mirror of
https://github.com/bitnami/charts.git
synced 2026-03-10 15:07:49 +08:00
291 lines
9.2 KiB
YAML
291 lines
9.2 KiB
YAML
## Global Docker image parameters
|
|
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
|
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
|
|
##
|
|
# global:
|
|
# imageRegistry: myRegistryName
|
|
# imagePullSecrets:
|
|
# - myRegistryKeySecretName
|
|
|
|
## Bitnami etcd image version
|
|
## ref: https://hub.docker.com/r/bitnami/etcd/tags/
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/etcd
|
|
tag: 3.3.13-debian-9-r65
|
|
## Specify a imagePullPolicy
|
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
|
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
# pullSecrets:
|
|
# - myRegistryKeySecretName
|
|
|
|
## Set to true if you would like to see extra information on logs
|
|
## It turns BASH and NAMI debugging in minideb and in etcd pod scripts
|
|
## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging
|
|
debug: false
|
|
|
|
## String to partially override etcd.fullname template (will maintain the release name)
|
|
##
|
|
# nameOverride:
|
|
|
|
## String to fully override etcd.fullname template
|
|
##
|
|
# fullnameOverride:
|
|
|
|
## Init containers parameters:
|
|
## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
|
|
##
|
|
volumePermissions:
|
|
enabled: false
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/minideb
|
|
tag: latest
|
|
pullPolicy: Always
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
# pullSecrets:
|
|
# - myRegistryKeySecretName
|
|
resources: {}
|
|
|
|
statefulset:
|
|
## Update strategy, can be set to RollingUpdate or OnDelete by default.
|
|
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
|
|
##
|
|
updateStrategy: RollingUpdate
|
|
## Partition update strategy
|
|
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
|
|
##
|
|
# rollingUpdatePartition:
|
|
## Pod management policy
|
|
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
|
|
##
|
|
podManagementPolicy: Parallel
|
|
## Number od replicas
|
|
##
|
|
replicaCount: 1
|
|
|
|
## ConfigMap that includes the etcd.conf.yml file
|
|
##
|
|
# configFileConfigMap:
|
|
|
|
## ConfigMap that includes extra environment variables
|
|
##
|
|
# envVarsConfigMap:
|
|
|
|
## etcd docker image available customizations
|
|
## https://github.com/bitnami/bitnami-docker-etcd#configuration
|
|
##
|
|
## Allow to use etcd without configuring RBAC authentication
|
|
allowNoneAuthentication: true
|
|
|
|
## Limits the number of operating system threads that can execute user-level
|
|
## Go code simultaneously by setting GOMAXPROCS environment variable
|
|
## ref: https://golang.org/pkg/runtime
|
|
##
|
|
# maxProcs
|
|
|
|
## Authentication parameteres
|
|
## https://github.com/bitnami/bitnami-docker-etcd#security
|
|
##
|
|
auth:
|
|
rbac:
|
|
enabled: true
|
|
## etcd root user password. The root user is always `root`.
|
|
# rootPassword:
|
|
## Name of the existing secret containing credentials for the root user.
|
|
# existingSecret:
|
|
|
|
client:
|
|
## Switch to encrypt client communication using TLS certificates
|
|
secureTransport: false
|
|
## Switch to automatically create the TLS certificates
|
|
useAutoTLS: false
|
|
## Switch to enable host authentication using TLS certificates. Requires existing secret.
|
|
enableAuthentication: false
|
|
## Name of the existing secret containing cert files for client communication.
|
|
# existingSecret:
|
|
|
|
peer:
|
|
## Switch to encrypt peer communication using TLS certificates
|
|
secureTransport: false
|
|
## Switch to automatically create the TLS certificates
|
|
useAutoTLS: false
|
|
## Switch to enable host authentication using TLS certificates. Requires existing secret.
|
|
enableAuthentication: false
|
|
## Name of the existing secret containing cert files for peer communication.
|
|
# existingSecret:
|
|
|
|
|
|
## Kubernetes Security Context
|
|
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
##
|
|
securityContext:
|
|
enabled: true
|
|
fsGroup: 1001
|
|
runAsUser: 1001
|
|
|
|
## Kubernetes configuration
|
|
## For minikube, set this to NodePort, elsewhere use LoadBalancer
|
|
##
|
|
service:
|
|
dnsBase: svc.cluster.local
|
|
type: ClusterIP
|
|
port: 2379
|
|
## Specify the nodePort value for the LoadBalancer and NodePort service types for the client port
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
|
##
|
|
# nodePort:
|
|
peerPort: 2380
|
|
## Specify the nodePort value for the LoadBalancer and NodePort service types for the peer port
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
|
##
|
|
# peerNodePort:
|
|
## Provide any additional annotations which may be required. This can be used to
|
|
## set the LoadBalancer service type to internal only.
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
|
##
|
|
annotations: {}
|
|
## Use loadBalancerIP to request a specific static IP,
|
|
## otherwise leave blank
|
|
##
|
|
# loadBalancerIP:
|
|
|
|
## etcd data Persistent Volume Storage Class
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
|
## GKE, AWS & OpenStack)
|
|
##
|
|
persistence:
|
|
enabled: true
|
|
# storageClass: "-"
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
size: 8Gi
|
|
annotations: {}
|
|
|
|
## Configure resource requests and limits
|
|
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
|
##
|
|
resources:
|
|
# limits:
|
|
# cpu: 200m
|
|
# memory: 1Gi
|
|
# requests:
|
|
# memory: 256Mi
|
|
# cpu: 250m
|
|
|
|
## Configure extra options for liveness and readiness probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
|
|
livenessProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 2
|
|
successThreshold: 1
|
|
|
|
readinessProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
|
|
## Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
|
|
## Node Affinity. The value is evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
|
|
##
|
|
nodeAffinity: {}
|
|
## Pod Affinity. The value is evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
##
|
|
podAffinity: {}
|
|
## Pod AntiAffinity
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinity: soft
|
|
|
|
## Node labels for pod assignment. The value is evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
##
|
|
nodeSelector: {}
|
|
## Tolerations for pod assignment. The value is evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
|
|
##
|
|
tolerations: {}
|
|
|
|
## Add the corresponding annotations so Prometheus can collect etcd metrics
|
|
##
|
|
metrics:
|
|
enabled: false
|
|
podAnnotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "2379"
|
|
|
|
## Start a new etcd cluster recovering the data from an existing snaptshot before
|
|
## initializing the members
|
|
##
|
|
startFromSnapshot:
|
|
enabled: false
|
|
## Existingn PVC containing the etcd snapshot
|
|
##
|
|
# existingClaim
|
|
## Snapshot filename
|
|
##
|
|
# snapshotFilename
|
|
|
|
## Enable auto disaster recovery by periodically snapshotting the keyspace
|
|
## - It creates a cronjob to periodically snapshotting the keyspace
|
|
## - It also creates a ReadWriteMany PVC to store the snapshots
|
|
## If the cluster permanently loses more than (N-1)/2 members, it tries to recover
|
|
## the cluster from a previous snapshot.
|
|
##
|
|
disasterRecovery:
|
|
enabled: false
|
|
cronjob:
|
|
## Schedule in Cron format to save snapshots
|
|
## See https://en.wikipedia.org/wiki/Cron
|
|
##
|
|
schedule: "*/30 * * * *"
|
|
## Number of successful finished jobs to retain
|
|
##
|
|
historyLimit: 1
|
|
## Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## Configure resource requests and limits
|
|
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
|
##
|
|
# resources:
|
|
pvc:
|
|
## A manually managed Persistent Volume and Claim
|
|
## If defined, PVC must be created manually before volume will be bound
|
|
## The value is evaluated as a template, so, for example, the name can depend on .Release or .Chart
|
|
##
|
|
# existingClaim:
|
|
|
|
## PVC Storage Request
|
|
##
|
|
size: 2Gi
|
|
## storageClassName, choose a storageClassName with ReadWriteMany support
|
|
##
|
|
storageClassName: nfs
|