasks and schedules) processing | `true` | -| `server.configuration.accountName` | The name of the account to configure for the Kubernetes platform | `default` | -| `server.configuration.trustK8sCerts` | Trust K8s certificates when querying the Kubernetes API | `false` | -| `server.configuration.containerRegistries` | Container registries configuration | `{}` | -| `server.configuration.grafanaInfo` | Endpoint to the grafana instance (Deprecated: use the metricsDashboard instead) | `""` | -| `server.configuration.metricsDashboard` | Endpoint to the metricsDashboard instance | `""` | -| `server.configuration.defaultSpringApplicationJSON` | Injects default values for environment variable SPRING_APPLICATION_JSON | `true` | -| `server.existingConfigmap` | ConfigMap with Spring Cloud Dataflow Server Configuration | `""` | -| `server.command` | Override default container command (useful when using custom images) | `[]` | -| `server.args` | Override default container args (useful when using custom images) | `[]` | -| `server.lifecycleHooks` | for the Dataflow server container(s) to automate configuration before or after startup | `{}` | -| `server.extraEnvVars` | Extra environment variables to be set on Dataflow server container | `[]` | -| `server.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | -| `server.extraEnvVarsSecret` | Secret with extra environment variables | `""` | -| `server.replicaCount` | Number of Dataflow server replicas to deploy | `1` | -| `server.podAffinityPreset` | Dataflow server pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.podAntiAffinityPreset` | Dataflow server pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `server.containerPort` | Dataflow server port | `8080` | -| `server.nodeAffinityPreset.type` | Dataflow server node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.nodeAffinityPreset.key` | Dataflow server node label key to match Ignored if `server.affinity` is set. | `""` | -| `server.nodeAffinityPreset.values` | Dataflow server node label values to match. Ignored if `server.affinity` is set. | `[]` | -| `server.affinity` | Dataflow server affinity for pod assignment | `{}` | -| `server.nodeSelector` | Dataflow server node labels for pod assignment | `{}` | -| `server.tolerations` | Dataflow server tolerations for pod assignment | `[]` | -| `server.podAnnotations` | Annotations for Dataflow server pods | `{}` | -| `server.updateStrategy.type` | Deployment strategy type for Dataflow server pods. | `RollingUpdate` | -| `server.podLabels` | Extra labels for Dataflow Server pods | `{}` | -| `server.priorityClassName` | Dataflow Server pods' priority | `""` | -| `server.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `server.podSecurityContext.enabled` | Enabled Dataflow Server pods' Security Context | `true` | -| `server.podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | -| `server.containerSecurityContext.enabled` | Enabled Dataflow Server containers' Security Context | `true` | -| `server.containerSecurityContext.runAsUser` | Set Dataflow Server container's Security Context runAsUser | `1001` | -| `server.resources.limits` | The resources limits for the Dataflow server container | `{}` | -| `server.resources.requests` | The requested resources for the Dataflow server container | `{}` | -| `server.startupProbe.enabled` | Enable startupProbe | `false` | -| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | -| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | -| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `server.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `server.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `120` | -| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | -| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `server.customStartupProbe` | Override default startup probe | `{}` | -| `server.customLivenessProbe` | Override default liveness probe | `{}` | -| `server.customReadinessProbe` | Override default readiness probe | `{}` | -| `server.service.type` | Kubernetes service type | `ClusterIP` | -| `server.service.port` | Service HTTP port | `8080` | -| `server.service.nodePort` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | -| `server.service.clusterIP` | Dataflow server service cluster IP | `""` | -| `server.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `server.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `server.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `server.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `server.service.annotations` | Provide any additional annotations which may be required. Evaluated as a template. | `{}` | -| `server.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `server.ingress.enabled` | Enable ingress controller resource | `false` | -| `server.ingress.path` | The Path to WordPress. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | -| `server.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | -| `server.ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `server.ingress.hostname` | Default host for the ingress resource | `dataflow.local` | -| `server.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | -| `server.ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | -| `server.ingress.certManager` | Add the corresponding annotations for cert-manager integration | `false` | -| `server.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `server.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | -| `server.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `server.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | -| `server.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `server.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | -| `server.initContainers` | Add init containers to the Dataflow Server pods | `[]` | -| `server.sidecars` | Add sidecars to the Dataflow Server pods | `[]` | -| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `server.autoscaling.enabled` | Enable autoscaling for Dataflow server | `false` | -| `server.autoscaling.minReplicas` | Minimum number of Dataflow server replicas | `""` | -| `server.autoscaling.maxReplicas` | Maximum number of Dataflow server replicas | `""` | -| `server.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `server.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `server.extraVolumes` | Extra Volumes to be set on the Dataflow Server Pod | `[]` | -| `server.extraVolumeMounts` | Extra VolumeMounts to be set on the Dataflow Container | `[]` | -| `server.jdwp.enabled` | Set to true to enable Java debugger | `false` | -| `server.jdwp.port` | Specify port for remote debugging | `5005` | -| `server.proxy` | Add proxy configuration for SCDF server | `{}` | -| `server.applicationProperties` | Specify common application properties added by SCDF server to streams and/or tasks | `{}` | +| Name | Description | Value | +| --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------ | +| `server.image.registry` | Spring Cloud Dataflow image registry | `REGISTRY_NAME` | +| `server.image.repository` | Spring Cloud Dataflow image repository | `REPOSITORY_NAME/spring-cloud-dataflow` | +| `server.image.tag` | Spring Cloud Dataflow image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | +| `server.image.digest` | Spring Cloud Dataflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.image.pullPolicy` | Spring Cloud Dataflow image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `server.image.debug` | Enable image debug mode | `false` | +| `server.hostAliases` | Deployment pod host aliases | `[]` | +| `server.composedTaskRunner.image.registry` | Spring Cloud Dataflow Composed Task Runner image registry | `REGISTRY_NAME` | +| `server.composedTaskRunner.image.repository` | Spring Cloud Dataflow Composed Task Runner image repository | `REPOSITORY_NAME/spring-cloud-dataflow-composed-task-runner` | +| `server.composedTaskRunner.image.tag` | Spring Cloud Dataflow Composed Task Runner image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | +| `server.composedTaskRunner.image.digest` | Spring Cloud Dataflow Composed Task Runner image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.configuration.streamingEnabled` | Enables or disables streaming data processing | `true` | +| `server.configuration.batchEnabled` | Enables or disables batch data (tasks and schedules) processing | `true` | +| `server.configuration.accountName` | The name of the account to configure for the Kubernetes platform | `default` | +| `server.configuration.trustK8sCerts` | Trust K8s certificates when querying the Kubernetes API | `false` | +| `server.configuration.containerRegistries` | Container registries configuration | `{}` | +| `server.configuration.grafanaInfo` | Endpoint to the grafana instance (Deprecated: use the metricsDashboard instead) | `""` | +| `server.configuration.metricsDashboard` | Endpoint to the metricsDashboard instance | `""` | +| `server.configuration.defaultSpringApplicationJSON` | Injects default values for environment variable SPRING_APPLICATION_JSON | `true` | +| `server.existingConfigmap` | ConfigMap with Spring Cloud Dataflow Server Configuration | `""` | +| `server.command` | Override default container command (useful when using custom images) | `[]` | +| `server.args` | Override default container args (useful when using custom images) | `[]` | +| `server.lifecycleHooks` | for the Dataflow server container(s) to automate configuration before or after startup | `{}` | +| `server.extraEnvVars` | Extra environment variables to be set on Dataflow server container | `[]` | +| `server.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `server.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `server.replicaCount` | Number of Dataflow server replicas to deploy | `1` | +| `server.podAffinityPreset` | Dataflow server pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.podAntiAffinityPreset` | Dataflow server pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `server.containerPort` | Dataflow server port | `8080` | +| `server.nodeAffinityPreset.type` | Dataflow server node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.nodeAffinityPreset.key` | Dataflow server node label key to match Ignored if `server.affinity` is set. | `""` | +| `server.nodeAffinityPreset.values` | Dataflow server node label values to match. Ignored if `server.affinity` is set. | `[]` | +| `server.affinity` | Dataflow server affinity for pod assignment | `{}` | +| `server.nodeSelector` | Dataflow server node labels for pod assignment | `{}` | +| `server.tolerations` | Dataflow server tolerations for pod assignment | `[]` | +| `server.podAnnotations` | Annotations for Dataflow server pods | `{}` | +| `server.updateStrategy.type` | Deployment strategy type for Dataflow server pods. | `RollingUpdate` | +| `server.podLabels` | Extra labels for Dataflow Server pods | `{}` | +| `server.priorityClassName` | Dataflow Server pods' priority | `""` | +| `server.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `server.podSecurityContext.enabled` | Enabled Dataflow Server pods' Security Context | `true` | +| `server.podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | +| `server.containerSecurityContext.enabled` | Enabled Dataflow Server containers' Security Context | `true` | +| `server.containerSecurityContext.runAsUser` | Set Dataflow Server container's Security Context runAsUser | `1001` | +| `server.resources.limits` | The resources limits for the Dataflow server container | `{}` | +| `server.resources.requests` | The requested resources for the Dataflow server container | `{}` | +| `server.startupProbe.enabled` | Enable startupProbe | `false` | +| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | +| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | +| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `server.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `server.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `120` | +| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | +| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `server.customStartupProbe` | Override default startup probe | `{}` | +| `server.customLivenessProbe` | Override default liveness probe | `{}` | +| `server.customReadinessProbe` | Override default readiness probe | `{}` | +| `server.service.type` | Kubernetes service type | `ClusterIP` | +| `server.service.port` | Service HTTP port | `8080` | +| `server.service.nodePort` | Specify the nodePort value for the LoadBalancer and NodePort service types | `""` | +| `server.service.clusterIP` | Dataflow server service cluster IP | `""` | +| `server.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `server.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | +| `server.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | +| `server.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `server.service.annotations` | Provide any additional annotations which may be required. Evaluated as a template. | `{}` | +| `server.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `server.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `server.ingress.enabled` | Enable ingress controller resource | `false` | +| `server.ingress.path` | The Path to WordPress. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | +| `server.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` | +| `server.ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `server.ingress.hostname` | Default host for the ingress resource | `dataflow.local` | +| `server.ingress.annotations` | Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations. | `{}` | +| `server.ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | +| `server.ingress.certManager` | Add the corresponding annotations for cert-manager integration | `false` | +| `server.ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `server.ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` | +| `server.ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `server.ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | +| `server.ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `server.ingress.extraRules` | Additional rules to be covered with this ingress record | `[]` | +| `server.initContainers` | Add init containers to the Dataflow Server pods | `[]` | +| `server.sidecars` | Add sidecars to the Dataflow Server pods | `[]` | +| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `server.autoscaling.enabled` | Enable autoscaling for Dataflow server | `false` | +| `server.autoscaling.minReplicas` | Minimum number of Dataflow server replicas | `""` | +| `server.autoscaling.maxReplicas` | Maximum number of Dataflow server replicas | `""` | +| `server.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `server.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `server.extraVolumes` | Extra Volumes to be set on the Dataflow Server Pod | `[]` | +| `server.extraVolumeMounts` | Extra VolumeMounts to be set on the Dataflow Container | `[]` | +| `server.jdwp.enabled` | Set to true to enable Java debugger | `false` | +| `server.jdwp.port` | Specify port for remote debugging | `5005` | +| `server.proxy` | Add proxy configuration for SCDF server | `{}` | +| `server.applicationProperties` | Specify common application properties added by SCDF server to streams and/or tasks | `{}` | ### Dataflow Skipper parameters -| Name | Description | Value | -| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------------------ | -| `skipper.enabled` | Enable Spring Cloud Skipper component | `true` | -| `skipper.hostAliases` | Deployment pod host aliases | `[]` | -| `skipper.image.registry` | Spring Cloud Skipper image registry | `docker.io` | -| `skipper.image.repository` | Spring Cloud Skipper image repository | `bitnami/spring-cloud-skipper` | -| `skipper.image.tag` | Spring Cloud Skipper image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | -| `skipper.image.digest` | Spring Cloud Skipper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `skipper.image.pullPolicy` | Spring Cloud Skipper image pull policy | `IfNotPresent` | -| `skipper.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `skipper.image.debug` | Enable image debug mode | `false` | -| `skipper.configuration.accountName` | The name of the account to configure for the Kubernetes platform | `default` | -| `skipper.configuration.trustK8sCerts` | Trust K8s certificates when querying the Kubernetes API | `false` | -| `skipper.existingConfigmap` | Name of existing ConfigMap with Skipper server configuration | `""` | -| `skipper.command` | Override default container command (useful when using custom images) | `[]` | -| `skipper.args` | Override default container args (useful when using custom images) | `[]` | -| `skipper.lifecycleHooks` | for the Skipper container(s) to automate configuration before or after startup | `{}` | -| `skipper.extraEnvVars` | Extra environment variables to be set on Skipper server container | `[]` | -| `skipper.extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` | -| `skipper.extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` | -| `skipper.replicaCount` | Number of Skipper server replicas to deploy | `1` | -| `skipper.podAffinityPreset` | Skipper pod affinity preset. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `skipper.podAntiAffinityPreset` | Skipper pod anti-affinity preset. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `skipper.nodeAffinityPreset.type` | Skipper node affinity preset type. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `skipper.nodeAffinityPreset.key` | Skipper node label key to match Ignored if `skipper.affinity` is set. | `""` | -| `skipper.nodeAffinityPreset.values` | Skipper node label values to match. Ignored if `skipper.affinity` is set. | `[]` | -| `skipper.affinity` | Skipper affinity for pod assignment | `{}` | -| `skipper.nodeSelector` | Skipper node labels for pod assignment | `{}` | -| `skipper.tolerations` | Skipper tolerations for pod assignment | `[]` | -| `skipper.podAnnotations` | Annotations for Skipper server pods | `{}` | -| `skipper.updateStrategy.type` | Deployment strategy type for Skipper server pods. | `RollingUpdate` | -| `skipper.podLabels` | Extra labels for Skipper pods | `{}` | -| `skipper.priorityClassName` | Controller priorityClassName | `""` | -| `skipper.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `skipper.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `skipper.podSecurityContext.enabled` | Enabled Skipper pods' Security Context | `true` | -| `skipper.podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | -| `skipper.containerSecurityContext.enabled` | Enabled Datafkiw Skipper containers' Security Context | `true` | -| `skipper.containerSecurityContext.runAsUser` | Set Dataflow Skipper container's Security Context runAsUser | `1001` | -| `skipper.resources.limits` | The resources limits for the Skipper server container | `{}` | -| `skipper.resources.requests` | The requested resources for the Skipper server container | `{}` | -| `skipper.startupProbe.enabled` | Enable startupProbe | `false` | -| `skipper.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | -| `skipper.startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | -| `skipper.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `skipper.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `skipper.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `skipper.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `skipper.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | -| `skipper.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `skipper.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | -| `skipper.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `skipper.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `skipper.readinessProbe.enabled` | Enable readinessProbe | `true` | -| `skipper.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `120` | -| `skipper.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | -| `skipper.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `skipper.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `skipper.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `skipper.customStartupProbe` | Override default startup probe | `{}` | -| `skipper.customLivenessProbe` | Override default liveness probe | `{}` | -| `skipper.customReadinessProbe` | Override default readiness probe | `{}` | -| `skipper.service.type` | Kubernetes service type | `ClusterIP` | -| `skipper.service.port` | Service HTTP port | `80` | -| `skipper.service.nodePort` | Service HTTP node port | `""` | -| `skipper.service.clusterIP` | Skipper server service cluster IP | `""` | -| `skipper.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `skipper.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `skipper.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | -| `skipper.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `skipper.service.annotations` | Annotations for Skipper server service | `{}` | -| `skipper.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `skipper.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `skipper.initContainers` | Add init containers to the Dataflow Skipper pods | `[]` | -| `skipper.sidecars` | Add sidecars to the Skipper pods | `[]` | -| `skipper.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `skipper.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `skipper.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `skipper.autoscaling.enabled` | Enable autoscaling for Skipper server | `false` | -| `skipper.autoscaling.minReplicas` | Minimum number of Skipper server replicas | `""` | -| `skipper.autoscaling.maxReplicas` | Maximum number of Skipper server replicas | `""` | -| `skipper.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `skipper.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `skipper.extraVolumes` | Extra Volumes to be set on the Skipper Pod | `[]` | -| `skipper.extraVolumeMounts` | Extra VolumeMounts to be set on the Skipper Container | `[]` | -| `skipper.jdwp.enabled` | Enable Java Debug Wire Protocol (JDWP) | `false` | -| `skipper.jdwp.port` | JDWP TCP port for remote debugging | `5005` | -| `externalSkipper.host` | Host of a external Skipper Server | `localhost` | -| `externalSkipper.port` | External Skipper Server port number | `7577` | +| Name | Description | Value | +| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | -------------------------------------- | +| `skipper.enabled` | Enable Spring Cloud Skipper component | `true` | +| `skipper.hostAliases` | Deployment pod host aliases | `[]` | +| `skipper.image.registry` | Spring Cloud Skipper image registry | `REGISTRY_NAME` | +| `skipper.image.repository` | Spring Cloud Skipper image repository | `REPOSITORY_NAME/spring-cloud-skipper` | +| `skipper.image.tag` | Spring Cloud Skipper image tag (immutable tags are recommended) | `2.11.1-debian-11-r0` | +| `skipper.image.digest` | Spring Cloud Skipper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `skipper.image.pullPolicy` | Spring Cloud Skipper image pull policy | `IfNotPresent` | +| `skipper.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `skipper.image.debug` | Enable image debug mode | `false` | +| `skipper.configuration.accountName` | The name of the account to configure for the Kubernetes platform | `default` | +| `skipper.configuration.trustK8sCerts` | Trust K8s certificates when querying the Kubernetes API | `false` | +| `skipper.existingConfigmap` | Name of existing ConfigMap with Skipper server configuration | `""` | +| `skipper.command` | Override default container command (useful when using custom images) | `[]` | +| `skipper.args` | Override default container args (useful when using custom images) | `[]` | +| `skipper.lifecycleHooks` | for the Skipper container(s) to automate configuration before or after startup | `{}` | +| `skipper.extraEnvVars` | Extra environment variables to be set on Skipper server container | `[]` | +| `skipper.extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` | +| `skipper.extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` | +| `skipper.replicaCount` | Number of Skipper server replicas to deploy | `1` | +| `skipper.podAffinityPreset` | Skipper pod affinity preset. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `skipper.podAntiAffinityPreset` | Skipper pod anti-affinity preset. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `skipper.nodeAffinityPreset.type` | Skipper node affinity preset type. Ignored if `skipper.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `skipper.nodeAffinityPreset.key` | Skipper node label key to match Ignored if `skipper.affinity` is set. | `""` | +| `skipper.nodeAffinityPreset.values` | Skipper node label values to match. Ignored if `skipper.affinity` is set. | `[]` | +| `skipper.affinity` | Skipper affinity for pod assignment | `{}` | +| `skipper.nodeSelector` | Skipper node labels for pod assignment | `{}` | +| `skipper.tolerations` | Skipper tolerations for pod assignment | `[]` | +| `skipper.podAnnotations` | Annotations for Skipper server pods | `{}` | +| `skipper.updateStrategy.type` | Deployment strategy type for Skipper server pods. | `RollingUpdate` | +| `skipper.podLabels` | Extra labels for Skipper pods | `{}` | +| `skipper.priorityClassName` | Controller priorityClassName | `""` | +| `skipper.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `skipper.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `skipper.podSecurityContext.enabled` | Enabled Skipper pods' Security Context | `true` | +| `skipper.podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | +| `skipper.containerSecurityContext.enabled` | Enabled Datafkiw Skipper containers' Security Context | `true` | +| `skipper.containerSecurityContext.runAsUser` | Set Dataflow Skipper container's Security Context runAsUser | `1001` | +| `skipper.resources.limits` | The resources limits for the Skipper server container | `{}` | +| `skipper.resources.requests` | The requested resources for the Skipper server container | `{}` | +| `skipper.startupProbe.enabled` | Enable startupProbe | `false` | +| `skipper.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | +| `skipper.startupProbe.periodSeconds` | Period seconds for startupProbe | `20` | +| `skipper.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `skipper.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `skipper.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `skipper.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `skipper.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `skipper.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `skipper.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `skipper.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `skipper.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `skipper.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `skipper.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `120` | +| `skipper.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `20` | +| `skipper.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `skipper.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `skipper.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `skipper.customStartupProbe` | Override default startup probe | `{}` | +| `skipper.customLivenessProbe` | Override default liveness probe | `{}` | +| `skipper.customReadinessProbe` | Override default readiness probe | `{}` | +| `skipper.service.type` | Kubernetes service type | `ClusterIP` | +| `skipper.service.port` | Service HTTP port | `80` | +| `skipper.service.nodePort` | Service HTTP node port | `""` | +| `skipper.service.clusterIP` | Skipper server service cluster IP | `""` | +| `skipper.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `skipper.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | +| `skipper.service.loadBalancerSourceRanges` | Address that are allowed when service is LoadBalancer | `[]` | +| `skipper.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `skipper.service.annotations` | Annotations for Skipper server service | `{}` | +| `skipper.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `skipper.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `skipper.initContainers` | Add init containers to the Dataflow Skipper pods | `[]` | +| `skipper.sidecars` | Add sidecars to the Skipper pods | `[]` | +| `skipper.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `skipper.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `skipper.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `skipper.autoscaling.enabled` | Enable autoscaling for Skipper server | `false` | +| `skipper.autoscaling.minReplicas` | Minimum number of Skipper server replicas | `""` | +| `skipper.autoscaling.maxReplicas` | Maximum number of Skipper server replicas | `""` | +| `skipper.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `skipper.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `skipper.extraVolumes` | Extra Volumes to be set on the Skipper Pod | `[]` | +| `skipper.extraVolumeMounts` | Extra VolumeMounts to be set on the Skipper Container | `[]` | +| `skipper.jdwp.enabled` | Enable Java Debug Wire Protocol (JDWP) | `false` | +| `skipper.jdwp.port` | JDWP TCP port for remote debugging | `5005` | +| `externalSkipper.host` | Host of a external Skipper Server | `localhost` | +| `externalSkipper.port` | External Skipper Server port number | `7577` | ### Deployer parameters @@ -308,127 +312,127 @@ helm uninstall my-release ### Metrics parameters -| Name | Description | Value | -| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | -| `metrics.enabled` | Enable Prometheus metrics | `false` | -| `metrics.image.registry` | Prometheus Rsocket Proxy image registry | `docker.io` | -| `metrics.image.repository` | Prometheus Rsocket Proxy image repository | `bitnami/prometheus-rsocket-proxy` | -| `metrics.image.tag` | Prometheus Rsocket Proxy image tag (immutable tags are recommended) | `1.5.2-debian-11-r84` | -| `metrics.image.digest` | Prometheus Rsocket Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Prometheus Rsocket Proxy image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources.limits` | The resources limits for the Prometheus Rsocket Proxy container | `{}` | -| `metrics.resources.requests` | The requested resources for the Prometheus Rsocket Proxy container | `{}` | -| `metrics.replicaCount` | Number of Prometheus Rsocket Proxy replicas to deploy | `1` | -| `metrics.podAffinityPreset` | Prometheus Rsocket Proxy pod affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.podAntiAffinityPreset` | Prometheus Rsocket Proxy pod anti-affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `metrics.nodeAffinityPreset.type` | Prometheus Rsocket Proxy node affinity preset type. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `metrics.nodeAffinityPreset.key` | Prometheus Rsocket Proxy node label key to match Ignored if `metrics.affinity` is set. | `""` | -| `metrics.nodeAffinityPreset.values` | Prometheus Rsocket Proxy node label values to match. Ignored if `metrics.affinity` is set. | `[]` | -| `metrics.affinity` | Prometheus Rsocket Proxy affinity for pod assignment | `{}` | -| `metrics.nodeSelector` | Prometheus Rsocket Proxy node labels for pod assignment | `{}` | -| `metrics.hostAliases` | Prometheus Proxy pods host aliases | `[]` | -| `metrics.tolerations` | Prometheus Rsocket Proxy tolerations for pod assignment | `[]` | -| `metrics.podAnnotations` | Annotations for Prometheus Rsocket Proxy pods | `{}` | -| `metrics.podLabels` | Extra labels for Prometheus Proxy pods | `{}` | -| `metrics.podSecurityContext.enabled` | Enabled Prometheus Proxy pods' Security Context | `false` | -| `metrics.podSecurityContext.fsGroup` | Set Prometheus Proxy pod's Security Context fsGroup | `1001` | -| `metrics.containerSecurityContext.enabled` | Enabled Prometheus Proxy containers' Security Context | `false` | -| `metrics.containerSecurityContext.runAsUser` | Set Prometheus Proxy containers' Security Context runAsUser | `1001` | -| `metrics.command` | Override default container command (useful when using custom images) | `[]` | -| `metrics.args` | Override default container args (useful when using custom images) | `[]` | -| `metrics.lifecycleHooks` | for the Prometheus Proxy container(s) to automate configuration before or after startup | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Prometheus Proxy nodes | `[]` | -| `metrics.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus Proxy nodes | `""` | -| `metrics.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus Proxy nodes | `""` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus Proxy pod(s) | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus Proxy container(s) | `[]` | -| `metrics.containerPorts.http` | Prometheus Proxy HTTP container port | `8080` | -| `metrics.containerPorts.rsocket` | Prometheus Proxy Rsocket container port | `7001` | -| `metrics.sidecars` | Add additional sidecar containers to the Prometheus Proxy pod(s) | `[]` | -| `metrics.initContainers` | Add additional init containers to the Prometheus Proxy pod(s) | `[]` | -| `metrics.updateStrategy.type` | Prometheus Proxy deployment strategy type. | `RollingUpdate` | -| `metrics.priorityClassName` | Prometheus Rsocket Proxy pods' priority. | `""` | -| `metrics.schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `metrics.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `metrics.service.type` | Prometheus Proxy service type | `ClusterIP` | -| `metrics.service.ports.http` | Prometheus Rsocket Proxy HTTP port | `8080` | -| `metrics.service.ports.rsocket` | Prometheus Rsocket Proxy Rsocket port | `7001` | -| `metrics.service.nodePorts.http` | Node port for HTTP | `""` | -| `metrics.service.nodePorts.rsocket` | Node port for Rsocket | `""` | -| `metrics.service.clusterIP` | Prometheys Proxy service Cluster IP | `""` | -| `metrics.service.loadBalancerIP` | Prometheys Proxy service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Prometheys Proxy service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | Prometheys Proxy service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.annotations` | Annotations for the Prometheus Rsocket Proxy service | `{}` | -| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which ServiceMonitor is created if different from release | `""` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | -| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | -| `metrics.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `metrics.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `metrics.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `metrics.autoscaling.enabled` | Enable autoscaling for Prometheus Rsocket Proxy | `false` | -| `metrics.autoscaling.minReplicas` | Minimum number of Prometheus Rsocket Proxy replicas | `""` | -| `metrics.autoscaling.maxReplicas` | Maximum number of Prometheus Rsocket Proxy replicas | `""` | -| `metrics.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `metrics.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| Name | Description | Value | +| -------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------ | +| `metrics.enabled` | Enable Prometheus metrics | `false` | +| `metrics.image.registry` | Prometheus Rsocket Proxy image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Prometheus Rsocket Proxy image repository | `REPOSITORY_NAME/prometheus-rsocket-proxy` | +| `metrics.image.tag` | Prometheus Rsocket Proxy image tag (immutable tags are recommended) | `1.5.2-debian-11-r84` | +| `metrics.image.digest` | Prometheus Rsocket Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Prometheus Rsocket Proxy image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources.limits` | The resources limits for the Prometheus Rsocket Proxy container | `{}` | +| `metrics.resources.requests` | The requested resources for the Prometheus Rsocket Proxy container | `{}` | +| `metrics.replicaCount` | Number of Prometheus Rsocket Proxy replicas to deploy | `1` | +| `metrics.podAffinityPreset` | Prometheus Rsocket Proxy pod affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.podAntiAffinityPreset` | Prometheus Rsocket Proxy pod anti-affinity preset. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `metrics.nodeAffinityPreset.type` | Prometheus Rsocket Proxy node affinity preset type. Ignored if `metrics.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.nodeAffinityPreset.key` | Prometheus Rsocket Proxy node label key to match Ignored if `metrics.affinity` is set. | `""` | +| `metrics.nodeAffinityPreset.values` | Prometheus Rsocket Proxy node label values to match. Ignored if `metrics.affinity` is set. | `[]` | +| `metrics.affinity` | Prometheus Rsocket Proxy affinity for pod assignment | `{}` | +| `metrics.nodeSelector` | Prometheus Rsocket Proxy node labels for pod assignment | `{}` | +| `metrics.hostAliases` | Prometheus Proxy pods host aliases | `[]` | +| `metrics.tolerations` | Prometheus Rsocket Proxy tolerations for pod assignment | `[]` | +| `metrics.podAnnotations` | Annotations for Prometheus Rsocket Proxy pods | `{}` | +| `metrics.podLabels` | Extra labels for Prometheus Proxy pods | `{}` | +| `metrics.podSecurityContext.enabled` | Enabled Prometheus Proxy pods' Security Context | `false` | +| `metrics.podSecurityContext.fsGroup` | Set Prometheus Proxy pod's Security Context fsGroup | `1001` | +| `metrics.containerSecurityContext.enabled` | Enabled Prometheus Proxy containers' Security Context | `false` | +| `metrics.containerSecurityContext.runAsUser` | Set Prometheus Proxy containers' Security Context runAsUser | `1001` | +| `metrics.command` | Override default container command (useful when using custom images) | `[]` | +| `metrics.args` | Override default container args (useful when using custom images) | `[]` | +| `metrics.lifecycleHooks` | for the Prometheus Proxy container(s) to automate configuration before or after startup | `{}` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Prometheus Proxy nodes | `[]` | +| `metrics.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Prometheus Proxy nodes | `""` | +| `metrics.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Prometheus Proxy nodes | `""` | +| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Prometheus Proxy pod(s) | `[]` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Prometheus Proxy container(s) | `[]` | +| `metrics.containerPorts.http` | Prometheus Proxy HTTP container port | `8080` | +| `metrics.containerPorts.rsocket` | Prometheus Proxy Rsocket container port | `7001` | +| `metrics.sidecars` | Add additional sidecar containers to the Prometheus Proxy pod(s) | `[]` | +| `metrics.initContainers` | Add additional init containers to the Prometheus Proxy pod(s) | `[]` | +| `metrics.updateStrategy.type` | Prometheus Proxy deployment strategy type. | `RollingUpdate` | +| `metrics.priorityClassName` | Prometheus Rsocket Proxy pods' priority. | `""` | +| `metrics.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `metrics.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `metrics.service.type` | Prometheus Proxy service type | `ClusterIP` | +| `metrics.service.ports.http` | Prometheus Rsocket Proxy HTTP port | `8080` | +| `metrics.service.ports.rsocket` | Prometheus Rsocket Proxy Rsocket port | `7001` | +| `metrics.service.nodePorts.http` | Node port for HTTP | `""` | +| `metrics.service.nodePorts.rsocket` | Node port for Rsocket | `""` | +| `metrics.service.clusterIP` | Prometheys Proxy service Cluster IP | `""` | +| `metrics.service.loadBalancerIP` | Prometheys Proxy service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Prometheys Proxy service Load Balancer sources | `[]` | +| `metrics.service.externalTrafficPolicy` | Prometheys Proxy service external traffic policy | `Cluster` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.service.annotations` | Annotations for the Prometheus Rsocket Proxy service | `{}` | +| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which ServiceMonitor is created if different from release | `""` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | +| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | +| `metrics.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `metrics.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `metrics.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `metrics.autoscaling.enabled` | Enable autoscaling for Prometheus Rsocket Proxy | `false` | +| `metrics.autoscaling.minReplicas` | Minimum number of Prometheus Rsocket Proxy replicas | `""` | +| `metrics.autoscaling.maxReplicas` | Maximum number of Prometheus Rsocket Proxy replicas | `""` | +| `metrics.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `metrics.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | ### Init Container parameters -| Name | Description | Value | -| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `waitForBackends.enabled` | Wait for the database and other services (such as Kafka or RabbitMQ) used when enabling streaming | `true` | -| `waitForBackends.image.registry` | Init container wait-for-backend image registry | `docker.io` | -| `waitForBackends.image.repository` | Init container wait-for-backend image name | `bitnami/kubectl` | -| `waitForBackends.image.tag` | Init container wait-for-backend image tag | `1.28.2-debian-11-r16` | -| `waitForBackends.image.digest` | Init container wait-for-backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `waitForBackends.image.pullPolicy` | Init container wait-for-backend image pull policy | `IfNotPresent` | -| `waitForBackends.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `waitForBackends.resources.limits` | Init container wait-for-backend resource limits | `{}` | -| `waitForBackends.resources.requests` | Init container wait-for-backend resource requests | `{}` | +| Name | Description | Value | +| ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `waitForBackends.enabled` | Wait for the database and other services (such as Kafka or RabbitMQ) used when enabling streaming | `true` | +| `waitForBackends.image.registry` | Init container wait-for-backend image registry | `REGISTRY_NAME` | +| `waitForBackends.image.repository` | Init container wait-for-backend image name | `REPOSITORY_NAME/kubectl` | +| `waitForBackends.image.tag` | Init container wait-for-backend image tag | `1.28.2-debian-11-r16` | +| `waitForBackends.image.digest` | Init container wait-for-backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `waitForBackends.image.pullPolicy` | Init container wait-for-backend image pull policy | `IfNotPresent` | +| `waitForBackends.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `waitForBackends.resources.limits` | Init container wait-for-backend resource limits | `{}` | +| `waitForBackends.resources.requests` | Init container wait-for-backend resource requests | `{}` | ### Database parameters -| Name | Description | Value | -| ----------------------------------------- | ------------------------------------------------------------------------------------------------------- | ----------------------- | -| `mariadb.enabled` | Enable/disable MariaDB chart installation | `true` | -| `mariadb.image.registry` | MariaDB image registry | `docker.io` | -| `mariadb.image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `mariadb.image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.5-debian-11-r49` | -| `mariadb.image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | -| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | -| `mariadb.auth.username` | Username of new user to create | `dataflow` | -| `mariadb.auth.password` | Password for the new user | `change-me` | -| `mariadb.auth.database` | Database name to create | `dataflow` | -| `mariadb.auth.forcePassword` | Force users to specify required passwords in the database | `false` | -| `mariadb.auth.usePasswordFiles` | Mount credentials as a file instead of using an environment variable | `false` | -| `mariadb.initdbScripts` | Specify dictionary of scripts to be run at first boot | `{}` | -| `flyway.enabled` | Enable/disable flyway running Dataflow and Skipper Database creation scripts on startup | `true` | -| `externalDatabase.host` | Host of the external database | `localhost` | -| `externalDatabase.port` | External database port number | `3306` | -| `externalDatabase.driver` | The fully qualified name of the JDBC Driver class | `""` | -| `externalDatabase.scheme` | The scheme is a vendor-specific or shared protocol string that follows the "jdbc:" of the URL | `""` | -| `externalDatabase.password` | Password for the above username | `""` | -| `externalDatabase.existingPasswordSecret` | Existing secret with database password | `""` | -| `externalDatabase.existingPasswordKey` | Key of the existing secret with database password, defaults to `datasource-password` | `""` | -| `externalDatabase.dataflow.url` | JDBC URL for dataflow server. Overrides external scheme, host, port, database, and jdbc parameters. | `""` | -| `externalDatabase.dataflow.database` | Name of the existing database to be used by Dataflow server | `dataflow` | -| `externalDatabase.dataflow.username` | Existing username in the external db to be used by Dataflow server | `dataflow` | -| `externalDatabase.skipper.url` | JDBC URL for skipper. Overrides external scheme, host, port, database, and jdbc parameters. | `""` | -| `externalDatabase.skipper.database` | Name of the existing database to be used by Skipper server | `skipper` | -| `externalDatabase.skipper.username` | Existing username in the external db to be used by Skipper server | `skipper` | -| `externalDatabase.hibernateDialect` | Hibernate Dialect used by Dataflow/Skipper servers | `""` | +| Name | Description | Value | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `mariadb.enabled` | Enable/disable MariaDB chart installation | `true` | +| `mariadb.image.registry` | MariaDB image registry | `REGISTRY_NAME` | +| `mariadb.image.repository` | MariaDB image repository | `REPOSITORY_NAME/mariadb` | +| `mariadb.image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.5-debian-11-r49` | +| `mariadb.image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` | +| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | +| `mariadb.auth.username` | Username of new user to create | `dataflow` | +| `mariadb.auth.password` | Password for the new user | `change-me` | +| `mariadb.auth.database` | Database name to create | `dataflow` | +| `mariadb.auth.forcePassword` | Force users to specify required passwords in the database | `false` | +| `mariadb.auth.usePasswordFiles` | Mount credentials as a file instead of using an environment variable | `false` | +| `mariadb.initdbScripts` | Specify dictionary of scripts to be run at first boot | `{}` | +| `flyway.enabled` | Enable/disable flyway running Dataflow and Skipper Database creation scripts on startup | `true` | +| `externalDatabase.host` | Host of the external database | `localhost` | +| `externalDatabase.port` | External database port number | `3306` | +| `externalDatabase.driver` | The fully qualified name of the JDBC Driver class | `""` | +| `externalDatabase.scheme` | The scheme is a vendor-specific or shared protocol string that follows the "jdbc:" of the URL | `""` | +| `externalDatabase.password` | Password for the above username | `""` | +| `externalDatabase.existingPasswordSecret` | Existing secret with database password | `""` | +| `externalDatabase.existingPasswordKey` | Key of the existing secret with database password, defaults to `datasource-password` | `""` | +| `externalDatabase.dataflow.url` | JDBC URL for dataflow server. Overrides external scheme, host, port, database, and jdbc parameters. | `""` | +| `externalDatabase.dataflow.database` | Name of the existing database to be used by Dataflow server | `dataflow` | +| `externalDatabase.dataflow.username` | Existing username in the external db to be used by Dataflow server | `dataflow` | +| `externalDatabase.skipper.url` | JDBC URL for skipper. Overrides external scheme, host, port, database, and jdbc parameters. | `""` | +| `externalDatabase.skipper.database` | Name of the existing database to be used by Skipper server | `skipper` | +| `externalDatabase.skipper.username` | Existing username in the external db to be used by Skipper server | `skipper` | +| `externalDatabase.hibernateDialect` | Hibernate Dialect used by Dataflow/Skipper servers | `""` | ### RabbitMQ chart parameters @@ -458,17 +462,20 @@ helm uninstall my-release Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set server.replicaCount=2 oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow +helm install my-release --set server.replicaCount=2 oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command installs Spring Cloud Data Flow chart with 2 Dataflow server replicas. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](https://github.com/bitnami/charts/blob/main/bitnami/spring-cloud-dataflow/values.yaml) ## Configuration and installation details @@ -748,7 +755,7 @@ To upgrade to *6.0.0* from *5.x* using Kafka as messaging solution, it should be ```console $ export CURRENT_KAFKA_VERSION=$(kubectl exec scdf-kafka-0 -- bash -c 'echo $BITNAMI_IMAGE_VERSION') - helm upgrade scdf oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow \ + helm upgrade scdf oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow \ --set rabbitmq.enabled=false \ --set kafka.enabled=true \ --set kafka.image.tag=$CURRENT_KAFKA_VERSION \ @@ -756,6 +763,8 @@ To upgrade to *6.0.0* from *5.x* using Kafka as messaging solution, it should be --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 5.0.0 This major release renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. @@ -802,15 +811,19 @@ This major updates the Kafka subchart to its newest major 13.0.0. For more infor ### v0.x.x ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow --set mariadb.rootUser.password=[MARIADB_ROOT_PASSWORD] --set rabbitmq.auth.password=[RABBITMQ_PASSWORD] --set rabbitmq.auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow --set mariadb.rootUser.password=[MARIADB_ROOT_PASSWORD] --set rabbitmq.auth.password=[RABBITMQ_PASSWORD] --set rabbitmq.auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### v1.x.x ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow --set mariadb.auth.rootPassword=[MARIADB_ROOT_PASSWORD] --set rabbitmq.auth.password=[RABBITMQ_PASSWORD] --set rabbitmq.auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow --set mariadb.auth.rootPassword=[MARIADB_ROOT_PASSWORD] --set rabbitmq.auth.password=[RABBITMQ_PASSWORD] --set rabbitmq.auth.erlangCookie=[RABBITMQ_ERLANG_COOKIE] ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.0.0 MariaDB dependency version was bumped to a new major version that introduces several incompatibilities. Therefore, backwards compatibility is not guaranteed unless an external database is used. Check [MariaDB Upgrading Notes](https://github.com/bitnami/charts/tree/main/bitnami/mariadb#to-800) for more information. @@ -832,7 +845,7 @@ export RABBITMQ_ERLANG_COOKIE=$(kubectl get secret --namespace default dataflow- Upgrade your release (maintaining the version) disabling MariaDB and scaling Data Flow replicas to 0: ```console -helm upgrade dataflow oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow --version 0.7.4 \ +helm upgrade dataflow oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow --version 0.7.4 \ --set server.replicaCount=0 \ --set skipper.replicaCount=0 \ --set mariadb.enabled=false \ @@ -840,10 +853,12 @@ helm upgrade dataflow oci://registry-1.docker.io/bitnamicharts/spring-cloud-data --set rabbitmq.auth.erlangCookie=$RABBITMQ_ERLANG_COOKIE ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to 1.0.0 reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade dataflow oci://registry-1.docker.io/bitnamicharts/spring-cloud-dataflow \ +helm upgrade dataflow oci://REGISTRY_NAME/REPOSITORY_NAME/spring-cloud-dataflow \ --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC \ --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD \ --set mariadb.auth.password=$MARIADB_PASSWORD \ @@ -851,6 +866,8 @@ helm upgrade dataflow oci://registry-1.docker.io/bitnamicharts/spring-cloud-data --set rabbitmq.auth.erlangCookie=$RABBITMQ_ERLANG_COOKIE ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/spring-cloud-dataflow/values.yaml b/bitnami/spring-cloud-dataflow/values.yaml index 6cdb0f8a06a4f5..659038d9ec78e2 100644 --- a/bitnami/spring-cloud-dataflow/values.yaml +++ b/bitnami/spring-cloud-dataflow/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] server: ## Bitnami Spring Cloud Dataflow Server image ## ref: https://hub.docker.com/r/bitnami/spring-cloud-dataflow/tags/ - ## @param server.image.registry Spring Cloud Dataflow image registry - ## @param server.image.repository Spring Cloud Dataflow image repository + ## @param server.image.registry [default: REGISTRY_NAME] Spring Cloud Dataflow image registry + ## @param server.image.repository [default: REPOSITORY_NAME/spring-cloud-dataflow] Spring Cloud Dataflow image repository ## @param server.image.tag Spring Cloud Dataflow image tag (immutable tags are recommended) ## @param server.image.digest Spring Cloud Dataflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param server.image.pullPolicy Spring Cloud Dataflow image pull policy @@ -85,8 +85,8 @@ server: composedTaskRunner: ## Bitnami Spring Cloud Dataflow Composed Task Runner image ## ref: https://hub.docker.com/r/bitnami/spring-cloud-dataflow/tags/ - ## @param server.composedTaskRunner.image.registry Spring Cloud Dataflow Composed Task Runner image registry - ## @param server.composedTaskRunner.image.repository Spring Cloud Dataflow Composed Task Runner image repository + ## @param server.composedTaskRunner.image.registry [default: REGISTRY_NAME] Spring Cloud Dataflow Composed Task Runner image registry + ## @param server.composedTaskRunner.image.repository [default: REPOSITORY_NAME/spring-cloud-dataflow-composed-task-runner] Spring Cloud Dataflow Composed Task Runner image repository ## @param server.composedTaskRunner.image.tag Spring Cloud Dataflow Composed Task Runner image tag (immutable tags are recommended) ## @param server.composedTaskRunner.image.digest Spring Cloud Dataflow Composed Task Runner image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @@ -585,8 +585,8 @@ skipper: hostAliases: [] ## Bitnami Spring Cloud Skipper image ## ref: https://hub.docker.com/r/bitnami/spring-cloud-skipper/tags/ - ## @param skipper.image.registry Spring Cloud Skipper image registry - ## @param skipper.image.repository Spring Cloud Skipper image repository + ## @param skipper.image.registry [default: REGISTRY_NAME] Spring Cloud Skipper image registry + ## @param skipper.image.repository [default: REPOSITORY_NAME/spring-cloud-skipper] Spring Cloud Skipper image repository ## @param skipper.image.tag Spring Cloud Skipper image tag (immutable tags are recommended) ## @param skipper.image.digest Spring Cloud Skipper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param skipper.image.pullPolicy Spring Cloud Skipper image pull policy @@ -1057,8 +1057,8 @@ metrics: enabled: false ## Bitnami Prometheus Rsocket Proxy image ## ref: https://hub.docker.com/r/bitnami/prometheus-rsocket-proxy/tags/ - ## @param metrics.image.registry Prometheus Rsocket Proxy image registry - ## @param metrics.image.repository Prometheus Rsocket Proxy image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Prometheus Rsocket Proxy image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/prometheus-rsocket-proxy] Prometheus Rsocket Proxy image repository ## @param metrics.image.tag Prometheus Rsocket Proxy image tag (immutable tags are recommended) ## @param metrics.image.digest Prometheus Rsocket Proxy image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Prometheus Rsocket Proxy image pull policy @@ -1392,8 +1392,8 @@ waitForBackends: ## @param waitForBackends.enabled Wait for the database and other services (such as Kafka or RabbitMQ) used when enabling streaming ## enabled: true - ## @param waitForBackends.image.registry Init container wait-for-backend image registry - ## @param waitForBackends.image.repository Init container wait-for-backend image name + ## @param waitForBackends.image.registry [default: REGISTRY_NAME] Init container wait-for-backend image registry + ## @param waitForBackends.image.repository [default: REPOSITORY_NAME/kubectl] Init container wait-for-backend image name ## @param waitForBackends.image.tag Init container wait-for-backend image tag ## @param waitForBackends.image.digest Init container wait-for-backend image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param waitForBackends.image.pullPolicy Init container wait-for-backend image pull policy @@ -1447,8 +1447,8 @@ mariadb: ## enabled: true ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb - ## @param mariadb.image.registry MariaDB image registry - ## @param mariadb.image.repository MariaDB image repository + ## @param mariadb.image.registry [default: REGISTRY_NAME] MariaDB image registry + ## @param mariadb.image.repository [default: REPOSITORY_NAME/mariadb] MariaDB image repository ## @param mariadb.image.tag MariaDB image tag (immutable tags are recommended) ## @param mariadb.image.digest MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## diff --git a/bitnami/suitecrm/README.md b/bitnami/suitecrm/README.md index 7314a50c22bdfd..4a49eb18f81ac4 100644 --- a/bitnami/suitecrm/README.md +++ b/bitnami/suitecrm/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/suitecrm +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [SuiteCRM](https://github.com/bitnami/containers/tree/main/bitnami/suitecrm) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -38,9 +40,11 @@ Looking to use SuiteCRM in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/suitecrm +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys SuiteCRM on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,88 +82,88 @@ The command removes all the Kubernetes components associated with the chart and ### SuiteCRM parameters -| Name | Description | Value | -| --------------------------------------- | -------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | SuiteCRM image registry | `docker.io` | -| `image.repository` | SuiteCRM image repository | `bitnami/suitecrm` | -| `image.tag` | SuiteCRM image tag (immutable tags are recommended) | `7.13.4-debian-11-r15` | -| `image.digest` | SuiteCRM image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | SuiteCRM image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | -| `suitecrmSkipInstall` | Skip SuiteCRM installation wizard. Useful for migrations and restoring from SQL dump | `false` | -| `suitecrmValidateUserIP` | Whether to validate the user IP address or not | `false` | -| `suitecrmHost` | SuiteCRM host to create application URLs | `""` | -| `suitecrmUsername` | User of the application | `user` | -| `suitecrmPassword` | Application password | `""` | -| `suitecrmEmail` | Admin email | `user@example.com` | -| `allowEmptyPassword` | Allow DB blank passwords | `false` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `extraEnvVars` | An array to add extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra environment variables | `""` | -| `extraEnvVarsSecret` | Secret containing extra environment variables | `""` | -| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Extra volume mounts to add to the container. Requires setting `extraVolumeMounts | `[]` | -| `initContainers` | Extra init containers to add to the deployment | `[]` | -| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `priorityClassName` | SuiteCRM pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `existingSecret` | Name of a secret with the application password | `""` | -| `suitecrmSmtpHost` | SMTP host | `""` | -| `suitecrmSmtpPort` | SMTP port | `""` | -| `suitecrmSmtpUser` | SMTP user | `""` | -| `suitecrmSmtpPassword` | SMTP password | `""` | -| `suitecrmSmtpProtocol` | SMTP protocol [`ssl`, `tls`] | `""` | -| `suitecrmNotifyAddress` | SuiteCRM notify address | `""` | -| `suitecrmNotifyName` | SuiteCRM notify name | `""` | -| `containerPorts` | Container ports | `{}` | -| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `podSecurityContext.enabled` | Enable SuiteCRM pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | SuiteCRM pods' group ID | `1001` | -| `containerSecurityContext.enabled` | Enable SuiteCRM containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | SuiteCRM containers' Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | SuiteCRM containers' Security Context runAsNonRoot | `true` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.path` | Request path for livenessProbe | `/index.php` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.path` | Request path for readinessProbe | `/index.php` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.path` | Request path for startupProbe | `/index.php` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod extra labels | `{}` | +| Name | Description | Value | +| --------------------------------------- | -------------------------------------------------------------------------------------------------------- | -------------------------- | +| `image.registry` | SuiteCRM image registry | `REGISTRY_NAME` | +| `image.repository` | SuiteCRM image repository | `REPOSITORY_NAME/suitecrm` | +| `image.tag` | SuiteCRM image tag (immutable tags are recommended) | `7.13.4-debian-11-r15` | +| `image.digest` | SuiteCRM image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | SuiteCRM image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `replicaCount` | Number of replicas (requires ReadWriteMany PVC support) | `1` | +| `suitecrmSkipInstall` | Skip SuiteCRM installation wizard. Useful for migrations and restoring from SQL dump | `false` | +| `suitecrmValidateUserIP` | Whether to validate the user IP address or not | `false` | +| `suitecrmHost` | SuiteCRM host to create application URLs | `""` | +| `suitecrmUsername` | User of the application | `user` | +| `suitecrmPassword` | Application password | `""` | +| `suitecrmEmail` | Admin email | `user@example.com` | +| `allowEmptyPassword` | Allow DB blank passwords | `false` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `extraEnvVars` | An array to add extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret containing extra environment variables | `""` | +| `extraVolumes` | Extra volumes to add to the deployment. Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Extra volume mounts to add to the container. Requires setting `extraVolumeMounts | `[]` | +| `initContainers` | Extra init containers to add to the deployment | `[]` | +| `sidecars` | Extra sidecar containers to add to the deployment | `[]` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `priorityClassName` | SuiteCRM pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `existingSecret` | Name of a secret with the application password | `""` | +| `suitecrmSmtpHost` | SMTP host | `""` | +| `suitecrmSmtpPort` | SMTP port | `""` | +| `suitecrmSmtpUser` | SMTP user | `""` | +| `suitecrmSmtpPassword` | SMTP password | `""` | +| `suitecrmSmtpProtocol` | SMTP protocol [`ssl`, `tls`] | `""` | +| `suitecrmNotifyAddress` | SuiteCRM notify address | `""` | +| `suitecrmNotifyName` | SuiteCRM notify name | `""` | +| `containerPorts` | Container ports | `{}` | +| `sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `podSecurityContext.enabled` | Enable SuiteCRM pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | SuiteCRM pods' group ID | `1001` | +| `containerSecurityContext.enabled` | Enable SuiteCRM containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | SuiteCRM containers' Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | SuiteCRM containers' Security Context runAsNonRoot | `true` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.path` | Request path for livenessProbe | `/index.php` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.path` | Request path for readinessProbe | `/index.php` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.path` | Request path for startupProbe | `/index.php` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `0` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `3` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `60` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `lifecycleHooks` | lifecycleHooks for the container to automate configuration before or after startup | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod extra labels | `{}` | ### Database parameters @@ -198,17 +202,17 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r25` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r25` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | ### Traffic Exposure Parameters @@ -243,26 +247,26 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics parameters -| Name | Description | Value | -| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r2` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | -| `metrics.service.type` | Kubernetes service type for Prometheus metrics | `ClusterIP` | -| `metrics.service.port` | Prometheus metrics service port | `9117` | -| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | -| `metrics.service.clusterIP` | SuiteCRM service Cluster IP | `""` | -| `metrics.service.loadBalancerIP` | SuiteCRM service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | SuiteCRM service Load Balancer sources | `[]` | -| `metrics.service.externalTrafficPolicy` | SuiteCRM service external traffic policy | `Cluster` | -| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| Name | Description | Value | +| ------------------------------------------ | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r2` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Metrics exporter resource requests and limits | `{}` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.service.type` | Kubernetes service type for Prometheus metrics | `ClusterIP` | +| `metrics.service.port` | Prometheus metrics service port | `9117` | +| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | +| `metrics.service.clusterIP` | SuiteCRM service Cluster IP | `""` | +| `metrics.service.loadBalancerIP` | SuiteCRM service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | SuiteCRM service Load Balancer sources | `[]` | +| `metrics.service.externalTrafficPolicy` | SuiteCRM service external traffic policy | `Cluster` | +| `metrics.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `metrics.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | ### Certificate injection parameters @@ -280,8 +284,8 @@ The command removes all the Kubernetes components associated with the chart and | `certificates.extraEnvVars` | Container sidecar extra environment variables | `[]` | | `certificates.extraEnvVarsCM` | ConfigMap containing extra environment variables | `""` | | `certificates.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) | `""` | -| `certificates.image.registry` | Container sidecar registry | `docker.io` | -| `certificates.image.repository` | Container sidecar image repository | `bitnami/os-shell` | +| `certificates.image.registry` | Container sidecar registry | `REGISTRY_NAME` | +| `certificates.image.repository` | Container sidecar image repository | `REPOSITORY_NAME/os-shell` | | `certificates.image.tag` | Container sidecar image tag (immutable tags are recommended) | `11-debian-11-r25` | | `certificates.image.digest` | Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `certificates.image.pullPolicy` | Container sidecar image pull policy | `IfNotPresent` | @@ -328,9 +332,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set suitecrmUsername=admin,suitecrmPassword=password,mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/suitecrm + oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the SuiteCRM administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -338,9 +344,10 @@ The above command sets the SuiteCRM administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/suitecrm +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -389,9 +396,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 3. Install the chart ```console - helm install my-release --set persistence.existingClaim=PVC_NAME oci://registry-1.docker.io/bitnamicharts/suitecrm + helm install my-release --set persistence.existingClaim=PVC_NAME oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### Host path #### System compatibility @@ -405,9 +414,11 @@ See the [Parameters](#parameters) section to configure the PVC or to disable per 2. Install the chart ```console - helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://registry-1.docker.io/bitnamicharts/suitecrm + helm install my-release --set persistence.hostPath=/PATH/TO/HOST/MOUNT oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm ``` + > Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + This will mount the `suitecrm-data` volume into the `hostPath` directory. The site data will be persisted if the mount path contains valid data, else the site data will be initialized at first launch. 3. Because the container cannot control the host machine's directory permissions, you must set the SuiteCRM file directory permissions yourself and disable or clear SuiteCRM cache. @@ -510,15 +521,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app=mariadb,component=master,release=sui Upgrade your release (maintaining the version) disabling MariaDB and scaling SuiteCRM replicas to 0: ```console -helm upgrade suitecrm oci://registry-1.docker.io/bitnamicharts/suitecrm --set suitecrmPassword=$SUITECRM_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.0.26 +helm upgrade suitecrm oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm --set suitecrmPassword=$SUITECRM_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 8.0.26 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade your release to `9.0.0` reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade suitecrm oci://registry-1.docker.io/bitnamicharts/suitecrm --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set suitecrmPassword=$SUITECRM_PASSWORD --set containerSecurityContext.runAsUser=0 --set podSecurityContext.fsGroup=0 +helm upgrade suitecrm oci://REGISTRY_NAME/REPOSITORY_NAME/suitecrm --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set suitecrmPassword=$SUITECRM_PASSWORD --set containerSecurityContext.runAsUser=0 --set podSecurityContext.fsGroup=0 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/suitecrm/values.yaml b/bitnami/suitecrm/values.yaml index 6c75ad92f045e7..43eda94bc02a6f 100644 --- a/bitnami/suitecrm/values.yaml +++ b/bitnami/suitecrm/values.yaml @@ -44,8 +44,8 @@ commonLabels: {} ## Bitnami SuiteCRM image version ## ref: https://hub.docker.com/r/bitnami/suitecrm/tags/ -## @param image.registry SuiteCRM image registry -## @param image.repository SuiteCRM image repository +## @param image.registry [default: REGISTRY_NAME] SuiteCRM image registry +## @param image.repository [default: REPOSITORY_NAME/suitecrm] SuiteCRM image repository ## @param image.tag SuiteCRM image tag (immutable tags are recommended) ## @param image.digest SuiteCRM image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy SuiteCRM image pull policy @@ -472,8 +472,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -686,8 +686,8 @@ metrics: ## @param metrics.enabled Start a side-car prometheus exporter ## enabled: false - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Image pull policy @@ -804,8 +804,8 @@ certificates: ## @param certificates.extraEnvVarsSecret Secret containing extra environment variables (in case of sensitive data) ## extraEnvVarsSecret: "" - ## @param certificates.image.registry Container sidecar registry - ## @param certificates.image.repository Container sidecar image repository + ## @param certificates.image.registry [default: REGISTRY_NAME] Container sidecar registry + ## @param certificates.image.repository [default: REPOSITORY_NAME/os-shell] Container sidecar image repository ## @param certificates.image.tag Container sidecar image tag (immutable tags are recommended) ## @param certificates.image.digest Container sidecar image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param certificates.image.pullPolicy Container sidecar image pull policy diff --git a/bitnami/supabase/README.md b/bitnami/supabase/README.md index 67119ba91a0e71..bcf32f82324205 100644 --- a/bitnami/supabase/README.md +++ b/bitnami/supabase/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/supabase +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/supabase ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads. @@ -37,9 +39,11 @@ Looking to use Supabase in production? Try [VMware Application Catalog](https:// To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/supabase +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/supabase ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Supabase on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -86,120 +90,120 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Common parameters -| Name | Description | Value | -| -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `jwt.secret` | The secret string used to sign JWT tokens | `""` | -| `jwt.anonKey` | JWT string for annonymous users | `""` | -| `jwt.serviceKey` | JWT string for service users | `""` | -| `jwt.autoGenerate.forceRun` | Force the run of the JWT generation job | `false` | -| `jwt.autoGenerate.image.registry` | JWT CLI image registry | `docker.io` | -| `jwt.autoGenerate.image.repository` | JWT CLI image repository | `bitnami/jwt-cli` | -| `jwt.autoGenerate.image.tag` | JWT CLI image tag (immutable tags are recommended) | `6.0.0-debian-11-r21` | -| `jwt.autoGenerate.image.digest` | JWT CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `jwt.autoGenerate.image.pullPolicy` | JWT CLI image pull policy | `IfNotPresent` | -| `jwt.autoGenerate.image.pullSecrets` | JWT CLI image pull secrets | `[]` | -| `jwt.autoGenerate.kubectlImage.registry` | Kubectl image registry | `docker.io` | -| `jwt.autoGenerate.kubectlImage.repository` | Kubectl image repository | `bitnami/kubectl` | -| `jwt.autoGenerate.kubectlImage.tag` | Kubectl image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | -| `jwt.autoGenerate.kubectlImage.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `jwt.autoGenerate.kubectlImage.pullPolicy` | Kubectl image pull policy | `IfNotPresent` | -| `jwt.autoGenerate.kubectlImage.pullSecrets` | Kubectl image pull secrets | `[]` | -| `jwt.autoGenerate.backoffLimit` | set backoff limit of the job | `10` | -| `jwt.autoGenerate.extraVolumes` | Optionally specify extra list of additional volumes for the jwt init job | `[]` | -| `jwt.autoGenerate.containerSecurityContext.enabled` | Enabled jwt init job containers' Security Context | `true` | -| `jwt.autoGenerate.containerSecurityContext.runAsUser` | Set jwt init job containers' Security Context runAsUser | `1001` | -| `jwt.autoGenerate.containerSecurityContext.runAsNonRoot` | Set jwt init job containers' Security Context runAsNonRoot | `true` | -| `jwt.autoGenerate.containerSecurityContext.readOnlyRootFilesystem` | Set jwt init job containers' Security Context runAsNonRoot | `false` | -| `jwt.autoGenerate.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` | -| `jwt.autoGenerate.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` | -| `jwt.autoGenerate.podSecurityContext.enabled` | Enabled jwt init job pods' Security Context | `true` | -| `jwt.autoGenerate.podSecurityContext.fsGroup` | Set jwt init job pod's Security Context fsGroup | `1001` | -| `jwt.autoGenerate.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `jwt.autoGenerate.extraEnvVars` | Array containing extra env vars to configure the jwt init job | `[]` | -| `jwt.autoGenerate.extraEnvVarsCM` | ConfigMap containing extra env vars to configure the jwt init job | `""` | -| `jwt.autoGenerate.extraEnvVarsSecret` | Secret containing extra env vars to configure the jwt init job (in case of sensitive data) | `""` | -| `jwt.autoGenerate.extraVolumeMounts` | Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `jwt.autoGenerate.resources.limits` | The resources limits for the container | `{}` | -| `jwt.autoGenerate.resources.requests` | The requested resources for the container | `{}` | -| `jwt.autoGenerate.hostAliases` | Add deployment host aliases | `[]` | -| `jwt.autoGenerate.annotations` | Add annotations to the job | `{}` | -| `jwt.autoGenerate.podLabels` | Additional pod labels | `{}` | -| `jwt.autoGenerate.podAnnotations` | Additional pod annotations | `{}` | -| `publicURL` | Supabase API public URL | `""` | -| `dbSSL` | Supabase API database connection mode for SSL. Applied to all components. Allowed values: verify-ca, verify-full, disable, allow, prefer, require | `disable` | +| Name | Description | Value | +| -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `jwt.secret` | The secret string used to sign JWT tokens | `""` | +| `jwt.anonKey` | JWT string for annonymous users | `""` | +| `jwt.serviceKey` | JWT string for service users | `""` | +| `jwt.autoGenerate.forceRun` | Force the run of the JWT generation job | `false` | +| `jwt.autoGenerate.image.registry` | JWT CLI image registry | `REGISTRY_NAME` | +| `jwt.autoGenerate.image.repository` | JWT CLI image repository | `REPOSITORY_NAME/jwt-cli` | +| `jwt.autoGenerate.image.tag` | JWT CLI image tag (immutable tags are recommended) | `6.0.0-debian-11-r21` | +| `jwt.autoGenerate.image.digest` | JWT CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `jwt.autoGenerate.image.pullPolicy` | JWT CLI image pull policy | `IfNotPresent` | +| `jwt.autoGenerate.image.pullSecrets` | JWT CLI image pull secrets | `[]` | +| `jwt.autoGenerate.kubectlImage.registry` | Kubectl image registry | `REGISTRY_NAME` | +| `jwt.autoGenerate.kubectlImage.repository` | Kubectl image repository | `REPOSITORY_NAME/kubectl` | +| `jwt.autoGenerate.kubectlImage.tag` | Kubectl image tag (immutable tags are recommended) | `1.28.2-debian-11-r16` | +| `jwt.autoGenerate.kubectlImage.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `jwt.autoGenerate.kubectlImage.pullPolicy` | Kubectl image pull policy | `IfNotPresent` | +| `jwt.autoGenerate.kubectlImage.pullSecrets` | Kubectl image pull secrets | `[]` | +| `jwt.autoGenerate.backoffLimit` | set backoff limit of the job | `10` | +| `jwt.autoGenerate.extraVolumes` | Optionally specify extra list of additional volumes for the jwt init job | `[]` | +| `jwt.autoGenerate.containerSecurityContext.enabled` | Enabled jwt init job containers' Security Context | `true` | +| `jwt.autoGenerate.containerSecurityContext.runAsUser` | Set jwt init job containers' Security Context runAsUser | `1001` | +| `jwt.autoGenerate.containerSecurityContext.runAsNonRoot` | Set jwt init job containers' Security Context runAsNonRoot | `true` | +| `jwt.autoGenerate.containerSecurityContext.readOnlyRootFilesystem` | Set jwt init job containers' Security Context runAsNonRoot | `false` | +| `jwt.autoGenerate.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` | +| `jwt.autoGenerate.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` | +| `jwt.autoGenerate.podSecurityContext.enabled` | Enabled jwt init job pods' Security Context | `true` | +| `jwt.autoGenerate.podSecurityContext.fsGroup` | Set jwt init job pod's Security Context fsGroup | `1001` | +| `jwt.autoGenerate.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `jwt.autoGenerate.extraEnvVars` | Array containing extra env vars to configure the jwt init job | `[]` | +| `jwt.autoGenerate.extraEnvVarsCM` | ConfigMap containing extra env vars to configure the jwt init job | `""` | +| `jwt.autoGenerate.extraEnvVarsSecret` | Secret containing extra env vars to configure the jwt init job (in case of sensitive data) | `""` | +| `jwt.autoGenerate.extraVolumeMounts` | Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `jwt.autoGenerate.resources.limits` | The resources limits for the container | `{}` | +| `jwt.autoGenerate.resources.requests` | The requested resources for the container | `{}` | +| `jwt.autoGenerate.hostAliases` | Add deployment host aliases | `[]` | +| `jwt.autoGenerate.annotations` | Add annotations to the job | `{}` | +| `jwt.autoGenerate.podLabels` | Additional pod labels | `{}` | +| `jwt.autoGenerate.podAnnotations` | Additional pod annotations | `{}` | +| `publicURL` | Supabase API public URL | `""` | +| `dbSSL` | Supabase API database connection mode for SSL. Applied to all components. Allowed values: verify-ca, verify-full, disable, allow, prefer, require | `disable` | ### Supabase Auth Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- | -| `auth.enabled` | Enable Supabase auth | `true` | -| `auth.replicaCount` | Number of Supabase auth replicas to deploy | `1` | -| `auth.defaultConfig` | Supabase auth default configuration | `""` | -| `auth.extraConfig` | Supabase auth extra configuration | `{}` | -| `auth.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `auth.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `auth.image.registry` | Gotrue image registry | `docker.io` | -| `auth.image.repository` | Gotrue image repository | `bitnami/gotrue` | -| `auth.image.tag` | Gotrue image tag (immutable tags are recommended) | `1.0.1-debian-11-r216` | -| `auth.image.digest` | Gotrue image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `auth.image.pullPolicy` | Gotrue image pull policy | `IfNotPresent` | -| `auth.image.pullSecrets` | Gotrue image pull secrets | `[]` | -| `auth.containerPorts.http` | Supabase auth HTTP container port | `9999` | -| `auth.livenessProbe.enabled` | Enable livenessProbe on Supabase auth containers | `true` | -| `auth.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `auth.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `auth.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `auth.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `auth.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `auth.readinessProbe.enabled` | Enable readinessProbe on Supabase auth containers | `true` | -| `auth.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `auth.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `auth.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `auth.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `auth.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `auth.startupProbe.enabled` | Enable startupProbe on Supabase auth containers | `false` | -| `auth.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `auth.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `auth.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `auth.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `auth.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `auth.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `auth.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `auth.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `auth.resources.limits` | The resources limits for the Supabase auth containers | `{}` | -| `auth.resources.requests` | The requested resources for the Supabase auth containers | `{}` | -| `auth.podSecurityContext.enabled` | Enabled Supabase auth pods' Security Context | `true` | -| `auth.podSecurityContext.fsGroup` | Set Supabase auth pod's Security Context fsGroup | `1001` | -| `auth.containerSecurityContext.enabled` | Enabled Supabase auth containers' Security Context | `true` | -| `auth.containerSecurityContext.runAsUser` | Set Supabase auth containers' Security Context runAsUser | `1001` | -| `auth.containerSecurityContext.runAsNonRoot` | Set Supabase auth containers' Security Context runAsNonRoot | `true` | -| `auth.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase auth containers' Security Context runAsNonRoot | `false` | -| `auth.command` | Override default container command (useful when using custom images) | `[]` | -| `auth.args` | Override default container args (useful when using custom images) | `[]` | -| `auth.hostAliases` | Supabase auth pods host aliases | `[]` | -| `auth.podLabels` | Extra labels for Supabase auth pods | `{}` | -| `auth.podAnnotations` | Annotations for Supabase auth pods | `{}` | -| `auth.podAffinityPreset` | Pod affinity preset. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `auth.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `auth.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `auth.nodeAffinityPreset.key` | Node label key to match. Ignored if `auth.affinity` is set | `""` | -| `auth.nodeAffinityPreset.values` | Node label values to match. Ignored if `auth.affinity` is set | `[]` | -| `auth.affinity` | Affinity for Supabase auth pods assignment | `{}` | -| `auth.nodeSelector` | Node labels for Supabase auth pods assignment | `{}` | -| `auth.tolerations` | Tolerations for Supabase auth pods assignment | `[]` | -| `auth.updateStrategy.type` | Supabase auth statefulset strategy type | `RollingUpdate` | -| `auth.priorityClassName` | Supabase auth pods' priorityClassName | `""` | -| `auth.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `auth.schedulerName` | Name of the k8s scheduler (other than default) for Supabase auth pods | `""` | -| `auth.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `auth.lifecycleHooks` | for the Supabase auth container(s) to automate configuration before or after startup | `{}` | -| `auth.extraEnvVars` | Array with extra environment variables to add to Supabase auth nodes | `[]` | -| `auth.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase auth nodes | `""` | -| `auth.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase auth nodes | `""` | -| `auth.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase auth pod(s) | `[]` | -| `auth.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase auth container(s) | `[]` | -| `auth.sidecars` | Add additional sidecar containers to the Supabase auth pod(s) | `[]` | -| `auth.initContainers` | Add additional init containers to the Supabase auth pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `auth.enabled` | Enable Supabase auth | `true` | +| `auth.replicaCount` | Number of Supabase auth replicas to deploy | `1` | +| `auth.defaultConfig` | Supabase auth default configuration | `""` | +| `auth.extraConfig` | Supabase auth extra configuration | `{}` | +| `auth.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `auth.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `auth.image.registry` | Gotrue image registry | `REGISTRY_NAME` | +| `auth.image.repository` | Gotrue image repository | `REPOSITORY_NAME/gotrue` | +| `auth.image.tag` | Gotrue image tag (immutable tags are recommended) | `1.0.1-debian-11-r216` | +| `auth.image.digest` | Gotrue image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `auth.image.pullPolicy` | Gotrue image pull policy | `IfNotPresent` | +| `auth.image.pullSecrets` | Gotrue image pull secrets | `[]` | +| `auth.containerPorts.http` | Supabase auth HTTP container port | `9999` | +| `auth.livenessProbe.enabled` | Enable livenessProbe on Supabase auth containers | `true` | +| `auth.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `auth.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `auth.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `auth.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `auth.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `auth.readinessProbe.enabled` | Enable readinessProbe on Supabase auth containers | `true` | +| `auth.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `auth.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `auth.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `auth.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `auth.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `auth.startupProbe.enabled` | Enable startupProbe on Supabase auth containers | `false` | +| `auth.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `auth.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `auth.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `auth.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `auth.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `auth.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `auth.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `auth.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `auth.resources.limits` | The resources limits for the Supabase auth containers | `{}` | +| `auth.resources.requests` | The requested resources for the Supabase auth containers | `{}` | +| `auth.podSecurityContext.enabled` | Enabled Supabase auth pods' Security Context | `true` | +| `auth.podSecurityContext.fsGroup` | Set Supabase auth pod's Security Context fsGroup | `1001` | +| `auth.containerSecurityContext.enabled` | Enabled Supabase auth containers' Security Context | `true` | +| `auth.containerSecurityContext.runAsUser` | Set Supabase auth containers' Security Context runAsUser | `1001` | +| `auth.containerSecurityContext.runAsNonRoot` | Set Supabase auth containers' Security Context runAsNonRoot | `true` | +| `auth.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase auth containers' Security Context runAsNonRoot | `false` | +| `auth.command` | Override default container command (useful when using custom images) | `[]` | +| `auth.args` | Override default container args (useful when using custom images) | `[]` | +| `auth.hostAliases` | Supabase auth pods host aliases | `[]` | +| `auth.podLabels` | Extra labels for Supabase auth pods | `{}` | +| `auth.podAnnotations` | Annotations for Supabase auth pods | `{}` | +| `auth.podAffinityPreset` | Pod affinity preset. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `auth.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `auth.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `auth.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `auth.nodeAffinityPreset.key` | Node label key to match. Ignored if `auth.affinity` is set | `""` | +| `auth.nodeAffinityPreset.values` | Node label values to match. Ignored if `auth.affinity` is set | `[]` | +| `auth.affinity` | Affinity for Supabase auth pods assignment | `{}` | +| `auth.nodeSelector` | Node labels for Supabase auth pods assignment | `{}` | +| `auth.tolerations` | Tolerations for Supabase auth pods assignment | `[]` | +| `auth.updateStrategy.type` | Supabase auth statefulset strategy type | `RollingUpdate` | +| `auth.priorityClassName` | Supabase auth pods' priorityClassName | `""` | +| `auth.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `auth.schedulerName` | Name of the k8s scheduler (other than default) for Supabase auth pods | `""` | +| `auth.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `auth.lifecycleHooks` | for the Supabase auth container(s) to automate configuration before or after startup | `{}` | +| `auth.extraEnvVars` | Array with extra environment variables to add to Supabase auth nodes | `[]` | +| `auth.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase auth nodes | `""` | +| `auth.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase auth nodes | `""` | +| `auth.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase auth pod(s) | `[]` | +| `auth.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase auth container(s) | `[]` | +| `auth.sidecars` | Add additional sidecar containers to the Supabase auth pod(s) | `[]` | +| `auth.initContainers` | Add additional init containers to the Supabase auth pod(s) | `[]` | ### Supabase Auth Traffic Exposure Parameters @@ -219,76 +223,76 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Meta Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------- | -| `meta.enabled` | Enable Supabase Postgres Meta | `true` | -| `meta.replicaCount` | Number of Supabase Postgres Meta replicas to deploy | `1` | -| `meta.defaultConfig` | Default Supabase Postgres Meta configuration | `""` | -| `meta.extraConfig` | Extra Supabase Postgres Meta configuration | `{}` | -| `meta.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `meta.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `meta.image.registry` | Supabase Postgres Meta image registry | `docker.io` | -| `meta.image.repository` | Supabase Postgres Meta image repository | `bitnami/supabase-postgres-meta` | -| `meta.image.tag` | Supabase Postgres Meta image tag (immutable tags are recommended) | `0.72.0-debian-11-r0` | -| `meta.image.digest` | Supabase Postgres Meta image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `meta.image.pullPolicy` | Supabase Postgres Meta image pull policy | `IfNotPresent` | -| `meta.image.pullSecrets` | Supabase Postgres Meta image pull secrets | `[]` | -| `meta.containerPorts.http` | Supabase Postgres Meta HTTP container port | `8080` | -| `meta.livenessProbe.enabled` | Enable livenessProbe on Supabase Postgres Meta containers | `true` | -| `meta.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `meta.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `meta.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `meta.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `meta.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `meta.readinessProbe.enabled` | Enable readinessProbe on Supabase Postgres Meta containers | `true` | -| `meta.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `meta.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `meta.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `meta.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `meta.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `meta.startupProbe.enabled` | Enable startupProbe on Supabase Postgres Meta containers | `false` | -| `meta.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `meta.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `meta.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `meta.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `meta.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `meta.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `meta.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `meta.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `meta.resources.limits` | The resources limits for the Supabase Postgres Meta containers | `{}` | -| `meta.resources.requests` | The requested resources for the Supabase Postgres Meta containers | `{}` | -| `meta.podSecurityContext.enabled` | Enabled Supabase Postgres Meta pods' Security Context | `true` | -| `meta.podSecurityContext.fsGroup` | Set Supabase Postgres Meta pod's Security Context fsGroup | `1001` | -| `meta.containerSecurityContext.enabled` | Enabled Supabase Postgres Meta containers' Security Context | `true` | -| `meta.containerSecurityContext.runAsUser` | Set Supabase Postgres Meta containers' Security Context runAsUser | `1001` | -| `meta.containerSecurityContext.runAsNonRoot` | Set Supabase Postgres Meta containers' Security Context runAsNonRoot | `true` | -| `meta.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase Postgres Meta containers' Security Context runAsNonRoot | `false` | -| `meta.command` | Override default container command (useful when using custom images) | `[]` | -| `meta.args` | Override default container args (useful when using custom images) | `[]` | -| `meta.hostAliases` | Supabase Postgres Meta pods host aliases | `[]` | -| `meta.podLabels` | Extra labels for Supabase Postgres Meta pods | `{}` | -| `meta.podAnnotations` | Annotations for Supabase Postgres Meta pods | `{}` | -| `meta.podAffinityPreset` | Pod affinity preset. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `meta.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `meta.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `meta.nodeAffinityPreset.key` | Node label key to match. Ignored if `meta.affinity` is set | `""` | -| `meta.nodeAffinityPreset.values` | Node label values to match. Ignored if `meta.affinity` is set | `[]` | -| `meta.affinity` | Affinity for Supabase Postgres Meta pods assignment | `{}` | -| `meta.nodeSelector` | Node labels for Supabase Postgres Meta pods assignment | `{}` | -| `meta.tolerations` | Tolerations for Supabase Postgres Meta pods assignment | `[]` | -| `meta.updateStrategy.type` | Supabase Postgres Meta statefulset strategy type | `RollingUpdate` | -| `meta.priorityClassName` | Supabase Postgres Meta pods' priorityClassName | `""` | -| `meta.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `meta.schedulerName` | Name of the k8s scheduler (other than default) for Supabase Postgres Meta pods | `""` | -| `meta.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `meta.lifecycleHooks` | for the Supabase Postgres Meta container(s) to automate configuration before or after startup | `{}` | -| `meta.extraEnvVars` | Array with extra environment variables to add to Supabase Postgres Meta nodes | `[]` | -| `meta.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase Postgres Meta nodes | `""` | -| `meta.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase Postgres Meta nodes | `""` | -| `meta.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase Postgres Meta pod(s) | `[]` | -| `meta.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase Postgres Meta container(s) | `[]` | -| `meta.sidecars` | Add additional sidecar containers to the Supabase Postgres Meta pod(s) | `[]` | -| `meta.initContainers` | Add additional init containers to the Supabase Postgres Meta pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------- | +| `meta.enabled` | Enable Supabase Postgres Meta | `true` | +| `meta.replicaCount` | Number of Supabase Postgres Meta replicas to deploy | `1` | +| `meta.defaultConfig` | Default Supabase Postgres Meta configuration | `""` | +| `meta.extraConfig` | Extra Supabase Postgres Meta configuration | `{}` | +| `meta.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `meta.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `meta.image.registry` | Supabase Postgres Meta image registry | `REGISTRY_NAME` | +| `meta.image.repository` | Supabase Postgres Meta image repository | `REPOSITORY_NAME/supabase-postgres-meta` | +| `meta.image.tag` | Supabase Postgres Meta image tag (immutable tags are recommended) | `0.72.0-debian-11-r0` | +| `meta.image.digest` | Supabase Postgres Meta image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `meta.image.pullPolicy` | Supabase Postgres Meta image pull policy | `IfNotPresent` | +| `meta.image.pullSecrets` | Supabase Postgres Meta image pull secrets | `[]` | +| `meta.containerPorts.http` | Supabase Postgres Meta HTTP container port | `8080` | +| `meta.livenessProbe.enabled` | Enable livenessProbe on Supabase Postgres Meta containers | `true` | +| `meta.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `meta.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `meta.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `meta.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `meta.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `meta.readinessProbe.enabled` | Enable readinessProbe on Supabase Postgres Meta containers | `true` | +| `meta.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `meta.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `meta.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `meta.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `meta.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `meta.startupProbe.enabled` | Enable startupProbe on Supabase Postgres Meta containers | `false` | +| `meta.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `meta.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `meta.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `meta.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `meta.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `meta.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `meta.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `meta.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `meta.resources.limits` | The resources limits for the Supabase Postgres Meta containers | `{}` | +| `meta.resources.requests` | The requested resources for the Supabase Postgres Meta containers | `{}` | +| `meta.podSecurityContext.enabled` | Enabled Supabase Postgres Meta pods' Security Context | `true` | +| `meta.podSecurityContext.fsGroup` | Set Supabase Postgres Meta pod's Security Context fsGroup | `1001` | +| `meta.containerSecurityContext.enabled` | Enabled Supabase Postgres Meta containers' Security Context | `true` | +| `meta.containerSecurityContext.runAsUser` | Set Supabase Postgres Meta containers' Security Context runAsUser | `1001` | +| `meta.containerSecurityContext.runAsNonRoot` | Set Supabase Postgres Meta containers' Security Context runAsNonRoot | `true` | +| `meta.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase Postgres Meta containers' Security Context runAsNonRoot | `false` | +| `meta.command` | Override default container command (useful when using custom images) | `[]` | +| `meta.args` | Override default container args (useful when using custom images) | `[]` | +| `meta.hostAliases` | Supabase Postgres Meta pods host aliases | `[]` | +| `meta.podLabels` | Extra labels for Supabase Postgres Meta pods | `{}` | +| `meta.podAnnotations` | Annotations for Supabase Postgres Meta pods | `{}` | +| `meta.podAffinityPreset` | Pod affinity preset. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `meta.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `meta.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `meta.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `meta.nodeAffinityPreset.key` | Node label key to match. Ignored if `meta.affinity` is set | `""` | +| `meta.nodeAffinityPreset.values` | Node label values to match. Ignored if `meta.affinity` is set | `[]` | +| `meta.affinity` | Affinity for Supabase Postgres Meta pods assignment | `{}` | +| `meta.nodeSelector` | Node labels for Supabase Postgres Meta pods assignment | `{}` | +| `meta.tolerations` | Tolerations for Supabase Postgres Meta pods assignment | `[]` | +| `meta.updateStrategy.type` | Supabase Postgres Meta statefulset strategy type | `RollingUpdate` | +| `meta.priorityClassName` | Supabase Postgres Meta pods' priorityClassName | `""` | +| `meta.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `meta.schedulerName` | Name of the k8s scheduler (other than default) for Supabase Postgres Meta pods | `""` | +| `meta.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `meta.lifecycleHooks` | for the Supabase Postgres Meta container(s) to automate configuration before or after startup | `{}` | +| `meta.extraEnvVars` | Array with extra environment variables to add to Supabase Postgres Meta nodes | `[]` | +| `meta.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase Postgres Meta nodes | `""` | +| `meta.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase Postgres Meta nodes | `""` | +| `meta.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase Postgres Meta pod(s) | `[]` | +| `meta.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase Postgres Meta container(s) | `[]` | +| `meta.sidecars` | Add additional sidecar containers to the Supabase Postgres Meta pod(s) | `[]` | +| `meta.initContainers` | Add additional init containers to the Supabase Postgres Meta pod(s) | `[]` | ### Supabase Meta Traffic Exposure Parameters @@ -308,79 +312,79 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Realtime Parameters -| Name | Description | Value | -| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `realtime.enabled` | Enable Supabase realtime | `true` | -| `realtime.replicaCount` | Number of Supabase realtime replicas to deploy | `1` | -| `realtime.keyBase` | key base for Supabase realtime | `""` | -| `realtime.existingSecret` | Name of an existing secret containing the key base for Supabase realtime | `""` | -| `realtime.existingSecretKey` | Key in the existing secret containing the key base for Supabase realtime | `key-base` | -| `realtime.defaultConfig` | Default configuration for Supabase realtime | `""` | -| `realtime.extraConfig` | Extra configuration for Supabase realtime | `{}` | -| `realtime.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `realtime.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `realtime.image.registry` | Realtime image registry | `docker.io` | -| `realtime.image.repository` | Realtime image repository | `bitnami/supabase-realtime` | -| `realtime.image.tag` | Realtime image tag (immutable tags are recommended) | `2.24.2-debian-11-r0` | -| `realtime.image.digest` | Realtime image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `realtime.image.pullPolicy` | Realtime image pull policy | `IfNotPresent` | -| `realtime.image.pullSecrets` | Realtime image pull secrets | `[]` | -| `realtime.containerPorts.http` | Supabase realtime HTTP container port | `9999` | -| `realtime.livenessProbe.enabled` | Enable livenessProbe on Supabase realtime containers | `true` | -| `realtime.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `realtime.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `realtime.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `realtime.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `realtime.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `realtime.readinessProbe.enabled` | Enable readinessProbe on Supabase realtime containers | `true` | -| `realtime.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `realtime.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `realtime.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `realtime.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `realtime.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `realtime.startupProbe.enabled` | Enable startupProbe on Supabase realtime containers | `false` | -| `realtime.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `realtime.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `realtime.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `realtime.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `realtime.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `realtime.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `realtime.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `realtime.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `realtime.resources.limits` | The resources limits for the Supabase realtime containers | `{}` | -| `realtime.resources.requests` | The requested resources for the Supabase realtime containers | `{}` | -| `realtime.podSecurityContext.enabled` | Enabled Supabase realtime pods' Security Context | `true` | -| `realtime.podSecurityContext.fsGroup` | Set Supabase realtime pod's Security Context fsGroup | `1001` | -| `realtime.containerSecurityContext.enabled` | Enabled Supabase realtime containers' Security Context | `true` | -| `realtime.containerSecurityContext.runAsUser` | Set Supabase realtime containers' Security Context runAsUser | `1001` | -| `realtime.containerSecurityContext.runAsNonRoot` | Set Supabase realtime containers' Security Context runAsNonRoot | `true` | -| `realtime.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase realtime containers' Security Context runAsNonRoot | `false` | -| `realtime.command` | Override default container command (useful when using custom images) | `[]` | -| `realtime.args` | Override default container args (useful when using custom images) | `[]` | -| `realtime.hostAliases` | Supabase realtime pods host aliases | `[]` | -| `realtime.podLabels` | Extra labels for Supabase realtime pods | `{}` | -| `realtime.podAnnotations` | Annotations for Supabase realtime pods | `{}` | -| `realtime.podAffinityPreset` | Pod affinity preset. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `realtime.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `realtime.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `realtime.nodeAffinityPreset.key` | Node label key to match. Ignored if `realtime.affinity` is set | `""` | -| `realtime.nodeAffinityPreset.values` | Node label values to match. Ignored if `realtime.affinity` is set | `[]` | -| `realtime.affinity` | Affinity for Supabase realtime pods assignment | `{}` | -| `realtime.nodeSelector` | Node labels for Supabase realtime pods assignment | `{}` | -| `realtime.tolerations` | Tolerations for Supabase realtime pods assignment | `[]` | -| `realtime.updateStrategy.type` | Supabase realtime statefulset strategy type | `RollingUpdate` | -| `realtime.priorityClassName` | Supabase realtime pods' priorityClassName | `""` | -| `realtime.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `realtime.schedulerName` | Name of the k8s scheduler (other than default) for Supabase realtime pods | `""` | -| `realtime.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `realtime.lifecycleHooks` | for the Supabase realtime container(s) to automate configuration before or after startup | `{}` | -| `realtime.extraEnvVars` | Array with extra environment variables to add to Supabase realtime nodes | `[]` | -| `realtime.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase realtime nodes | `""` | -| `realtime.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase realtime nodes | `""` | -| `realtime.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase realtime pod(s) | `[]` | -| `realtime.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase realtime container(s) | `[]` | -| `realtime.sidecars` | Add additional sidecar containers to the Supabase realtime pod(s) | `[]` | -| `realtime.initContainers` | Add additional init containers to the Supabase realtime pod(s) | `[]` | +| Name | Description | Value | +| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `realtime.enabled` | Enable Supabase realtime | `true` | +| `realtime.replicaCount` | Number of Supabase realtime replicas to deploy | `1` | +| `realtime.keyBase` | key base for Supabase realtime | `""` | +| `realtime.existingSecret` | Name of an existing secret containing the key base for Supabase realtime | `""` | +| `realtime.existingSecretKey` | Key in the existing secret containing the key base for Supabase realtime | `key-base` | +| `realtime.defaultConfig` | Default configuration for Supabase realtime | `""` | +| `realtime.extraConfig` | Extra configuration for Supabase realtime | `{}` | +| `realtime.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `realtime.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `realtime.image.registry` | Realtime image registry | `REGISTRY_NAME` | +| `realtime.image.repository` | Realtime image repository | `REPOSITORY_NAME/supabase-realtime` | +| `realtime.image.tag` | Realtime image tag (immutable tags are recommended) | `2.24.2-debian-11-r0` | +| `realtime.image.digest` | Realtime image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `realtime.image.pullPolicy` | Realtime image pull policy | `IfNotPresent` | +| `realtime.image.pullSecrets` | Realtime image pull secrets | `[]` | +| `realtime.containerPorts.http` | Supabase realtime HTTP container port | `9999` | +| `realtime.livenessProbe.enabled` | Enable livenessProbe on Supabase realtime containers | `true` | +| `realtime.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `realtime.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `realtime.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `realtime.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `realtime.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `realtime.readinessProbe.enabled` | Enable readinessProbe on Supabase realtime containers | `true` | +| `realtime.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `realtime.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `realtime.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `realtime.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `realtime.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `realtime.startupProbe.enabled` | Enable startupProbe on Supabase realtime containers | `false` | +| `realtime.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `realtime.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `realtime.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `realtime.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `realtime.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `realtime.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `realtime.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `realtime.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `realtime.resources.limits` | The resources limits for the Supabase realtime containers | `{}` | +| `realtime.resources.requests` | The requested resources for the Supabase realtime containers | `{}` | +| `realtime.podSecurityContext.enabled` | Enabled Supabase realtime pods' Security Context | `true` | +| `realtime.podSecurityContext.fsGroup` | Set Supabase realtime pod's Security Context fsGroup | `1001` | +| `realtime.containerSecurityContext.enabled` | Enabled Supabase realtime containers' Security Context | `true` | +| `realtime.containerSecurityContext.runAsUser` | Set Supabase realtime containers' Security Context runAsUser | `1001` | +| `realtime.containerSecurityContext.runAsNonRoot` | Set Supabase realtime containers' Security Context runAsNonRoot | `true` | +| `realtime.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase realtime containers' Security Context runAsNonRoot | `false` | +| `realtime.command` | Override default container command (useful when using custom images) | `[]` | +| `realtime.args` | Override default container args (useful when using custom images) | `[]` | +| `realtime.hostAliases` | Supabase realtime pods host aliases | `[]` | +| `realtime.podLabels` | Extra labels for Supabase realtime pods | `{}` | +| `realtime.podAnnotations` | Annotations for Supabase realtime pods | `{}` | +| `realtime.podAffinityPreset` | Pod affinity preset. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `realtime.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `realtime.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `realtime.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `realtime.nodeAffinityPreset.key` | Node label key to match. Ignored if `realtime.affinity` is set | `""` | +| `realtime.nodeAffinityPreset.values` | Node label values to match. Ignored if `realtime.affinity` is set | `[]` | +| `realtime.affinity` | Affinity for Supabase realtime pods assignment | `{}` | +| `realtime.nodeSelector` | Node labels for Supabase realtime pods assignment | `{}` | +| `realtime.tolerations` | Tolerations for Supabase realtime pods assignment | `[]` | +| `realtime.updateStrategy.type` | Supabase realtime statefulset strategy type | `RollingUpdate` | +| `realtime.priorityClassName` | Supabase realtime pods' priorityClassName | `""` | +| `realtime.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `realtime.schedulerName` | Name of the k8s scheduler (other than default) for Supabase realtime pods | `""` | +| `realtime.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `realtime.lifecycleHooks` | for the Supabase realtime container(s) to automate configuration before or after startup | `{}` | +| `realtime.extraEnvVars` | Array with extra environment variables to add to Supabase realtime nodes | `[]` | +| `realtime.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase realtime nodes | `""` | +| `realtime.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase realtime nodes | `""` | +| `realtime.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase realtime pod(s) | `[]` | +| `realtime.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase realtime container(s) | `[]` | +| `realtime.sidecars` | Add additional sidecar containers to the Supabase realtime pod(s) | `[]` | +| `realtime.initContainers` | Add additional init containers to the Supabase realtime pod(s) | `[]` | ### Supabase Realtime Traffic Exposure Parameters @@ -400,76 +404,76 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Rest Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `rest.enabled` | Enable Supabase rest | `true` | -| `rest.replicaCount` | Number of Supabase rest replicas to deploy | `1` | -| `rest.defaultConfig` | Default configuration for the Supabase rest service | `""` | -| `rest.extraConfig` | Extra configuration for the Supabase rest service | `{}` | -| `rest.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `rest.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `rest.image.registry` | PostgREST image registry | `docker.io` | -| `rest.image.repository` | PostgREST image repository | `bitnami/postgrest` | -| `rest.image.tag` | PostgREST image tag (immutable tags are recommended) | `11.2.1-debian-11-r1` | -| `rest.image.digest` | PostgREST image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `rest.image.pullPolicy` | PostgREST image pull policy | `IfNotPresent` | -| `rest.image.pullSecrets` | PostgREST image pull secrets | `[]` | -| `rest.containerPorts.http` | Supabase rest HTTP container port | `3000` | -| `rest.livenessProbe.enabled` | Enable livenessProbe on Supabase rest containers | `true` | -| `rest.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `rest.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `rest.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `rest.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `rest.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `rest.readinessProbe.enabled` | Enable readinessProbe on Supabase rest containers | `true` | -| `rest.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `rest.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `rest.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `rest.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `rest.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `rest.startupProbe.enabled` | Enable startupProbe on Supabase rest containers | `false` | -| `rest.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `rest.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `rest.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `rest.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `rest.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `rest.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `rest.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `rest.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `rest.resources.limits` | The resources limits for the Supabase rest containers | `{}` | -| `rest.resources.requests` | The requested resources for the Supabase rest containers | `{}` | -| `rest.podSecurityContext.enabled` | Enabled Supabase rest pods' Security Context | `true` | -| `rest.podSecurityContext.fsGroup` | Set Supabase rest pod's Security Context fsGroup | `1001` | -| `rest.containerSecurityContext.enabled` | Enabled Supabase rest containers' Security Context | `true` | -| `rest.containerSecurityContext.runAsUser` | Set Supabase rest containers' Security Context runAsUser | `1001` | -| `rest.containerSecurityContext.runAsNonRoot` | Set Supabase rest containers' Security Context runAsNonRoot | `true` | -| `rest.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase rest containers' Security Context runAsNonRoot | `false` | -| `rest.command` | Override default container command (useful when using custom images) | `[]` | -| `rest.args` | Override default container args (useful when using custom images) | `[]` | -| `rest.hostAliases` | Supabase rest pods host aliases | `[]` | -| `rest.podLabels` | Extra labels for Supabase rest pods | `{}` | -| `rest.podAnnotations` | Annotations for Supabase rest pods | `{}` | -| `rest.podAffinityPreset` | Pod affinity preset. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `rest.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `rest.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `rest.nodeAffinityPreset.key` | Node label key to match. Ignored if `rest.affinity` is set | `""` | -| `rest.nodeAffinityPreset.values` | Node label values to match. Ignored if `rest.affinity` is set | `[]` | -| `rest.affinity` | Affinity for Supabase rest pods assignment | `{}` | -| `rest.nodeSelector` | Node labels for Supabase rest pods assignment | `{}` | -| `rest.tolerations` | Tolerations for Supabase rest pods assignment | `[]` | -| `rest.updateStrategy.type` | Supabase rest statefulset strategy type | `RollingUpdate` | -| `rest.priorityClassName` | Supabase rest pods' priorityClassName | `""` | -| `rest.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `rest.schedulerName` | Name of the k8s scheduler (other than default) for Supabase rest pods | `""` | -| `rest.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `rest.lifecycleHooks` | for the Supabase rest container(s) to automate configuration before or after startup | `{}` | -| `rest.extraEnvVars` | Array with extra environment variables to add to Supabase rest nodes | `[]` | -| `rest.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase rest nodes | `""` | -| `rest.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase rest nodes | `""` | -| `rest.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase rest pod(s) | `[]` | -| `rest.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase rest container(s) | `[]` | -| `rest.sidecars` | Add additional sidecar containers to the Supabase rest pod(s) | `[]` | -| `rest.initContainers` | Add additional init containers to the Supabase rest pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `rest.enabled` | Enable Supabase rest | `true` | +| `rest.replicaCount` | Number of Supabase rest replicas to deploy | `1` | +| `rest.defaultConfig` | Default configuration for the Supabase rest service | `""` | +| `rest.extraConfig` | Extra configuration for the Supabase rest service | `{}` | +| `rest.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `rest.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `rest.image.registry` | PostgREST image registry | `REGISTRY_NAME` | +| `rest.image.repository` | PostgREST image repository | `REPOSITORY_NAME/postgrest` | +| `rest.image.tag` | PostgREST image tag (immutable tags are recommended) | `11.2.1-debian-11-r1` | +| `rest.image.digest` | PostgREST image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `rest.image.pullPolicy` | PostgREST image pull policy | `IfNotPresent` | +| `rest.image.pullSecrets` | PostgREST image pull secrets | `[]` | +| `rest.containerPorts.http` | Supabase rest HTTP container port | `3000` | +| `rest.livenessProbe.enabled` | Enable livenessProbe on Supabase rest containers | `true` | +| `rest.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `rest.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `rest.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `rest.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `rest.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `rest.readinessProbe.enabled` | Enable readinessProbe on Supabase rest containers | `true` | +| `rest.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `rest.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `rest.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `rest.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `rest.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `rest.startupProbe.enabled` | Enable startupProbe on Supabase rest containers | `false` | +| `rest.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `rest.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `rest.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `rest.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `rest.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `rest.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `rest.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `rest.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `rest.resources.limits` | The resources limits for the Supabase rest containers | `{}` | +| `rest.resources.requests` | The requested resources for the Supabase rest containers | `{}` | +| `rest.podSecurityContext.enabled` | Enabled Supabase rest pods' Security Context | `true` | +| `rest.podSecurityContext.fsGroup` | Set Supabase rest pod's Security Context fsGroup | `1001` | +| `rest.containerSecurityContext.enabled` | Enabled Supabase rest containers' Security Context | `true` | +| `rest.containerSecurityContext.runAsUser` | Set Supabase rest containers' Security Context runAsUser | `1001` | +| `rest.containerSecurityContext.runAsNonRoot` | Set Supabase rest containers' Security Context runAsNonRoot | `true` | +| `rest.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase rest containers' Security Context runAsNonRoot | `false` | +| `rest.command` | Override default container command (useful when using custom images) | `[]` | +| `rest.args` | Override default container args (useful when using custom images) | `[]` | +| `rest.hostAliases` | Supabase rest pods host aliases | `[]` | +| `rest.podLabels` | Extra labels for Supabase rest pods | `{}` | +| `rest.podAnnotations` | Annotations for Supabase rest pods | `{}` | +| `rest.podAffinityPreset` | Pod affinity preset. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `rest.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `rest.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `rest.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `rest.nodeAffinityPreset.key` | Node label key to match. Ignored if `rest.affinity` is set | `""` | +| `rest.nodeAffinityPreset.values` | Node label values to match. Ignored if `rest.affinity` is set | `[]` | +| `rest.affinity` | Affinity for Supabase rest pods assignment | `{}` | +| `rest.nodeSelector` | Node labels for Supabase rest pods assignment | `{}` | +| `rest.tolerations` | Tolerations for Supabase rest pods assignment | `[]` | +| `rest.updateStrategy.type` | Supabase rest statefulset strategy type | `RollingUpdate` | +| `rest.priorityClassName` | Supabase rest pods' priorityClassName | `""` | +| `rest.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `rest.schedulerName` | Name of the k8s scheduler (other than default) for Supabase rest pods | `""` | +| `rest.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `rest.lifecycleHooks` | for the Supabase rest container(s) to automate configuration before or after startup | `{}` | +| `rest.extraEnvVars` | Array with extra environment variables to add to Supabase rest nodes | `[]` | +| `rest.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase rest nodes | `""` | +| `rest.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase rest nodes | `""` | +| `rest.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase rest pod(s) | `[]` | +| `rest.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase rest container(s) | `[]` | +| `rest.sidecars` | Add additional sidecar containers to the Supabase rest pod(s) | `[]` | +| `rest.initContainers` | Add additional init containers to the Supabase rest pod(s) | `[]` | ### Supabase Rest Traffic Exposure Parameters @@ -489,76 +493,76 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Storage Parameters -| Name | Description | Value | -| --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | -| `storage.enabled` | Enable Supabase storage | `true` | -| `storage.replicaCount` | Number of Supabase storage replicas to deploy | `1` | -| `storage.defaultConfig` | Default configuration for Supabase storage | `""` | -| `storage.extraConfig` | Extra configuration for Supabase storage | `{}` | -| `storage.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `storage.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `storage.image.registry` | Storage image registry | `docker.io` | -| `storage.image.repository` | Storage image repository | `bitnami/supabase-storage` | -| `storage.image.tag` | Storage image tag (immutable tags are recommended) | `0.43.3-debian-11-r0` | -| `storage.image.digest` | Storage image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `storage.image.pullPolicy` | Storage image pull policy | `IfNotPresent` | -| `storage.image.pullSecrets` | Storage image pull secrets | `[]` | -| `storage.containerPorts.http` | Supabase storage HTTP container port | `5000` | -| `storage.livenessProbe.enabled` | Enable livenessProbe on Supabase storage containers | `true` | -| `storage.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `storage.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `storage.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `storage.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `storage.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `storage.readinessProbe.enabled` | Enable readinessProbe on Supabase storage containers | `true` | -| `storage.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `storage.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `storage.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `storage.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `storage.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `storage.startupProbe.enabled` | Enable startupProbe on Supabase storage containers | `false` | -| `storage.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `storage.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `storage.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `storage.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `storage.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `storage.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `storage.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `storage.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `storage.resources.limits` | The resources limits for the Supabase storage containers | `{}` | -| `storage.resources.requests` | The requested resources for the Supabase storage containers | `{}` | -| `storage.podSecurityContext.enabled` | Enabled Supabase storage pods' Security Context | `true` | -| `storage.podSecurityContext.fsGroup` | Set Supabase storage pod's Security Context fsGroup | `1001` | -| `storage.containerSecurityContext.enabled` | Enabled Supabase storage containers' Security Context | `true` | -| `storage.containerSecurityContext.runAsUser` | Set Supabase storage containers' Security Context runAsUser | `1001` | -| `storage.containerSecurityContext.runAsNonRoot` | Set Supabase storage containers' Security Context runAsNonRoot | `true` | -| `storage.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase storage containers' Security Context runAsNonRoot | `false` | -| `storage.command` | Override default container command (useful when using custom images) | `[]` | -| `storage.args` | Override default container args (useful when using custom images) | `[]` | -| `storage.hostAliases` | Supabase storage pods host aliases | `[]` | -| `storage.podLabels` | Extra labels for Supabase storage pods | `{}` | -| `storage.podAnnotations` | Annotations for Supabase storage pods | `{}` | -| `storage.podAffinityPreset` | Pod affinity preset. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `storage.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `storage.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `storage.nodeAffinityPreset.key` | Node label key to match. Ignored if `storage.affinity` is set | `""` | -| `storage.nodeAffinityPreset.values` | Node label values to match. Ignored if `storage.affinity` is set | `[]` | -| `storage.affinity` | Affinity for Supabase storage pods assignment | `{}` | -| `storage.nodeSelector` | Node labels for Supabase storage pods assignment | `{}` | -| `storage.tolerations` | Tolerations for Supabase storage pods assignment | `[]` | -| `storage.updateStrategy.type` | Supabase storage statefulset strategy type | `RollingUpdate` | -| `storage.priorityClassName` | Supabase storage pods' priorityClassName | `""` | -| `storage.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `storage.schedulerName` | Name of the k8s scheduler (other than default) for Supabase storage pods | `""` | -| `storage.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `storage.lifecycleHooks` | for the Supabase storage container(s) to automate configuration before or after startup | `{}` | -| `storage.extraEnvVars` | Array with extra environment variables to add to Supabase storage nodes | `[]` | -| `storage.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase storage nodes | `""` | -| `storage.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase storage nodes | `""` | -| `storage.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase storage pod(s) | `[]` | -| `storage.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase storage container(s) | `[]` | -| `storage.sidecars` | Add additional sidecar containers to the Supabase storage pod(s) | `[]` | -| `storage.initContainers` | Add additional init containers to the Supabase storage pod(s) | `[]` | +| Name | Description | Value | +| --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `storage.enabled` | Enable Supabase storage | `true` | +| `storage.replicaCount` | Number of Supabase storage replicas to deploy | `1` | +| `storage.defaultConfig` | Default configuration for Supabase storage | `""` | +| `storage.extraConfig` | Extra configuration for Supabase storage | `{}` | +| `storage.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `storage.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `storage.image.registry` | Storage image registry | `REGISTRY_NAME` | +| `storage.image.repository` | Storage image repository | `REPOSITORY_NAME/supabase-storage` | +| `storage.image.tag` | Storage image tag (immutable tags are recommended) | `0.43.3-debian-11-r0` | +| `storage.image.digest` | Storage image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `storage.image.pullPolicy` | Storage image pull policy | `IfNotPresent` | +| `storage.image.pullSecrets` | Storage image pull secrets | `[]` | +| `storage.containerPorts.http` | Supabase storage HTTP container port | `5000` | +| `storage.livenessProbe.enabled` | Enable livenessProbe on Supabase storage containers | `true` | +| `storage.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `storage.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `storage.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `storage.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `storage.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `storage.readinessProbe.enabled` | Enable readinessProbe on Supabase storage containers | `true` | +| `storage.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `storage.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `storage.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `storage.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `storage.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `storage.startupProbe.enabled` | Enable startupProbe on Supabase storage containers | `false` | +| `storage.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `storage.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `storage.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `storage.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `storage.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `storage.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `storage.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `storage.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `storage.resources.limits` | The resources limits for the Supabase storage containers | `{}` | +| `storage.resources.requests` | The requested resources for the Supabase storage containers | `{}` | +| `storage.podSecurityContext.enabled` | Enabled Supabase storage pods' Security Context | `true` | +| `storage.podSecurityContext.fsGroup` | Set Supabase storage pod's Security Context fsGroup | `1001` | +| `storage.containerSecurityContext.enabled` | Enabled Supabase storage containers' Security Context | `true` | +| `storage.containerSecurityContext.runAsUser` | Set Supabase storage containers' Security Context runAsUser | `1001` | +| `storage.containerSecurityContext.runAsNonRoot` | Set Supabase storage containers' Security Context runAsNonRoot | `true` | +| `storage.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase storage containers' Security Context runAsNonRoot | `false` | +| `storage.command` | Override default container command (useful when using custom images) | `[]` | +| `storage.args` | Override default container args (useful when using custom images) | `[]` | +| `storage.hostAliases` | Supabase storage pods host aliases | `[]` | +| `storage.podLabels` | Extra labels for Supabase storage pods | `{}` | +| `storage.podAnnotations` | Annotations for Supabase storage pods | `{}` | +| `storage.podAffinityPreset` | Pod affinity preset. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `storage.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `storage.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `storage.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `storage.nodeAffinityPreset.key` | Node label key to match. Ignored if `storage.affinity` is set | `""` | +| `storage.nodeAffinityPreset.values` | Node label values to match. Ignored if `storage.affinity` is set | `[]` | +| `storage.affinity` | Affinity for Supabase storage pods assignment | `{}` | +| `storage.nodeSelector` | Node labels for Supabase storage pods assignment | `{}` | +| `storage.tolerations` | Tolerations for Supabase storage pods assignment | `[]` | +| `storage.updateStrategy.type` | Supabase storage statefulset strategy type | `RollingUpdate` | +| `storage.priorityClassName` | Supabase storage pods' priorityClassName | `""` | +| `storage.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `storage.schedulerName` | Name of the k8s scheduler (other than default) for Supabase storage pods | `""` | +| `storage.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `storage.lifecycleHooks` | for the Supabase storage container(s) to automate configuration before or after startup | `{}` | +| `storage.extraEnvVars` | Array with extra environment variables to add to Supabase storage nodes | `[]` | +| `storage.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase storage nodes | `""` | +| `storage.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase storage nodes | `""` | +| `storage.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase storage pod(s) | `[]` | +| `storage.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase storage container(s) | `[]` | +| `storage.sidecars` | Add additional sidecar containers to the Supabase storage pod(s) | `[]` | +| `storage.initContainers` | Add additional init containers to the Supabase storage pod(s) | `[]` | ### Supabase Storage Traffic Exposure Parameters @@ -593,77 +597,77 @@ The command removes all the Kubernetes components associated with the chart and ### Supabase Studio Parameters -| Name | Description | Value | -| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `studio.enabled` | Enable Supabase studio | `true` | -| `studio.publicURL` | Supabase studio public URL | `""` | -| `studio.replicaCount` | Number of Supabase studio replicas to deploy | `1` | -| `studio.defaultConfig` | Supabase studio default configuration | `""` | -| `studio.extraConfig` | Supabase studio extra configuration | `{}` | -| `studio.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | -| `studio.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | -| `studio.image.registry` | Studio image registry | `docker.io` | -| `studio.image.repository` | Studio image repository | `bitnami/supabase-studio` | -| `studio.image.tag` | Studio image tag (immutable tags are recommended) | `0.23.9-debian-11-r0` | -| `studio.image.digest` | Studio image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `studio.image.pullPolicy` | Studio image pull policy | `IfNotPresent` | -| `studio.image.pullSecrets` | Studio image pull secrets | `[]` | -| `studio.containerPorts.http` | Supabase studio HTTP container port | `3000` | -| `studio.livenessProbe.enabled` | Enable livenessProbe on Supabase studio containers | `true` | -| `studio.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `studio.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `studio.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `studio.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `studio.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `studio.readinessProbe.enabled` | Enable readinessProbe on Supabase studio containers | `true` | -| `studio.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `studio.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `studio.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `studio.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `studio.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `studio.startupProbe.enabled` | Enable startupProbe on Supabase studio containers | `false` | -| `studio.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `studio.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `studio.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `studio.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `studio.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `studio.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `studio.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `studio.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `studio.resources.limits` | The resources limits for the Supabase studio containers | `{}` | -| `studio.resources.requests` | The requested resources for the Supabase studio containers | `{}` | -| `studio.podSecurityContext.enabled` | Enabled Supabase studio pods' Security Context | `true` | -| `studio.podSecurityContext.fsGroup` | Set Supabase studio pod's Security Context fsGroup | `1001` | -| `studio.containerSecurityContext.enabled` | Enabled Supabase studio containers' Security Context | `true` | -| `studio.containerSecurityContext.runAsUser` | Set Supabase studio containers' Security Context runAsUser | `1001` | -| `studio.containerSecurityContext.runAsNonRoot` | Set Supabase studio containers' Security Context runAsNonRoot | `true` | -| `studio.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase studio containers' Security Context runAsNonRoot | `false` | -| `studio.command` | Override default container command (useful when using custom images) | `[]` | -| `studio.args` | Override default container args (useful when using custom images) | `[]` | -| `studio.hostAliases` | Supabase studio pods host aliases | `[]` | -| `studio.podLabels` | Extra labels for Supabase studio pods | `{}` | -| `studio.podAnnotations` | Annotations for Supabase studio pods | `{}` | -| `studio.podAffinityPreset` | Pod affinity preset. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `studio.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `studio.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `studio.nodeAffinityPreset.key` | Node label key to match. Ignored if `studio.affinity` is set | `""` | -| `studio.nodeAffinityPreset.values` | Node label values to match. Ignored if `studio.affinity` is set | `[]` | -| `studio.affinity` | Affinity for Supabase studio pods assignment | `{}` | -| `studio.nodeSelector` | Node labels for Supabase studio pods assignment | `{}` | -| `studio.tolerations` | Tolerations for Supabase studio pods assignment | `[]` | -| `studio.updateStrategy.type` | Supabase studio statefulset strategy type | `RollingUpdate` | -| `studio.priorityClassName` | Supabase studio pods' priorityClassName | `""` | -| `studio.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `studio.schedulerName` | Name of the k8s scheduler (other than default) for Supabase studio pods | `""` | -| `studio.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `studio.lifecycleHooks` | for the Supabase studio container(s) to automate configuration before or after startup | `{}` | -| `studio.extraEnvVars` | Array with extra environment variables to add to Supabase studio nodes | `[]` | -| `studio.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase studio nodes | `""` | -| `studio.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase studio nodes | `""` | -| `studio.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase studio pod(s) | `[]` | -| `studio.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase studio container(s) | `[]` | -| `studio.sidecars` | Add additional sidecar containers to the Supabase studio pod(s) | `[]` | -| `studio.initContainers` | Add additional init containers to the Supabase studio pod(s) | `[]` | +| Name | Description | Value | +| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `studio.enabled` | Enable Supabase studio | `true` | +| `studio.publicURL` | Supabase studio public URL | `""` | +| `studio.replicaCount` | Number of Supabase studio replicas to deploy | `1` | +| `studio.defaultConfig` | Supabase studio default configuration | `""` | +| `studio.extraConfig` | Supabase studio extra configuration | `{}` | +| `studio.existingConfigmap` | The name of an existing ConfigMap with the default configuration | `""` | +| `studio.extraConfigExistingConfigmap` | The name of an existing ConfigMap with extra configuration | `""` | +| `studio.image.registry` | Studio image registry | `REGISTRY_NAME` | +| `studio.image.repository` | Studio image repository | `REPOSITORY_NAME/supabase-studio` | +| `studio.image.tag` | Studio image tag (immutable tags are recommended) | `0.23.9-debian-11-r0` | +| `studio.image.digest` | Studio image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `studio.image.pullPolicy` | Studio image pull policy | `IfNotPresent` | +| `studio.image.pullSecrets` | Studio image pull secrets | `[]` | +| `studio.containerPorts.http` | Supabase studio HTTP container port | `3000` | +| `studio.livenessProbe.enabled` | Enable livenessProbe on Supabase studio containers | `true` | +| `studio.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `studio.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `studio.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `studio.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `studio.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `studio.readinessProbe.enabled` | Enable readinessProbe on Supabase studio containers | `true` | +| `studio.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `studio.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `studio.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `studio.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `studio.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `studio.startupProbe.enabled` | Enable startupProbe on Supabase studio containers | `false` | +| `studio.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `studio.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `studio.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `studio.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `studio.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `studio.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `studio.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `studio.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `studio.resources.limits` | The resources limits for the Supabase studio containers | `{}` | +| `studio.resources.requests` | The requested resources for the Supabase studio containers | `{}` | +| `studio.podSecurityContext.enabled` | Enabled Supabase studio pods' Security Context | `true` | +| `studio.podSecurityContext.fsGroup` | Set Supabase studio pod's Security Context fsGroup | `1001` | +| `studio.containerSecurityContext.enabled` | Enabled Supabase studio containers' Security Context | `true` | +| `studio.containerSecurityContext.runAsUser` | Set Supabase studio containers' Security Context runAsUser | `1001` | +| `studio.containerSecurityContext.runAsNonRoot` | Set Supabase studio containers' Security Context runAsNonRoot | `true` | +| `studio.containerSecurityContext.readOnlyRootFilesystem` | Set Supabase studio containers' Security Context runAsNonRoot | `false` | +| `studio.command` | Override default container command (useful when using custom images) | `[]` | +| `studio.args` | Override default container args (useful when using custom images) | `[]` | +| `studio.hostAliases` | Supabase studio pods host aliases | `[]` | +| `studio.podLabels` | Extra labels for Supabase studio pods | `{}` | +| `studio.podAnnotations` | Annotations for Supabase studio pods | `{}` | +| `studio.podAffinityPreset` | Pod affinity preset. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `studio.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `studio.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `studio.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `studio.nodeAffinityPreset.key` | Node label key to match. Ignored if `studio.affinity` is set | `""` | +| `studio.nodeAffinityPreset.values` | Node label values to match. Ignored if `studio.affinity` is set | `[]` | +| `studio.affinity` | Affinity for Supabase studio pods assignment | `{}` | +| `studio.nodeSelector` | Node labels for Supabase studio pods assignment | `{}` | +| `studio.tolerations` | Tolerations for Supabase studio pods assignment | `[]` | +| `studio.updateStrategy.type` | Supabase studio statefulset strategy type | `RollingUpdate` | +| `studio.priorityClassName` | Supabase studio pods' priorityClassName | `""` | +| `studio.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `studio.schedulerName` | Name of the k8s scheduler (other than default) for Supabase studio pods | `""` | +| `studio.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `studio.lifecycleHooks` | for the Supabase studio container(s) to automate configuration before or after startup | `{}` | +| `studio.extraEnvVars` | Array with extra environment variables to add to Supabase studio nodes | `[]` | +| `studio.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Supabase studio nodes | `""` | +| `studio.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Supabase studio nodes | `""` | +| `studio.extraVolumes` | Optionally specify extra list of additional volumes for the Supabase studio pod(s) | `[]` | +| `studio.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Supabase studio container(s) | `[]` | +| `studio.sidecars` | Add additional sidecar containers to the Supabase studio pod(s) | `[]` | +| `studio.initContainers` | Add additional init containers to the Supabase studio pod(s) | `[]` | ### Supabase Studio Traffic Exposure Parameters @@ -696,24 +700,24 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | --------------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `psqlImage.registry` | PostgreSQL client image registry | `docker.io` | -| `psqlImage.repository` | PostgreSQL client image repository | `bitnami/supabase-postgres` | -| `psqlImage.digest` | PostgreSQL client image digest (overrides image tag) | `""` | -| `psqlImage.tag` | PostgreSQL client image tag (immutable tags are recommended) | `15.1.0-debian-11-r175` | -| `psqlImage.pullPolicy` | PostgreSQL client image pull policy | `IfNotPresent` | -| `psqlImage.pullSecrets` | PostgreSQL client image pull secrets | `[]` | -| `psqlImage.debug` | Enable PostgreSQL client image debug mode | `false` | +| Name | Description | Value | +| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ----------------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| `psqlImage.registry` | PostgreSQL client image registry | `REGISTRY_NAME` | +| `psqlImage.repository` | PostgreSQL client image repository | `REPOSITORY_NAME/supabase-postgres` | +| `psqlImage.digest` | PostgreSQL client image digest (overrides image tag) | `""` | +| `psqlImage.tag` | PostgreSQL client image tag (immutable tags are recommended) | `15.1.0-debian-11-r175` | +| `psqlImage.pullPolicy` | PostgreSQL client image pull policy | `IfNotPresent` | +| `psqlImage.pullSecrets` | PostgreSQL client image pull secrets | `[]` | +| `psqlImage.debug` | Enable PostgreSQL client image debug mode | `false` | ### Other Parameters @@ -752,8 +756,8 @@ The command removes all the Kubernetes components associated with the chart and | `postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `""` | | `postgresql.architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` | | `postgresql.service.ports.postgresql` | PostgreSQL service port | `5432` | -| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | -| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/supabase-postgres` | +| `postgresql.image.registry` | PostgreSQL image registry | `REGISTRY_NAME` | +| `postgresql.image.repository` | PostgreSQL image repository | `REPOSITORY_NAME/supabase-postgres` | | `postgresql.image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r175` | | `postgresql.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `postgresql.image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | @@ -779,9 +783,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console $ helm install my-release \ --set postgresql.auth.postgresPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/supabase + oci://REGISTRY_NAME/REPOSITORY_NAME/supabase ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the PostgreSQL `postgres` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -789,9 +795,10 @@ The above command sets the PostgreSQL `postgres` user password to `secretpasswor Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/supabase +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/supabase ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/supabase/values.yaml b/bitnami/supabase/values.yaml index 6689964945a611..8a58141a904c31 100644 --- a/bitnami/supabase/values.yaml +++ b/bitnami/supabase/values.yaml @@ -97,8 +97,8 @@ jwt: forceRun: false ## Bitnami JWT CLI image ## ref: https://hub.docker.com/r/bitnami/jwt-cli/tags/ - ## @param jwt.autoGenerate.image.registry JWT CLI image registry - ## @param jwt.autoGenerate.image.repository JWT CLI image repository + ## @param jwt.autoGenerate.image.registry [default: REGISTRY_NAME] JWT CLI image registry + ## @param jwt.autoGenerate.image.repository [default: REPOSITORY_NAME/jwt-cli] JWT CLI image repository ## @param jwt.autoGenerate.image.tag JWT CLI image tag (immutable tags are recommended) ## @param jwt.autoGenerate.image.digest JWT CLI image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param jwt.autoGenerate.image.pullPolicy JWT CLI image pull policy @@ -125,8 +125,8 @@ jwt: kubectlImage: ## Bitnami Kubectl image ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ - ## @param jwt.autoGenerate.kubectlImage.registry Kubectl image registry - ## @param jwt.autoGenerate.kubectlImage.repository Kubectl image repository + ## @param jwt.autoGenerate.kubectlImage.registry [default: REGISTRY_NAME] Kubectl image registry + ## @param jwt.autoGenerate.kubectlImage.repository [default: REPOSITORY_NAME/kubectl] Kubectl image repository ## @param jwt.autoGenerate.kubectlImage.tag Kubectl image tag (immutable tags are recommended) ## @param jwt.autoGenerate.kubectlImage.digest Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param jwt.autoGenerate.kubectlImage.pullPolicy Kubectl image pull policy @@ -286,8 +286,8 @@ auth: ## Bitnami Gotrue image ## ref: https://hub.docker.com/r/bitnami/gotrue/tags/ - ## @param auth.image.registry Gotrue image registry - ## @param auth.image.repository Gotrue image repository + ## @param auth.image.registry [default: REGISTRY_NAME] Gotrue image registry + ## @param auth.image.repository [default: REPOSITORY_NAME/gotrue] Gotrue image repository ## @param auth.image.tag Gotrue image tag (immutable tags are recommended) ## @param auth.image.digest Gotrue image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param auth.image.pullPolicy Gotrue image pull policy @@ -610,8 +610,8 @@ meta: ## Bitnami Supabase Postgres Meta image ## ref: https://hub.docker.com/r/bitnami/supabase-postgres-meta/tags/ - ## @param meta.image.registry Supabase Postgres Meta image registry - ## @param meta.image.repository Supabase Postgres Meta image repository + ## @param meta.image.registry [default: REGISTRY_NAME] Supabase Postgres Meta image registry + ## @param meta.image.repository [default: REPOSITORY_NAME/supabase-postgres-meta] Supabase Postgres Meta image repository ## @param meta.image.tag Supabase Postgres Meta image tag (immutable tags are recommended) ## @param meta.image.digest Supabase Postgres Meta image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param meta.image.pullPolicy Supabase Postgres Meta image pull policy @@ -953,8 +953,8 @@ realtime: ## Bitnami Realtime image ## ref: https://hub.docker.com/r/bitnami/supabase-realtime/tags/ - ## @param realtime.image.registry Realtime image registry - ## @param realtime.image.repository Realtime image repository + ## @param realtime.image.registry [default: REGISTRY_NAME] Realtime image registry + ## @param realtime.image.repository [default: REPOSITORY_NAME/supabase-realtime] Realtime image repository ## @param realtime.image.tag Realtime image tag (immutable tags are recommended) ## @param realtime.image.digest Realtime image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param realtime.image.pullPolicy Realtime image pull policy @@ -1275,8 +1275,8 @@ rest: ## Bitnami PostgREST image ## ref: https://hub.docker.com/r/bitnami/postgrest/tags/ - ## @param rest.image.registry PostgREST image registry - ## @param rest.image.repository PostgREST image repository + ## @param rest.image.registry [default: REGISTRY_NAME] PostgREST image registry + ## @param rest.image.repository [default: REPOSITORY_NAME/postgrest] PostgREST image repository ## @param rest.image.tag PostgREST image tag (immutable tags are recommended) ## @param rest.image.digest PostgREST image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param rest.image.pullPolicy PostgREST image pull policy @@ -1602,8 +1602,8 @@ storage: ## Bitnami Storage image ## ref: https://hub.docker.com/r/bitnami/supabase-storage/tags/ - ## @param storage.image.registry Storage image registry - ## @param storage.image.repository Storage image repository + ## @param storage.image.registry [default: REGISTRY_NAME] Storage image registry + ## @param storage.image.repository [default: REPOSITORY_NAME/supabase-storage] Storage image repository ## @param storage.image.tag Storage image tag (immutable tags are recommended) ## @param storage.image.digest Storage image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param storage.image.pullPolicy Storage image pull policy @@ -1976,8 +1976,8 @@ studio: ## Bitnami Studio image ## ref: https://hub.docker.com/r/bitnami/supabase-studio/tags/ - ## @param studio.image.registry Studio image registry - ## @param studio.image.repository Studio image repository + ## @param studio.image.registry [default: REGISTRY_NAME] Studio image registry + ## @param studio.image.repository [default: REPOSITORY_NAME/supabase-studio] Studio image repository ## @param studio.image.tag Studio image tag (immutable tags are recommended) ## @param studio.image.digest Studio image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param studio.image.pullPolicy Studio image pull policy @@ -2380,8 +2380,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets @@ -2419,8 +2419,8 @@ volumePermissions: ## Bitnami PostgreSQL image ## ref: https://hub.docker.com/r/bitnami/supabase-postgres/tags/ -## @param psqlImage.registry PostgreSQL client image registry -## @param psqlImage.repository PostgreSQL client image repository +## @param psqlImage.registry [default: REGISTRY_NAME] PostgreSQL client image registry +## @param psqlImage.repository [default: REPOSITORY_NAME/supabase-postgres] PostgreSQL client image repository ## @param psqlImage.digest PostgreSQL client image digest (overrides image tag) ## @param psqlImage.tag PostgreSQL client image tag (immutable tags are recommended) ## @param psqlImage.pullPolicy PostgreSQL client image pull policy @@ -2583,8 +2583,8 @@ postgresql: enabled: true ## Bitnami PostgreSQL image version ## ref: https://hub.docker.com/r/bitnami/supabase-postgres/tags/ - ## @param postgresql.image.registry PostgreSQL image registry - ## @param postgresql.image.repository PostgreSQL image repository + ## @param postgresql.image.registry [default: REGISTRY_NAME] PostgreSQL image registry + ## @param postgresql.image.repository [default: REPOSITORY_NAME/supabase-postgres] PostgreSQL image repository ## @param postgresql.image.tag PostgreSQL image tag (immutable tags are recommended) ## @param postgresql.image.digest PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param postgresql.image.pullPolicy PostgreSQL image pull policy diff --git a/bitnami/tensorflow-resnet/README.md b/bitnami/tensorflow-resnet/README.md index 9428b7d9aa08d8..5a7e17ee80e80f 100755 --- a/bitnami/tensorflow-resnet/README.md +++ b/bitnami/tensorflow-resnet/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/tensorflow-resnet +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tensorflow-resnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a TensorFlow Serving ResNet deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -32,9 +34,11 @@ Looking to use TensorFlow ResNet in production? Try [VMware Application Catalog] To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/tensorflow-resnet +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tensorflow-resnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Tensorflow Serving ResNet model on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,104 +84,107 @@ The command removes all the Kubernetes components associated with the chart and ### TensorFlow parameters -| Name | Description | Value | -| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ---------------------------- | -| `server.image.registry` | TensorFlow Serving image registry | `docker.io` | -| `server.image.repository` | TensorFlow Serving image repository | `bitnami/tensorflow-serving` | -| `server.image.tag` | TensorFlow Serving Image tag (immutable tags are recommended) | `2.13.1-debian-11-r5` | -| `server.image.digest` | TensorFlow Serving image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `server.image.pullPolicy` | TensorFlow Serving image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `client.image.registry` | TensorFlow ResNet image registry | `docker.io` | -| `client.image.repository` | TensorFlow ResNet image repository | `bitnami/tensorflow-resnet` | -| `client.image.tag` | TensorFlow ResNet image tag (immutable tags are recommended) | `2.13.1-debian-11-r6` | -| `client.image.digest` | TensorFlow ResNet image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `client.image.pullPolicy` | TensorFlow ResNet image pull policy | `IfNotPresent` | -| `client.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `containerPorts.server` | Tensorflow server port | `8500` | -| `containerPorts.restApi` | TensorFlow Serving Rest API Port | `8501` | -| `replicaCount` | Number of replicas | `1` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Pod labels | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | -| `podSecurityContext.enabled` | Enabled pod Security Context | `true` | -| `podSecurityContext.fsGroup` | Set pod Security Context fsGroup | `1001` | -| `containerSecurityContext.enabled` | Enabled container Security Context | `true` | -| `containerSecurityContext.runAsUser` | Set container Security Context runAsUser | `1001` | -| `containerSecurityContext.runAsNonRoot` | Set container Security Context runAsNonRoot | `true` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `lifecycleHooks` | for the container to automate configuration before or after startup | `{}` | -| `extraEnvVars` | Array with extra environment variables for the Tensorflow Serving container(s) | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env variables for the Tensorflow Serving container(s) | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env variables for the Tensorflow Serving container(s) | `""` | -| `extraVolumes` | Optionally specify extra list of additional volumes | `[]` | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Tensorflow Serving container(s) | `[]` | -| `sidecars` | Add additional sidecar containers to the pod | `[]` | -| `initContainers` | Add additional init containers to the pod | `[]` | -| `updateStrategy.type` | Deployment strategy type. | `RollingUpdate` | -| `priorityClassName` | Pod's priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `true` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `15` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Custom liveness probe | `{}` | -| `customLivenessProbe` | Custom liveness probe | `{}` | -| `customReadinessProbe` | Custom readiness probe | `{}` | -| `service.type` | Kubernetes Service type | `LoadBalancer` | -| `service.ports.server` | TensorFlow Serving server port | `8500` | -| `service.ports.restApi` | TensorFlow Serving Rest API port | `8501` | -| `service.nodePorts.server` | Kubernetes server node port | `""` | -| `service.nodePorts.restApi` | Kubernetes Rest API node port | `""` | -| `service.clusterIP` | Service Cluster IP | `""` | -| `service.loadBalancerIP` | Service Load Balancer IP | `""` | -| `service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | -| `service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | -| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `service.annotations` | Additional custom annotations for Service | `{}` | -| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `metrics.enabled` | Enable Prometheus exporter to expose Tensorflow server metrics | `false` | -| `metrics.podAnnotations` | Prometheus exporter pod annotations | `{}` | +| Name | Description | Value | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------------------------ | +| `server.image.registry` | TensorFlow Serving image registry | `REGISTRY_NAME` | +| `server.image.repository` | TensorFlow Serving image repository | `REPOSITORY_NAME/tensorflow-serving` | +| `server.image.tag` | TensorFlow Serving Image tag (immutable tags are recommended) | `2.13.1-debian-11-r5` | +| `server.image.digest` | TensorFlow Serving image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `server.image.pullPolicy` | TensorFlow Serving image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `client.image.registry` | TensorFlow ResNet image registry | `REGISTRY_NAME` | +| `client.image.repository` | TensorFlow ResNet image repository | `REPOSITORY_NAME/tensorflow-resnet` | +| `client.image.tag` | TensorFlow ResNet image tag (immutable tags are recommended) | `2.13.1-debian-11-r6` | +| `client.image.digest` | TensorFlow ResNet image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `client.image.pullPolicy` | TensorFlow ResNet image pull policy | `IfNotPresent` | +| `client.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `containerPorts.server` | Tensorflow server port | `8500` | +| `containerPorts.restApi` | TensorFlow Serving Rest API Port | `8501` | +| `replicaCount` | Number of replicas | `1` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod labels | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `podSecurityContext.enabled` | Enabled pod Security Context | `true` | +| `podSecurityContext.fsGroup` | Set pod Security Context fsGroup | `1001` | +| `containerSecurityContext.enabled` | Enabled container Security Context | `true` | +| `containerSecurityContext.runAsUser` | Set container Security Context runAsUser | `1001` | +| `containerSecurityContext.runAsNonRoot` | Set container Security Context runAsNonRoot | `true` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `lifecycleHooks` | for the container to automate configuration before or after startup | `{}` | +| `extraEnvVars` | Array with extra environment variables for the Tensorflow Serving container(s) | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env variables for the Tensorflow Serving container(s) | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env variables for the Tensorflow Serving container(s) | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Tensorflow Serving container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the pod | `[]` | +| `initContainers` | Add additional init containers to the pod | `[]` | +| `updateStrategy.type` | Deployment strategy type. | `RollingUpdate` | +| `priorityClassName` | Pod's priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `15` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Custom liveness probe | `{}` | +| `customLivenessProbe` | Custom liveness probe | `{}` | +| `customReadinessProbe` | Custom readiness probe | `{}` | +| `service.type` | Kubernetes Service type | `LoadBalancer` | +| `service.ports.server` | TensorFlow Serving server port | `8500` | +| `service.ports.restApi` | TensorFlow Serving Rest API port | `8501` | +| `service.nodePorts.server` | Kubernetes server node port | `""` | +| `service.nodePorts.restApi` | Kubernetes Rest API node port | `""` | +| `service.clusterIP` | Service Cluster IP | `""` | +| `service.loadBalancerIP` | Service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | Service external traffic policy | `Cluster` | +| `service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `service.annotations` | Additional custom annotations for Service | `{}` | +| `service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `metrics.enabled` | Enable Prometheus exporter to expose Tensorflow server metrics | `false` | +| `metrics.podAnnotations` | Prometheus exporter pod annotations | `{}` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/tensorflow-resnet --set imagePullPolicy=Always +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tensorflow-resnet --set imagePullPolicy=Always ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/tensorflow-resnet +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/tensorflow-resnet ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -223,10 +230,12 @@ Use the workaround below to upgrade from versions previous to 2.0.0. The followi ```console kubectl delete deployment tensorflow-resnet --cascade=false -helm upgrade tensorflow-resnet oci://registry-1.docker.io/bitnamicharts/tensorflow-resnet +helm upgrade tensorflow-resnet oci://REGISTRY_NAME/REPOSITORY_NAME/tensorflow-resnet kubectl delete rs "$(kubectl get rs -l app=tensorflow-resnet -o jsonpath='{.items[0].metadata.name}')" ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## License Copyright © 2023 VMware, Inc. diff --git a/bitnami/tensorflow-resnet/values.yaml b/bitnami/tensorflow-resnet/values.yaml index 267bd32cf7e3db..981b5a193ba020 100644 --- a/bitnami/tensorflow-resnet/values.yaml +++ b/bitnami/tensorflow-resnet/values.yaml @@ -56,8 +56,8 @@ diagnosticMode: ## TensorFlow Serving server image version ## ref: https://hub.docker.com/r/bitnami/tensorflow-serving/tags/ -## @param server.image.registry TensorFlow Serving image registry -## @param server.image.repository TensorFlow Serving image repository +## @param server.image.registry [default: REGISTRY_NAME] TensorFlow Serving image registry +## @param server.image.repository [default: REPOSITORY_NAME/tensorflow-serving] TensorFlow Serving image repository ## @param server.image.tag TensorFlow Serving Image tag (immutable tags are recommended) ## @param server.image.digest TensorFlow Serving image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param server.image.pullPolicy TensorFlow Serving image pull policy @@ -84,8 +84,8 @@ server: pullSecrets: [] ## TensorFlow ResNet image version ## ref: https://hub.docker.com/r/bitnami/tensorflow-resnet/tags/ -## @param client.image.registry TensorFlow ResNet image registry -## @param client.image.repository TensorFlow ResNet image repository +## @param client.image.registry [default: REGISTRY_NAME] TensorFlow ResNet image registry +## @param client.image.repository [default: REPOSITORY_NAME/tensorflow-resnet] TensorFlow ResNet image repository ## @param client.image.tag TensorFlow ResNet image tag (immutable tags are recommended) ## @param client.image.digest TensorFlow ResNet image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param client.image.pullPolicy TensorFlow ResNet image pull policy diff --git a/bitnami/thanos/README.md b/bitnami/thanos/README.md index 047e4b0ce6364e..6c961a26ed52a3 100644 --- a/bitnami/thanos/README.md +++ b/bitnami/thanos/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/thanos +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Thanos](https://github.com/bitnami/containers/tree/main/bitnami/thanos) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Thanos in production? Try [VMware Application Catalog](https://bi To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/thanos +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Thanos on the Kubernetes cluster with the default configuration. The [configuration](#configuration-and-installation-details) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -105,36 +109,36 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate ### Thanos common parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Thanos image registry | `docker.io` | -| `image.repository` | Thanos image repository | `bitnami/thanos` | -| `image.tag` | Thanos image tag (immutable tags are recommended) | `0.32.5-debian-11-r0` | -| `image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `objstoreConfig` | The [objstore configuration](https://thanos.io/tip/thanos/storage.md/) | `""` | -| `indexCacheConfig` | The [index cache configuration](https://thanos.io/tip/components/store.md/) | `""` | -| `bucketCacheConfig` | The [bucket cache configuration](https://thanos.io/tip/components/store.md/) | `""` | -| `existingObjstoreSecret` | Secret with Objstore Configuration | `""` | -| `existingObjstoreSecretItems` | Optional item list for specifying a custom Secret key. If so, path should be objstore.yml | `[]` | -| `httpConfig` | The [https and basic auth configuration](https://thanos.io/tip/operating/https.md/) | `""` | -| `existingHttpConfigSecret` | Secret containing the HTTPS and Basic auth configuration | `""` | -| `https.enabled` | Set to true to enable HTTPS. Requires a secret containing the certificate and key. | `false` | -| `https.autoGenerated` | Create self-signed TLS certificates. | `false` | -| `https.existingSecret` | Existing secret containing your own server key and certificate | `""` | -| `https.certFilename` | | `tls.crt` | -| `https.keyFilename` | | `tls.key` | -| `https.caFilename` | | `ca.crt` | -| `https.key` | TLS Key for Thanos HTTPS - ignored if existingSecret is provided | `""` | -| `https.cert` | TLS Certificate for Thanos HTTPS - ignored if existingSecret is provided | `""` | -| `https.ca` | (Optional, used for client) CA Certificate for Thanos HTTPS - ignored if existingSecret is provided | `""` | -| `https.clientAuthType` | Server policy for client authentication using certificates. Maps to ClientAuth Policies. | `""` | -| `auth.basicAuthUsers` | Object containing : key-value pairs for each user that will have access via basic authentication | `{}` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | -| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | -| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `image.registry` | Thanos image registry | `REGISTRY_NAME` | +| `image.repository` | Thanos image repository | `REPOSITORY_NAME/thanos` | +| `image.tag` | Thanos image tag (immutable tags are recommended) | `0.32.5-debian-11-r0` | +| `image.digest` | Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Thanos image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `objstoreConfig` | The [objstore configuration](https://thanos.io/tip/thanos/storage.md/) | `""` | +| `indexCacheConfig` | The [index cache configuration](https://thanos.io/tip/components/store.md/) | `""` | +| `bucketCacheConfig` | The [bucket cache configuration](https://thanos.io/tip/components/store.md/) | `""` | +| `existingObjstoreSecret` | Secret with Objstore Configuration | `""` | +| `existingObjstoreSecretItems` | Optional item list for specifying a custom Secret key. If so, path should be objstore.yml | `[]` | +| `httpConfig` | The [https and basic auth configuration](https://thanos.io/tip/operating/https.md/) | `""` | +| `existingHttpConfigSecret` | Secret containing the HTTPS and Basic auth configuration | `""` | +| `https.enabled` | Set to true to enable HTTPS. Requires a secret containing the certificate and key. | `false` | +| `https.autoGenerated` | Create self-signed TLS certificates. | `false` | +| `https.existingSecret` | Existing secret containing your own server key and certificate | `""` | +| `https.certFilename` | | `tls.crt` | +| `https.keyFilename` | | `tls.key` | +| `https.caFilename` | | `ca.crt` | +| `https.key` | TLS Key for Thanos HTTPS - ignored if existingSecret is provided | `""` | +| `https.cert` | TLS Certificate for Thanos HTTPS - ignored if existingSecret is provided | `""` | +| `https.ca` | (Optional, used for client) CA Certificate for Thanos HTTPS - ignored if existingSecret is provided | `""` | +| `https.clientAuthType` | Server policy for client authentication using certificates. Maps to ClientAuth Policies. | `""` | +| `auth.basicAuthUsers` | Object containing : key-value pairs for each user that will have access via basic authentication | `{}` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | +| `serviceAccount.name` | Name of the service account to use. If not set and create is true, a name is generated using the fullname template. | `""` | +| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `serviceAccount.annotations` | Annotations for service account. Evaluated as a template. Only used if `create` is `true`. | `{}` | ### Thanos Query parameters @@ -1182,15 +1186,15 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| Name | Description | Value | +| ------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | ### MinIO® chart parameters @@ -1213,17 +1217,20 @@ Check the section [Integrate Thanos with Prometheus and Alertmanager](#integrate Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, ```console -helm install my-release --set query.replicaCount=2 oci://registry-1.docker.io/bitnamicharts/thanos +helm install my-release --set query.replicaCount=2 oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command install Thanos chart with 2 Thanos Query replicas. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/thanos +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -1420,9 +1427,11 @@ helm install kube-prometheus \ helm install thanos \ --values values.yaml \ --namespace monitoring \ - oci://registry-1.docker.io/bitnamicharts/thanos + oci://REGISTRY_NAME/REPOSITORY_NAME/thanos ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + That's all! Now you have Thanos fully integrated with Prometheus and Alertmanager. ## Persistence diff --git a/bitnami/thanos/values.yaml b/bitnami/thanos/values.yaml index f7eb815f7962c4..b379183d3ad208 100644 --- a/bitnami/thanos/values.yaml +++ b/bitnami/thanos/values.yaml @@ -47,8 +47,8 @@ extraDeploy: [] ## Bitnami Thanos image ## ref: https://hub.docker.com/r/bitnami/thanos/tags/ -## @param image.registry Thanos image registry -## @param image.repository Thanos image repository +## @param image.registry [default: REGISTRY_NAME] Thanos image registry +## @param image.repository [default: REPOSITORY_NAME/thanos] Thanos image repository ## @param image.tag Thanos image tag (immutable tags are recommended) ## @param image.digest Thanos image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Thanos image pull policy @@ -4249,8 +4249,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy diff --git a/bitnami/tomcat/README.md b/bitnami/tomcat/README.md index b4fc3db0ec4cb6..c03ca452f32e05 100644 --- a/bitnami/tomcat/README.md +++ b/bitnami/tomcat/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/tomcat +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Tomcat](https://github.com/bitnami/containers/tree/main/bitnami/tomcat) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use Apache Tomcat in production? Try [VMware Application Catalog](htt To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/tomcat +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy Tomcat on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -77,25 +81,25 @@ The command removes all the Kubernetes components associated with the chart and ### Tomcat parameters -| Name | Description | Value | -| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ---------------------- | -| `image.registry` | Tomcat image registry | `docker.io` | -| `image.repository` | Tomcat image repository | `bitnami/tomcat` | -| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.15-debian-11-r0` | -| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostAliases` | Deployment pod host aliases | `[]` | -| `tomcatUsername` | Tomcat admin user | `user` | -| `tomcatPassword` | Tomcat admin password | `""` | -| `tomcatAllowRemoteManagement` | Enable remote access to management interface | `0` | -| `catalinaOpts` | Java runtime option used by tomcat JVM | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Extra environment variables to be set on Tomcat container | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` | +| Name | Description | Value | +| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ------------------------ | +| `image.registry` | Tomcat image registry | `REGISTRY_NAME` | +| `image.repository` | Tomcat image repository | `REPOSITORY_NAME/tomcat` | +| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.15-debian-11-r0` | +| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `tomcatUsername` | Tomcat admin user | `user` | +| `tomcatPassword` | Tomcat admin password | `""` | +| `tomcatAllowRemoteManagement` | Enable remote access to management interface | `0` | +| `catalinaOpts` | Java runtime option used by tomcat JVM | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Extra environment variables to be set on Tomcat container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra environment variables | `""` | ### Tomcat deployment parameters @@ -198,17 +202,17 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| Name | Description | Value | +| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | ### Metrics parameters @@ -216,8 +220,8 @@ The command removes all the Kubernetes components associated with the chart and | --------------------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | | `metrics.jmx.catalinaOpts` | custom option used to enabled JMX on tomcat jvm evaluated as template | `-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=5555 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.local.only=true` | -| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` | -| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` | +| `metrics.jmx.image.registry` | JMX exporter image registry | `REGISTRY_NAME` | +| `metrics.jmx.image.repository` | JMX exporter image repository | `REPOSITORY_NAME/jmx-exporter` | | `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r95` | | `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | @@ -250,9 +254,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set tomcatUsername=manager,tomcatPassword=password oci://registry-1.docker.io/bitnamicharts/tomcat + --set tomcatUsername=manager,tomcatPassword=password oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Tomcat management username and password to `manager` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -260,9 +266,10 @@ The above command sets the Tomcat management username and password to `manager` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/tomcat +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -346,9 +353,11 @@ Consequences: ```console export TOMCAT_PASSWORD=$(kubectl get secret --namespace default tomcat -o jsonpath="{.data.tomcat-password}" | base64 -d) kubectl delete deployments.apps tomcat -helm upgrade tomcat oci://registry-1.docker.io/bitnamicharts/tomcat --set tomcatPassword=$TOMCAT_PASSWORD +helm upgrade tomcat oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat --set tomcatPassword=$TOMCAT_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 7.0.0 [On November 13, 2020, Helm v2 support formally ended](https://github.com/helm/charts#status-of-the-project). This major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. @@ -364,15 +373,19 @@ This release updates the Bitnami Tomcat container to `9.0.26-debian-9-r0`, which Tomcat container was moved to a non-root approach. There shouldn't be any issue when upgrading since the corresponding `securityContext` is enabled by default. Both the container image and the chart can be upgraded by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/tomcat +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you use a previous container image (previous to **8.5.35-r26**) disable the `securityContext` by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/tomcat --set securityContext.enabled=false,image.tag=XXX +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/tomcat --set securityContext.enabled=false,image.tag=XXX ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/tomcat/values.yaml b/bitnami/tomcat/values.yaml index 729c54fae5a072..7e53d5316d4175 100644 --- a/bitnami/tomcat/values.yaml +++ b/bitnami/tomcat/values.yaml @@ -50,8 +50,8 @@ extraDeploy: [] ## Bitnami Tomcat image version ## ref: https://hub.docker.com/r/bitnami/tomcat/tags/ -## @param image.registry Tomcat image registry -## @param image.repository Tomcat image repository +## @param image.registry [default: REGISTRY_NAME] Tomcat image registry +## @param image.repository [default: REPOSITORY_NAME/tomcat] Tomcat image repository ## @param image.tag Tomcat image tag (immutable tags are recommended) ## @param image.digest Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Tomcat image pull policy @@ -575,8 +575,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes volume permissions in the data directory ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy @@ -635,8 +635,8 @@ metrics: catalinaOpts: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=5555 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.local.only=true ## Bitnami JMX exporter image ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/ - ## @param metrics.jmx.image.registry JMX exporter image registry - ## @param metrics.jmx.image.repository JMX exporter image repository + ## @param metrics.jmx.image.registry [default: REGISTRY_NAME] JMX exporter image registry + ## @param metrics.jmx.image.repository [default: REPOSITORY_NAME/jmx-exporter] JMX exporter image repository ## @param metrics.jmx.image.tag JMX exporter image tag (immutable tags are recommended) ## @param metrics.jmx.image.digest JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.jmx.image.pullPolicy JMX exporter image pull policy diff --git a/bitnami/vault/README.md b/bitnami/vault/README.md index ae7f0eb48c0eef..a117173f64c17d 100644 --- a/bitnami/vault/README.md +++ b/bitnami/vault/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/vault +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/vault ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [HashiCorp Vault](https://github.com/bitnami/containers/tree/main/bitnami/vault) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -77,83 +79,83 @@ The command removes all the Kubernetes components associated with the chart and ### Vault Server Parameters -| Name | Description | Value | -| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `server.enabled` | Enable Vault Server | `true` | -| `server.image.registry` | Vault Server image registry | `docker.io` | -| `server.image.repository` | Vault Server image repository | `bitnami/vault` | -| `server.image.tag` | Vault Server image tag (immutable tags are recommended) | `1.15.0-debian-11-r8` | -| `server.image.digest` | Vault Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `server.image.pullPolicy` | Vault Server image pull policy | `IfNotPresent` | -| `server.image.pullSecrets` | Vault Server image pull secrets | `[]` | -| `server.image.debug` | Enable Vault Server image debug mode | `false` | -| `server.replicaCount` | Number of Vault Server replicas to deploy | `1` | -| `server.podManagementPolicy` | Pod management policy | `Parallel` | -| `server.containerPorts.http` | Vault Server http container port | `8200` | -| `server.containerPorts.internal` | Vault Server internal (HTTPS) container port | `8201` | -| `server.livenessProbe.enabled` | Enable livenessProbe on Vault Server containers | `false` | -| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `server.readinessProbe.enabled` | Enable readinessProbe on Vault Server containers | `true` | -| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `server.startupProbe.enabled` | Enable startupProbe on Vault Server containers | `false` | -| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `server.resources.limits` | The resources limits for the Vault Server containers | `{}` | -| `server.resources.requests` | The requested resources for the Vault Server containers | `{}` | -| `server.podSecurityContext.enabled` | Enabled Vault Server pods' Security Context | `true` | -| `server.podSecurityContext.fsGroup` | Set Vault Server pod's Security Context fsGroup | `1001` | -| `server.podSecurityContext.seccompProfile.type` | Set Vault Server container's Security Context seccomp profile | `RuntimeDefault` | -| `server.containerSecurityContext.enabled` | Enabled Vault Server containers' Security Context | `true` | -| `server.containerSecurityContext.runAsUser` | Set Vault Server containers' Security Context runAsUser | `1001` | -| `server.containerSecurityContext.runAsNonRoot` | Set Vault Server containers' Security Context runAsNonRoot | `true` | -| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Vault Server containers' Security Context runAsNonRoot | `true` | -| `server.containerSecurityContext.allowPrivilegeEscalation` | Set Vault Server container's privilege escalation | `false` | -| `server.containerSecurityContext.capabilities.drop` | Set Vault Server container's Security Context runAsNonRoot | `["ALL"]` | -| `server.command` | Override default container command (useful when using custom images) | `[]` | -| `server.args` | Override default container args (useful when using custom images) | `[]` | -| `server.hostAliases` | Vault Server pods host aliases | `[]` | -| `server.config` | Vault server configuration (evaluated as a template) | `""` | -| `server.existingConfigMap` | name of a ConfigMap with existing configuration for the server | `""` | -| `server.podLabels` | Extra labels for Vault Server pods | `{}` | -| `server.podAnnotations` | Annotations for Vault Server pods | `{}` | -| `server.podAffinityPreset` | Pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `server.affinity` is set | `""` | -| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `server.affinity` is set | `[]` | -| `server.affinity` | Affinity for Vault Server pods assignment | `{}` | -| `server.nodeSelector` | Node labels for Vault Server pods assignment | `{}` | -| `server.tolerations` | Tolerations for Vault Server pods assignment | `[]` | -| `server.updateStrategy.type` | Vault Server statefulset strategy type | `RollingUpdate` | -| `server.priorityClassName` | Vault Server pods' priorityClassName | `""` | -| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `server.schedulerName` | Name of the k8s scheduler (other than default) for Vault Server pods | `""` | -| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `server.lifecycleHooks` | for the Vault Server container(s) to automate configuration before or after startup | `{}` | -| `server.extraEnvVars` | Array with extra environment variables to add to Vault Server nodes | `[]` | -| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Vault Server nodes | `""` | -| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Vault Server nodes | `""` | -| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Vault Server pod(s) | `[]` | -| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vault Server container(s) | `[]` | -| `server.sidecars` | Add additional sidecar containers to the Vault Server pod(s) | `[]` | -| `server.initContainers` | Add additional init containers to the Vault Server pod(s) | `[]` | +| Name | Description | Value | +| ---------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `server.enabled` | Enable Vault Server | `true` | +| `server.image.registry` | Vault Server image registry | `REGISTRY_NAME` | +| `server.image.repository` | Vault Server image repository | `REPOSITORY_NAME/vault` | +| `server.image.tag` | Vault Server image tag (immutable tags are recommended) | `1.15.0-debian-11-r8` | +| `server.image.digest` | Vault Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `server.image.pullPolicy` | Vault Server image pull policy | `IfNotPresent` | +| `server.image.pullSecrets` | Vault Server image pull secrets | `[]` | +| `server.image.debug` | Enable Vault Server image debug mode | `false` | +| `server.replicaCount` | Number of Vault Server replicas to deploy | `1` | +| `server.podManagementPolicy` | Pod management policy | `Parallel` | +| `server.containerPorts.http` | Vault Server http container port | `8200` | +| `server.containerPorts.internal` | Vault Server internal (HTTPS) container port | `8201` | +| `server.livenessProbe.enabled` | Enable livenessProbe on Vault Server containers | `false` | +| `server.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `server.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `server.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `server.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `server.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `server.readinessProbe.enabled` | Enable readinessProbe on Vault Server containers | `true` | +| `server.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `server.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `server.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `server.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `server.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `server.startupProbe.enabled` | Enable startupProbe on Vault Server containers | `false` | +| `server.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `server.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `server.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `server.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `server.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `server.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `server.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `server.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `server.resources.limits` | The resources limits for the Vault Server containers | `{}` | +| `server.resources.requests` | The requested resources for the Vault Server containers | `{}` | +| `server.podSecurityContext.enabled` | Enabled Vault Server pods' Security Context | `true` | +| `server.podSecurityContext.fsGroup` | Set Vault Server pod's Security Context fsGroup | `1001` | +| `server.podSecurityContext.seccompProfile.type` | Set Vault Server container's Security Context seccomp profile | `RuntimeDefault` | +| `server.containerSecurityContext.enabled` | Enabled Vault Server containers' Security Context | `true` | +| `server.containerSecurityContext.runAsUser` | Set Vault Server containers' Security Context runAsUser | `1001` | +| `server.containerSecurityContext.runAsNonRoot` | Set Vault Server containers' Security Context runAsNonRoot | `true` | +| `server.containerSecurityContext.readOnlyRootFilesystem` | Set Vault Server containers' Security Context runAsNonRoot | `true` | +| `server.containerSecurityContext.allowPrivilegeEscalation` | Set Vault Server container's privilege escalation | `false` | +| `server.containerSecurityContext.capabilities.drop` | Set Vault Server container's Security Context runAsNonRoot | `["ALL"]` | +| `server.command` | Override default container command (useful when using custom images) | `[]` | +| `server.args` | Override default container args (useful when using custom images) | `[]` | +| `server.hostAliases` | Vault Server pods host aliases | `[]` | +| `server.config` | Vault server configuration (evaluated as a template) | `""` | +| `server.existingConfigMap` | name of a ConfigMap with existing configuration for the server | `""` | +| `server.podLabels` | Extra labels for Vault Server pods | `{}` | +| `server.podAnnotations` | Annotations for Vault Server pods | `{}` | +| `server.podAffinityPreset` | Pod affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `server.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `server.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `server.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `server.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `server.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `server.nodeAffinityPreset.key` | Node label key to match. Ignored if `server.affinity` is set | `""` | +| `server.nodeAffinityPreset.values` | Node label values to match. Ignored if `server.affinity` is set | `[]` | +| `server.affinity` | Affinity for Vault Server pods assignment | `{}` | +| `server.nodeSelector` | Node labels for Vault Server pods assignment | `{}` | +| `server.tolerations` | Tolerations for Vault Server pods assignment | `[]` | +| `server.updateStrategy.type` | Vault Server statefulset strategy type | `RollingUpdate` | +| `server.priorityClassName` | Vault Server pods' priorityClassName | `""` | +| `server.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `server.schedulerName` | Name of the k8s scheduler (other than default) for Vault Server pods | `""` | +| `server.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `server.lifecycleHooks` | for the Vault Server container(s) to automate configuration before or after startup | `{}` | +| `server.extraEnvVars` | Array with extra environment variables to add to Vault Server nodes | `[]` | +| `server.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Vault Server nodes | `""` | +| `server.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Vault Server nodes | `""` | +| `server.extraVolumes` | Optionally specify extra list of additional volumes for the Vault Server pod(s) | `[]` | +| `server.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vault Server container(s) | `[]` | +| `server.sidecars` | Add additional sidecar containers to the Vault Server pod(s) | `[]` | +| `server.initContainers` | Add additional init containers to the Vault Server pod(s) | `[]` | ### Vault Server Traffic Exposure Parameters @@ -247,8 +249,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------- | | `csiProvider.enabled` | Enable Vault CSI Provider | `false` | -| `csiProvider.image.registry` | Vault CSI Provider image registry | `docker.io` | -| `csiProvider.image.repository` | Vault CSI Provider image repository | `bitnami/vault-csi-provider` | +| `csiProvider.image.registry` | Vault CSI Provider image registry | `REGISTRY_NAME` | +| `csiProvider.image.repository` | Vault CSI Provider image repository | `REPOSITORY_NAME/vault-csi-provider` | | `csiProvider.image.tag` | Vault CSI Provider image tag (immutable tags are recommended) | `1.4.0-debian-11-r139` | | `csiProvider.image.digest` | Vault CSI Provider image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | | `csiProvider.image.pullPolicy` | Vault CSI Provider image pull policy | `IfNotPresent` | @@ -367,84 +369,84 @@ The command removes all the Kubernetes components associated with the chart and ### Vault Kubernetes Injector Parameters -| Name | Description | Value | -| ------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `injector.enabled` | Enable Vault Kubernetes Injector | `true` | -| `injector.image.registry` | Vault Kubernetes Injector image registry | `docker.io` | -| `injector.image.repository` | Vault Kubernetes Injector image repository | `bitnami/vault-k8s` | -| `injector.image.tag` | Vault Kubernetes Injector image tag (immutable tags are recommended) | `1.3.0-debian-11-r22` | -| `injector.image.digest` | Vault Kubernetes Injector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | -| `injector.image.pullPolicy` | Vault Kubernetes Injector image pull policy | `IfNotPresent` | -| `injector.image.pullSecrets` | Vault Kubernetes Injector image pull secrets | `[]` | -| `injector.image.debug` | Enable Vault Kubernetes Injector image debug mode | `false` | -| `injector.replicaCount` | Number of Vault Kubernetes Injector replicas to deploy | `1` | -| `injector.containerPorts.https` | Vault Kubernetes Injector metrics container port | `8080` | -| `injector.livenessProbe.enabled` | Enable livenessProbe on Vault Kubernetes Injector containers | `true` | -| `injector.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `injector.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `injector.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `injector.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `injector.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `injector.readinessProbe.enabled` | Enable readinessProbe on Vault Kubernetes Injector containers | `true` | -| `injector.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `injector.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `injector.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `injector.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `injector.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `injector.startupProbe.enabled` | Enable startupProbe on Vault Kubernetes Injector containers | `false` | -| `injector.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `injector.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `injector.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `injector.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `injector.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `injector.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `injector.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `injector.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `injector.resources.limits` | The resources limits for the Vault Kubernetes Injector containers | `{}` | -| `injector.resources.requests` | The requested resources for the Vault Kubernetes Injector containers | `{}` | -| `injector.podSecurityContext.enabled` | Enabled Vault Kubernetes Injector pods' Security Context | `true` | -| `injector.podSecurityContext.fsGroup` | Set Vault Kubernetes Injector pod's Security Context fsGroup | `1001` | -| `injector.podSecurityContext.seccompProfile.type` | Set Vault Kubernetes Injector container's Security Context seccomp profile | `RuntimeDefault` | -| `injector.containerSecurityContext.enabled` | Enabled Vault Kubernetes Injector containers' Security Context | `true` | -| `injector.containerSecurityContext.runAsUser` | Set Vault Kubernetes Injector containers' Security Context runAsUser | `1001` | -| `injector.containerSecurityContext.runAsNonRoot` | Set Vault Kubernetes Injector containers' Security Context runAsNonRoot | `true` | -| `injector.containerSecurityContext.readOnlyRootFilesystem` | Set Vault Kubernetes Injector containers' Security Context runAsNonRoot | `true` | -| `injector.containerSecurityContext.allowPrivilegeEscalation` | Set Vault Kubernetes Injector container's privilege escalation | `false` | -| `injector.containerSecurityContext.capabilities.drop` | Set Vault Kubernetes Injector container's Security Context runAsNonRoot | `["ALL"]` | -| `injector.command` | Override default container command (useful when using custom images) | `[]` | -| `injector.args` | Override default container args (useful when using custom images) | `[]` | -| `injector.hostAliases` | Vault Kubernetes Injector pods host aliases | `[]` | -| `injector.podLabels` | Extra labels for Vault Kubernetes Injector pods | `{}` | -| `injector.podAnnotations` | Annotations for Vault Kubernetes Injector pods | `{}` | -| `injector.podAffinityPreset` | Pod affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `injector.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `injector.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | -| `injector.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | -| `injector.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | -| `injector.autoscaling.enabled` | Enable autoscaling for injector | `false` | -| `injector.autoscaling.minReplicas` | Minimum number of injector replicas | `""` | -| `injector.autoscaling.maxReplicas` | Maximum number of injector replicas | `""` | -| `injector.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | -| `injector.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | -| `injector.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `injector.nodeAffinityPreset.key` | Node label key to match. Ignored if `injector.affinity` is set | `""` | -| `injector.nodeAffinityPreset.values` | Node label values to match. Ignored if `injector.affinity` is set | `[]` | -| `injector.affinity` | Affinity for Vault Kubernetes Injector pods assignment | `{}` | -| `injector.nodeSelector` | Node labels for Vault Kubernetes Injector pods assignment | `{}` | -| `injector.tolerations` | Tolerations for Vault Kubernetes Injector pods assignment | `[]` | -| `injector.updateStrategy.type` | Vault Kubernetes Injector statefulset strategy type | `RollingUpdate` | -| `injector.priorityClassName` | Vault Kubernetes Injector pods' priorityClassName | `""` | -| `injector.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `injector.schedulerName` | Name of the k8s scheduler (other than default) for Vault Kubernetes Injector pods | `""` | -| `injector.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | -| `injector.lifecycleHooks` | for the Vault Kubernetes Injector container(s) to automate configuration before or after startup | `{}` | -| `injector.extraEnvVars` | Array with extra environment variables to add to Vault Kubernetes Injector nodes | `[]` | -| `injector.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Vault Kubernetes Injector nodes | `""` | -| `injector.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Vault Kubernetes Injector nodes | `""` | -| `injector.extraVolumes` | Optionally specify extra list of additional volumes for the Vault Kubernetes Injector pod(s) | `[]` | -| `injector.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vault Kubernetes Injector container(s) | `[]` | -| `injector.sidecars` | Add additional sidecar containers to the Vault Kubernetes Injector pod(s) | `[]` | -| `injector.initContainers` | Add additional init containers to the Vault Kubernetes Injector pod(s) | `[]` | +| Name | Description | Value | +| ------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `injector.enabled` | Enable Vault Kubernetes Injector | `true` | +| `injector.image.registry` | Vault Kubernetes Injector image registry | `REGISTRY_NAME` | +| `injector.image.repository` | Vault Kubernetes Injector image repository | `REPOSITORY_NAME/vault-k8s` | +| `injector.image.tag` | Vault Kubernetes Injector image tag (immutable tags are recommended) | `1.3.0-debian-11-r22` | +| `injector.image.digest` | Vault Kubernetes Injector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` | +| `injector.image.pullPolicy` | Vault Kubernetes Injector image pull policy | `IfNotPresent` | +| `injector.image.pullSecrets` | Vault Kubernetes Injector image pull secrets | `[]` | +| `injector.image.debug` | Enable Vault Kubernetes Injector image debug mode | `false` | +| `injector.replicaCount` | Number of Vault Kubernetes Injector replicas to deploy | `1` | +| `injector.containerPorts.https` | Vault Kubernetes Injector metrics container port | `8080` | +| `injector.livenessProbe.enabled` | Enable livenessProbe on Vault Kubernetes Injector containers | `true` | +| `injector.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `injector.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `injector.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `injector.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `injector.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `injector.readinessProbe.enabled` | Enable readinessProbe on Vault Kubernetes Injector containers | `true` | +| `injector.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `injector.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `injector.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `injector.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `injector.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `injector.startupProbe.enabled` | Enable startupProbe on Vault Kubernetes Injector containers | `false` | +| `injector.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `injector.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `injector.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `injector.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `injector.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `injector.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `injector.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `injector.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `injector.resources.limits` | The resources limits for the Vault Kubernetes Injector containers | `{}` | +| `injector.resources.requests` | The requested resources for the Vault Kubernetes Injector containers | `{}` | +| `injector.podSecurityContext.enabled` | Enabled Vault Kubernetes Injector pods' Security Context | `true` | +| `injector.podSecurityContext.fsGroup` | Set Vault Kubernetes Injector pod's Security Context fsGroup | `1001` | +| `injector.podSecurityContext.seccompProfile.type` | Set Vault Kubernetes Injector container's Security Context seccomp profile | `RuntimeDefault` | +| `injector.containerSecurityContext.enabled` | Enabled Vault Kubernetes Injector containers' Security Context | `true` | +| `injector.containerSecurityContext.runAsUser` | Set Vault Kubernetes Injector containers' Security Context runAsUser | `1001` | +| `injector.containerSecurityContext.runAsNonRoot` | Set Vault Kubernetes Injector containers' Security Context runAsNonRoot | `true` | +| `injector.containerSecurityContext.readOnlyRootFilesystem` | Set Vault Kubernetes Injector containers' Security Context runAsNonRoot | `true` | +| `injector.containerSecurityContext.allowPrivilegeEscalation` | Set Vault Kubernetes Injector container's privilege escalation | `false` | +| `injector.containerSecurityContext.capabilities.drop` | Set Vault Kubernetes Injector container's Security Context runAsNonRoot | `["ALL"]` | +| `injector.command` | Override default container command (useful when using custom images) | `[]` | +| `injector.args` | Override default container args (useful when using custom images) | `[]` | +| `injector.hostAliases` | Vault Kubernetes Injector pods host aliases | `[]` | +| `injector.podLabels` | Extra labels for Vault Kubernetes Injector pods | `{}` | +| `injector.podAnnotations` | Annotations for Vault Kubernetes Injector pods | `{}` | +| `injector.podAffinityPreset` | Pod affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `injector.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `injector.pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `injector.pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | +| `injector.pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | +| `injector.autoscaling.enabled` | Enable autoscaling for injector | `false` | +| `injector.autoscaling.minReplicas` | Minimum number of injector replicas | `""` | +| `injector.autoscaling.maxReplicas` | Maximum number of injector replicas | `""` | +| `injector.autoscaling.targetCPU` | Target CPU utilization percentage | `""` | +| `injector.autoscaling.targetMemory` | Target Memory utilization percentage | `""` | +| `injector.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `injector.nodeAffinityPreset.key` | Node label key to match. Ignored if `injector.affinity` is set | `""` | +| `injector.nodeAffinityPreset.values` | Node label values to match. Ignored if `injector.affinity` is set | `[]` | +| `injector.affinity` | Affinity for Vault Kubernetes Injector pods assignment | `{}` | +| `injector.nodeSelector` | Node labels for Vault Kubernetes Injector pods assignment | `{}` | +| `injector.tolerations` | Tolerations for Vault Kubernetes Injector pods assignment | `[]` | +| `injector.updateStrategy.type` | Vault Kubernetes Injector statefulset strategy type | `RollingUpdate` | +| `injector.priorityClassName` | Vault Kubernetes Injector pods' priorityClassName | `""` | +| `injector.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `injector.schedulerName` | Name of the k8s scheduler (other than default) for Vault Kubernetes Injector pods | `""` | +| `injector.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` | +| `injector.lifecycleHooks` | for the Vault Kubernetes Injector container(s) to automate configuration before or after startup | `{}` | +| `injector.extraEnvVars` | Array with extra environment variables to add to Vault Kubernetes Injector nodes | `[]` | +| `injector.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Vault Kubernetes Injector nodes | `""` | +| `injector.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Vault Kubernetes Injector nodes | `""` | +| `injector.extraVolumes` | Optionally specify extra list of additional volumes for the Vault Kubernetes Injector pod(s) | `[]` | +| `injector.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Vault Kubernetes Injector container(s) | `[]` | +| `injector.sidecars` | Add additional sidecar containers to the Vault Kubernetes Injector pod(s) | `[]` | +| `injector.initContainers` | Add additional init containers to the Vault Kubernetes Injector pod(s) | `[]` | ### Vault Kubernetes Injector Traffic Exposure Parameters @@ -464,25 +466,25 @@ The command removes all the Kubernetes components associated with the chart and ### Vault Kubernetes Injector RBAC Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `injector.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `injector.rbac.rules` | Custom RBAC rules to set | `[]` | -| `injector.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `injector.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `injector.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | -| `injector.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Enable init container's Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `injector.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `injector.rbac.rules` | Custom RBAC rules to set | `[]` | +| `injector.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `injector.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `injector.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` | +| `injector.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enable init container's Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | The above parameters map to the env variables defined in [bitnami/vault](https://github.com/bitnami/containers/tree/main/bitnami/vault). For more information please refer to the [bitnami/vault](https://github.com/bitnami/containers/tree/main/bitnami/vault) image documentation. diff --git a/bitnami/vault/values.yaml b/bitnami/vault/values.yaml index 47bc3f81b08b09..02341f4807e447 100644 --- a/bitnami/vault/values.yaml +++ b/bitnami/vault/values.yaml @@ -72,8 +72,8 @@ server: enabled: true ## Bitnami Vault Server image ## ref: https://hub.docker.com/r/bitnami/vault/tags/ - ## @param server.image.registry Vault Server image registry - ## @param server.image.repository Vault Server image repository + ## @param server.image.registry [default: REGISTRY_NAME] Vault Server image registry + ## @param server.image.repository [default: REPOSITORY_NAME/vault] Vault Server image repository ## @param server.image.tag Vault Server image tag (immutable tags are recommended) ## @param server.image.digest Vault Server image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param server.image.pullPolicy Vault Server image pull policy @@ -721,8 +721,8 @@ csiProvider: enabled: false ## Bitnami Vault CSI Provider image ## ref: https://hub.docker.com/r/bitnami/vault-csi-provider/tags/ - ## @param csiProvider.image.registry Vault CSI Provider image registry - ## @param csiProvider.image.repository Vault CSI Provider image repository + ## @param csiProvider.image.registry [default: REGISTRY_NAME] Vault CSI Provider image registry + ## @param csiProvider.image.repository [default: REPOSITORY_NAME/vault-csi-provider] Vault CSI Provider image repository ## @param csiProvider.image.tag Vault CSI Provider image tag (immutable tags are recommended) ## @param csiProvider.image.digest Vault CSI Provider image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param csiProvider.image.pullPolicy Vault CSI Provider image pull policy @@ -1156,8 +1156,8 @@ injector: enabled: true ## Bitnami Vault Kubernetes Injector image ## ref: https://hub.docker.com/r/bitnami/vault-k8s/tags/ - ## @param injector.image.registry Vault Kubernetes Injector image registry - ## @param injector.image.repository Vault Kubernetes Injector image repository + ## @param injector.image.registry [default: REGISTRY_NAME] Vault Kubernetes Injector image registry + ## @param injector.image.repository [default: REPOSITORY_NAME/vault-k8s] Vault Kubernetes Injector image repository ## @param injector.image.tag Vault Kubernetes Injector image tag (immutable tags are recommended) ## @param injector.image.digest Vault Kubernetes Injector image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) ## @param injector.image.pullPolicy Vault Kubernetes Injector image pull policy @@ -1534,8 +1534,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/whereabouts/README.md b/bitnami/whereabouts/README.md index fbc64d320b2112..dca54c1c36cab5 100644 --- a/bitnami/whereabouts/README.md +++ b/bitnami/whereabouts/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/whereabouts +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/whereabouts ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [Whereabouts](https://github.com/bitnami/containers/tree/main/bitnami/whereabouts) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use Whereabouts in production? Try [VMware Application Catalog](https To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/whereabouts +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/whereabouts ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys Whereabouts on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,72 +82,72 @@ The command removes all the Kubernetes components associated with the chart and ### Whereabouts parameters -| Name | Description | Value | -| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | --------------------------- | -| `image.registry` | Whereabouts image registry | `docker.io` | -| `image.repository` | Whereabouts Image name | `bitnami/whereabouts` | -| `image.tag` | Whereabouts Image tag | `0.6.2-debian-11-r109` | -| `image.digest` | Whereabouts image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Whereabouts image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug logs should be enabled | `false` | -| `hostCNIBinDir` | CNI binary dir in the host machine to mount | `/opt/cni/bin` | -| `hostCNINetDir` | CNI net.d dir in the host machine to mount | `/etc/cni/net.d` | -| `CNIMountPath` | Path inside the container to mount the CNI dirs | `/bitnami/whereabouts/host` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | -| `priorityClassName` | Whereabouts pods' priorityClassName | `""` | -| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `extraEnvVars` | Extra environment variables | `[]` | -| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | -| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | -| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | -| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | -| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | -| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | -| `tolerations` | Tolerations for pod assignment | `[]` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` | -| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | -| `resources.requests` | The requested resources for the init container | `{}` | -| `resources.limits` | The resources limits for the init container | `{}` | -| `podSecurityContext.enabled` | Enable Whereabouts pods' Security Context | `true` | -| `podSecurityContext.fsGroup` | Whereabouts pods' group ID | `0` | -| `containerSecurityContext.enabled` | Enable Whereabouts containers' Security Context | `true` | -| `containerSecurityContext.runAsUser` | Whereabouts containers' Security Context | `0` | -| `containerSecurityContext.runAsNonRoot` | Set Whereabouts container's Security Context runAsNonRoot | `false` | -| `containerSecurityContext.privileged` | Set Whereabouts container's Security Context privileged | `true` | -| `startupProbe.enabled` | Enable startupProbe | `false` | -| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `livenessProbe.enabled` | Enable livenessProbe | `true` | -| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readinessProbe.enabled` | Enable readinessProbe | `false` | -| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | -| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `customStartupProbe` | Override default startup probe | `{}` | -| `customLivenessProbe` | Override default liveness probe | `{}` | -| `customReadinessProbe` | Override default readiness probe | `{}` | -| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | -| `podAnnotations` | Pod annotations | `{}` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | +| Name | Description | Value | +| --------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------------- | +| `image.registry` | Whereabouts image registry | `REGISTRY_NAME` | +| `image.repository` | Whereabouts Image name | `REPOSITORY_NAME/whereabouts` | +| `image.tag` | Whereabouts Image tag | `0.6.2-debian-11-r109` | +| `image.digest` | Whereabouts image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Whereabouts image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug logs should be enabled | `false` | +| `hostCNIBinDir` | CNI binary dir in the host machine to mount | `/opt/cni/bin` | +| `hostCNINetDir` | CNI net.d dir in the host machine to mount | `/etc/cni/net.d` | +| `CNIMountPath` | Path inside the container to mount the CNI dirs | `/bitnami/whereabouts/host` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | +| `priorityClassName` | Whereabouts pods' priorityClassName | `""` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `extraEnvVars` | Extra environment variables | `[]` | +| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | +| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | +| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | +| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | +| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | +| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `resources.requests` | The requested resources for the init container | `{}` | +| `resources.limits` | The resources limits for the init container | `{}` | +| `podSecurityContext.enabled` | Enable Whereabouts pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Whereabouts pods' group ID | `0` | +| `containerSecurityContext.enabled` | Enable Whereabouts containers' Security Context | `true` | +| `containerSecurityContext.runAsUser` | Whereabouts containers' Security Context | `0` | +| `containerSecurityContext.runAsNonRoot` | Set Whereabouts container's Security Context runAsNonRoot | `false` | +| `containerSecurityContext.privileged` | Set Whereabouts container's Security Context privileged | `true` | +| `startupProbe.enabled` | Enable startupProbe | `false` | +| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `false` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customStartupProbe` | Override default startup probe | `{}` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | ### Other Parameters @@ -160,17 +164,20 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set schedulerName=high-priority \ - oci://registry-1.docker.io/bitnamicharts/whereabouts + oci://REGISTRY_NAME/REPOSITORY_NAME/whereabouts ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the Whereabouts scheduler to high-priority. Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/whereabouts +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/whereabouts ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/whereabouts/values.yaml b/bitnami/whereabouts/values.yaml index 4acb7ba21345ae..b10f24ac01b55f 100644 --- a/bitnami/whereabouts/values.yaml +++ b/bitnami/whereabouts/values.yaml @@ -66,8 +66,8 @@ diagnosticMode: ## Bitnami Whereabouts image version ## ref: https://hub.docker.com/r/bitnami/whereabouts/tags/ -## @param image.registry Whereabouts image registry -## @param image.repository Whereabouts Image name +## @param image.registry [default: REGISTRY_NAME] Whereabouts image registry +## @param image.repository [default: REPOSITORY_NAME/whereabouts] Whereabouts Image name ## @param image.tag Whereabouts Image tag ## @param image.digest Whereabouts image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy Whereabouts image pull policy diff --git a/bitnami/wildfly/README.md b/bitnami/wildfly/README.md index 30a79bb09d8435..2691ee45d4853a 100644 --- a/bitnami/wildfly/README.md +++ b/bitnami/wildfly/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/wildfly +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [WildFly](https://github.com/bitnami/containers/tree/main/bitnami/wildfly) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -36,9 +38,11 @@ Looking to use WildFly in production? Try [VMware Application Catalog](https://b To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/wildfly +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy WildFly on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -80,15 +84,15 @@ The command removes all the Kubernetes components associated with the chart and ### WildFly Image parameters -| Name | Description | Value | -| ------------------- | ------------------------------------------------------------------------------------------------------- | ---------------------- | -| `image.registry` | WildFly image registry | `docker.io` | -| `image.repository` | WildFly image repository | `bitnami/wildfly` | -| `image.tag` | WildFly image tag (immutable tags are recommended) | `29.0.1-debian-11-r26` | -| `image.digest` | WildFly image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | WildFly image pull policy | `IfNotPresent` | -| `image.pullSecrets` | WildFly image pull secrets | `[]` | -| `image.debug` | Enable image debug mode | `false` | +| Name | Description | Value | +| ------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------- | +| `image.registry` | WildFly image registry | `REGISTRY_NAME` | +| `image.repository` | WildFly image repository | `REPOSITORY_NAME/wildfly` | +| `image.tag` | WildFly image tag (immutable tags are recommended) | `29.0.1-debian-11-r26` | +| `image.digest` | WildFly image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WildFly image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WildFly image pull secrets | `[]` | +| `image.debug` | Enable image debug mode | `false` | ### WildFly Configuration parameters @@ -204,24 +208,24 @@ The command removes all the Kubernetes components associated with the chart and ### Persistence Parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.size` | Persistent Volume size | `8Gi` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| Name | Description | Value | +| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.size` | Persistent Volume size | `8Gi` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | The above parameters map to the env variables defined in [bitnami/wildfly](https://github.com/bitnami/containers/tree/main/bitnami/wildfly). For more information please refer to the [bitnami/wildfly](https://github.com/bitnami/containers/tree/main/bitnami/wildfly) image documentation. @@ -230,9 +234,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set wildflyUser=manager,wildflyPassword=password \ - oci://registry-1.docker.io/bitnamicharts/wildfly + oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the WildFly management username and password to `manager` and `password` respectively. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -240,9 +246,10 @@ The above command sets the WildFly management username and password to `manager` Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/wildfly +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -318,9 +325,11 @@ Consequences: ```console export WILDFLY_PASSWORD=$(kubectl get secret --namespace default wildfly -o jsonpath="{.data.wildfly-password}" | base64 -d) kubectl delete deployments.apps wildfly -helm upgrade wildfly oci://registry-1.docker.io/bitnamicharts/wildfly --set wildflyPassword=$WILDFLY_PASSWORD +helm upgrade wildfly oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly --set wildflyPassword=$WILDFLY_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 6.0.0 [On November 13, 2020, Helm v2 support formally ended](https://github.com/helm/charts#status-of-the-project). This major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. @@ -332,15 +341,19 @@ helm upgrade wildfly oci://registry-1.docker.io/bitnamicharts/wildfly --set wild WildFly container was moved to a non-root approach. There shouldn't be any issue when upgrading since the corresponding `securityContext` is enabled by default. Both the container image and the chart can be upgraded by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/wildfly +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + If you use a previous container image (previous to **14.0.1-r75**) disable the `securityContext` by running the command below: ```console -helm upgrade my-release oci://registry-1.docker.io/bitnamicharts/wildfly --set securityContext.enabled=false,image.tag=XXX +helm upgrade my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wildfly --set securityContext.enabled=false,image.tag=XXX ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ### To 1.0.0 Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. diff --git a/bitnami/wildfly/values.yaml b/bitnami/wildfly/values.yaml index 3ff5a0a52f31de..596c852cb4372e 100644 --- a/bitnami/wildfly/values.yaml +++ b/bitnami/wildfly/values.yaml @@ -61,8 +61,8 @@ diagnosticMode: ## Bitnami WildFly image ## ref: https://hub.docker.com/r/bitnami/redis/tags/ -## @param image.registry WildFly image registry -## @param image.repository WildFly image repository +## @param image.registry [default: REGISTRY_NAME] WildFly image registry +## @param image.repository [default: REPOSITORY_NAME/wildfly] WildFly image repository ## @param image.tag WildFly image tag (immutable tags are recommended) ## @param image.digest WildFly image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy WildFly image pull policy @@ -637,8 +637,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy diff --git a/bitnami/wordpress/README.md b/bitnami/wordpress/README.md index 4f4e7544ae999d..95a7e3a594f5ae 100644 --- a/bitnami/wordpress/README.md +++ b/bitnami/wordpress/README.md @@ -9,9 +9,11 @@ WordPress is the world's most popular blogging and content management platform. ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/wordpress +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [WordPress](https://github.com/bitnami/containers/tree/main/bitnami/wordpress) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -34,9 +36,11 @@ Looking to use WordPress in production? Try [VMware Application Catalog](https:/ To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/wordpress +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The command deploys WordPress on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,15 +82,15 @@ The command removes all the Kubernetes components associated with the chart and ### WordPress Image parameters -| Name | Description | Value | -| ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | WordPress image registry | `docker.io` | -| `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.2-debian-11-r0` | -| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | -| `image.pullSecrets` | WordPress image pull secrets | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | WordPress image registry | `REGISTRY_NAME` | +| `image.repository` | WordPress image repository | `REPOSITORY_NAME/wordpress` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.2-debian-11-r0` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | ### WordPress Configuration parameters @@ -235,27 +239,27 @@ The command removes all the Kubernetes components associated with the chart and ### Persistence Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | -| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | -| `persistence.storageClass` | Persistent Volume storage class | `""` | -| `persistence.accessModes` | Persistent Volume access modes | `[]` | -| `persistence.accessMode` | Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) | `ReadWriteOnce` | -| `persistence.size` | Persistent Volume size | `10Gi` | -| `persistence.dataSource` | Custom PVC data source | `{}` | -| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | -| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | -| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | -| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | -------------------------- | +| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` | +| `persistence.storageClass` | Persistent Volume storage class | `""` | +| `persistence.accessModes` | Persistent Volume access modes | `[]` | +| `persistence.accessMode` | Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead) | `ReadWriteOnce` | +| `persistence.size` | Persistent Volume size | `10Gi` | +| `persistence.dataSource` | Custom PVC data source | `{}` | +| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` | +| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Other Parameters @@ -276,51 +280,51 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | ------------------------- | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | -| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | -| `metrics.containerPorts.metrics` | Prometheus exporter container port | `9117` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Prometheus exporter containers | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Prometheus exporter containers | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Prometheus exporter containers | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.resources.limits` | The resources limits for the Prometheus exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the Prometheus exporter container | `{}` | -| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | -| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| Name | Description | Value | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------------------- | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | +| `metrics.image.registry` | Apache exporter image registry | `REGISTRY_NAME` | +| `metrics.image.repository` | Apache exporter image repository | `REPOSITORY_NAME/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r10` | +| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | +| `metrics.containerPorts.metrics` | Prometheus exporter container port | `9117` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.resources.limits` | The resources limits for the Prometheus exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the Prometheus exporter container | `{}` | +| `metrics.service.ports.metrics` | Prometheus metrics service port | `9150` | +| `metrics.service.annotations` | Additional custom annotations for Metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | ### NetworkPolicy parameters @@ -378,9 +382,11 @@ helm install my-release \ --set wordpressUsername=admin \ --set wordpressPassword=password \ --set mariadb.auth.rootPassword=secretpassword \ - oci://registry-1.docker.io/bitnamicharts/wordpress + oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the WordPress administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -388,9 +394,10 @@ The above command sets the WordPress administrator account username and password Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/wordpress +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details @@ -579,15 +586,19 @@ export MARIADB_PVC=$(kubectl get pvc -l app.kubernetes.io/instance=wordpress,app Upgrade your release (maintaining the version) disabling MariaDB and scaling WordPress replicas to 0: ```console -helm upgrade wordpress oci://registry-1.docker.io/bitnamicharts/wordpress --set wordpressPassword=$WORDPRESS_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 9.6.4 +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set wordpressPassword=$WORDPRESS_PASSWORD --set replicaCount=0 --set mariadb.enabled=false --version 9.6.4 ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + Finally, upgrade you release to `10.0.0` reusing the existing PVC, and enabling back MariaDB: ```console -helm upgrade wordpress oci://registry-1.docker.io/bitnamicharts/wordpress --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set wordpressPassword=$WORDPRESS_PASSWORD +helm upgrade wordpress oci://REGISTRY_NAME/REPOSITORY_NAME/wordpress --set mariadb.primary.persistence.existingClaim=$MARIADB_PVC --set mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD --set mariadb.auth.password=$MARIADB_PASSWORD --set wordpressPassword=$WORDPRESS_PASSWORD ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + You should see the lines below in MariaDB container logs: ```console diff --git a/bitnami/wordpress/values.yaml b/bitnami/wordpress/values.yaml index 9da923354201c9..830a3e8b398418 100644 --- a/bitnami/wordpress/values.yaml +++ b/bitnami/wordpress/values.yaml @@ -65,8 +65,8 @@ diagnosticMode: ## Bitnami WordPress image ## ref: https://hub.docker.com/r/bitnami/wordpress/tags/ -## @param image.registry WordPress image registry -## @param image.repository WordPress image repository +## @param image.registry [default: REGISTRY_NAME] WordPress image registry +## @param image.repository [default: REPOSITORY_NAME/wordpress] WordPress image repository ## @param image.tag WordPress image tag (immutable tags are recommended) ## @param image.digest WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy WordPress image pull policy @@ -756,8 +756,8 @@ volumePermissions: enabled: false ## OS Shell + Utility image ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ - ## @param volumePermissions.image.registry OS Shell + Utility image registry - ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy @@ -850,8 +850,8 @@ metrics: enabled: false ## Bitnami Apache exporter image ## ref: https://hub.docker.com/r/bitnami/apache-exporter/tags/ - ## @param metrics.image.registry Apache exporter image registry - ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.registry [default: REGISTRY_NAME] Apache exporter image registry + ## @param metrics.image.repository [default: REPOSITORY_NAME/apache-exporter] Apache exporter image repository ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) ## @param metrics.image.digest Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param metrics.image.pullPolicy Apache exporter image pull policy diff --git a/bitnami/zookeeper/README.md b/bitnami/zookeeper/README.md index 2c668566498eab..eccdc2ea1b1b8d 100644 --- a/bitnami/zookeeper/README.md +++ b/bitnami/zookeeper/README.md @@ -11,9 +11,11 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/zookeeper +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/zookeeper ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + ## Introduction This chart bootstraps a [ZooKeeper](https://github.com/bitnami/containers/tree/main/bitnami/zookeeper) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. @@ -33,9 +35,11 @@ Looking to use Apache ZooKeeper in production? Try [VMware Application Catalog]( To install the chart with the release name `my-release`: ```console -helm install my-release oci://registry-1.docker.io/bitnamicharts/zookeeper +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/zookeeper ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + These commands deploy ZooKeeper on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. > **Tip**: List all releases using `helm list` @@ -78,50 +82,50 @@ The command removes all the Kubernetes components associated with the chart and ### ZooKeeper chart parameters -| Name | Description | Value | -| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `image.registry` | ZooKeeper image registry | `docker.io` | -| `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` | -| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.9.1-debian-11-r1` | -| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `auth.client.enabled` | Enable ZooKeeper client-server authentication. It uses SASL/Digest-MD5 | `false` | -| `auth.client.clientUser` | User that will use ZooKeeper clients to auth | `""` | -| `auth.client.clientPassword` | Password that will use ZooKeeper clients to auth | `""` | -| `auth.client.serverUsers` | Comma, semicolon or whitespace separated list of user to be created | `""` | -| `auth.client.serverPasswords` | Comma, semicolon or whitespace separated list of passwords to assign to users when created | `""` | -| `auth.client.existingSecret` | Use existing secret (ignores previous passwords) | `""` | -| `auth.quorum.enabled` | Enable ZooKeeper server-server authentication. It uses SASL/Digest-MD5 | `false` | -| `auth.quorum.learnerUser` | User that the ZooKeeper quorumLearner will use to authenticate to quorumServers. | `""` | -| `auth.quorum.learnerPassword` | Password that the ZooKeeper quorumLearner will use to authenticate to quorumServers. | `""` | -| `auth.quorum.serverUsers` | Comma, semicolon or whitespace separated list of users for the quorumServers. | `""` | -| `auth.quorum.serverPasswords` | Comma, semicolon or whitespace separated list of passwords to assign to users when created | `""` | -| `auth.quorum.existingSecret` | Use existing secret (ignores previous passwords) | `""` | -| `tickTime` | Basic time unit (in milliseconds) used by ZooKeeper for heartbeats | `2000` | -| `initLimit` | ZooKeeper uses to limit the length of time the ZooKeeper servers in quorum have to connect to a leader | `10` | -| `syncLimit` | How far out of date a server can be from a leader | `5` | -| `preAllocSize` | Block size for transaction log file | `65536` | -| `snapCount` | The number of transactions recorded in the transaction log before a snapshot can be taken (and the transaction log rolled) | `100000` | -| `maxClientCnxns` | Limits the number of concurrent connections that a single client may make to a single member of the ZooKeeper ensemble | `60` | -| `maxSessionTimeout` | Maximum session timeout (in milliseconds) that the server will allow the client to negotiate | `40000` | -| `heapSize` | Size (in MB) for the Java Heap options (Xmx and Xms) | `1024` | -| `fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands that can be executed | `srvr, mntr, ruok` | -| `minServerId` | Minimal SERVER_ID value, nodes increment their IDs respectively | `1` | -| `listenOnAllIPs` | Allow ZooKeeper to listen for connections from its peers on all available IP addresses | `false` | -| `autopurge.snapRetainCount` | The most recent snapshots amount (and corresponding transaction logs) to retain | `3` | -| `autopurge.purgeInterval` | The time interval (in hours) for which the purge task has to be triggered | `0` | -| `logLevel` | Log level for the ZooKeeper server. ERROR by default | `ERROR` | -| `jvmFlags` | Default JVM flags for the ZooKeeper process | `""` | -| `dataLogDir` | Dedicated data log directory | `""` | -| `configuration` | Configure ZooKeeper with a custom zoo.cfg file | `""` | -| `existingConfigmap` | The name of an existing ConfigMap with your custom configuration for ZooKeeper | `""` | -| `extraEnvVars` | Array with extra environment variables to add to ZooKeeper nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for ZooKeeper nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for ZooKeeper nodes | `""` | -| `command` | Override default container command (useful when using custom images) | `["/scripts/setup.sh"]` | -| `args` | Override default container args (useful when using custom images) | `[]` | +| Name | Description | Value | +| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | --------------------------- | +| `image.registry` | ZooKeeper image registry | `REGISTRY_NAME` | +| `image.repository` | ZooKeeper image repository | `REPOSITORY_NAME/zookeeper` | +| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.9.1-debian-11-r1` | +| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `auth.client.enabled` | Enable ZooKeeper client-server authentication. It uses SASL/Digest-MD5 | `false` | +| `auth.client.clientUser` | User that will use ZooKeeper clients to auth | `""` | +| `auth.client.clientPassword` | Password that will use ZooKeeper clients to auth | `""` | +| `auth.client.serverUsers` | Comma, semicolon or whitespace separated list of user to be created | `""` | +| `auth.client.serverPasswords` | Comma, semicolon or whitespace separated list of passwords to assign to users when created | `""` | +| `auth.client.existingSecret` | Use existing secret (ignores previous passwords) | `""` | +| `auth.quorum.enabled` | Enable ZooKeeper server-server authentication. It uses SASL/Digest-MD5 | `false` | +| `auth.quorum.learnerUser` | User that the ZooKeeper quorumLearner will use to authenticate to quorumServers. | `""` | +| `auth.quorum.learnerPassword` | Password that the ZooKeeper quorumLearner will use to authenticate to quorumServers. | `""` | +| `auth.quorum.serverUsers` | Comma, semicolon or whitespace separated list of users for the quorumServers. | `""` | +| `auth.quorum.serverPasswords` | Comma, semicolon or whitespace separated list of passwords to assign to users when created | `""` | +| `auth.quorum.existingSecret` | Use existing secret (ignores previous passwords) | `""` | +| `tickTime` | Basic time unit (in milliseconds) used by ZooKeeper for heartbeats | `2000` | +| `initLimit` | ZooKeeper uses to limit the length of time the ZooKeeper servers in quorum have to connect to a leader | `10` | +| `syncLimit` | How far out of date a server can be from a leader | `5` | +| `preAllocSize` | Block size for transaction log file | `65536` | +| `snapCount` | The number of transactions recorded in the transaction log before a snapshot can be taken (and the transaction log rolled) | `100000` | +| `maxClientCnxns` | Limits the number of concurrent connections that a single client may make to a single member of the ZooKeeper ensemble | `60` | +| `maxSessionTimeout` | Maximum session timeout (in milliseconds) that the server will allow the client to negotiate | `40000` | +| `heapSize` | Size (in MB) for the Java Heap options (Xmx and Xms) | `1024` | +| `fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands that can be executed | `srvr, mntr, ruok` | +| `minServerId` | Minimal SERVER_ID value, nodes increment their IDs respectively | `1` | +| `listenOnAllIPs` | Allow ZooKeeper to listen for connections from its peers on all available IP addresses | `false` | +| `autopurge.snapRetainCount` | The most recent snapshots amount (and corresponding transaction logs) to retain | `3` | +| `autopurge.purgeInterval` | The time interval (in hours) for which the purge task has to be triggered | `0` | +| `logLevel` | Log level for the ZooKeeper server. ERROR by default | `ERROR` | +| `jvmFlags` | Default JVM flags for the ZooKeeper process | `""` | +| `dataLogDir` | Dedicated data log directory | `""` | +| `configuration` | Configure ZooKeeper with a custom zoo.cfg file | `""` | +| `existingConfigmap` | The name of an existing ConfigMap with your custom configuration for ZooKeeper | `""` | +| `extraEnvVars` | Array with extra environment variables to add to ZooKeeper nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for ZooKeeper nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for ZooKeeper nodes | `""` | +| `command` | Override default container command (useful when using custom images) | `["/scripts/setup.sh"]` | +| `args` | Override default container args (useful when using custom images) | `[]` | ### Statefulset parameters @@ -243,19 +247,19 @@ The command removes all the Kubernetes components associated with the chart and ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Metrics parameters @@ -319,9 +323,11 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ --set auth.clientUser=newUser \ - oci://registry-1.docker.io/bitnamicharts/zookeeper + oci://REGISTRY_NAME/REPOSITORY_NAME/zookeeper ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + The above command sets the ZooKeeper user to `newUser`. > NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. @@ -329,9 +335,10 @@ The above command sets the ZooKeeper user to `newUser`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/zookeeper +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/zookeeper ``` +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. > **Tip**: You can use the default [values.yaml](values.yaml) ## Configuration and installation details diff --git a/bitnami/zookeeper/values.yaml b/bitnami/zookeeper/values.yaml index 06bcb14e8b51b1..6b01baa93e9b7e 100644 --- a/bitnami/zookeeper/values.yaml +++ b/bitnami/zookeeper/values.yaml @@ -68,8 +68,8 @@ diagnosticMode: ## Bitnami ZooKeeper image version ## ref: https://hub.docker.com/r/bitnami/zookeeper/tags/ -## @param image.registry ZooKeeper image registry -## @param image.repository ZooKeeper image repository +## @param image.registry [default: REGISTRY_NAME] ZooKeeper image registry +## @param image.repository [default: REPOSITORY_NAME/zookeeper] ZooKeeper image repository ## @param image.tag ZooKeeper image tag (immutable tags are recommended) ## @param image.digest ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param image.pullPolicy ZooKeeper image pull policy @@ -653,8 +653,8 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume ## enabled: false - ## @param volumePermissions.image.registry Init container volume-permissions image registry - ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy