## Global Docker image parameters ## Please, note that this will override the image parameters, including dependencies, configured to use the global value ## Current available global Docker image parameters: imageRegistry and imagePullSecrets ## # global: # imageRegistry: myRegistryName # imagePullSecrets: # - myRegistryKeySecretName # storageClass: myStorageClass ## Bitnami HashiCorp Consul image version ## ref: https://hub.docker.com/r/bitnami/consul/tags/ ## image: registry: docker.io repository: bitnami/consul tag: 1.7.2-debian-10-r29 ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images ## pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - myRegistryKeySecretName ## Set to true if you would like to see extra information on logs ## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging ## debug: false ## String to partially override consul.fullname template (will maintain the release name) ## # nameOverride: ## String to fully override consul.fullname template ## # fullnameOverride: ## Init containers parameters: ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. ## volumePermissions: enabled: false ## Bitnami Minideb image version ## ref: https://hub.docker.com/r/bitnami/minideb/tags/ ## image: registry: docker.io repository: bitnami/minideb tag: buster pullPolicy: Always ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - myRegistryKeySecretName ## Init container' resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: {} # cpu: 100m # memory: 128Mi requests: {} # cpu: 100m # memory: 128Mi ## Consul cluster domain ## clusterDomain: cluster.local ## Datacenter name for consul. If not supplied, will use the consul ## datacenterName: dc1 ## Consul domain name ## domain: consul ## Consul raft multiplier. ## raftMultiplier: '1' ## Predefined value for gossip key. ## The key must be 16-bytes, can be generated with $(consul keygen) ## # gossipKey: 887Syd/BOvbtvRAKviazMg== ## Use TLS to verify the authenticity of servers and clients. ## Check README for more information. ## # tlsEncryptionSecretName: your-already-created-secret ## Consul configmap ## # configmap: | # { # "datacenter":"dc2", # "domain":"consul", # "data_dir":"/opt/bitnami/consul/data", # "pid_file":"/opt/bitnami/consul/tmp/consul.pid", # "server":true, # "ui":false, # "bootstrap_expect":3, # "addresses": { # "http":"0.0.0.0" # }, # "ports": { # "http":8500, # "dns":8600, # "serf_lan":8301, # "server":8300 # }, # "serf_lan":"0.0.0.0" # } ## Extra configuration that will be added to the default one. ## # localConfig: |- # { # "key": "value" # } ## Number of HashiCorp Consul replicas to deploy ## replicas: 3 ## updateStrategy for Consul statefulset ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies ## updateStrategy: type: RollingUpdate ## Pod Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ ## securityContext: enabled: true fsGroup: 1001 runAsUser: 1001 ## HashiCorp Consul container's resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: {} # memory: 256Mi # cpu: 100m requests: {} # memory: 256Mi # cpu: 100m ## Affinity for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity ## affinity: {} ## Node labels for pod assignment. Evaluated as a template. ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ ## nodeSelector: {} ## Tolerations for pod assignment ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ ## tolerations: [] ## Pod annotations ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: {} ## HashiCorp Consul container's liveness and readiness probes ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## livenessProbe: enabled: true initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 readinessProbe: enabled: true initialDelaySeconds: 5 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 6 successThreshold: 1 ## Enable persistence using Persistent Volume Claims ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ ## persistence: ## If true, use a Persistent Volume Claim, If false, use emptyDir ## enabled: true ## Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" ## Persistent Volume Claim annotations ## annotations: {} ## Persistent Volume Access Mode ## accessModes: - ReadWriteOnce ## Persistent Volume size ## size: 8Gi ## Pod disruption budget configuration ## pdb: ## Specifies whether a Pod disruption budget should be created ## create: false ## Minimum number / percentage of pods that should remain scheduled ## minAvailable: 1 ## Maximum number / percentage of pods that may be made unavailable ## # maxUnavailable: 1 ## HashiCorp Consul service parameters ## service: ## Consul service ports ## port: 8500 rpcPort: 8400 serflanPort: 8301 serverPort: 8300 consulDnsPort: 8600 uiPort: 80 ## HashiCorp Consul UI service parameters ## ui: service: enabled: true ## Service type ## type: ClusterIP ## Specify the nodePort value for the LoadBalancer and NodePort service types. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport ## nodePort: "" ## Set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## # loadBalancerIP: ## Provide any additional annotations which may be required. This can be used to ## set the LoadBalancer service type to internal only. ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer ## annotations: {} ## Ingress paramaters ## ingress: ## Set to true to enable ingress record generation ## enabled: false ## Set this to true in order to add the corresponding annotations for cert-manager ## certManager: false ## Ingress annotations done as key:value pairs ## For a full list of possible ingress annotations, please see ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md ## ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set ## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set annotations: # kubernetes.io/ingress.class: nginx ## The list of hostnames to be covered with this ingress record. ## Most likely this will be just one host, but in the event more hosts are needed, this is an array hosts: - name: consul-ui.local path: / # Set this to true in order to enable TLS on the ingress record tls: false ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS tlsSecret: consul-ui.local-tls secrets: ## If you're providing your own certificates, please use this to add the certificates as secrets ## key and certificate should start with -----BEGIN CERTIFICATE----- or ## -----BEGIN RSA PRIVATE KEY----- ## ## name should line up with a tlsSecret set further up ## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set ## ## It is also possible to create and manage the certificates outside of this helm chart ## Please see README.md for more information # - name: consul-ui.local-tls # key: # certificate: ## Prometheus Exporter / Metrics ## metrics: enabled: false ## Bitnami HashiCorp Consul Prometheus Exporter image ## ref: https://hub.docker.com/r/bitnami/consul-exporter/tags/ ## image: registry: docker.io repository: bitnami/consul-exporter tag: 0.6.0-debian-10-r77 pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## # pullSecrets: # - myRegistryKeySecretName ## Metrics exporter pod Annotation and Labels ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ ## podAnnotations: prometheus.io/scrape: "true" prometheus.io/port: "9107" ## HashiCorp Consul Prometheus exporter resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: {} # cpu: 100m # memory: 128Mi requests: {} # cpu: 100m # memory: 128Mi