diff --git a/.github/workflows/generate-chart-readme.yml b/.github/workflows/generate-chart-readme.yml index fbdd9d7dae..e4e1345617 100644 --- a/.github/workflows/generate-chart-readme.yml +++ b/.github/workflows/generate-chart-readme.yml @@ -44,6 +44,9 @@ on: - 'bitnami/magento/values.yaml' - 'bitnami/mariadb/values.yaml' - 'bitnami/mariadb-galera/values.yaml' + - 'bitnami/mediawiki/values.yaml' + - 'bitnami/memcached/values.yaml' + - 'bitnami/metallb/values.yaml' - 'bitnami/metrics-server/values.yaml' - 'bitnami/minio/values.yaml' - 'bitnami/mongodb/values.yaml' diff --git a/bitnami/mediawiki/Chart.yaml b/bitnami/mediawiki/Chart.yaml index 9e16c44a5f..9bf8dea685 100644 --- a/bitnami/mediawiki/Chart.yaml +++ b/bitnami/mediawiki/Chart.yaml @@ -32,4 +32,4 @@ name: mediawiki sources: - https://github.com/bitnami/bitnami-docker-mediawiki - http://www.mediawiki.org/ -version: 12.3.3 +version: 12.3.4 diff --git a/bitnami/mediawiki/README.md b/bitnami/mediawiki/README.md index 2d9a31349b..e51ae87674 100644 --- a/bitnami/mediawiki/README.md +++ b/bitnami/mediawiki/README.md @@ -48,153 +48,171 @@ The command removes all the Kubernetes components associated with the chart and ## Parameters -The following tables lists the configurable parameters of the Mediawki chart and their default values per section/component: - ### Global parameters -| Parameter | Description | Default | -|---------------------------|-------------------------------------------------|---------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ----- | +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `nil` | + ### Common parameters -| Parameter | Description | Default | -|---------------------|----------------------------------------------------------------------|--------------------------------| -| `nameOverride` | String to partially override common.names.fullname | `nil` | -| `fullnameOverride` | String to fully override common.names.fullname | `nil` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` (evaluated as a template) | -| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `nil` | +| Name | Description | Value | +| ------------------- | -------------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `nil` | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `nil` | +| `fullnameOverride` | String to fully override common.names.fullname template | `nil` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | + ### Mediawiki parameters -| Parameter | Description | Default | -|----------------------|----------------------------------------------------------------------|---------------------------------------------------------| -| `image.registry` | MediaWiki image registry | `docker.io` | -| `image.repository` | MediaWiki Image name | `bitnami/mediawiki` | -| `image.tag` | MediaWiki Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `mediawikiUser` | User of the application | `user` | -| `mediawikiPassword` | Application password | _random 10 character long alphanumeric string_ | -| `mediawikiEmail` | Admin email | `user@example.com` | -| `mediawikiName` | Name for the wiki | `My Wiki` | -| `mediawikiHost` | Mediawiki host to create application URLs | `nil` | -| `allowEmptyPassword` | Allow DB blank passwords | `yes` | -| `hostAliases` | Add deployment host aliases | `Check values.yaml` | -| `smtpHost` | SMTP host | `nil` | -| `smtpPort` | SMTP port | `nil` | -| `smtpHostID` | SMTP host ID | `nil` | -| `smtpUser` | SMTP user | `nil` | -| `smtpPassword` | SMTP password | `nil` | -| `command` | Override default container command (useful when using custom images) | `nil` | -| `args` | Override default container args (useful when using custom images) | `nil` | -| `extraEnvVars` | Extra environment variables to be set on Mediawki container | `{}` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `nil` | +| Name | Description | Value | +| -------------------- | -------------------------------------------------------------------- | --------------------- | +| `image.registry` | MediaWiki image registry | `docker.io` | +| `image.repository` | MediaWiki image repository | `bitnami/mediawiki` | +| `image.tag` | MediaWiki image tag (immutable tags are recommended) | `1.36.1-debian-10-r0` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `hostAliases` | Deployment pod host aliases | `[]` | +| `mediawikiUser` | User of the application | `user` | +| `mediawikiPassword` | Application password | `nil` | +| `mediawikiEmail` | Admin email | `user@example.com` | +| `mediawikiName` | Name for the wiki | `My Wiki` | +| `mediawikiHost` | Mediawiki host to create application URLs | `nil` | +| `allowEmptyPassword` | Allow DB blank passwords | `yes` | +| `smtpHost` | SMTP host | `nil` | +| `smtpPort` | SMTP port | `nil` | +| `smtpHostID` | SMTP host ID | `nil` | +| `smtpUser` | SMTP user | `nil` | +| `smtpPassword` | SMTP password | `nil` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Extra environment variables to be set on Mediawki container | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `nil` | + ### Mediawiki deployment parameters -| Parameter | Description | Default | -|-----------------------------|-------------------------------------------------------------------------------------------|---------------------------------------------| -| `podSecurityContext` | Mediawki pods' Security Context | Check `values.yaml` file | -| `containerSecurityContext` | Mediawki containers' Security Context | Check `values.yaml` file | -| `resources.limits` | The resources limits for the Mediawki container | `{}` | -| `resources.requests` | The requested resources for the Mediawki container | `{"memory": "512Mi", "cpu": "300m"}` | -| `livenessProbe` | Liveness probe configuration for Mediawki | Check `values.yaml` file | -| `readinessProbe` | Readiness probe configuration for Mediawki | Check `values.yaml` file | -| `customLivenessProbe` | Override default liveness probe | `nil` | -| `customReadinessProbe` | Override default readiness probe | `nil` | -| `updateStrategy` | Strategy to use to update Pods | Check `values.yaml` file | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` (evaluated as a template) | -| `nodeSelector` | Node labels for pod assignment | `{}` (evaluated as a template) | -| `tolerations` | Tolerations for pod assignment | `[]` (evaluated as a template) | -| `podLabels` | Extra labels for Mediawki pods | `{}` (evaluated as a template) | -| `podAnnotations` | Annotations for Mediawki pods | `{}` (evaluated as a template) | -| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Mediawki container(s) | `[]` | -| `extraVolumes` | Optionally specify extra list of additional volumes for Mediawki pods | `[]` | -| `initContainers` | Add additional init containers to the Mediawki pods | `{}` (evaluated as a template) | -| `sidecars` | Add additional sidecar containers to the Mediawki pods | `{}` (evaluated as a template) | -| `persistence.enabled` | Enable persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for MediaWiki volume | `nil` (uses alpha storage class annotation) | -| `persistence.existingClaim` | An Existing PVC name for MediaWiki volume | `nil` (uses alpha storage class annotation) | -| `persistence.accessMode` | PVC Access Mode for MediaWiki volume | `ReadWriteOnce` | -| `persistence.size` | PVC Storage Request for MediaWiki volume | `8Gi` | +| Name | Description | Value | +| ------------------------------------ | ----------------------------------------------------------------------------------------- | ------------------------------------------------- | +| `updateStrategy.type` | StrategyType can be set to RollingUpdate or OnDelete | `RollingUpdate` | +| `podSecurityContext.enabled` | Enable Mediawiki pods' Security Context | `true` | +| `podSecurityContext.fsGroup` | Group ID for the volumes of the pod | `1001` | +| `containerSecurityContext.enabled` | Enable Mediawiki containers' SecurityContext | `true` | +| `containerSecurityContext.runAsUser` | User ID to run Mediawiki containers | `1001` | +| `resources.limits` | The resources limits for the Mediawki container | `{}` | +| `resources.requests` | The requested resources for the Mediawki container | `{}` | +| `livenessProbe.enabled` | Enable livenessProbe | `true` | +| `livenessProbe.httpGet.path` | Request path for livenessProbe | `/api.php?action=query&meta=siteinfo&format=none` | +| `livenessProbe.httpGet.port` | Port for livenessProbe | `http` | +| `livenessProbe.httpGet.httpHeaders` | Headers for livenessProbe | `[]` | +| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | +| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readinessProbe.enabled` | Enable readinessProbe | `true` | +| `readinessProbe.httpGet.path` | Request path for readinessProbe | `/api.php?action=query&meta=siteinfo&format=none` | +| `readinessProbe.httpGet.port` | Port for readinessProbe | `http` | +| `readinessProbe.httpGet.httpHeaders` | Headers for livenessProbe | `[]` | +| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `customLivenessProbe` | Override default liveness probe | `{}` | +| `customReadinessProbe` | Override default readiness probe | `{}` | +| `podLabels` | Extra labels for Mediawki pods | `{}` | +| `podAnnotations` | Annotations for Mediawki pods | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment. Evaluated as a template. | `{}` | +| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | +| `tolerations` | Tolerations for pod assignment. Evaluated as a template. | `[]` | +| `extraVolumes` | Optionally specify extra list of additional volumes for Mediawki pods | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Mediawki container(s) | `[]` | +| `initContainers` | Add additional init containers to the Mediawki pods | `{}` | +| `sidecars` | Add additional sidecar containers to the Mediawki pods | `{}` | +| `persistence.enabled` | Enable persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for MediaWiki volume | `nil` | +| `persistence.existingClaim` | An Existing PVC name for MediaWiki volume | `nil` | +| `persistence.accessMode` | PVC Access Mode for MediaWiki volume | `ReadWriteOnce` | +| `persistence.size` | PVC Storage Request for MediaWiki volume | `8Gi` | -### Exposure parameters -| Parameter | Description | Default | -|----------------------------------|---------------------------------------------------------------|--------------------------------| -| `service.type` | Kubernetes Service type | `LoadBalancer` | -| `service.loadBalancer` | Kubernetes LoadBalancerIP to request | `nil` | -| `service.port` | Service HTTP port | `80` | -| `service.httpsPort` | Service HTTPS port | `""` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.nodePorts.http` | Kubernetes http node port | `""` | -| `service.nodePorts.https` | Kubernetes https node port | `""` | -| `ingress.enabled` | Enable ingress controller resource | `false` | -| `ingress.certManager` | Add annotations for cert-manager | `false` | -| `ingress.hostname` | Default host for the ingress resource | `mediawiki.local` | -| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `` | -| `ingress.path` | Ingress path | `/` | -| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `ingress.tls` | Create TLS Secret | `false` | -| `ingress.annotations` | Ingress annotations | `[]` (evaluated as a template) | -| `ingress.extraHosts[0].name` | Additional hostnames to be covered | `nil` | -| `ingress.extraHosts[0].path` | Additional hostnames to be covered | `nil` | -| `ingress.extraPaths` | Additional arbitrary path/backend objects | `nil` | -| `ingress.extraTls[0].hosts[0]` | TLS configuration for additional hostnames to be covered | `nil` | -| `ingress.extraTls[0].secretName` | TLS configuration for additional hostnames to be covered | `nil` | -| `ingress.secrets[0].name` | TLS Secret Name | `nil` | -| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` | -| `ingress.secrets[0].key` | TLS Secret Key | `nil` | +### Traffic Exposure parameters + +| Name | Description | Value | +| ------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------------------ | +| `service.type` | Kubernetes Service type | `LoadBalancer` | +| `service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, | `nil` | +| `service.port` | Service HTTP port | `80` | +| `service.httpsPort` | HTTPS Port. Set this to any value (recommended: 443) to enable the https service port | `nil` | +| `service.nodePorts.http` | Kubernetes http node port | `""` | +| `service.nodePorts.https` | Kubernetes https node port | `""` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `ingress.enabled` | Set to true to enable ingress record generation | `false` | +| `ingress.certManager` | Set this to true in order to add the corresponding annotations for cert-manager | `false` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `nil` | +| `ingress.hostname` | Default host for the ingress resource | `mediawiki.local` | +| `ingress.path` | The Path to Mediawiki. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `ImplementationSpecific` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.tls` | Enable TLS configuration for the hostname defined at ingress.hostname parameter | `false` | +| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraPaths` | Any additional arbitrary paths that may need to be added to the ingress under the main host. | `[]` | +| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.secrets` | If you're providing your own certificates, please use this to add the certificates as secrets | `[]` | + ### Database parameters -| Parameter | Description | Default | -|---------------------------------------------|------------------------------------------------------|------------------------------------------------| -| `mariadb.enabled` | Whether to use the MariaDB chart | `true` | -| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | -| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | _random 10 character alphanumeric string_ | -| `mariadb.auth.database` | Database name to create | `bitnami_mediawiki` | -| `mariadb.auth.username` | Database user to create | `bn_mediawiki` | -| `mariadb.auth.password` | Password for the database | _random 10 character long alphanumeric string_ | -| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | -| `mariadb.primary.persistence.accessMode` | Database Persistent Volume Access Modes | `ReadWriteOnce` | -| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | -| `mariadb.primary.persistence.existingClaim` | Enable persistence using an existing PVC | `nil` | -| `mariadb.primary.persistence.storageClass` | PVC Storage Class | `nil` (uses alpha storage class annotation) | -| `mariadb.primary.persistence.hostPath` | Host mount path for MariaDB volume | `nil` (will not mount to a host path) | -| `externalDatabase.user` | Existing username in the external db | `bn_mediawiki` | -| `externalDatabase.password` | Password for the above username | `nil` | -| `externalDatabase.database` | Name of the existing database | `bitnami_mediawiki` | -| `externalDatabase.host` | Host of the existing database | `nil` | -| `externalDatabase.port` | Port of the existing database | `3306` | -| `externalDatabase.existingSecret` | Name of the database existing Secret Object | `nil` | +| Name | Description | Value | +| ------------------------------------------- | ------------------------------------------------------------------------------------- | ------------------- | +| `mariadb.enabled` | Whether to deploy a mariadb server to satisfy the applications database requirements. | `true` | +| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` | +| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | `""` | +| `mariadb.auth.database` | Database name to create | `bitnami_mediawiki` | +| `mariadb.auth.username` | Database user to create | `bn_mediawiki` | +| `mariadb.auth.password` | Password for the database | `""` | +| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` | +| `mariadb.primary.persistence.storageClass` | PVC Storage Class | `nil` | +| `mariadb.primary.persistence.accessModes` | Persistent Volume Access Mode | `[]` | +| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` | +| `mariadb.primary.persistence.hostPath` | Host mount path for MariaDB volume | `nil` | +| `mariadb.primary.persistence.existingClaim` | Enable persistence using an existing PVC | `nil` | +| `externalDatabase.existingSecret` | Use existing secret (ignores previous password) | `nil` | +| `externalDatabase.host` | Host of the existing database | `nil` | +| `externalDatabase.port` | Port of the existing database | `3306` | +| `externalDatabase.user` | Existing username in the external db | `bn_mediawiki` | +| `externalDatabase.password` | Password for the above username | `nil` | +| `externalDatabase.database` | Name of the existing database | `bitnami_mediawiki` | + ### Metrics parameters -| Parameter | Description | Default | -|-------------------------------------------|------------------------------------------------------------------------------|--------------------------------------------------------------| -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Apache exporter image registry | `docker.io` | -| `metrics.image.repository` | Apache exporter image name | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag | `{TAG_NAME}` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `metrics.port` | Metrics service port | `9117` | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{prometheus.io/scrape: "true", prometheus.io/port: "9117"}` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| Name | Description | Value | +| ----------------------------------------- | ---------------------------------------------------------------------------- | ------------------------- | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Apache exporter image registry | `docker.io` | +| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.9.0-debian-10-r14` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.resources` | Exporter resource requests/limit | `{}` | +| `metrics.port` | Metrics service port | `9117` | +| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `true` | | `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `nil` | | `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | | `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `nil` | diff --git a/bitnami/mediawiki/values.yaml b/bitnami/mediawiki/values.yaml index d14e8c532e..917d5d43ea 100644 --- a/bitnami/mediawiki/values.yaml +++ b/bitnami/mediawiki/values.yaml @@ -1,15 +1,54 @@ +## @section Global parameters ## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) ## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass +global: + imageRegistry: + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: + +## @section Common parameters + +## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set) +## +kubeVersion: +## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} +## @param clusterDomain Default Kubernetes cluster domain +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] + +## @section Mediawiki parameters ## Bitnami DokuWiki image version ## ref: https://hub.docker.com/r/bitnami/mediawiki/tags/ +## @param image.registry MediaWiki image registry +## @param image.repository MediaWiki image repository +## @param image.tag MediaWiki image tag (immutable tags are recommended) +## @param image.pullPolicy Image pull policy +## @param image.pullSecrets Specify docker-registry secret names as an array ## image: registry: docker.io @@ -23,147 +62,131 @@ image: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - -## Force target Kubernetes version (using Helm capabilites if not set) -## -kubeVersion: - -## Deployment pod host aliases + pullSecrets: [] +## @param hostAliases [array] Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: - # Necessary for apache-exporter to work + ## Necessary for apache-exporter to work + ## - ip: "127.0.0.1" hostnames: - "status.localhost" - -## String to partially override common.names.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override common.names.fullname template -## -# fullnameOverride: - -## Add labels to all the deployed resources -## -commonLabels: {} - -## Add annotations to all the deployed resources -## -commonAnnotations: {} - -## Kubernetes Cluster Domain -## -clusterDomain: cluster.local - -## Extra objects to deploy (value evaluated as a template) -## -extraDeploy: [] - -## User of the application +## @param mediawikiUser User of the application ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#environment-variables ## mediawikiUser: user - -## Application password +## @param mediawikiPassword Application password ## Defaults to a random 10-character alphanumeric string if not set ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#environment-variables ## -# mediawikiPassword: - -## Admin email +mediawikiPassword: +## @param mediawikiEmail Admin email ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#environment-variables ## mediawikiEmail: user@example.com - -## Name for the wiki +## @param mediawikiName Name for the wiki ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#environment-variables ## mediawikiName: My Wiki - -## Mediawiki host to create application URLs +## @param mediawikiHost Mediawiki host to create application URLs ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#configuration ## -# mediawikiHost: - -## Set to `yes` to allow the container to be started with blank passwords +mediawikiHost: +## @param allowEmptyPassword Allow DB blank passwords ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#environment-variables ## allowEmptyPassword: "yes" - ## SMTP mail delivery configuration ## ref: https://github.com/bitnami/bitnami-docker-mediawiki#smtp-configuration +## @param smtpHost SMTP host +## @param smtpPort SMTP port +## @param smtpHostID SMTP host ID +## @param smtpUser SMTP user +## @param smtpPassword SMTP password ## -# smtpHost: -# smtpPort: -# smtpHostID: -# smtpUser: -# smtpPassword: - -## Command and args for running the container (set to default if not set). Use array form +smtpHost: +smtpPort: +smtpHostID: +smtpUser: +smtpPassword: +## @param command Override default container command (useful when using custom images) ## command: [] +## @param args Override default container args (useful when using custom images) +## args: [] - -## An array to add extra env vars +## @param extraEnvVars Extra environment variables to be set on Mediawki container ## Example: ## extraEnvVars: ## - name: FOO ## value: "bar" ## extraEnvVars: [] - -## ConfigMap with extra environment variables +## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars ## extraEnvVarsCM: - -## Secret with extra environment variables +## @param extraEnvVarsSecret Name of existing Secret containing extra env vars ## extraEnvVarsSecret: +## @section Mediawiki deployment parameters + ## Strategy to use to update Pods +## @param updateStrategy.type StrategyType can be set to RollingUpdate or OnDelete ## updateStrategy: - ## StrategyType - ## Can be set to RollingUpdate or OnDelete - ## type: RollingUpdate - ## Mediawiki pods' Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## @param podSecurityContext.enabled Enable Mediawiki pods' Security Context +## @param podSecurityContext.fsGroup Group ID for the volumes of the pod ## podSecurityContext: enabled: true fsGroup: 1001 - ## Mediawiki containers' SecurityContext ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## @param containerSecurityContext.enabled Enable Mediawiki containers' SecurityContext +## @param containerSecurityContext.runAsUser User ID to run Mediawiki containers ## containerSecurityContext: enabled: true runAsUser: 1001 - ## Mediawiki resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits The resources limits for the Mediawki container +## @param resources.requests [object] The requested resources for the Mediawki container ## resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## Example: + ## limits: + ## cpu: 200m + ## memory: 256Mi limits: {} - # cpu: 200m - # memory: 256Mi requests: memory: 512Mi cpu: 300m - -## Mediawiki containers' liveness and readiness probes. +## Mediawiki containers' liveness probe. +## Configure extra options for liveness probe ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes +## @param livenessProbe.enabled Enable livenessProbe +## @param livenessProbe.httpGet.path Request path for livenessProbe +## @param livenessProbe.httpGet.port Port for livenessProbe +## @param livenessProbe.httpGet.httpHeaders [array] Headers for livenessProbe +## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe +## @param livenessProbe.periodSeconds Period seconds for livenessProbe +## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe +## @param livenessProbe.failureThreshold Failure threshold for livenessProbe +## @param livenessProbe.successThreshold Success threshold for livenessProbe ## livenessProbe: enabled: true @@ -178,6 +201,19 @@ livenessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 +## Mediawiki containers' readinessProbe probe. +## Configure extra options for liveness probe +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes +## @param readinessProbe.enabled Enable readinessProbe +## @param readinessProbe.httpGet.path Request path for readinessProbe +## @param readinessProbe.httpGet.port Port for readinessProbe +## @param readinessProbe.httpGet.httpHeaders [array] Headers for livenessProbe +## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe +## @param readinessProbe.periodSeconds Period seconds for readinessProbe +## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe +## @param readinessProbe.failureThreshold Failure threshold for readinessProbe +## @param readinessProbe.successThreshold Success threshold for readinessProbe +## readinessProbe: enabled: true httpGet: @@ -191,84 +227,68 @@ readinessProbe: timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 - -## Custom Liveness probes for Mediawiki +## @param customLivenessProbe Override default liveness probe ## customLivenessProbe: {} - -## Custom Rediness probes Mediawiki +## @param customReadinessProbe Override default readiness probe ## customReadinessProbe: {} - -## Pod extra labels +## @param podLabels Extra labels for Mediawki pods ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - -## Annotations for server pods. +## @param podAnnotations Annotations for Mediawki pods ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - -## Pod affinity preset +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard ## podAffinityPreset: "" - -## Pod anti-affinity preset +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard ## nodeAffinityPreset: - ## Node affinity type - ## Allowed values: soft, hard + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## type: "" - ## Node label key to match + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set. ## E.g. ## key: "kubernetes.io/e2e-az-name" ## key: "" - ## Node label values to match + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. ## E.g. ## values: ## - e2e-az1 ## - e2e-az2 ## values: [] - -## Affinity for pod assignment. Evaluated as a template. +## @param affinity Affinity for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set ## affinity: {} - -## Node labels for pod assignment. Evaluated as a template. +## @param nodeSelector Node labels for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - -## Tolerations for pod assignment. Evaluated as a template. +## @param tolerations Tolerations for pod assignment. Evaluated as a template. ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - -## Extra volumes to add to the deployment +## @param extraVolumes Optionally specify extra list of additional volumes for Mediawki pods ## extraVolumes: [] - -## Extra volume mounts to add to the container +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for Mediawki container(s) ## extraVolumeMounts: [] - -## Add init containers to the Magento pods. +## @param initContainers Add additional init containers to the Mediawki pods ## Example: ## initContainers: ## - name: your-image-name @@ -279,8 +299,7 @@ extraVolumeMounts: [] ## containerPort: 1234 ## initContainers: {} - -## Add sidecars to the Magento pods. +## @param sidecars Add additional sidecar containers to the Mediawki pods ## Example: ## sidecars: ## - name: your-image-name @@ -291,50 +310,57 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - ## Enable persistence using Persistent Volume Claims ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## persistence: + ## @param persistence.enabled Enable persistence using PVC + ## enabled: true - ## Mediawiki data Persistent Volume Storage Class + ## @param persistence.storageClass PVC Storage Class for MediaWiki volume ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## - # storageClass: "-" - - ## A manually managed Persistent Volume and Claim + storageClass: + ## @param persistence.existingClaim An Existing PVC name for MediaWiki volume ## Requires persistence.enabled: true ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - + ## + existingClaim: + ## @param persistence.accessMode PVC Access Mode for MediaWiki volume + ## accessMode: ReadWriteOnce + ## @param persistence.size PVC Storage Request for MediaWiki volume + ## size: 8Gi -## Kubernetes svc configuration +## @section Traffic Exposure parameters + +## Kubernetes service configuration ## For minikube, set this to NodePort, elsewhere use LoadBalancer -## -## Use serviceLoadBalancerIP to request a specific static IP, -## otherwise leave blank +## Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank ## service: - ## Kubernetes svc type + ## @param service.type Kubernetes Service type ## For minikube, set this to NodePort, elsewhere use LoadBalancer ## type: LoadBalancer - ## Use serviceLoadBalancerIP to request a specific static IP, + ## @param service.loadBalancerIP Use serviceLoadBalancerIP to request a specific static IP, ## otherwise leave blank ## - # loadBalancerIP: - # HTTP Port + loadBalancerIP: + ## @param service.port Service HTTP port + ## port: 80 - # HTTPS Port - ## Set this to any value (recommended: 443) to enable the https service port - # httpsPort: 443 - ## Use nodePorts to requets some specific ports when using NodePort + ## @param service.httpsPort HTTPS Port. Set this to any value (recommended: 443) to enable the https service port + ## + httpsPort: + ## Use nodePorts to requests some specific ports when using NodePort + ## @param service.nodePorts.http Kubernetes http node port + ## @param service.nodePorts.https Kubernetes https node port ## nodePorts: ## http: ## https: @@ -342,63 +368,52 @@ service: nodePorts: http: "" https: "" - ## Enable client source IP preservation + ## @param service.externalTrafficPolicy Enable client source IP preservation ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip ## externalTrafficPolicy: Cluster - -## Configure the ingress resource that allows you to access the -## Mediawiki installation. Set up the URL +## Configure the ingress resource that allows you to access the Mediawiki installation. Set up the URL ## ref: http://kubernetes.io/docs/user-guide/ingress/ ## ingress: - ## Set to true to enable ingress record generation + ## @param ingress.enabled Set to true to enable ingress record generation ## enabled: false - - ## Set this to true in order to add the corresponding annotations for cert-manager + ## @param ingress.certManager Set this to true in order to add the corresponding annotations for cert-manager ## certManager: false - - ## Ingress Path type + ## @param ingress.pathType Ingress path type ## pathType: ImplementationSpecific - - ## Override API Version (automatically detected if not set) + ## @param ingress.apiVersion Force Ingress API version (automatically detected if not set) ## apiVersion: - - ## When the ingress is enabled, a host pointing to this will be created + ## @param ingress.hostname Default host for the ingress resource ## hostname: mediawiki.local - - ## The Path to Mediawiki. You may need to set this to '/*' in order to use this - ## with ALB ingress controllers. + ## @param ingress.path The Path to Mediawiki. You may need to set this to '/*' in order to use this with ALB ingress controllers. ## path: / - - ## Ingress annotations done as key:value pairs + ## @param ingress.annotations Ingress annotations ## For a full list of possible ingress annotations, please see ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set ## annotations: {} - - ## Enable TLS configuration for the hostname defined at ingress.hostname parameter + ## @param ingress.tls Enable TLS configuration for the hostname defined at ingress.hostname parameter ## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }} ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it ## tls: false - - ## The list of additional hostnames to be covered with this ingress record. + ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array ## extraHosts: ## - name: mediawiki.local ## path: / ## - - ## Any additional arbitrary paths that may need to be added to the ingress under the main host. + extraHosts: [] + ## @param ingress.extraPaths Any additional arbitrary paths that may need to be added to the ingress under the main host. ## For example: The ALB ingress controller requires a special rule for handling SSL redirection. ## extraPaths: ## - path: /* @@ -406,16 +421,16 @@ ingress: ## serviceName: ssl-redirect ## servicePort: use-annotation ## - - ## The tls configuration for additional hostnames to be covered with this ingress record. + extraPaths: [] + ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: ## - hosts: ## - mediawiki.local ## secretName: mediawiki.local-tls ## - - ## If you're providing your own certificates, please use this to add the certificates as secrets + extraTls: [] + ## @param ingress.secrets If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or ## -----BEGIN RSA PRIVATE KEY----- ## @@ -424,17 +439,111 @@ ingress: ## ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information - ## - secrets: [] + ## e.g: ## - name: mediawiki.local-tls ## key: ## certificate: ## + secrets: [] + +## @section Database parameters + +## MariaDB chart configuration +## https://github.com/bitnami/charts/blob/master/bitnami/mariadb/values.yaml +## +mariadb: + ## @param mariadb.enabled Whether to deploy a mariadb server to satisfy the applications database requirements. + ## To use an external database set this to false and configure the externalDatabase parameters + ## + enabled: true + ## @param mariadb.architecture MariaDB architecture (`standalone` or `replication`) + ## + architecture: standalone + ## MariaDB Authentication parameters + ## + auth: + ## @param mariadb.auth.rootPassword Password for the MariaDB `root` user + ## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-the-root-password-on-first-run + ## + rootPassword: "" + ## @param mariadb.auth.database Database name to create + ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run + ## + database: bitnami_mediawiki + ## @param mariadb.auth.username Database user to create + ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run + ## + username: bn_mediawiki + ## @param mariadb.auth.password Password for the database + ## + password: "" + primary: + ## Enable persistence using Persistent Volume Claims + ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ + ## @param mariadb.primary.persistence.enabled Enable database persistence using PVC + ## @param mariadb.primary.persistence.storageClass PVC Storage Class + ## @param mariadb.primary.persistence.accessModes Persistent Volume Access Mode + ## @param mariadb.primary.persistence.size Database Persistent Volume Size + ## @param mariadb.primary.persistence.hostPath Host mount path for MariaDB volume + ## @param mariadb.primary.persistence.existingClaim Enable persistence using an existing PVC + ## + persistence: + enabled: true + ## mariadb data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: + accessModes: + - ReadWriteOnce + size: 8Gi + ## Set path in case you want to use local host path volumes (not recommended in production) + ## + hostPath: + ## Use an existing PVC + ## + existingClaim: +## External database configuration +## +externalDatabase: + ## @param externalDatabase.existingSecret Use existing secret (ignores previous password) + ## Must contain key `mariadb-password` + ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored + ## + existingSecret: + ## @param externalDatabase.host Host of the existing database + ## + host: + ## @param externalDatabase.port Port of the existing database + ## + port: 3306 + ## @param externalDatabase.user Existing username in the external db + ## + user: bn_mediawiki + ## @param externalDatabase.password Password for the above username + ## + password: + ## @param externalDatabase.database Name of the existing database + ## + database: bitnami_mediawiki + +## @section Metrics parameters ## Prometheus Exporter / Metrics ## metrics: + ## @param metrics.enabled Start a side-car prometheus exporter + ## enabled: false + ## @param metrics.image.registry Apache exporter image registry + ## @param metrics.image.repository Apache exporter image repository + ## @param metrics.image.tag Apache exporter image tag (immutable tags are recommended) + ## @param metrics.image.pullPolicy Image pull policy + ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array + ## image: registry: docker.io repository: bitnami/apache-exporter @@ -443,25 +552,25 @@ metrics: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - - ## Metrics exporter resource requests and limits + pullSecrets: [] + ## @param metrics.resources Exporter resource requests/limit ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: {} ## Metrics exporter pod Annotation and Labels ## - ## @param metrics.port Metrics service port ## port: 9117 - + ## @param metrics.podAnnotations [object] Additional annotations for Metrics exporter pod + ## podAnnotations: prometheus.io/scrape: "true" prometheus.io/port: "{{ .Values.metrics.port }}" - ## Prometheus Service Monitor ## ref: https://github.com/coreos/prometheus-operator ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint @@ -488,85 +597,3 @@ metrics: ## @param metrics.serviceMonitor.additionalLabels Additional custom labels for the ServiceMonitor ## additionalLabels: {} - -## -## External database configuration -## -externalDatabase: - ## Use existing secret (ignores previous password) - ## must contain key `mariadb-password` - ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored - # existingSecret: - - ## Database host - ## - host: - - ## Database port - ## - port: 3306 - - ## Database user - ## - user: bn_mediawiki - - ## Database password - ## - password: - - ## Database name - ## - database: bitnami_mediawiki - -## -## MariaDB chart configuration -## -## https://github.com/bitnami/charts/blob/master/bitnami/mariadb/values.yaml -## -mariadb: - ## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters - ## - enabled: true - - ## MariaDB architecture. Allowed values: standalone or replication - ## - architecture: standalone - - ## MariaDB Authentication parameters - ## - auth: - ## MariaDB root password - ## ref: https://github.com/bitnami/bitnami-docker-mariadb#setting-the-root-password-on-first-run - ## - rootPassword: "" - ## MariaDB custom user and database - ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run - ## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run - ## - database: bitnami_mediawiki - username: bn_mediawiki - password: "" - - primary: - ## Enable persistence using Persistent Volume Claims - ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - ## - persistence: - enabled: true - ## mariadb data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - storageClass: - accessModes: - - ReadWriteOnce - size: 8Gi - ## Set path in case you want to use local host path volumes (not recommended in production) - ## - hostPath: - ## Use an existing PVC - ## - existingClaim: diff --git a/bitnami/memcached/Chart.yaml b/bitnami/memcached/Chart.yaml index ecbd3ec9d0..69a8af924b 100644 --- a/bitnami/memcached/Chart.yaml +++ b/bitnami/memcached/Chart.yaml @@ -22,4 +22,4 @@ name: memcached sources: - https://github.com/bitnami/bitnami-docker-memcached - http://memcached.org/ -version: 5.13.4 +version: 5.13.5 diff --git a/bitnami/memcached/README.md b/bitnami/memcached/README.md index 1a3f2f3312..2df2110e25 100644 --- a/bitnami/memcached/README.md +++ b/bitnami/memcached/README.md @@ -45,105 +45,110 @@ The command removes all the Kubernetes components associated with the chart and ## Parameters -The following tables lists the configurable parameters of the Memcached chart and their default values per section/component: - ### Global parameters -| Parameter | Description | Default | -|---------------------------|-------------------------------------------------|---------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ----- | +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `nil` | + ### Common parameters -| Parameter | Description | Default | -|---------------------|----------------------------------------------------------------------|--------------------------------| -| `nameOverride` | String to partially override common.names.fullname | `nil` | -| `fullnameOverride` | String to fully override common.names.fullname | `nil` | -| `commonLabels` | Labels to add to all deployed objects | `{}` | -| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` (evaluated as a template) | +| Name | Description | Value | +| ------------------- | -------------------------------------------------------------------------------------------- | --------------- | +| `nameOverride` | String to partially override common.names.fullname template (will maintain the release name) | `nil` | +| `fullnameOverride` | String to fully override common.names.fullname template | `nil` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | + ### Memcached parameters -| Parameter | Description | Default | -|------------------------------------------------|------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `image.registry` | Memcached image registry | `docker.io` | -| `image.repository` | Memcached Image name | `bitnami/memcached` | -| `image.tag` | Memcached Image tag | `{TAG_NAME}` | -| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | -| `replicaCount` | Number of containers | `1` | -| `command` | Default container command (useful when using custom images) | `[]` | -| `arguments` | Default container args (useful when using custom images) | `["/run.sh"]` | -| `extraEnv` | Additional env vars to pass | `{}` | -| `hostAliases` | Add deployment host aliases | `[]` | -| `memcachedUsername` | Memcached admin user | `nil` | -| `memcachedPassword` | Memcached admin password | `nil` | -| `podDisruptionBudget.create` | Whether to create a pod disruption budget | `false` | -| `podDisruptionBudget.minAvailable` | Minimum number of pods that need to be available | `nil` | -| `podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable | `1` | -| `service.type` | Kubernetes service type for Memcached | `ClusterIP` | -| `service.port` | Memcached service port | `11211` | -| `service.nodePort` | Kubernetes Service nodePort | `nil` | -| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `nil` | -| `service.annotations` | Additional annotations for Memcached service | `{}` | -| `resources.requests` | CPU/Memory resource requests | `{memory: "256Mi", cpu: "250m"}` | -| `resources.limits` | CPU/Memory resource limits | `{}` | -| `portName` | Name of the main port exposed by memcached | `memcache` | -| `persistence.enabled` | Enable persistence using PVC (Requires architecture: "high-availability") | `true` | -| `persistence.storageClass` | PVC Storage Class for Memcached volume | `nil` (uses alpha storage class annotation) | -| `persistence.accessMode` | PVC Access Mode for Memcached volume | `ReadWriteOnce` | -| `persistence.size` | PVC Storage Request for Memcached volume | `8Gi` | -| `securityContext.enabled` | Enable security context | `true` | -| `securityContext.fsGroup` | Group ID for the container | `1001` | -| `securityContext.runAsUser` | User ID for the container | `1001` | -| `securityContext.readOnlyRootFilesystem` | Enable read-only filesystem | `false` | -| `podAnnotations` | Pod annotations | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `podLabels` | Add additional labels to the pod (evaluated as a template) | `nil` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `affinity` | Affinity for pod assignment | `{}` (evaluated as a template) | -| `nodeSelector` | Node labels for pod assignment | `{}` (evaluated as a template) | -| `tolerations` | Tolerations for pod assignment | `[]` (evaluated as a template) | -| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `{}` (evaluated as a template) | -| `priorityClassName` | Controller priorityClassName | `nil` | -| `initContainers` | Add additional init containers to the Memcached pod | `{}` (evaluated as a template) | -| `sidecars` | Add additional sidecar containers to the Memcached pod | `{}` (evaluated as a template) | -| `serviceAccount.create` | Enable creation of ServiceAccount for memcached pods | `true` | -| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | Generated using the `memcached.serviceAccountName` template | -| `serviceAccount.automountServiceAccountToken` | Enable/disable auto mounting of the service account token | `true` | -| `metrics.enabled` | Start a side-car prometheus exporter | `false` | -| `metrics.image.registry` | Memcached exporter image registry | `docker.io` | -| `metrics.image.repository` | Memcached exporter image name | `bitnami/memcached-exporter` | -| `metrics.image.tag` | Memcached exporter image tag | `{TAG_NAME}` | -| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `metrics.podAnnotations` | Additional annotations for Metrics exporter | `{prometheus.io/scrape: "true", prometheus.io/port: "9150"}` | -| `metrics.resources` | Exporter resource requests/limit | `{}` | -| `metrics.portName` | Memcached exporter port name | `metrics` | -| `metrics.service.type` | Kubernetes service type for Prometheus metrics | `ClusterIP` | -| `metrics.service.port` | Prometheus metrics service port | `9150` | -| `metrics.service.annotations` | Prometheus exporter svc annotations | `{prometheus.io/scrape: "true", prometheus.io/port: "9150"}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `nil` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `nil` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `nil` | -| `metrics.serviceMonitor.selector` | Additional labels for ServiceMonitor resource | `nil` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics relabelings to add to the scrape endpoint, applied before ingestion | `nil` | -| `metrics.serviceMonitor.relabelings` | Metrics relabelings to add to the scrape endpoint, applied before scraping | `nil` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `"10"` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | -| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| Name | Description | Value | +| --------------------------------------------- | ----------------------------------------------------------------------------------------------- | ---------------------------- | +| `image.registry` | Memcached image registry | `docker.io` | +| `image.repository` | Memcached image repository | `bitnami/memcached` | +| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.9-debian-10-r194` | +| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Enable image debug mode | `false` | +| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `memcachedUsername` | Memcached admin user | `nil` | +| `memcachedPassword` | Memcached admin password | `nil` | +| `replicaCount` | Number of containers | `1` | +| `command` | Default container command (useful when using custom images) | `[]` | +| `arguments` | Default container args (useful when using custom images) | `[]` | +| `extraEnv` | Additional env vars to pass | `[]` | +| `podDisruptionBudget.create` | Specifies whether a Pod disruption budget should be created | `false` | +| `podDisruptionBudget.minAvailable` | Minimum number of pods that need to be available | `nil` | +| `podDisruptionBudget.maxUnavailable` | Maximum number of pods that can be unavailable | `1` | +| `service.type` | Kubernetes service type for Memcached | `ClusterIP` | +| `service.port` | Memcached service port | `11211` | +| `service.nodePort` | Kubernetes Service nodePort | `""` | +| `service.loadBalancerIP` | `loadBalancerIP` if service type is `LoadBalancer` | `nil` | +| `service.annotations` | Additional annotations for Memcached service | `{}` | +| `resources.limits` | CPU/Memory resource limits | `{}` | +| `resources.requests` | CPU/Memory resource requests | `{}` | +| `portName` | Name of the main port exposed by memcached | `memcache` | +| `securityContext.enabled` | Enable security context | `true` | +| `securityContext.fsGroup` | Group ID for the container | `1001` | +| `securityContext.runAsUser` | User ID for the container | `1001` | +| `securityContext.readOnlyRootFilesystem` | Enable read-only filesystem | `false` | +| `podLabels` | Pod extra labels | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `tolerations` | Tolerations for pod assignment | `[]` | +| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains | `{}` | +| `priorityClassName` | Pod priority | `nil` | +| `initContainers` | Add additional init containers to the Memcached pod | `{}` | +| `sidecars` | Add additional sidecar containers to the Memcached pod | `{}` | +| `serviceAccount.create` | Enable creation of ServiceAccount for memcached pods | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `nil` | +| `serviceAccount.automountServiceAccountToken` | Enable/disable auto mounting of the service account token | `true` | +| `persistence.enabled` | Enable persistence using PVC (Requires architecture: "high-availability") | `false` | +| `persistence.storageClass` | PVC Storage Class for Memcached volume | `nil` | +| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | +| `persistence.accessModes` | Persistent Volume Access Mode | `[]` | +| `persistence.size` | PVC Storage Request for Memcached volume | `8Gi` | +| `metrics.enabled` | Start a side-car prometheus exporter | `false` | +| `metrics.image.registry` | Memcached exporter image registry | `docker.io` | +| `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` | +| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.9.0-debian-10-r85` | +| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.podAnnotations` | Metrics exporter pod Annotation and Labels | `{}` | +| `metrics.portName` | Memcached exporter port name | `metrics` | +| `metrics.resources.limits` | The resources limits for the container | `{}` | +| `metrics.resources.requests` | The requested resources for the container | `{}` | +| `metrics.service.type` | Kubernetes service type for Prometheus metrics | `ClusterIP` | +| `metrics.service.port` | Prometheus metrics service port | `9150` | +| `metrics.service.annotations` | Annotations for the Prometheus metrics service | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `nil` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `nil` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `nil` | +| `metrics.serviceMonitor.selector` | Additional labels for ServiceMonitor resource | `{}` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.relabelings` | Metrics relabelings to add to the scrape endpoint, applied before scraping | `[]` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `10-debian-10-r120` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | + The above parameters map to the environment variables defined in the [bitnami/memcached](http://github.com/bitnami/bitnami-docker-memcached) container image. For more information please refer to the [bitnami/memcached](http://github.com/bitnami/bitnami-docker-memcached) container image documentation. diff --git a/bitnami/memcached/values.yaml b/bitnami/memcached/values.yaml index fd69fc7674..41d6c322a6 100644 --- a/bitnami/memcached/values.yaml +++ b/bitnami/memcached/values.yaml @@ -1,15 +1,52 @@ +## @section Global parameters ## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry and imagePullSecrets +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) ## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName -# storageClass: myStorageClass +global: + imageRegistry: + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: + +## @section Common parameters + +## @param nameOverride String to partially override common.names.fullname template (will maintain the release name) +## +nameOverride: +## @param fullnameOverride String to fully override common.names.fullname template +## +fullnameOverride: +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} +## @param clusterDomain Default Kubernetes cluster domain +## +clusterDomain: cluster.local +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] + +## @section Memcached parameters ## Bitnami Memcached image version ## ref: https://hub.docker.com/r/bitnami/memcached/tags/ +## @param image.registry Memcached image registry +## @param image.repository Memcached image repository +## @param image.tag Memcached image tag (immutable tags are recommended) +## @param image.pullPolicy Memcached image pull policy +## @param image.pullSecrets Specify docker-registry secret names as an array +## @param image.debug Enable image debug mode ## image: registry: docker.io @@ -23,211 +60,174 @@ image: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - + pullSecrets: [] ## Set to true if you would like to see extra information on logs ## debug: false - -## String to partially override common.names.fullname template (will maintain the release name) -## -# nameOverride: - -## String to fully override common.names.fullname template -## -# fullnameOverride: - -## Add labels to all the deployed resources -## -commonLabels: {} - -## Add annotations to all the deployed resources -## -commonAnnotations: {} - -## Kubernetes Cluster Domain -## -clusterDomain: cluster.local - -## Extra objects to deploy (value evaluated as a template) -## -extraDeploy: [] - -## Memcached architecture. Allowed values: standalone or high-availability +## @param architecture Memcached architecture. Allowed values: standalone or high-availability ## architecture: standalone - -## Deployment pod host aliases +## @param hostAliases Add deployment host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - -## Memcached admin user +## @param memcachedUsername Memcached admin user ## ref: https://github.com/bitnami/bitnami-docker-memcached#creating-the-memcached-admin-user ## -# memcachedUsername: - -## Memcached admin password +memcachedUsername: +## @param memcachedPassword Memcached admin password ## ref: https://github.com/bitnami/bitnami-docker-memcached#creating-the-memcached-admin-user ## -# memcachedPassword: - -## Number of containers to run +memcachedPassword: +## @param replicaCount Number of containers ## replicaCount: 1 - -## Command and args for running the container (set to default if not set). Use array form +## @param command Default container command (useful when using custom images) ## command: [] +## @param arguments Default container args (useful when using custom images) +## e.g: +## arguments: +## - /run.sh +## - -m +## - -I +## - -vv +## arguments: - /run.sh - # - -m - # - -I - # - -vv - -## Extra environment vars to pass. +## @param extraEnv Additional env vars to pass ## ref: https://github.com/bitnami/bitnami-docker-memcached#configuration ## extraEnv: [] - ## Pod disruption budget configuration ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ ## podDisruptionBudget: - ## Specifies whether a Pod disruption budget should be created + ## @param podDisruptionBudget.create Specifies whether a Pod disruption budget should be created ## create: false - ## Minimum number of pods that need to be available + ## @param podDisruptionBudget.minAvailable Minimum number of pods that need to be available ## - # minAvailable: 1 - ## Maximum number of pods that can be unavailable. + minAvailable: + ## @param podDisruptionBudget.maxUnavailable Maximum number of pods that can be unavailable ## maxUnavailable: 1 - ## Service parameters ## -## service: - ## Service type + ## @param service.type Kubernetes service type for Memcached ## type: ClusterIP - ## Memcached port + ## @param service.port Memcached service port ## port: 11211 - ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## @param service.nodePort Kubernetes Service nodePort ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ## nodePort: "" - ## Set the LoadBalancer service type to internal only. + ## @param service.loadBalancerIP `loadBalancerIP` if service type is `LoadBalancer` ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## - # loadBalancerIP: - ## Annotations for the Memcached service + loadBalancerIP: + ## @param service.annotations Additional annotations for Memcached service ## annotations: {} - ## Memcached containers' resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## We usually recommend not to specify default resources and to leave this as a conscious +## choice for the user. This also increases chances charts run on environments with little +## resources, such as Minikube. If you do want to specify resources, uncomment the following +## lines, adjust them as necessary, and remove the curly braces after 'resources:'. +## @param resources.limits CPU/Memory resource limits +## @param resources.requests [object] CPU/Memory resource requests ## resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi limits: {} - # cpu: 100m - # memory: 128Mi requests: memory: 256Mi cpu: 250m - +## @param portName Name of the main port exposed by memcached ## If you want to override the port name (can be usefull when using a service mesh) ## ref for istio: https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/ ## portName: memcache - ## Pod Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +## @param securityContext.enabled Enable security context +## @param securityContext.fsGroup Group ID for the container +## @param securityContext.runAsUser User ID for the container +## @param securityContext.readOnlyRootFilesystem Enable read-only filesystem ## securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 readOnlyRootFilesystem: false - -## Pod extra labels +## @param podLabels Pod extra labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - -## Pod annotations +## @param podAnnotations Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - -## Pod affinity preset +## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard ## podAffinityPreset: "" - -## Pod anti-affinity preset +## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity -## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## Allowed values: soft, hard ## nodeAffinityPreset: - ## Node affinity type - ## Allowed values: soft, hard + ## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## type: "" - ## Node label key to match + ## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set. ## E.g. ## key: "kubernetes.io/e2e-az-name" ## key: "" - ## Node label values to match + ## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. ## E.g. ## values: ## - e2e-az1 ## - e2e-az2 ## values: [] - -## Affinity for pod assignment. Evaluated as a template. +## @param affinity Affinity for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set ## affinity: {} - -## Node labels for pod assignment. Evaluated as a template. +## @param nodeSelector Node labels for pod assignment ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - -## Tolerations for pod assignment. Evaluated as a template. +## @param tolerations Tolerations for pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - -## Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template +## @param topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods ## topologySpreadConstraints: {} - -## Pod priority +## @param priorityClassName Pod priority ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ ## -# priorityClassName: "" - -## Add init containers to the pod +priorityClassName: +## @param initContainers Add additional init containers to the Memcached pod ## Example: ## initContainers: ## - name: your-image-name @@ -238,8 +238,7 @@ topologySpreadConstraints: {} ## containerPort: 1234 ## initContainers: {} - -## Add sidecars to the pod. +## @param sidecars Add additional sidecar containers to the Memcached pod ## Example: ## sidecars: ## - name: your-image-name @@ -250,52 +249,58 @@ initContainers: {} ## containerPort: 1234 ## sidecars: {} - ## memcached pods ServiceAccount ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ ## serviceAccount: - ## Specifies whether a ServiceAccount should be created + ## @param serviceAccount.create Enable creation of ServiceAccount for memcached pods ## create: true - ## The name of the ServiceAccount to use. + ## @param serviceAccount.name The name of the ServiceAccount to use. ## If not set and create is true, a name is generated using the memcached.serviceAccountName template ## - # name: - ## Enable/disable auto mounting of the service account token + name: + ## @param serviceAccount.automountServiceAccountToken Enable/disable auto mounting of the service account token ## automountServiceAccountToken: true - ## Persistence - used for dumping and restoring states between recreations ## Ref: https://github.com/memcached/memcached/wiki/WarmRestart ## persistence: + ## @param persistence.enabled Enable persistence using PVC (Requires architecture: "high-availability") + ## enabled: false - ## Persistent Volume Storage Class + ## @param persistence.storageClass PVC Storage Class for Memcached volume ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## - # storageClass: "-" - ## Persistent Volume Claim annotations + storageClass: + ## @param persistence.annotations Persistent Volume Claim annotations ## annotations: {} - ## Persistent Volume Access Mode + ## @param persistence.accessModes Persistent Volume Access Mode ## accessModes: - ReadWriteOnce - ## Persistent Volume size + ## @param persistence.size PVC Storage Request for Memcached volume ## size: 8Gi - ## Prometheus Exporter / Metrics ## metrics: + ## @param metrics.enabled Start a side-car prometheus exporter + ## enabled: false ## Bitnami Memcached Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/memcached-exporter/tags/ + ## @param metrics.image.registry Memcached exporter image registry + ## @param metrics.image.repository Memcached exporter image repository + ## @param metrics.image.tag Memcached exporter image tag (immutable tags are recommended) + ## @param metrics.image.pullPolicy Image pull policy + ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array ## image: registry: docker.io @@ -305,41 +310,50 @@ metrics: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - ## Metrics exporter pod Annotation and Labels + pullSecrets: [] + ## @param metrics.podAnnotations [object] Metrics exporter pod Annotation and Labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: prometheus.io/scrape: "true" prometheus.io/port: "9150" + ## @param metrics.portName Memcached exporter port name ## If you want to override the port name (can be usefull when using a service mesh) ## ref for istio: https://istio.io/latest/docs/ops/configuration/traffic-management/protocol-selection/ ## portName: metrics ## Memcached Prometheus exporter resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param metrics.resources.limits The resources limits for the container + ## @param metrics.resources.requests The requested resources for the container ## resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi limits: {} - # cpu: 100m - # memory: 128Mi + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi requests: {} - # cpu: 100m - # memory: 128Mi service: - ## Service type + ## @param metrics.service.type Kubernetes service type for Prometheus metrics ## type: ClusterIP - ## Memcached Prometheus exporter port + ## @param metrics.service.port Prometheus metrics service port ## port: 9150 - ## Annotations for the Prometheus metrics service + ## @param metrics.service.annotations [object] Annotations for the Prometheus metrics service ## annotations: prometheus.io/scrape: "true" @@ -347,55 +361,68 @@ metrics: ## Prometheus Operator ServiceMonitor configuration ## serviceMonitor: + ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator + ## enabled: false - ## Namespace in which Prometheus is running + ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created + ## e.g: + ## namespace: monitoring ## - # namespace: monitoring - - ## Interval at which metrics should be scraped. + namespace: + ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## interval: 10s ## - # interval: 10s - - ## Timeout after which the scrape is ended + interval: + ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## e.g: + ## scrapeTimeout: 10s ## - # scrapeTimeout: 10s - - ## ServiceMonitor selector labels + scrapeTimeout: + ## @param metrics.serviceMonitor.selector Additional labels for ServiceMonitor resource ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## e.g: + ## selector: + ## prometheus: my-prometheus ## - # selector: - # prometheus: my-prometheus - - ## MetricRelabelConfigs to apply to samples before ingestion + selector: {} + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion ## ref: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs + ## e.g: + ## metricRelabelings: + ## - sourceLabels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] + ## separator: ; + ## regex: ^(.*)$ + ## targetLabel: pod_name + ## replacement: $1 + ## action: replace ## - # metricRelabelings: - # - sourceLabels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] - # separator: ; - # regex: ^(.*)$ - # targetLabel: pod_name - # replacement: $1 - # action: replace - - - ## RelabelConfigs to apply to samples before scraping + metricRelabelings: [] + ## @param metrics.serviceMonitor.relabelings Metrics relabelings to add to the scrape endpoint, applied before scraping ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## e.g: + ## relabelings: + ## - sourceLabels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] + ## separator: ; + ## regex: ^(.*)$ + ## targetLabel: pod_name + ## replacement: $1 + ## action: replace ## - # relabelings: - # - sourceLabels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] - # separator: ; - # regex: ^(.*)$ - # targetLabel: pod_name - # replacement: $1 - # action: replace - + relabelings: [] ## Init Container parameters ## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component ## values from the securityContext section of the component ## volumePermissions: + ## @param volumePermissions.image.registry Init container volume-permissions image registry + ## @param volumePermissions.image.repository Init container volume-permissions image repository + ## @param volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) + ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy + ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array + ## image: registry: docker.io repository: bitnami/bitnami-shell @@ -414,15 +441,21 @@ volumePermissions: pullSecrets: [] ## Init Container resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## @param volumePermissions.resources.limits Init container volume-permissions resource limits + ## @param volumePermissions.resources.requests Init container volume-permissions resource requests ## resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## Example: + ## limits: + ## cpu: 100m + ## memory: 128Mi limits: {} - # cpu: 100m - # memory: 128Mi + ## Examples: + ## requests: + ## cpu: 100m + ## memory: 128Mi requests: {} - # cpu: 100m - # memory: 128Mi diff --git a/bitnami/metallb/Chart.yaml b/bitnami/metallb/Chart.yaml index 4dbbbec02f..2c1e8ac42b 100644 --- a/bitnami/metallb/Chart.yaml +++ b/bitnami/metallb/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://github.com/metallb/metallb - https://github.com/bitnami/bitnami-docker-metallb - https://metallb.universe.tf -version: 2.4.4 +version: 2.4.5 diff --git a/bitnami/metallb/README.md b/bitnami/metallb/README.md index 3da4428bbe..1d7bba6abc 100644 --- a/bitnami/metallb/README.md +++ b/bitnami/metallb/README.md @@ -47,138 +47,147 @@ The command removes all the Kubernetes components associated with the chart and ## Parameters -The following tables lists the configurable parameters of the metallb chart and their default values. - ### Global parameters -| Parameter | Description | Default | -|---------------------------|-------------------------------------------------|---------------------------------------------------------| -| `global.imageRegistry` | Global Docker image registry | `nil` | -| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ----- | +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | + ### Common parameters -| Parameter | Description | Default | -|-----------------------------------------|------------------------------------------------------------------------------------------------------|----------------------------------| -| `nameOverride` | String to partially override metallb.fullname template with a string (will prepend the release name) | `nil` | -| `fullnameOverride` | String to fully override metallb.fullname template with a string | `nil` | -| `existingConfigMap` | Specify an existing configMapName to use. (this is mutually exclusive with the configInline option) | `nil` | -| `configInline` | Specify the config for metallb as a new configMap inline. | `{}` (does not create configMap) | -| `rbac.create` | Specify if an rbac authorization should be created with the necessarry Rolebindings. | `true` | -| `prometheusRule.enabled` | Enable for Prometheus alertmanager basic alerts. | `false` | -| `commonLabels` | Add common Labels to all Resources of the helmchart | `{}` | -| `commonAnnotations` | Add common Annotations to all Resources of the helmchart | `{}` | -| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | -| `networkPolicy.ingressNSMatchLabels` | Allow connections from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | For other namespaces match by pod labels and namespace labels | `{}` | +| Name | Description | Value | +| ------------------- | -------------------------------------------------------------------------------------- | ----- | +| `nameOverride` | String to partially override metallb.fullname include (will maintain the release name) | `nil` | +| `fullnameOverride` | String to fully override metallb.fullname template | `nil` | +| `commonLabels` | Add labels to all the deployed resources | `{}` | +| `commonAnnotations` | Add annotations to all the deployed resources | `{}` | + + +### MetalLB parameters + +| Name | Description | Value | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `existingConfigMap` | Specify the name of an externally-defined ConfigMap to use as the configuration. This is mutually exclusive with the `configInline` option. | `nil` | +| `configInline` | Specifies MetalLB's configuration directly, in yaml format. | `{}` | +| `rbac.create` | Specifies whether to install and use RBAC rules | `true` | +| `psp.create` | create specifies whether to install Pod Security Policies. | `false` | +| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | +| `networkPolicy.ingressNSMatchLabels` | Allow connections from other namespaces | `{}` | +| `networkPolicy.ingressNSPodMatchLabels` | For other namespaces match by pod labels and namespace labels | `{}` | +| `prometheusRule.enabled` | Prometheus Operator alertmanager alerts are created | `false` | + ### Controller parameters -| Parameter | Description | Default | -|----------------------------------------------------------|----------------------------------------------------------------------------------------------|---------------------------------------------------------| -| `controller.image.registry` | MetalLB Controller image registry | `docker.io` | -| `controller.image.repository` | MetalLB Controller image name | `bitnami/metallb-controller` | -| `controller.image.tag` | MetalLB Controller image tag | `{TAG_NAME}` | -| `controller.image.pullPolicy` | MetalLB Controller image pull policy | `IfNotPresent` | -| `controller.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `controller.hostAliases` | Add deployment host aliases | `[]` | -| `controller.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | -| `controller.psp.create` | create specifies whether to install Pod Security Policies. | `true` | -| `controller.priorityClassName` | Set pod priorityClassName. | `null` | -| `controller.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` (does not add resource limits to deployed pods) | -| `controller.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` (does not add resource limits to deployed pods) | -| `controller.nodeSelector` | Node labels for controller pod assignment | `{}` | -| `controller.tolerations` | Tolerations for controller pod assignment | `[]` | -| `controller.affinity` | Affinity for controller pod assignment | `{}` | -| `controller.podAnnotations` | Controller Pod annotations | `{}` | -| `controller.podLabels` | Controller Pod labels | `{}` | -| `controller.podAffinityPreset` | Controller Pod affinitypreset | `""` | -| `controller.podAntiAffinityPreset` | Controller Pod anti affinitypreset | `soft` | -| `controller.nodeAffinityPreset.type` | Controller Pod Node affinity preset | `""` | -| `controller.nodeAffinityPreset.key` | Controller Pod Node affinity label key to match | `""` | -| `controller.nodeAffinityPreset.values` | Controller Pod Node affinity label values to match | `[]` | -| `controller.serviceAccount.create` | create a serviceAccount for the controller pod | `true` | -| `controller.serviceAccount.name` | use the serviceAccount with the specified name | `""` | -| `controller.revisionHistoryLimit` | the revision history limit for the deployment. | `3` | -| `controller.terminationGracePeriodSeconds` | the termination grace period for pods | `0` | -| `controller.containerPort.metrics` | Controller Pod metrics listening port | `7472` | -| `controller.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `controller.livenessProbe.failureThreshold` | Delay before liveness probe is initiated | `3` | -| `controller.livenessProbe.initialDelaySeconds` | How often to perform the probe | `10` | -| `controller.livenessProbe.periodSeconds` | When the probe times out | `10` | -| `controller.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `controller.livenessProbe.timeoutSeconds` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `1` | -| `controller.readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `controller.readinessProbe.failureThreshold` | Delay before readiness probe is initiated | `3` | -| `controller.readinessProbe.initialDelaySeconds` | How often to perform the probe | `10` | -| `controller.readinessProbe.periodSeconds` | When the probe times out | `10` | -| `controller.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `controller.readinessProbe.timeoutSeconds` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `1` | -| `controller.securityContext.enabled` | Enable pods' security context | `true` | -| `controller.securityContext.runAsNonRoot` | MetalLB Controller must runs as nonRoot. | `true` | -| `controller.securityContext.runAsUser` | User ID for the pods. | `1001` | -| `controller.securityContext.fsGroup` | Group ID for the pods. | `1001` | -| `controller.securityContext.allowPrivilegeEscalation` | This defines if privilegeEscalation is allowed on that container | `false` | -| `controller.securityContext.readOnlyRootFilesystem` | This defines if the container can read the root fs on the host | `true` | -| `controller.securityContext.capabilities.drop` | Drop capabilities for the securityContext | `["ALL"]` | -| `controller.prometheus.serviceMonitor.enabled` | Specify if a servicemonitor will be deployed for prometheus-operator. | `false` | -| `controller.prometheus.serviceMonitor.jobLabel` | Specify the jobLabel to use for the prometheus-operator | `app.kubernetes.io/name` | -| `controller.prometheus.serviceMonitor.interval` | Specify the scrape interval if not specified use defaul prometheus scrapeIntervall | `""` | -| `controller.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics. | `[]` | -| `controller.prometheus.serviceMonitor.relabelings` | Specify general relabeling. | `[]` | +| Name | Description | Value | +| -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ---------------------------- | +| `controller.image.registry` | MetalLB Controller image registry | `docker.io` | +| `controller.image.repository` | MetalLB Controller image repository | `bitnami/metallb-controller` | +| `controller.image.tag` | MetalLB Controller image tag (immutable tags are recommended) | `0.10.2-debian-10-r0` | +| `controller.image.pullPolicy` | MetalLB Controller image pull policy | `IfNotPresent` | +| `controller.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `controller.hostAliases` | Deployment pod host aliases | `[]` | +| `controller.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | +| `controller.psp.create` | create specifies whether to install Pod Security Policies. | `true` | +| `controller.priorityClassName` | Set pod priorityClassName | `nil` | +| `controller.resources.limits` | The resources limits for the container | `{}` | +| `controller.resources.requests` | The requested resources for the container | `{}` | +| `controller.nodeSelector` | Node labels for controller pod assignment | `{}` | +| `controller.tolerations` | Tolerations for controller pod assignment | `[]` | +| `controller.affinity` | Affinity for controller pod assignment | `{}` | +| `controller.podAnnotations` | Controller Pod annotations | `{}` | +| `controller.podLabels` | Controller Pod labels | `{}` | +| `controller.podAffinityPreset` | Controller Pod affinitypreset. Allowed values: soft, hard | `""` | +| `controller.podAntiAffinityPreset` | Controller Pod anti affinitypreset. Allowed values: soft, hard | `soft` | +| `controller.nodeAffinityPreset.type` | Controller Pod Node affinity preset. Allowed values: soft, hard | `""` | +| `controller.nodeAffinityPreset.key` | Controller Pod Node affinity label key to match | `""` | +| `controller.nodeAffinityPreset.values` | Controller Pod Node affinity label values to match | `[]` | +| `controller.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `controller.serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `controller.securityContext.enabled` | Enable pods' security context | `true` | +| `controller.securityContext.runAsNonRoot` | MetalLB Controller must runs as nonRoot. | `true` | +| `controller.securityContext.runAsUser` | User ID for the pods. | `1001` | +| `controller.securityContext.fsGroup` | Group ID for the pods. | `1001` | +| `controller.securityContext.allowPrivilegeEscalation` | This defines if privilegeEscalation is allowed on that container | `false` | +| `controller.securityContext.readOnlyRootFilesystem` | This defines if the container can read the root fs on the host | `true` | +| `controller.securityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | +| `controller.revisionHistoryLimit` | Configure the revisionHistoryLimit of the Controller deployment | `3` | +| `controller.terminationGracePeriodSeconds` | Configure the grace time period for sig term | `0` | +| `controller.containerPort.metrics` | Configures the ports the MetalLB Controller listens on for metrics | `7472` | +| `controller.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `controller.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `controller.prometheus.serviceMonitor.enabled` | Specify if a servicemonitor will be deployed for prometheus-operator | `false` | +| `controller.prometheus.serviceMonitor.jobLabel` | Specify the jobLabel to use for the prometheus-operator | `app.kubernetes.io/name` | +| `controller.prometheus.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used | `""` | +| `controller.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `controller.prometheus.serviceMonitor.relabelings` | Specify general relabeling | `[]` | + ### Speaker parameters -| Parameter | Description | Default | -|-------------------------------------------------------|----------------------------------------------------------------------------------------------|---------------------------------------------------------| -| `speaker.image.registry` | MetalLB Speaker image registry | `docker.io` | -| `speaker.image.repository` | MetalLB Speaker image name | `bitnami/metallb-speaker` | -| `speaker.image.tag` | MetalLB Speaker image tag | `{TAG_NAME}` | -| `speaker.image.pullPolicy` | MetalLB Speaker image pull policy | `IfNotPresent` | -| `speaker.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | -| `speaker.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | -| `speaker.psp.create` | create specifies whether to install Pod Security Policies. | `true` | -| `speaker.priorityClassName` | Set pod priorityClassName. | `null` | -| `speaker.resources.limits` | Specify resource limits which the container is not allowed to succeed. | `{}` (does not add resource limits to deployed pods) | -| `speaker.resources.requests` | Specify resource requests which the container needs to spawn. | `{}` (does not add resource limits to deployed pods) | -| `speaker.nodeSelector` | Node labels for speaker pod assignment | `{}` | -| `speaker.tolerations` | Tolerations for speaker pod assignment | `[]` | -| `speaker.affinity` | Affinity for speaker pod assignment | `{}` | -| `speaker.podAnnotations` | Speaker Pod annotations | `{}` | -| `speaker.podLabels` | Speaker Pod labels | `{}` | -| `speaker.hostAliases` | Add deployment host aliases | `[]` | -| `speaker.serviceAccount.create` | create a serviceAccount for the speaker pod | `true` | -| `speaker.serviceAccount.name` | use the serviceAccount with the specified name | "" | -| `speaker.daemonset.hostPorts.metrics` | the tcp port to listen on for the openmetrics endpoint. | `7472` | -| `speaker.daemonset.terminationGracePeriodSeconds` | The terminationGracePeriod in seconds for the daemonset to stop | `2` | -| `speaker.initContainers` | Extra initContainers to add to the daemonset | `[]` | -| `speaker.securityContext.enabled` | Enable pods' security context | `true` | -| `speaker.securityContext.runAsUser` | User ID for the pods. | `0` | -| `speaker.securityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | -| `speaker.securityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | -| `speaker.securityContext.capabilities.drop` | Drop capabilities for the securityContext | `["ALL"]` | -| `speaker.securityContext.capabilities.add` | Add capabilities for the securityContext | `["NET_ADMIN", "NET_RAW", "SYS_ADMIN"]` | -| `speaker.secretName` | References a Secret name for the member secret outside of the helm chart | `nil` | -| `speaker.secretKey` | References a Secret key the member secret outside of the helm chart | `nil` | -| `speaker.secretValue` | Custom value for `speaker.secretKey` | _random 256 character alphanumeric string_ | -| `speaker.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | -| `speaker.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `speaker.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | -| `speaker.livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `speaker.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `speaker.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `speaker.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `6` | -| `speaker.readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `speaker.readinessProbe.failureThreshold` | Delay before readiness probe is initiated | `3` | -| `speaker.readinessProbe.initialDelaySeconds` | How often to perform the probe | `10` | -| `speaker.readinessProbe.periodSeconds` | When the probe times out | `10` | -| `speaker.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `speaker.readinessProbe.timeoutSeconds` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `1` | -| `speaker.prometheus.serviceMonitor.enabled` | Specify if a servicemonitor will be deployed for prometheus-operator. | `false` | -| `speaker.prometheus.serviceMonitor.jobLabel` | Specify the jobLabel to use for the prometheus-operator | `app.kubernetes.io/name"` | -| `speaker.prometheus.serviceMonitor.interval` | Specify the scrape interval if not specified use defaul prometheus scrapeIntervall | `""` | -| `speaker.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics. | `[]` | -| `speaker.prometheus.serviceMonitor.relabelings` | Specify general relabeling. | `[]` | +| Name | Description | Value | +| ----------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `speaker.image.registry` | MetalLB Speaker image registry | `docker.io` | +| `speaker.image.repository` | MetalLB Speaker image repository | `bitnami/metallb-speaker` | +| `speaker.image.tag` | MetalLB Speaker image tag (immutable tags are recommended) | `0.10.2-debian-10-r0` | +| `speaker.image.pullPolicy` | MetalLB Speaker image pull policy | `IfNotPresent` | +| `speaker.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `speaker.rbac.create` | create specifies whether to install and use RBAC rules. | `true` | +| `speaker.hostAliases` | Deployment pod host aliases | `[]` | +| `speaker.psp.create` | create specifies whether to install Pod Security Policies. | `true` | +| `speaker.priorityClassName` | Set pod priorityClassName. | `nil` | +| `speaker.resources.limits` | The resources limits for the container | `{}` | +| `speaker.resources.requests` | The requested resources for the container | `{}` | +| `speaker.nodeSelector` | Node labels for speaker pod assignment | `{}` | +| `speaker.tolerations` | Tolerations for speaker pod assignment | `[]` | +| `speaker.affinity` | Affinity for speaker pod assignment | `{}` | +| `speaker.podAnnotations` | Speaker Pod annotations | `{}` | +| `speaker.podLabels` | Speaker Pod labels | `{}` | +| `speaker.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `speaker.serviceAccount.name` | The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template | `""` | +| `speaker.daemonset.terminationGracePeriodSeconds` | Configure the grace time period for sig term | `2` | +| `speaker.daemonset.hostPorts.metrics` | HTTP Metrics Endpoint | `7472` | +| `speaker.secretName` | References a Secret name for the member secret outside of the helm chart | `nil` | +| `speaker.secretKey` | References a Secret key the member secret outside of the helm chart | `nil` | +| `speaker.secretValue` | Custom value for `speaker.secretKey` | `nil` | +| `speaker.initContainers` | Extra initContainers to add to the daemonset | `[]` | +| `speaker.securityContext.enabled` | Enable pods' security context | `true` | +| `speaker.securityContext.runAsUser` | User ID for the pods. | `0` | +| `speaker.securityContext.allowPrivilegeEscalation` | Enables privilege Escalation context for the pod. | `false` | +| `speaker.securityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly | `true` | +| `speaker.securityContext.capabilities.drop` | Drop capabilities for the securityContext | `[]` | +| `speaker.securityContext.capabilities.add` | Add capabilities for the securityContext | `[]` | +| `speaker.extraEnvVars` | Extra environment variable to pass to the running container. | `[]` | +| `speaker.livenessProbe.enabled` | Enable livenessProbe | `true` | +| `speaker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `speaker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `speaker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | +| `speaker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `speaker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `speaker.readinessProbe.enabled` | Enable readinessProbe | `true` | +| `speaker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` | +| `speaker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `speaker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `speaker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `speaker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `speaker.prometheus.serviceMonitor.enabled` | Enable support for Prometheus Operator | `false` | +| `speaker.prometheus.serviceMonitor.jobLabel` | Job label for scrape target | `app.kubernetes.io/name` | +| `speaker.prometheus.serviceMonitor.interval` | Scrape interval. If not set, the Prometheus default scrape interval is used | `""` | +| `speaker.prometheus.serviceMonitor.metricRelabelings` | Specify additional relabeling of metrics | `[]` | +| `speaker.prometheus.serviceMonitor.relabelings` | Specify general relabeling | `[]` | + Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/bitnami/metallb/values.yaml b/bitnami/metallb/values.yaml index ae51718117..9ba1255a04 100644 --- a/bitnami/metallb/values.yaml +++ b/bitnami/metallb/values.yaml @@ -1,87 +1,95 @@ -## Default values for metallb. -## This is a YAML-formatted file. -## Declare variables to be passed into your templates. -## - +## @section Global parameters ## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value -## Current available global Docker image parameters: imageRegistry, imagePullSecrets +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array ## -# global: -# imageRegistry: myRegistryName -# imagePullSecrets: -# - myRegistryKeySecretName +global: + imageRegistry: + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + +## @section Common parameters + +## @param nameOverride String to partially override metallb.fullname include (will maintain the release name) +## +nameOverride: +## @param fullnameOverride String to fully override metallb.fullname template +## +fullnameOverride: +## @param commonLabels Add labels to all the deployed resources +## +commonLabels: {} +## @param commonAnnotations Add annotations to all the deployed resources +## +commonAnnotations: {} + +## @section MetalLB parameters ## To configure MetalLB, you must specify ONE of the following two ## options. -# -## existingConfigMap specifies the name of an externally-defined -## ConfigMap to use as the configuration. Helm will not manage the -## contents of this ConfigMap, it is your responsibility to create it. -# -# existingConfigMap: metallb-config -# -## configInline specifies MetalLB's configuration directly, in yaml -## format. When configInline is used, Helm manages MetalLB's +## @param existingConfigMap Specify the name of an externally-defined ConfigMap to use as the configuration. This is mutually exclusive with the `configInline` option. +## Helm will not manage the contents of this ConfigMap, it is your responsibility to create it. +## e.g: +## existingConfigMap: metallb-config +## +existingConfigMap: +## @param configInline Specifies MetalLB's configuration directly, in yaml format. +## When configInline is used, Helm manages MetalLB's ## configuration ConfigMap as part of the release, and ## existingConfigMap is ignored. ## Refer to https://metallb.universe.tf/configuration/ for ## available options. -# +## configInline: {} - -## String to partially override metallb.fullname include (will maintain the release name) -## -# nameOverride: - -## String to fully override metallb.fullname template -## -# fullnameOverride: - ## RBAC creation for controller and speaker ## rbac: - ## create specifies whether to install and use RBAC rules. + ## @param rbac.create Specifies whether to install and use RBAC rules ## create: true - ## PSP creation for controller and speaker ## psp: - ## create specifies whether to install Pod Security Policies. + ## @param psp.create create specifies whether to install Pod Security Policies. ## create: false - -# Prometheus Operator alertmanager alerts +## Prometheus Operator alertmanager alerts +## networkPolicy: - ## Specifies whether a NetworkPolicy should be created. + ## @param networkPolicy.enabled Enable NetworkPolicy ## Prometheus scraping of the controller ## enabled: false - - ## Limit networkpolicy ingress (from) + ## @param networkPolicy.ingressNSMatchLabels Allow connections from other namespaces ## Set label for namespace and pods (optional). ## ingressNSMatchLabels: {} + ## @param networkPolicy.ingressNSPodMatchLabels For other namespaces match by pod labels and namespace labels + ## ingressNSPodMatchLabels: {} - -## Prometheus Operator alertmanager alerts are created. +## @param prometheusRule.enabled Prometheus Operator alertmanager alerts are created ## prometheusRule: enabled: false -## Add labels to all the deployed resources -## -commonLabels: {} - -## Add annotations to all the deployed resources -## -commonAnnotations: {} +## @section Controller parameters ## Metallb Controller deployment. ## ref: https://hub.docker.com/r/bitnami/metallb-controller/tags ## controller: + ## @param controller.image.registry MetalLB Controller image registry + ## @param controller.image.repository MetalLB Controller image repository + ## @param controller.image.tag MetalLB Controller image tag (immutable tags are recommended) + ## @param controller.image.pullPolicy MetalLB Controller image pull policy + ## @param controller.image.pullSecrets Specify docker-registry secret names as an array + ## image: registry: docker.io repository: bitnami/metallb-controller @@ -94,118 +102,118 @@ controller: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - - ## Deployment pod host aliases + pullSecrets: [] + ## @param controller.hostAliases Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## If global .Values.rbac.create is disabled no rbac is created. ## This value is then meaningless ## Defines if the controller rbac should be created. ## rbac: - ## create specifies whether to install and use RBAC rules. + ## @param controller.rbac.create create specifies whether to install and use RBAC rules. ## create: true - ## If global .Values.psp.create is disabled no psp is created. ## This value is then meaningless ## Defines if the controller psp should be created. ## psp: - ## create specifies whether to install Pod Security Policies. + ## @param controller.psp.create create specifies whether to install Pod Security Policies. ## create: true - - ## Set pod priorityClassName - # priorityClassName: "" - + ## @param controller.priorityClassName Set pod priorityClassName + ## + priorityClassName: ## Controller container resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 100Mi - # requests: - # memory: 25Mi - # cpu: 25m - ## Node labels for pod assignment + ## @param controller.resources.limits The resources limits for the container + ## @param controller.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 100Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 25m + ## memory: 25Mi + requests: {} + ## @param controller.nodeSelector Node labels for controller pod assignment ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - - ## Tolerations for pod assignment + ## @param controller.tolerations Tolerations for controller pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - - ## Affinity for pod assignment + ## @param controller.affinity Affinity for controller pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - - ## Pod annotations + ## @param controller.podAnnotations Controller Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - - ## Additional pod labels + ## @param controller.podLabels Controller Pod labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - - ## Pod affinity preset + ## @param controller.podAffinityPreset Controller Pod affinitypreset. Allowed values: soft, hard ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## Allowed values: soft, hard ## podAffinityPreset: "" - - ## Pod anti-affinity preset + ## @param controller.podAntiAffinityPreset Controller Pod anti affinitypreset. Allowed values: soft, hard ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity - ## Allowed values: soft, hard ## podAntiAffinityPreset: soft - ## Node affinity preset ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity ## Allowed values: soft, hard ## nodeAffinityPreset: - ## Node affinity type - ## Allowed values: soft, hard + ## @param controller.nodeAffinityPreset.type Controller Pod Node affinity preset. Allowed values: soft, hard ## type: "" - ## Node label key to match + ## @param controller.nodeAffinityPreset.key Controller Pod Node affinity label key to match ## E.g. ## key: "kubernetes.io/e2e-az-name" ## key: "" - ## Node label values to match + ## @param controller.nodeAffinityPreset.values Controller Pod Node affinity label values to match ## E.g. ## values: ## - e2e-az1 ## - e2e-az2 ## values: [] - serviceAccount: - # Specifies whether a ServiceAccount should be created + ## @param controller.serviceAccount.create Specifies whether a ServiceAccount should be created + ## create: true - # The name of the ServiceAccount to use. If not set and create is - # true, a name is generated using the fullname template + ## @param controller.serviceAccount.name The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template + ## name: "" - ## Pod securityContext ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## @param controller.securityContext.enabled Enable pods' security context + ## @param controller.securityContext.runAsNonRoot MetalLB Controller must runs as nonRoot. + ## @param controller.securityContext.runAsUser User ID for the pods. + ## @param controller.securityContext.fsGroup Group ID for the pods. + ## @param controller.securityContext.allowPrivilegeEscalation This defines if privilegeEscalation is allowed on that container + ## @param controller.securityContext.readOnlyRootFilesystem This defines if the container can read the root fs on the host + ## @param controller.securityContext.capabilities.drop [array] Drop capabilities for the securityContext ## securityContext: enabled: true @@ -217,24 +225,26 @@ controller: capabilities: drop: - ALL - - ## Configure the revisionHistoryLimit of the Controller deployment + ## @param controller.revisionHistoryLimit Configure the revisionHistoryLimit of the Controller deployment ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#revision-history-limit ## revisionHistoryLimit: 3 - - ## Configure the grace time period for sig term + ## @param controller.terminationGracePeriodSeconds Configure the grace time period for sig term ## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution ## terminationGracePeriodSeconds: 0 - - ## Configures the ports the MetalLB Controller listens on for metrics + ## @param controller.containerPort.metrics Configures the ports the MetalLB Controller listens on for metrics ## containerPort: metrics: 7472 - - ## Liveness and readiness probe values + ## Liveness probe values ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param controller.livenessProbe.enabled Enable livenessProbe + ## @param controller.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param controller.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param controller.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param controller.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param controller.livenessProbe.successThreshold Success threshold for livenessProbe ## livenessProbe: enabled: true @@ -243,6 +253,15 @@ controller: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 + ## Readiness probe values + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param controller.readinessProbe.enabled Enable readinessProbe + ## @param controller.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param controller.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param controller.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param controller.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param controller.readinessProbe.successThreshold Success threshold for readinessProbe + ## readinessProbe: enabled: true failureThreshold: 3 @@ -250,27 +269,38 @@ controller: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - prometheus: ## Prometheus Operator service monitors ## serviceMonitor: - ## enable support for Prometheus Operator + ## @param controller.prometheus.serviceMonitor.enabled Specify if a servicemonitor will be deployed for prometheus-operator ## enabled: false - ## Job label for scrape target + ## @param controller.prometheus.serviceMonitor.jobLabel Specify the jobLabel to use for the prometheus-operator ## jobLabel: "app.kubernetes.io/name" - ## Scrape interval. If not set, the Prometheus default scrape interval is used. + ## @param controller.prometheus.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used ## interval: "" + ## @param controller.prometheus.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## metricRelabelings: [] + ## @param controller.prometheus.serviceMonitor.relabelings Specify general relabeling + ## relabelings: [] +## @section Speaker parameters + ## Metallb Speaker daemonset. ## ref: https://hub.docker.com/r/bitnami/metallb-speaker/tags ## speaker: + ## @param speaker.image.registry MetalLB Speaker image registry + ## @param speaker.image.repository MetalLB Speaker image repository + ## @param speaker.image.tag MetalLB Speaker image tag (immutable tags are recommended) + ## @param speaker.image.pullPolicy MetalLB Speaker image pull policy + ## @param speaker.image.pullSecrets Specify docker-registry secret names as an array + ## image: registry: docker.io repository: bitnami/metallb-speaker @@ -283,111 +313,116 @@ speaker: ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName ## - # pullSecrets: - # - myRegistryKeySecretName - + pullSecrets: [] ## If global .Values.rbac.create is disabled no rbac is created. ## This value is then meaningless ## Defines if the speaker rbac should be created. ## rbac: - ## create specifies whether to install and use RBAC rules. + ## @param speaker.rbac.create create specifies whether to install and use RBAC rules. ## create: true - - ## Deployment pod host aliases + ## @param speaker.hostAliases Deployment pod host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## hostAliases: [] - ## If global .Values.psp.create is disabled no psp is created. ## This value is then meaningless ## Defines if the speaker psp should be created. ## psp: - ## create specifies whether to install Pod Security Policies. + ## @param speaker.psp.create create specifies whether to install Pod Security Policies. ## create: true - - ## Set pod priorityClassName - # priorityClassName: "" - + ## @param speaker.priorityClassName Set pod priorityClassName. + ## + priorityClassName: ## Speaker container resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - resources: {} ## We usually recommend not to specify default resources and to leave this as a conscious ## choice for the user. This also increases chances charts run on environments with little ## resources, such as Minikube. If you do want to specify resources, uncomment the following ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 100Mi - # requests: - # memory: 25Mi - # cpu: 25m - ## Node labels for pod assignment + ## @param speaker.resources.limits The resources limits for the container + ## @param speaker.resources.requests The requested resources for the container + ## + resources: + ## Example: + ## limits: + ## cpu: 100m + ## memory: 100Mi + limits: {} + ## Examples: + ## requests: + ## cpu: 25m + ## memory: 25Mi + requests: {} + ## @param speaker.nodeSelector Node labels for speaker pod assignment ## ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} - - ## Tolerations for pod assignment + ## @param speaker.tolerations Tolerations for speaker pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] - - ## Affinity for pod assignment + ## @param speaker.affinity Affinity for speaker pod assignment ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} - - ## Pod annotations + ## @param speaker.podAnnotations Speaker Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} - - ## Additional pod labels + ## @param speaker.podLabels Speaker Pod labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## podLabels: {} - serviceAccount: - # Specifies whether a ServiceAccount should be created + ## @param speaker.serviceAccount.create Specifies whether a ServiceAccount should be created + ## create: true - # The name of the ServiceAccount to use. If not set and create is - # true, a name is generated using the fullname template + ## @param speaker.serviceAccount.name The name of the ServiceAccount to use. If not set and create is true, a name is generated using the fullname template + ## name: "" - ## Daemonset configuration ## daemonset: - ## Configure the grace time period for sig term + ## @param speaker.daemonset.terminationGracePeriodSeconds Configure the grace time period for sig term ## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution ## terminationGracePeriodSeconds: 2 - ## HTTP Metrics Endpoint + ## @param speaker.daemonset.hostPorts.metrics HTTP Metrics Endpoint ## hostPorts: metrics: 7472 - - ## Defines a secret to use outside of the auto generated + ## Defines a secret to use outside of the auto generate + ## @param speaker.secretName References a Secret name for the member secret outside of the helm chart + ## @param speaker.secretKey References a Secret key the member secret outside of the helm chart + ## @param speaker.secretValue Custom value for `speaker.secretKey` ## Default: {{ randAlphaNum 256 | b64enc | quote }} ## The auto generated secret has: ## secretName: {{ "common.names.fullname" }}-memberlist ## secretKey: secretkey ## secretValue: random 256 character alphanumeric string ## - # secretName: - # secretKey: - # secretValue: - - ## Extra containers to add before the speaker starts + secretName: + secretKey: + secretValue: + ## @param speaker.initContainers Extra initContainers to add to the daemonset ## initContainers: [] - ## Pod securityContext ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## @param speaker.securityContext.enabled Enable pods' security context + ## @param speaker.securityContext.runAsUser User ID for the pods. + ## @param speaker.securityContext.allowPrivilegeEscalation Enables privilege Escalation context for the pod. + ## @param speaker.securityContext.readOnlyRootFilesystem Allows the pod to mount the RootFS as ReadOnly + ## @param speaker.securityContext.capabilities.drop [array] Drop capabilities for the securityContext + ## @param speaker.securityContext.capabilities.add [array] Add capabilities for the securityContext ## securityContext: enabled: true @@ -401,17 +436,21 @@ speaker: - NET_ADMIN - NET_RAW - SYS_ADMIN - - ## An array to add extra env vars + ## @param speaker.extraEnvVars Extra environment variable to pass to the running container. ## For example: ## extraEnvVars: ## - name: MY_ENV_VAR ## value: env_var_value ## extraEnvVars: [] - - ## Liveness and readiness probe values + ## Liveness probe values ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param speaker.livenessProbe.enabled Enable livenessProbe + ## @param speaker.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param speaker.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param speaker.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param speaker.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param speaker.livenessProbe.successThreshold Success threshold for livenessProbe ## livenessProbe: enabled: true @@ -420,6 +459,15 @@ speaker: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 + ## Readiness probe values + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## @param speaker.readinessProbe.enabled Enable readinessProbe + ## @param speaker.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param speaker.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param speaker.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param speaker.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param speaker.readinessProbe.successThreshold Success threshold for readinessProbe + ## readinessProbe: enabled: true failureThreshold: 3 @@ -427,19 +475,22 @@ speaker: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - prometheus: ## Prometheus Operator service monitors ## serviceMonitor: - ## enable support for Prometheus Operator + ## @param speaker.prometheus.serviceMonitor.enabled Enable support for Prometheus Operator ## enabled: false - ## Job label for scrape target + ## @param speaker.prometheus.serviceMonitor.jobLabel Job label for scrape target ## jobLabel: "app.kubernetes.io/name" - ## Scrape interval. If not set, the Prometheus default scrape interval is used. + ## @param speaker.prometheus.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used ## interval: "" + ## @param speaker.prometheus.serviceMonitor.metricRelabelings Specify additional relabeling of metrics + ## metricRelabelings: [] + ## @param speaker.prometheus.serviceMonitor.relabelings Specify general relabeling + ## relabelings: []