diff --git a/bitnami/rabbitmq-cluster-operator/Chart.lock b/bitnami/rabbitmq-cluster-operator/Chart.lock index ce0bca7779..287579eb85 100644 --- a/bitnami/rabbitmq-cluster-operator/Chart.lock +++ b/bitnami/rabbitmq-cluster-operator/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.14.1 -digest: sha256:5ccbe5f1fe4459864a8c9d7329c400b678666b6cfb1450818a830bda81995bc3 -generated: "2024-01-09T14:08:31.622307312Z" + version: 2.15.3 +digest: sha256:d80293db4b59902571fcfcbeabb6b81aebb1c05e8a6d25510053e7c329d73002 +generated: "2024-02-14T15:59:54.210221891+01:00" diff --git a/bitnami/rabbitmq-cluster-operator/Chart.yaml b/bitnami/rabbitmq-cluster-operator/Chart.yaml index 220de44fb6..e3925b6dac 100644 --- a/bitnami/rabbitmq-cluster-operator/Chart.yaml +++ b/bitnami/rabbitmq-cluster-operator/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: rabbitmq-cluster-operator sources: - https://github.com/bitnami/charts/tree/main/bitnami/rabbitmq-cluster-operator -version: 3.16.1 +version: 3.17.0 diff --git a/bitnami/rabbitmq-cluster-operator/README.md b/bitnami/rabbitmq-cluster-operator/README.md index c1db6d428a..3ad5c8fb1c 100644 --- a/bitnami/rabbitmq-cluster-operator/README.md +++ b/bitnami/rabbitmq-cluster-operator/README.md @@ -157,104 +157,104 @@ This solution allows to easily deploy multiple RabbitMQ instances compared to th ### RabbitMQ Cluster Operator Parameters -| Name | Description | Value | -| ------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ | -| `rabbitmqImage.registry` | RabbitMQ Image registry | `REGISTRY_NAME` | -| `rabbitmqImage.repository` | RabbitMQ Image repository | `REPOSITORY_NAME/rabbitmq` | -| `rabbitmqImage.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `rabbitmqImage.pullSecrets` | RabbitMQ Image pull secrets | `[]` | -| `credentialUpdaterImage.registry` | RabbitMQ Default User Credential Updater image registry | `REGISTRY_NAME` | -| `credentialUpdaterImage.repository` | RabbitMQ Default User Credential Updater image repository | `REPOSITORY_NAME/rmq-default-credential-updater` | -| `credentialUpdaterImage.digest` | RabbitMQ Default User Credential Updater image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `credentialUpdaterImage.pullSecrets` | RabbitMQ Default User Credential Updater image pull secrets | `[]` | -| `clusterOperator.image.registry` | RabbitMQ Cluster Operator image registry | `REGISTRY_NAME` | -| `clusterOperator.image.repository` | RabbitMQ Cluster Operator image repository | `REPOSITORY_NAME/rabbitmq-cluster-operator` | -| `clusterOperator.image.digest` | RabbitMQ Cluster Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `clusterOperator.image.pullPolicy` | RabbitMQ Cluster Operator image pull policy | `IfNotPresent` | -| `clusterOperator.image.pullSecrets` | RabbitMQ Cluster Operator image pull secrets | `[]` | -| `clusterOperator.watchAllNamespaces` | Watch for resources in all namespaces | `true` | -| `clusterOperator.watchNamespaces` | Watch for resources in the given namespaces (ignored if watchAllNamespaces=true) | `[]` | -| `clusterOperator.replicaCount` | Number of RabbitMQ Cluster Operator replicas to deploy | `1` | -| `clusterOperator.schedulerName` | Alternative scheduler | `""` | -| `clusterOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `clusterOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `clusterOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Cluster Operator nodes | `true` | -| `clusterOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `clusterOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | -| `clusterOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `clusterOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `clusterOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `clusterOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Cluster Operator nodes | `true` | -| `clusterOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `clusterOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | -| `clusterOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `clusterOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `clusterOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `clusterOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Cluster Operator nodes | `false` | -| `clusterOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `clusterOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | -| `clusterOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `clusterOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `clusterOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `clusterOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `clusterOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `clusterOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `clusterOperator.resources.limits` | The resources limits for the RabbitMQ Cluster Operator containers | `{}` | -| `clusterOperator.resources.requests` | The requested resources for the RabbitMQ Cluster Operator containers | `{}` | -| `clusterOperator.podSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator pods' Security Context | `true` | -| `clusterOperator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `clusterOperator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `clusterOperator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `clusterOperator.podSecurityContext.fsGroup` | Set RabbitMQ Cluster Operator pod's Security Context fsGroup | `1001` | -| `clusterOperator.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `clusterOperator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `clusterOperator.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `clusterOperator.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `clusterOperator.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `clusterOperator.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `clusterOperator.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `clusterOperator.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `clusterOperator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `clusterOperator.command` | Override default container command (useful when using custom images) | `[]` | -| `clusterOperator.args` | Override default container args (useful when using custom images) | `[]` | -| `clusterOperator.automountServiceAccountToken` | Mount Service Account token in pod | `true` | -| `clusterOperator.hostAliases` | RabbitMQ Cluster Operator pods host aliases | `[]` | -| `clusterOperator.podLabels` | Extra labels for RabbitMQ Cluster Operator pods | `{}` | -| `clusterOperator.podAnnotations` | Annotations for RabbitMQ Cluster Operator pods | `{}` | -| `clusterOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `clusterOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `clusterOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `clusterOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `clusterOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `clusterOperator.affinity` | Affinity for RabbitMQ Cluster Operator pods assignment | `{}` | -| `clusterOperator.nodeSelector` | Node labels for RabbitMQ Cluster Operator pods assignment | `{}` | -| `clusterOperator.tolerations` | Tolerations for RabbitMQ Cluster Operator pods assignment | `[]` | -| `clusterOperator.updateStrategy.type` | RabbitMQ Cluster Operator statefulset strategy type | `RollingUpdate` | -| `clusterOperator.priorityClassName` | RabbitMQ Cluster Operator pods' priorityClassName | `""` | -| `clusterOperator.lifecycleHooks` | for the RabbitMQ Cluster Operator container(s) to automate configuration before or after startup | `{}` | -| `clusterOperator.containerPorts.metrics` | RabbitMQ Cluster Operator container port (used for metrics) | `9782` | -| `clusterOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | -| `clusterOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `clusterOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | -| `clusterOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Cluster Operator container(s) | `[]` | -| `clusterOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.initContainers` | Add additional init containers to the RabbitMQ Cluster Operator pod(s) | `[]` | -| `clusterOperator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `clusterOperator.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | -| `clusterOperator.networkPolicy.allowExternal` | Don't require injector label for connections | `true` | -| `clusterOperator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `clusterOperator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolice | `[]` | -| `clusterOperator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `clusterOperator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `clusterOperator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `clusterOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `clusterOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | -| `clusterOperator.rbac.clusterRole.extraRules` | Define extra access rules for the ClusterRole. This has no effect if customerRules is a non-empty array. | `[]` | -| `clusterOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `clusterOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `clusterOperator.serviceAccount.annotations` | Add annotations | `{}` | -| `clusterOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | +| Name | Description | Value | +| ------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------ | +| `rabbitmqImage.registry` | RabbitMQ Image registry | `REGISTRY_NAME` | +| `rabbitmqImage.repository` | RabbitMQ Image repository | `REPOSITORY_NAME/rabbitmq` | +| `rabbitmqImage.digest` | RabbitMQ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `rabbitmqImage.pullSecrets` | RabbitMQ Image pull secrets | `[]` | +| `credentialUpdaterImage.registry` | RabbitMQ Default User Credential Updater image registry | `REGISTRY_NAME` | +| `credentialUpdaterImage.repository` | RabbitMQ Default User Credential Updater image repository | `REPOSITORY_NAME/rmq-default-credential-updater` | +| `credentialUpdaterImage.digest` | RabbitMQ Default User Credential Updater image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `credentialUpdaterImage.pullSecrets` | RabbitMQ Default User Credential Updater image pull secrets | `[]` | +| `clusterOperator.image.registry` | RabbitMQ Cluster Operator image registry | `REGISTRY_NAME` | +| `clusterOperator.image.repository` | RabbitMQ Cluster Operator image repository | `REPOSITORY_NAME/rabbitmq-cluster-operator` | +| `clusterOperator.image.digest` | RabbitMQ Cluster Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `clusterOperator.image.pullPolicy` | RabbitMQ Cluster Operator image pull policy | `IfNotPresent` | +| `clusterOperator.image.pullSecrets` | RabbitMQ Cluster Operator image pull secrets | `[]` | +| `clusterOperator.watchAllNamespaces` | Watch for resources in all namespaces | `true` | +| `clusterOperator.watchNamespaces` | Watch for resources in the given namespaces (ignored if watchAllNamespaces=true) | `[]` | +| `clusterOperator.replicaCount` | Number of RabbitMQ Cluster Operator replicas to deploy | `1` | +| `clusterOperator.schedulerName` | Alternative scheduler | `""` | +| `clusterOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `clusterOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `clusterOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Cluster Operator nodes | `true` | +| `clusterOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `clusterOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | +| `clusterOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `clusterOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `clusterOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `clusterOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Cluster Operator nodes | `true` | +| `clusterOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `clusterOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | +| `clusterOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `clusterOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `clusterOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `clusterOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Cluster Operator nodes | `false` | +| `clusterOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `clusterOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | +| `clusterOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `clusterOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `clusterOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `clusterOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `clusterOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `clusterOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `clusterOperator.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if clusterOperator.resources is set (clusterOperator.resources is recommended for production). | `none` | +| `clusterOperator.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `clusterOperator.podSecurityContext.enabled` | Enabled RabbitMQ Cluster Operator pods' Security Context | `true` | +| `clusterOperator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `clusterOperator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `clusterOperator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `clusterOperator.podSecurityContext.fsGroup` | Set RabbitMQ Cluster Operator pod's Security Context fsGroup | `1001` | +| `clusterOperator.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `clusterOperator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `clusterOperator.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `clusterOperator.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `clusterOperator.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `clusterOperator.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `clusterOperator.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `clusterOperator.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `clusterOperator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `clusterOperator.command` | Override default container command (useful when using custom images) | `[]` | +| `clusterOperator.args` | Override default container args (useful when using custom images) | `[]` | +| `clusterOperator.automountServiceAccountToken` | Mount Service Account token in pod | `true` | +| `clusterOperator.hostAliases` | RabbitMQ Cluster Operator pods host aliases | `[]` | +| `clusterOperator.podLabels` | Extra labels for RabbitMQ Cluster Operator pods | `{}` | +| `clusterOperator.podAnnotations` | Annotations for RabbitMQ Cluster Operator pods | `{}` | +| `clusterOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `clusterOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `clusterOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `clusterOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `clusterOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `clusterOperator.affinity` | Affinity for RabbitMQ Cluster Operator pods assignment | `{}` | +| `clusterOperator.nodeSelector` | Node labels for RabbitMQ Cluster Operator pods assignment | `{}` | +| `clusterOperator.tolerations` | Tolerations for RabbitMQ Cluster Operator pods assignment | `[]` | +| `clusterOperator.updateStrategy.type` | RabbitMQ Cluster Operator statefulset strategy type | `RollingUpdate` | +| `clusterOperator.priorityClassName` | RabbitMQ Cluster Operator pods' priorityClassName | `""` | +| `clusterOperator.lifecycleHooks` | for the RabbitMQ Cluster Operator container(s) to automate configuration before or after startup | `{}` | +| `clusterOperator.containerPorts.metrics` | RabbitMQ Cluster Operator container port (used for metrics) | `9782` | +| `clusterOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Cluster Operator nodes | `[]` | +| `clusterOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `clusterOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Cluster Operator nodes | `""` | +| `clusterOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Cluster Operator container(s) | `[]` | +| `clusterOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.initContainers` | Add additional init containers to the RabbitMQ Cluster Operator pod(s) | `[]` | +| `clusterOperator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `clusterOperator.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | +| `clusterOperator.networkPolicy.allowExternal` | Don't require injector label for connections | `true` | +| `clusterOperator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `clusterOperator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolice | `[]` | +| `clusterOperator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `clusterOperator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `clusterOperator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `clusterOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `clusterOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | +| `clusterOperator.rbac.clusterRole.extraRules` | Define extra access rules for the ClusterRole. This has no effect if customerRules is a non-empty array. | `[]` | +| `clusterOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `clusterOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `clusterOperator.serviceAccount.annotations` | Add annotations | `{}` | +| `clusterOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | ### RabbitMQ Cluster Operator Metrics parameters @@ -299,113 +299,113 @@ This solution allows to easily deploy multiple RabbitMQ instances compared to th ### RabbitMQ Messaging Topology Operator Parameters -| Name | Description | Value | -| ----------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------- | -| `msgTopologyOperator.enabled` | Deploy RabbitMQ Messaging Topology Operator as part of the installation | `true` | -| `msgTopologyOperator.image.registry` | RabbitMQ Messaging Topology Operator image registry | `REGISTRY_NAME` | -| `msgTopologyOperator.image.repository` | RabbitMQ Messaging Topology Operator image repository | `REPOSITORY_NAME/rmq-messaging-topology-operator` | -| `msgTopologyOperator.image.digest` | RabbitMQ Messaging Topology Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `msgTopologyOperator.image.pullPolicy` | RabbitMQ Messaging Topology Operator image pull policy | `IfNotPresent` | -| `msgTopologyOperator.image.pullSecrets` | RabbitMQ Messaging Topology Operator image pull secrets | `[]` | -| `msgTopologyOperator.watchAllNamespaces` | Watch for resources in all namespaces | `true` | -| `msgTopologyOperator.watchNamespaces` | Watch for resources in the given namespaces ## @param clusterOperator.watchNamespaces [array] Watch for resources in the given namespaces (ignored if watchAllNamespaces=true) | `[]` | -| `msgTopologyOperator.replicaCount` | Number of RabbitMQ Messaging Topology Operator replicas to deploy | `1` | -| `msgTopologyOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | -| `msgTopologyOperator.schedulerName` | Alternative scheduler | `""` | -| `msgTopologyOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | -| `msgTopologyOperator.hostNetwork` | Boolean | `false` | -| `msgTopologyOperator.dnsPolicy` | Alternative DNS policy | `ClusterFirst` | -| `msgTopologyOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | -| `msgTopologyOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | -| `msgTopologyOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `msgTopologyOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `msgTopologyOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | -| `msgTopologyOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | -| `msgTopologyOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `msgTopologyOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `msgTopologyOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Messaging Topology Operator nodes | `false` | -| `msgTopologyOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | -| `msgTopologyOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `msgTopologyOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `msgTopologyOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `msgTopologyOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `msgTopologyOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `msgTopologyOperator.existingWebhookCertSecret` | name of a secret containing the certificates (use it to avoid certManager creating one) | `""` | -| `msgTopologyOperator.existingWebhookCertCABundle` | PEM-encoded CA Bundle of the existing secret provided in existingWebhookCertSecret (only if useCertManager=false) | `""` | -| `msgTopologyOperator.resources.limits` | The resources limits for the RabbitMQ Messaging Topology Operator containers | `{}` | -| `msgTopologyOperator.resources.requests` | The requested resources for the RabbitMQ Messaging Topology Operator containers | `{}` | -| `msgTopologyOperator.podSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator pods' Security Context | `true` | -| `msgTopologyOperator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | -| `msgTopologyOperator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | -| `msgTopologyOperator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | -| `msgTopologyOperator.podSecurityContext.fsGroup` | Set RabbitMQ Messaging Topology Operator pod's Security Context fsGroup | `1001` | -| `msgTopologyOperator.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | -| `msgTopologyOperator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | -| `msgTopologyOperator.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | -| `msgTopologyOperator.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | -| `msgTopologyOperator.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | -| `msgTopologyOperator.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | -| `msgTopologyOperator.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | -| `msgTopologyOperator.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | -| `msgTopologyOperator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | -| `msgTopologyOperator.fullnameOverride` | String to fully override rmqco.msgTopologyOperator.fullname template | `""` | -| `msgTopologyOperator.command` | Override default container command (useful when using custom images) | `[]` | -| `msgTopologyOperator.args` | Override default container args (useful when using custom images) | `[]` | -| `msgTopologyOperator.automountServiceAccountToken` | Mount Service Account token in pod | `true` | -| `msgTopologyOperator.hostAliases` | RabbitMQ Messaging Topology Operator pods host aliases | `[]` | -| `msgTopologyOperator.podLabels` | Extra labels for RabbitMQ Messaging Topology Operator pods | `{}` | -| `msgTopologyOperator.podAnnotations` | Annotations for RabbitMQ Messaging Topology Operator pods | `{}` | -| `msgTopologyOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `msgTopologyOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `msgTopologyOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `msgTopologyOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | -| `msgTopologyOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | -| `msgTopologyOperator.affinity` | Affinity for RabbitMQ Messaging Topology Operator pods assignment | `{}` | -| `msgTopologyOperator.nodeSelector` | Node labels for RabbitMQ Messaging Topology Operator pods assignment | `{}` | -| `msgTopologyOperator.tolerations` | Tolerations for RabbitMQ Messaging Topology Operator pods assignment | `[]` | -| `msgTopologyOperator.updateStrategy.type` | RabbitMQ Messaging Topology Operator statefulset strategy type | `RollingUpdate` | -| `msgTopologyOperator.priorityClassName` | RabbitMQ Messaging Topology Operator pods' priorityClassName | `""` | -| `msgTopologyOperator.lifecycleHooks` | for the RabbitMQ Messaging Topology Operator container(s) to automate configuration before or after startup | `{}` | -| `msgTopologyOperator.containerPorts.metrics` | RabbitMQ Messaging Topology Operator container port (used for metrics) | `8080` | -| `msgTopologyOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Messaging Topology Operator nodes | `[]` | -| `msgTopologyOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | -| `msgTopologyOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | -| `msgTopologyOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Messaging Topology Operator container(s) | `[]` | -| `msgTopologyOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.initContainers` | Add additional init containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | -| `msgTopologyOperator.service.type` | RabbitMQ Messaging Topology Operator webhook service type | `ClusterIP` | -| `msgTopologyOperator.service.ports.webhook` | RabbitMQ Messaging Topology Operator webhook service HTTP port | `443` | -| `msgTopologyOperator.service.nodePorts.http` | Node port for HTTP | `""` | -| `msgTopologyOperator.service.clusterIP` | RabbitMQ Messaging Topology Operator webhook service Cluster IP | `""` | -| `msgTopologyOperator.service.loadBalancerIP` | RabbitMQ Messaging Topology Operator webhook service Load Balancer IP | `""` | -| `msgTopologyOperator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `msgTopologyOperator.service.loadBalancerSourceRanges` | RabbitMQ Messaging Topology Operator webhook service Load Balancer sources | `[]` | -| `msgTopologyOperator.service.externalTrafficPolicy` | RabbitMQ Messaging Topology Operator webhook service external traffic policy | `Cluster` | -| `msgTopologyOperator.service.annotations` | Additional custom annotations for RabbitMQ Messaging Topology Operator webhook service | `{}` | -| `msgTopologyOperator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `msgTopologyOperator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `msgTopologyOperator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | -| `msgTopologyOperator.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | -| `msgTopologyOperator.networkPolicy.allowExternal` | Don't require injector label for connections | `true` | -| `msgTopologyOperator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | -| `msgTopologyOperator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolice | `[]` | -| `msgTopologyOperator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `msgTopologyOperator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `msgTopologyOperator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `msgTopologyOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | -| `msgTopologyOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | -| `msgTopologyOperator.rbac.clusterRole.extraRules` | Define extra access rules for the ClusterRole. This has no effect if customerRules is a non-empty array. | `[]` | -| `msgTopologyOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `msgTopologyOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `msgTopologyOperator.serviceAccount.annotations` | Add annotations | `{}` | -| `msgTopologyOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | +| Name | Description | Value | +| ----------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------- | +| `msgTopologyOperator.enabled` | Deploy RabbitMQ Messaging Topology Operator as part of the installation | `true` | +| `msgTopologyOperator.image.registry` | RabbitMQ Messaging Topology Operator image registry | `REGISTRY_NAME` | +| `msgTopologyOperator.image.repository` | RabbitMQ Messaging Topology Operator image repository | `REPOSITORY_NAME/rmq-messaging-topology-operator` | +| `msgTopologyOperator.image.digest` | RabbitMQ Messaging Topology Operator image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `msgTopologyOperator.image.pullPolicy` | RabbitMQ Messaging Topology Operator image pull policy | `IfNotPresent` | +| `msgTopologyOperator.image.pullSecrets` | RabbitMQ Messaging Topology Operator image pull secrets | `[]` | +| `msgTopologyOperator.watchAllNamespaces` | Watch for resources in all namespaces | `true` | +| `msgTopologyOperator.watchNamespaces` | Watch for resources in the given namespaces ## @param clusterOperator.watchNamespaces [array] Watch for resources in the given namespaces (ignored if watchAllNamespaces=true) | `[]` | +| `msgTopologyOperator.replicaCount` | Number of RabbitMQ Messaging Topology Operator replicas to deploy | `1` | +| `msgTopologyOperator.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `msgTopologyOperator.schedulerName` | Alternative scheduler | `""` | +| `msgTopologyOperator.terminationGracePeriodSeconds` | In seconds, time the given to the %%MAIN_CONTAINER_NAME%% pod needs to terminate gracefully | `""` | +| `msgTopologyOperator.hostNetwork` | Boolean | `false` | +| `msgTopologyOperator.dnsPolicy` | Alternative DNS policy | `ClusterFirst` | +| `msgTopologyOperator.livenessProbe.enabled` | Enable livenessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | +| `msgTopologyOperator.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | +| `msgTopologyOperator.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `msgTopologyOperator.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `msgTopologyOperator.readinessProbe.enabled` | Enable readinessProbe on RabbitMQ Messaging Topology Operator nodes | `true` | +| `msgTopologyOperator.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `30` | +| `msgTopologyOperator.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `msgTopologyOperator.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `msgTopologyOperator.startupProbe.enabled` | Enable startupProbe on RabbitMQ Messaging Topology Operator nodes | `false` | +| `msgTopologyOperator.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.periodSeconds` | Period seconds for startupProbe | `30` | +| `msgTopologyOperator.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `msgTopologyOperator.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `msgTopologyOperator.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `msgTopologyOperator.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `msgTopologyOperator.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `msgTopologyOperator.existingWebhookCertSecret` | name of a secret containing the certificates (use it to avoid certManager creating one) | `""` | +| `msgTopologyOperator.existingWebhookCertCABundle` | PEM-encoded CA Bundle of the existing secret provided in existingWebhookCertSecret (only if useCertManager=false) | `""` | +| `msgTopologyOperator.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if msgTopologyOperator.resources is set (msgTopologyOperator.resources is recommended for production). | `none` | +| `msgTopologyOperator.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | +| `msgTopologyOperator.podSecurityContext.enabled` | Enabled RabbitMQ Messaging Topology Operator pods' Security Context | `true` | +| `msgTopologyOperator.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | +| `msgTopologyOperator.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | +| `msgTopologyOperator.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | +| `msgTopologyOperator.podSecurityContext.fsGroup` | Set RabbitMQ Messaging Topology Operator pod's Security Context fsGroup | `1001` | +| `msgTopologyOperator.containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | +| `msgTopologyOperator.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | +| `msgTopologyOperator.containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | +| `msgTopologyOperator.containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | +| `msgTopologyOperator.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | +| `msgTopologyOperator.containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `true` | +| `msgTopologyOperator.containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | +| `msgTopologyOperator.containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | +| `msgTopologyOperator.containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | +| `msgTopologyOperator.fullnameOverride` | String to fully override rmqco.msgTopologyOperator.fullname template | `""` | +| `msgTopologyOperator.command` | Override default container command (useful when using custom images) | `[]` | +| `msgTopologyOperator.args` | Override default container args (useful when using custom images) | `[]` | +| `msgTopologyOperator.automountServiceAccountToken` | Mount Service Account token in pod | `true` | +| `msgTopologyOperator.hostAliases` | RabbitMQ Messaging Topology Operator pods host aliases | `[]` | +| `msgTopologyOperator.podLabels` | Extra labels for RabbitMQ Messaging Topology Operator pods | `{}` | +| `msgTopologyOperator.podAnnotations` | Annotations for RabbitMQ Messaging Topology Operator pods | `{}` | +| `msgTopologyOperator.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `msgTopologyOperator.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `msgTopologyOperator.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `msgTopologyOperator.nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` | +| `msgTopologyOperator.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` | +| `msgTopologyOperator.affinity` | Affinity for RabbitMQ Messaging Topology Operator pods assignment | `{}` | +| `msgTopologyOperator.nodeSelector` | Node labels for RabbitMQ Messaging Topology Operator pods assignment | `{}` | +| `msgTopologyOperator.tolerations` | Tolerations for RabbitMQ Messaging Topology Operator pods assignment | `[]` | +| `msgTopologyOperator.updateStrategy.type` | RabbitMQ Messaging Topology Operator statefulset strategy type | `RollingUpdate` | +| `msgTopologyOperator.priorityClassName` | RabbitMQ Messaging Topology Operator pods' priorityClassName | `""` | +| `msgTopologyOperator.lifecycleHooks` | for the RabbitMQ Messaging Topology Operator container(s) to automate configuration before or after startup | `{}` | +| `msgTopologyOperator.containerPorts.metrics` | RabbitMQ Messaging Topology Operator container port (used for metrics) | `8080` | +| `msgTopologyOperator.extraEnvVars` | Array with extra environment variables to add to RabbitMQ Messaging Topology Operator nodes | `[]` | +| `msgTopologyOperator.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | +| `msgTopologyOperator.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for RabbitMQ Messaging Topology Operator nodes | `""` | +| `msgTopologyOperator.extraVolumes` | Optionally specify extra list of additional volumes for the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the RabbitMQ Messaging Topology Operator container(s) | `[]` | +| `msgTopologyOperator.sidecars` | Add additional sidecar containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.initContainers` | Add additional init containers to the RabbitMQ Messaging Topology Operator pod(s) | `[]` | +| `msgTopologyOperator.service.type` | RabbitMQ Messaging Topology Operator webhook service type | `ClusterIP` | +| `msgTopologyOperator.service.ports.webhook` | RabbitMQ Messaging Topology Operator webhook service HTTP port | `443` | +| `msgTopologyOperator.service.nodePorts.http` | Node port for HTTP | `""` | +| `msgTopologyOperator.service.clusterIP` | RabbitMQ Messaging Topology Operator webhook service Cluster IP | `""` | +| `msgTopologyOperator.service.loadBalancerIP` | RabbitMQ Messaging Topology Operator webhook service Load Balancer IP | `""` | +| `msgTopologyOperator.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `msgTopologyOperator.service.loadBalancerSourceRanges` | RabbitMQ Messaging Topology Operator webhook service Load Balancer sources | `[]` | +| `msgTopologyOperator.service.externalTrafficPolicy` | RabbitMQ Messaging Topology Operator webhook service external traffic policy | `Cluster` | +| `msgTopologyOperator.service.annotations` | Additional custom annotations for RabbitMQ Messaging Topology Operator webhook service | `{}` | +| `msgTopologyOperator.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `msgTopologyOperator.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `msgTopologyOperator.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` | +| `msgTopologyOperator.networkPolicy.kubeAPIServerPorts` | List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security) | `[]` | +| `msgTopologyOperator.networkPolicy.allowExternal` | Don't require injector label for connections | `true` | +| `msgTopologyOperator.networkPolicy.allowExternalEgress` | Allow the pod to access any range of port and all destinations. | `true` | +| `msgTopologyOperator.networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolice | `[]` | +| `msgTopologyOperator.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `msgTopologyOperator.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `msgTopologyOperator.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `msgTopologyOperator.rbac.create` | Specifies whether RBAC resources should be created | `true` | +| `msgTopologyOperator.rbac.clusterRole.customRules` | Define custom access rules for the ClusterRole | `[]` | +| `msgTopologyOperator.rbac.clusterRole.extraRules` | Define extra access rules for the ClusterRole. This has no effect if customerRules is a non-empty array. | `[]` | +| `msgTopologyOperator.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `msgTopologyOperator.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `msgTopologyOperator.serviceAccount.annotations` | Add annotations | `{}` | +| `msgTopologyOperator.serviceAccount.automountServiceAccountToken` | Automount API credentials for a service account. | `false` | ### RabbitMQ Messaging Topology Operator parameters @@ -475,6 +475,12 @@ helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/rabbi ## Configuration and installation details +### Resource requests and limits + +Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case. + +To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). + ### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers) It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. diff --git a/bitnami/rabbitmq-cluster-operator/templates/NOTES.txt b/bitnami/rabbitmq-cluster-operator/templates/NOTES.txt index 85c6cb607b..60b7c0ab38 100644 --- a/bitnami/rabbitmq-cluster-operator/templates/NOTES.txt +++ b/bitnami/rabbitmq-cluster-operator/templates/NOTES.txt @@ -48,3 +48,4 @@ RabbitMQ Messaging Topology Operator won't be able to access resources in other {{ include "common.warnings.rollingTag" .Values.msgTopologyOperator.image }} {{ include "common.warnings.rollingTag" .Values.credentialUpdaterImage }} {{ include "common.warnings.rollingTag" .Values.rabbitmqImage }} +{{- include "common.warnings.resources" (dict "sections" (list "clusterOperator" "msgTopologyOperator") "context" $) }} diff --git a/bitnami/rabbitmq-cluster-operator/templates/cluster-operator/deployment.yaml b/bitnami/rabbitmq-cluster-operator/templates/cluster-operator/deployment.yaml index 1fcf501a7e..aa1cf99d5d 100644 --- a/bitnami/rabbitmq-cluster-operator/templates/cluster-operator/deployment.yaml +++ b/bitnami/rabbitmq-cluster-operator/templates/cluster-operator/deployment.yaml @@ -122,6 +122,8 @@ spec: {{- end }} {{- if .Values.clusterOperator.resources }} resources: {{- toYaml .Values.clusterOperator.resources | nindent 12 }} + {{- else if ne .Values.clusterOperator.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.clusterOperator.resourcesPreset) | nindent 12 }} {{- end }} {{- if not .Values.diagnosticMode.enabled }} {{- if .Values.clusterOperator.customLivenessProbe }} diff --git a/bitnami/rabbitmq-cluster-operator/templates/messaging-topology-operator/deployment.yaml b/bitnami/rabbitmq-cluster-operator/templates/messaging-topology-operator/deployment.yaml index 6213c6a35f..32dfa76c7b 100644 --- a/bitnami/rabbitmq-cluster-operator/templates/messaging-topology-operator/deployment.yaml +++ b/bitnami/rabbitmq-cluster-operator/templates/messaging-topology-operator/deployment.yaml @@ -123,6 +123,8 @@ spec: {{- end }} {{- if .Values.msgTopologyOperator.resources }} resources: {{- toYaml .Values.msgTopologyOperator.resources | nindent 12 }} + {{- else if ne .Values.msgTopologyOperator.resourcesPreset "none" }} + resources: {{- include "common.resources.preset" (dict "type" .Values.msgTopologyOperator.resourcesPreset) | nindent 12 }} {{- end }} ports: - name: http-webhook diff --git a/bitnami/rabbitmq-cluster-operator/values.yaml b/bitnami/rabbitmq-cluster-operator/values.yaml index 361739f27b..87d4efef39 100644 --- a/bitnami/rabbitmq-cluster-operator/values.yaml +++ b/bitnami/rabbitmq-cluster-operator/values.yaml @@ -19,7 +19,6 @@ global: ## imagePullSecrets: [] storageClass: "" - ## @section Common parameters ## @@ -50,7 +49,6 @@ diagnosticMode: ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled) ## enabled: false - ## @section RabbitMQ Cluster Operator Parameters ## @@ -75,7 +73,6 @@ rabbitmqImage: ## - myRegistryKeySecretName ## pullSecrets: [] - ## Bitnami RabbitMQ Default User Credential Updater Image ## ref: https://hub.docker.com/r/bitnami/rmq-default-credential-updater/tags/ ## @param credentialUpdaterImage.registry [default: REGISTRY_NAME] RabbitMQ Default User Credential Updater image registry @@ -97,7 +94,6 @@ credentialUpdaterImage: ## - myRegistryKeySecretName ## pullSecrets: [] - clusterOperator: ## Bitnami RabbitMQ Cluster Operator image ## ref: https://hub.docker.com/r/bitnami/rabbitmq-cluster-operator/tags/ @@ -126,7 +122,6 @@ clusterOperator: ## - myRegistryKeySecretName ## pullSecrets: [] - ## @param clusterOperator.watchAllNamespaces Watch for resources in all namespaces ## watchAllNamespaces: true @@ -192,7 +187,6 @@ clusterOperator: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 - ## @param clusterOperator.customLivenessProbe Custom livenessProbe that overrides the default one ## customLivenessProbe: {} @@ -202,16 +196,23 @@ clusterOperator: ## @param clusterOperator.customStartupProbe Custom startupProbe that overrides the default one ## customStartupProbe: {} - ## RabbitMQ Cluster Operator resource requests and limits ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param clusterOperator.resources.limits The resources limits for the RabbitMQ Cluster Operator containers - ## @param clusterOperator.resources.requests The requested resources for the RabbitMQ Cluster Operator containers + ## @param clusterOperator.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if clusterOperator.resources is set (clusterOperator.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 ## - resources: - limits: {} - requests: {} - + resourcesPreset: "none" + ## @param clusterOperator.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} ## Configure Pods Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param clusterOperator.podSecurityContext.enabled Enabled RabbitMQ Cluster Operator pods' Security Context @@ -250,7 +251,6 @@ clusterOperator: drop: ["ALL"] seccompProfile: type: "RuntimeDefault" - ## @param clusterOperator.command Override default container command (useful when using custom images) ## command: [] @@ -324,12 +324,10 @@ clusterOperator: ## @param clusterOperator.lifecycleHooks for the RabbitMQ Cluster Operator container(s) to automate configuration before or after startup ## lifecycleHooks: {} - ## @param clusterOperator.containerPorts.metrics RabbitMQ Cluster Operator container port (used for metrics) ## containerPorts: metrics: 9782 - ## @param clusterOperator.extraEnvVars Array with extra environment variables to add to RabbitMQ Cluster Operator nodes ## e.g: ## extraEnvVars: @@ -370,7 +368,6 @@ clusterOperator: ## command: ['sh', '-c', 'echo "hello world"'] ## initContainers: [] - ## Network Policies ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ ## @@ -429,7 +426,6 @@ clusterOperator: ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} - ## RBAC configuration ## rbac: @@ -455,7 +451,6 @@ clusterOperator: ## - resources: A list of resource names (e.g., ["configmaps", "pods"]). ## - verbs: A list of allowed access verbs (e.g., ["create", "get", "list"]). extraRules: [] - ## ServiceAccount configuration ## serviceAccount: @@ -472,7 +467,6 @@ clusterOperator: ## @param clusterOperator.serviceAccount.automountServiceAccountToken Automount API credentials for a service account. ## automountServiceAccountToken: false - ## @section RabbitMQ Cluster Operator Metrics parameters ## metrics: @@ -566,7 +560,6 @@ clusterOperator: ## @param clusterOperator.metrics.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used ## interval: "" - ## DEPRECATED: Use clusterOperator.metrics.serviceMonitor.labels instead ## This value will be removed in a future release ## additionalLabels: {} @@ -657,7 +650,6 @@ msgTopologyOperator: ## - myRegistryKeySecretName ## pullSecrets: [] - ## @param msgTopologyOperator.watchAllNamespaces Watch for resources in all namespaces ## watchAllNamespaces: true @@ -729,7 +721,6 @@ msgTopologyOperator: timeoutSeconds: 5 successThreshold: 1 failureThreshold: 5 - ## @param msgTopologyOperator.customLivenessProbe Custom livenessProbe that overrides the default one ## customLivenessProbe: {} @@ -739,24 +730,29 @@ msgTopologyOperator: ## @param msgTopologyOperator.customStartupProbe Custom startupProbe that overrides the default one ## customStartupProbe: {} - ## @param msgTopologyOperator.existingWebhookCertSecret name of a secret containing the certificates (use it to avoid certManager creating one) ## existingWebhookCertSecret: "" - ## @param msgTopologyOperator.existingWebhookCertCABundle PEM-encoded CA Bundle of the existing secret provided in existingWebhookCertSecret (only if useCertManager=false) ## existingWebhookCertCABundle: "" - ## RabbitMQ Messaging Topology Operator resource requests and limits ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - ## @param msgTopologyOperator.resources.limits The resources limits for the RabbitMQ Messaging Topology Operator containers - ## @param msgTopologyOperator.resources.requests The requested resources for the RabbitMQ Messaging Topology Operator containers + ## @param msgTopologyOperator.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if msgTopologyOperator.resources is set (msgTopologyOperator.resources is recommended for production). + ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 ## - resources: - limits: {} - requests: {} - + resourcesPreset: "none" + ## @param msgTopologyOperator.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads) + ## Example: + ## resources: + ## requests: + ## cpu: 2 + ## memory: 512Mi + ## limits: + ## cpu: 3 + ## memory: 1024Mi + ## + resources: {} ## Configure Pods Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param msgTopologyOperator.podSecurityContext.enabled Enabled RabbitMQ Messaging Topology Operator pods' Security Context @@ -795,11 +791,9 @@ msgTopologyOperator: drop: ["ALL"] seccompProfile: type: "RuntimeDefault" - ## @param msgTopologyOperator.fullnameOverride String to fully override rmqco.msgTopologyOperator.fullname template ## fullnameOverride: "" - ## @param msgTopologyOperator.command Override default container command (useful when using custom images) ## command: [] @@ -873,12 +867,10 @@ msgTopologyOperator: ## @param msgTopologyOperator.lifecycleHooks for the RabbitMQ Messaging Topology Operator container(s) to automate configuration before or after startup ## lifecycleHooks: {} - ## @param msgTopologyOperator.containerPorts.metrics RabbitMQ Messaging Topology Operator container port (used for metrics) ## containerPorts: metrics: 8080 - ## @param msgTopologyOperator.extraEnvVars Array with extra environment variables to add to RabbitMQ Messaging Topology Operator nodes ## e.g: ## extraEnvVars: @@ -919,7 +911,6 @@ msgTopologyOperator: ## command: ['sh', '-c', 'echo "hello world"'] ## initContainers: [] - ## Webhook service parameters ## service: @@ -973,7 +964,6 @@ msgTopologyOperator: ## timeoutSeconds: 300 ## sessionAffinityConfig: {} - ## Network Policies ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ ## @@ -1032,7 +1022,6 @@ msgTopologyOperator: ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} - ## RBAC configuration ## rbac: @@ -1058,7 +1047,6 @@ msgTopologyOperator: ## - resources: A list of resource names (e.g., ["configmaps", "pods"]). ## - verbs: A list of allowed access verbs (e.g., ["create", "get", "list"]). extraRules: [] - ## ServiceAccount configuration ## serviceAccount: @@ -1075,7 +1063,6 @@ msgTopologyOperator: ## @param msgTopologyOperator.serviceAccount.automountServiceAccountToken Automount API credentials for a service account. ## automountServiceAccountToken: false - ## @section RabbitMQ Messaging Topology Operator parameters ## metrics: @@ -1149,7 +1136,6 @@ msgTopologyOperator: ## @param msgTopologyOperator.metrics.serviceMonitor.jobLabel Specify the jobLabel to use for the prometheus-operator ## jobLabel: app.kubernetes.io/name - ## DEPRECATED: Use msgTopologyOperator.metrics.serviceMonitor.labels instead. ## This value will be removed in a future release ## additionalLabels: {}