Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-02-25 15:57:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/clickhouse] feat: 🔒 Add resource preset support (#23436)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-02-16 10:38:01 +01:00
committed by GitHub
parent 38b444c6d4
commit 0a82ef66b9
6 changed files with 119 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/clickhouse/Chart.lock
View File

@@ -6,4 +6,4 @@ dependencies:
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.15.3
digest: sha256:cccdc01ead6a556674360977d9ace475423c17f7c3875ed7e7df58edf727befa
generated: "2024-02-14T20:06:03.21657832Z"
generated: "2024-02-14T14:40:10.89088491+01:00"

2
bitnami/clickhouse/Chart.yaml
View File

@@ -35,4 +35,4 @@ maintainers:
name: clickhouse
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/clickhouse
version: 5.0.2
version: 5.1.0

156
bitnami/clickhouse/README.md
View File

@@ -87,70 +87,70 @@ The command removes all the Kubernetes components associated with the chart and
### ClickHouse Parameters
| Name | Description | Value |
| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ---------------------------- |
| `image.registry` | ClickHouse image registry | `REGISTRY_NAME` |
| `image.repository` | ClickHouse image repository | `REPOSITORY_NAME/clickhouse` |
| `image.digest` | ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ClickHouse image pull policy | `IfNotPresent` |
| `image.pullSecrets` | ClickHouse image pull secrets | `[]` |
| `image.debug` | Enable ClickHouse image debug mode | `false` |
| `shards` | Number of ClickHouse shards to deploy | `2` |
| `replicaCount` | Number of ClickHouse replicas per shard to deploy | `3` |
| `distributeReplicasByZone` | Schedules replicas of the same shard to different availability zones | `false` |
| `containerPorts.http` | ClickHouse HTTP container port | `8123` |
| `containerPorts.https` | ClickHouse HTTPS container port | `8443` |
| `containerPorts.tcp` | ClickHouse TCP container port | `9000` |
| `containerPorts.tcpSecure` | ClickHouse TCP (secure) container port | `9440` |
| `containerPorts.keeper` | ClickHouse keeper TCP container port | `2181` |
| `containerPorts.keeperSecure` | ClickHouse keeper TCP (secure) container port | `3181` |
| `containerPorts.keeperInter` | ClickHouse keeper interserver TCP container port | `9444` |
| `containerPorts.mysql` | ClickHouse MySQL container port | `9004` |
| `containerPorts.postgresql` | ClickHouse PostgreSQL container port | `9005` |
| `containerPorts.interserver` | ClickHouse Interserver container port | `9009` |
| `containerPorts.metrics` | ClickHouse metrics container port | `8001` |
| `livenessProbe.enabled` | Enable livenessProbe on ClickHouse containers | `true` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe on ClickHouse containers | `true` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `startupProbe.enabled` | Enable startupProbe on ClickHouse containers | `false` |
| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` |
| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` |
| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `resources.limits` | The resources limits for the ClickHouse containers | `{}` |
| `resources.requests` | The requested resources for the ClickHouse containers | `{}` |
| `podSecurityContext.enabled` | Enabled ClickHouse pods' Security Context | `true` |
| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `podSecurityContext.fsGroup` | Set ClickHouse pod's Security Context fsGroup | `1001` |
| `containerSecurityContext.enabled` | Enable containers' Security Context | `true` |
| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's | `false` |
| `containerSecurityContext.privileged` | Set contraller container's Security Context privileged | `false` |
| `containerSecurityContext.allowPrivilegeEscalation` | Set contraller container's Security Context allowPrivilegeEscalation | `false` |
| `containerSecurityContext.capabilities.drop` | List of capabilities to be droppedn | `["ALL"]` |
| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `auth.username` | ClickHouse Admin username | `default` |
| `auth.password` | ClickHouse Admin password | `""` |
| `auth.existingSecret` | Name of a secret containing the Admin password | `""` |
| `auth.existingSecretKey` | Name of the key inside the existing secret | `""` |
| `logLevel` | Logging level | `information` |
| Name | Description | Value |
| --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- |
| `image.registry` | ClickHouse image registry | `REGISTRY_NAME` |
| `image.repository` | ClickHouse image repository | `REPOSITORY_NAME/clickhouse` |
| `image.digest` | ClickHouse image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ClickHouse image pull policy | `IfNotPresent` |
| `image.pullSecrets` | ClickHouse image pull secrets | `[]` |
| `image.debug` | Enable ClickHouse image debug mode | `false` |
| `shards` | Number of ClickHouse shards to deploy | `2` |
| `replicaCount` | Number of ClickHouse replicas per shard to deploy | `3` |
| `distributeReplicasByZone` | Schedules replicas of the same shard to different availability zones | `false` |
| `containerPorts.http` | ClickHouse HTTP container port | `8123` |
| `containerPorts.https` | ClickHouse HTTPS container port | `8443` |
| `containerPorts.tcp` | ClickHouse TCP container port | `9000` |
| `containerPorts.tcpSecure` | ClickHouse TCP (secure) container port | `9440` |
| `containerPorts.keeper` | ClickHouse keeper TCP container port | `2181` |
| `containerPorts.keeperSecure` | ClickHouse keeper TCP (secure) container port | `3181` |
| `containerPorts.keeperInter` | ClickHouse keeper interserver TCP container port | `9444` |
| `containerPorts.mysql` | ClickHouse MySQL container port | `9004` |
| `containerPorts.postgresql` | ClickHouse PostgreSQL container port | `9005` |
| `containerPorts.interserver` | ClickHouse Interserver container port | `9009` |
| `containerPorts.metrics` | ClickHouse metrics container port | `8001` |
| `livenessProbe.enabled` | Enable livenessProbe on ClickHouse containers | `true` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe on ClickHouse containers | `true` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `startupProbe.enabled` | Enable startupProbe on ClickHouse containers | `false` |
| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` |
| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `3` |
| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
| `customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none` |
| `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `podSecurityContext.enabled` | Enabled ClickHouse pods' Security Context | `true` |
| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `podSecurityContext.fsGroup` | Set ClickHouse pod's Security Context fsGroup | `1001` |
| `containerSecurityContext.enabled` | Enable containers' Security Context | `true` |
| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set containers' Security Context runAsNonRoot | `true` |
| `containerSecurityContext.readOnlyRootFilesystem` | Set read only root file system pod's | `false` |
| `containerSecurityContext.privileged` | Set contraller container's Security Context privileged | `false` |
| `containerSecurityContext.allowPrivilegeEscalation` | Set contraller container's Security Context allowPrivilegeEscalation | `false` |
| `containerSecurityContext.capabilities.drop` | List of capabilities to be droppedn | `["ALL"]` |
| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `auth.username` | ClickHouse Admin username | `default` |
| `auth.password` | ClickHouse Admin password | `""` |
| `auth.existingSecret` | Name of a secret containing the Admin password | `""` |
| `auth.existingSecretKey` | Name of the key inside the existing secret | `""` |
| `logLevel` | Logging level | `information` |
### ClickHouse keeper configuration parameters
@@ -302,17 +302,17 @@ The command removes all the Kubernetes components associated with the chart and
### Init Container Parameters
| Name | Description | Value |
| ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------- | -------------------------- |
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` |
| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` |
| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` |
| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
| Name | Description | Value |
| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | OS Shell + Utility image registry | `REGISTRY_NAME` |
| `volumePermissions.image.repository` | OS Shell + Utility image repository | `REPOSITORY_NAME/os-shell` |
| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` |
| `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` |
| `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `volumePermissions.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
### Other Parameters
@@ -400,6 +400,12 @@ helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/click
## Configuration and installation details
### Resource requests and limits
Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case.
To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.

1
bitnami/clickhouse/templates/NOTES.txt
View File

@@ -56,3 +56,4 @@ Credentials:
{{- include "common.warnings.rollingTag" .Values.image }}
{{- include "clickhouse.validateValues" . }}
{{- include "common.warnings.resources" (dict "sections" (list "" "volumePermissions") "context" $) }}

6
bitnami/clickhouse/templates/statefulset.yaml
View File

@@ -84,6 +84,8 @@ spec:
imagePullPolicy: {{ $.Values.volumePermissions.image.pullPolicy | quote }}
{{- if $.Values.resources }}
resources: {{- toYaml $.Values.resources | nindent 12 }}
{{- else if ne $.Values.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" $.Values.resourcesPreset) | nindent 12 }}
{{- end }}
{{- if $.Values.containerSecurityContext.enabled }}
# We don't require a privileged container in this case
@@ -129,6 +131,8 @@ spec:
securityContext: {{- include "common.tplvalues.render" (dict "value" $.Values.volumePermissions.containerSecurityContext "context" $) | nindent 12 }}
{{- if $.Values.volumePermissions.resources }}
resources: {{- toYaml $.Values.volumePermissions.resources | nindent 12 }}
{{- else if ne $.Values.volumePermissions.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" $.Values.volumePermissions.resourcesPreset) | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
@@ -241,6 +245,8 @@ spec:
{{- end }}
{{- if $.Values.resources }}
resources: {{- toYaml $.Values.resources | nindent 12 }}
{{- else if ne $.Values.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" $.Values.resourcesPreset) | nindent 12 }}
{{- end }}
ports:
- name: http

73
bitnami/clickhouse/values.yaml
View File

@@ -19,7 +19,6 @@ global:
##
imagePullSecrets: []
storageClass: ""
## @section Common parameters
##
@@ -47,7 +46,6 @@ clusterDomain: cluster.local
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## Enable diagnostic mode in the deployment
##
diagnosticMode:
@@ -62,7 +60,6 @@ diagnosticMode:
##
args:
- infinity
## @section ClickHouse Parameters
##
@@ -100,12 +97,10 @@ image:
## @param shards Number of ClickHouse shards to deploy
##
shards: 2
## @param replicaCount Number of ClickHouse replicas per shard to deploy
## if keeper enable, same as keeper count, keeper cluster by shards.
##
replicaCount: 3
## @param distributeReplicasByZone Schedules replicas of the same shard to different availability zones
##
distributeReplicasByZone: false
@@ -188,12 +183,21 @@ customReadinessProbe: {}
customStartupProbe: {}
## ClickHouse resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param resources.limits The resources limits for the ClickHouse containers
## @param resources.requests The requested resources for the ClickHouse containers
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
##
resources:
limits: {}
requests: {}
resourcesPreset: "none"
## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enabled ClickHouse pods' Security Context
@@ -233,7 +237,6 @@ containerSecurityContext:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"
## Authentication
## @param auth.username ClickHouse Admin username
## @param auth.password ClickHouse Admin password
@@ -245,17 +248,14 @@ auth:
password: ""
existingSecret: ""
existingSecretKey: ""
## @param logLevel Logging level
##
logLevel: information
## @section ClickHouse keeper configuration parameters
## @param keeper.enabled Deploy ClickHouse keeper. Support is experimental.
##
keeper:
enabled: false
## @param defaultConfigurationOverrides [string] Default configuration overrides (evaluated as a template)
##
defaultConfigurationOverrides: |
@@ -396,35 +396,27 @@ defaultConfigurationOverrides: |
</prometheus>
{{- end }}
</clickhouse>
## @param existingOverridesConfigmap The name of an existing ConfigMap with your custom configuration for ClickHouse
##
existingOverridesConfigmap: ""
## @param extraOverrides Extra configuration overrides (evaluated as a template) apart from the default
##
extraOverrides: ""
## @param extraOverridesConfigmap The name of an existing ConfigMap with extra configuration for ClickHouse
##
extraOverridesConfigmap: ""
## @param extraOverridesSecret The name of an existing ConfigMap with your custom configuration for ClickHouse
##
extraOverridesSecret: ""
## @param usersExtraOverrides Users extra configuration overrides (evaluated as a template) apart from the default
##
usersExtraOverrides: ""
## @param usersExtraOverridesConfigmap The name of an existing ConfigMap with users extra configuration for ClickHouse
##
usersExtraOverridesConfigmap: ""
## @param usersExtraOverridesSecret The name of an existing ConfigMap with your custom users configuration for ClickHouse
##
usersExtraOverridesSecret: ""
## @param initdbScripts Dictionary of initdb scripts
## Specify dictionary of scripts to be run at first boot
## Example:
@@ -437,7 +429,6 @@ initdbScripts: {}
## @param initdbScriptsSecret ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`)
##
initdbScriptsSecret: ""
## @param startdbScripts Dictionary of startdb scripts
## Specify dictionary of scripts to be run on every start
## Example:
@@ -450,11 +441,10 @@ startdbScripts: {}
## @param startdbScriptsSecret ConfigMap with the startdb scripts (Note: Overrides `startdbScripts`)
##
startdbScriptsSecret: ""
## @param command Override default container command (useful when using custom images)
##
command:
- /scripts/setup.sh
- /scripts/setup.sh
## @param args Override default container args (useful when using custom images)
##
args: []
@@ -519,12 +509,10 @@ updateStrategy:
## Can be set to RollingUpdate or OnDelete
##
type: RollingUpdate
## @param podManagementPolicy Statefulset Pod management policy, it needs to be Parallel to be able to complete the cluster join
## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
##
podManagementPolicy: Parallel
## @param priorityClassName ClickHouse pods' priorityClassName
##
priorityClassName: ""
@@ -586,7 +574,6 @@ sidecars: []
## command: ['sh', '-c', 'echo "hello world"']
##
initContainers: []
## TLS configuration
##
tls:
@@ -610,7 +597,6 @@ tls:
## ref: https://www.postgresql.org/docs/9.6/auth-methods.html
##
certCAFilename: ""
## @section Traffic Exposure Parameters
##
@@ -713,7 +699,6 @@ service:
## @param service.headless.annotations Annotations for the headless service.
##
annotations: {}
## External Access to ClickHouse configuration
##
externalAccess:
@@ -811,7 +796,6 @@ externalAccess:
## @param externalAccess.service.extraPorts Extra ports to expose in the ClickHouse external service
##
extraPorts: []
## ClickHouse ingress parameters
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
##
@@ -916,7 +900,6 @@ ingress:
## name: http
##
extraRules: []
## @section Persistence Parameters
##
@@ -996,12 +979,21 @@ volumePermissions:
pullSecrets: []
## Init container's resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param volumePermissions.resources.limits The resources limits for the init container
## @param volumePermissions.resources.requests The requested resources for the init container
## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
##
resources:
limits: {}
requests: {}
resourcesPreset: "none"
## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Init container Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
@@ -1013,7 +1005,6 @@ volumePermissions:
containerSecurityContext:
seLinuxOptions: null
runAsUser: 0
## @section Other Parameters
##
@@ -1033,7 +1024,6 @@ serviceAccount:
## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account
##
automountServiceAccountToken: false
## Prometheus metrics
##
metrics:
@@ -1090,7 +1080,6 @@ metrics:
## prometheus: my-prometheus
##
selector: {}
## Prometheus Operator PrometheusRule configuration
##
prometheusRule:
@@ -1112,7 +1101,6 @@ metrics:
## labels:
## severity: warning
rules: []
## @section External Zookeeper paramaters
##
externalZookeeper:
@@ -1121,7 +1109,6 @@ externalZookeeper:
##
servers: []
port: 2888
## @section Zookeeper subchart parameters
##
## @param zookeeper.enabled Deploy Zookeeper subchart
@@ -1145,7 +1132,6 @@ zookeeper:
service:
ports:
client: 2181
## @section Network Policies
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
##
@@ -1201,4 +1187,3 @@ networkPolicy:
##
ingressNSMatchLabels: {}
ingressNSPodMatchLabels: {}