mirror of
https://github.com/bitnami/charts.git
synced 2026-03-10 15:07:49 +08:00
695 lines
18 KiB
YAML
695 lines
18 KiB
YAML
## Global Docker image parameters
|
|
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
|
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
|
|
##
|
|
# global:
|
|
# imageRegistry: myRegistryName
|
|
# imagePullSecrets:
|
|
# - myRegistryKeySecretName
|
|
# storageClass: myStorageClass
|
|
|
|
## Bitnami kong image version
|
|
## ref: https://hub.docker.com/r/bitnami/kong/tags/
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/kong
|
|
tag: 2.4.1-debian-10-r9
|
|
## Specify a imagePullPolicy
|
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
|
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
# pullSecrets:
|
|
# - myRegistryKeySecretName
|
|
|
|
## Force target Kubernetes version (using Helm capabilites if not set)
|
|
##
|
|
kubeVersion:
|
|
|
|
## Select database: can be either postgresql or cassandra
|
|
##
|
|
database: postgresql
|
|
|
|
## String to partially override kong.fullname template (will maintain the release name)
|
|
##
|
|
nameOverride:
|
|
|
|
## String to fully override kong.fullname template
|
|
##
|
|
fullnameOverride:
|
|
|
|
## Number of kong Pod replicas
|
|
##
|
|
replicaCount: 2
|
|
|
|
## Deployment pod host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
|
|
## Set up update strategy for kong installation. Set to Recreate if you use persistent volume that cannot be mounted by more than one pods to makesure the pods is destroyed first.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
|
|
## Example:
|
|
# updateStrategy:
|
|
# type: RollingUpdate
|
|
# rollingUpdate:
|
|
# maxSurge: 25%
|
|
# maxUnavailable: 25%
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
|
|
## Use an alternate scheduler, e.g. "stork".
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName:
|
|
|
|
## Common annotations to add to all Kong resources (sub-charts are not considered). Evaluated as a template
|
|
##
|
|
commonAnnotations: {}
|
|
|
|
## Common labels to add to all Kong resources (sub-charts are not considered). Evaluated as a template
|
|
##
|
|
commonLabels: {}
|
|
|
|
## Use a daemonset instead of a deployment
|
|
##
|
|
useDaemonset: false
|
|
|
|
kong:
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
##
|
|
command:
|
|
args:
|
|
## Configmap with init scripts to execute
|
|
##
|
|
initScriptsCM:
|
|
|
|
## Secret with init scripts to execute (for sensitive data)
|
|
##
|
|
initScriptsSecret:
|
|
|
|
## An array to add extra env vars
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
|
|
## ConfigMap with extra env vars:
|
|
##
|
|
extraEnvVarsCM:
|
|
|
|
## Secret with extra env vars:
|
|
##
|
|
extraEnvVarsSecret:
|
|
## Array to add extra mounts (normally used with extraVolumes)
|
|
##
|
|
extraVolumeMounts: []
|
|
|
|
## Custom Liveness probe
|
|
##
|
|
customLivenessProbe: {}
|
|
|
|
## Custom Rediness probe
|
|
##
|
|
customReadinessProbe: {}
|
|
|
|
##
|
|
## Liveness and readiness probes
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 120
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
##
|
|
## Container lifecycle hooks
|
|
## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
|
|
##
|
|
lifecycleHooks: {}
|
|
|
|
## Container resource requests and limits
|
|
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
|
##
|
|
resources:
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
limits: {}
|
|
# cpu: 500m
|
|
# memory: 1Gi
|
|
requests: {}
|
|
# cpu: 250m
|
|
# memory: 256Mi
|
|
|
|
ingressController:
|
|
enabled: true
|
|
customResourceDeletePolicy: {}
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/kong-ingress-controller
|
|
tag: 1.2.0-debian-10-r53
|
|
## Specify a imagePullPolicy
|
|
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
|
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
##
|
|
# pullSecrets:
|
|
# - myRegistryKeySecretName
|
|
proxyReadyTimeout: 300
|
|
rbac:
|
|
create: true
|
|
existingServiceAccount:
|
|
ingressClass: kong
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
##
|
|
command:
|
|
args:
|
|
## An array to add extra env vars
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
|
|
## ConfigMap with extra env vars:
|
|
##
|
|
extraEnvVarsCM:
|
|
|
|
## Secret with extra env vars:
|
|
##
|
|
extraEnvVarsSecret:
|
|
## Array to add extra mounts (normally used with extraVolumes)
|
|
##
|
|
extraVolumeMounts: []
|
|
|
|
## Custom Liveness probe
|
|
##
|
|
customLivenessProbe: {}
|
|
|
|
## Custom Rediness probe
|
|
##
|
|
customReadinessProbe: {}
|
|
|
|
##
|
|
## Liveness and readiness probes
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 120
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Container resource requests and limits
|
|
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
|
##
|
|
resources:
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
limits: {}
|
|
# cpu: 500m
|
|
# memory: 1Gi
|
|
requests: {}
|
|
# cpu: 250m
|
|
# memory: 256Mi
|
|
|
|
migration:
|
|
## In case you want to use a custom image for Kong migration, set this value
|
|
##
|
|
# image:
|
|
# registry:
|
|
# repository:
|
|
# tag:
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
##
|
|
command:
|
|
args:
|
|
|
|
## Deployment pod host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
|
|
## Job annotation. By defeault set to post-install and post-upgrade
|
|
##
|
|
annotations:
|
|
helm.sh/hook: post-install, post-upgrade
|
|
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
|
|
|
## An array to add extra env vars
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
|
|
## ConfigMap with extra env vars:
|
|
##
|
|
extraEnvVarsCM:
|
|
|
|
## Secret with extra env vars:
|
|
##
|
|
extraEnvVarsSecret:
|
|
## Array to add extra mounts (normally used with extraVolumes)
|
|
##
|
|
extraVolumeMounts:
|
|
## Liveness and readiness probes
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
##
|
|
## Container resource requests and limits
|
|
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
|
|
##
|
|
resources:
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
limits: {}
|
|
# cpu: 500m
|
|
# memory: 1Gi
|
|
requests: {}
|
|
# cpu: 250m
|
|
# memory: 256Mi
|
|
|
|
## Array to add extra volumes
|
|
##
|
|
extraVolumes: []
|
|
|
|
## Add init containers to the pod
|
|
##
|
|
initContainers:
|
|
## e.g.
|
|
# - name: your-image-name
|
|
# image: your-image
|
|
# imagePullPolicy: Always
|
|
# ports:
|
|
# - name: portname
|
|
# containerPort: 1234
|
|
|
|
## Add sidecar containers to the pod
|
|
##
|
|
sidecars:
|
|
## e.g.
|
|
# - name: your-image-name
|
|
# image: your-image
|
|
# imagePullPolicy: Always
|
|
# ports:
|
|
# - name: portname
|
|
# containerPort: 1234
|
|
|
|
## Service parameters
|
|
##
|
|
service:
|
|
## K8s service type
|
|
##
|
|
type: ClusterIP
|
|
|
|
## clusterIP for the service (optional)
|
|
## This is the internal IP address of the service and is usually assigned randomly.
|
|
## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec
|
|
##
|
|
clusterIP:
|
|
|
|
## externalTrafficPolicy for the service
|
|
## default to "Cluster"
|
|
## set to "Local" in order to preserve the client source IP (only on service of type LoadBalancer or NodePort)
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/
|
|
##
|
|
externalTrafficPolicy:
|
|
|
|
## kong proxy HTTP service port
|
|
##
|
|
proxyHttpPort: 80
|
|
## kong proxy HTTPS service port
|
|
##
|
|
proxyHttpsPort: 443
|
|
|
|
## Include the admin ports in the service
|
|
##
|
|
exposeAdmin: false
|
|
## kong proxy HTTP service port
|
|
##
|
|
adminHttpPort: 8001
|
|
## kong proxy HTTPS service port
|
|
##
|
|
adminHttpsPort: 8444
|
|
|
|
## Specify the nodePort value for the LoadBalancer and NodePort service types.
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
|
##
|
|
# proxyHttpNodePort:
|
|
# proxyHttpsNodePort:
|
|
# adminHttpNodePort:
|
|
# adminHttpsNodePort:
|
|
|
|
## loadBalancerIP for the Kong Service (optional, cloud specific)
|
|
## ref: http://kubernetes.io/docs/user-guide/services/#type-loadbalancer
|
|
##
|
|
loadBalancerIP:
|
|
|
|
## Provide any additional annotations which may be required. This can be used to
|
|
## set the LoadBalancer service type to internal only.
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
|
|
##
|
|
annotations: {}
|
|
## Extra ports to expose (normally used with the `sidecar` value)
|
|
# extraPorts:
|
|
|
|
## Kong cluster domain
|
|
##
|
|
clusterDomain: cluster.local
|
|
|
|
## Configure the ingress resource that allows you to access the
|
|
## Kong installation. Set up the URL
|
|
## ref: http://kubernetes.io/docs/user-guide/ingress/
|
|
##
|
|
ingress:
|
|
## Set to true to enable ingress record generation
|
|
##
|
|
enabled: false
|
|
|
|
## Set this to true in order to add the corresponding annotations for cert-manager
|
|
##
|
|
certManager: false
|
|
|
|
## Ingress Path type
|
|
##
|
|
pathType: ImplementationSpecific
|
|
|
|
## Override API Version (automatically detected if not set)
|
|
##
|
|
apiVersion:
|
|
|
|
## When the ingress is enabled, a host pointing to this will be created
|
|
##
|
|
hostname: kong.local
|
|
|
|
## The Path to Kong. You may need to set this to '/*' in order to use this
|
|
## with ALB ingress controllers.
|
|
##
|
|
path: /
|
|
|
|
## Ingress annotations done as key:value pairs
|
|
## For a full list of possible ingress annotations, please see
|
|
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md
|
|
##
|
|
## If certManager is set to true, annotation kubernetes.io/tls-acme: "true" will automatically be set
|
|
##
|
|
annotations: {}
|
|
|
|
## Enable TLS configuration for the hostname defined at ingress.hostname parameter
|
|
## TLS certificates will be retrieved from a TLS secret with name: {{- printf "%s-tls" .Values.ingress.hostname }}
|
|
## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it
|
|
##
|
|
tls: false
|
|
|
|
## The list of additional hostnames to be covered with this ingress record.
|
|
## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array
|
|
## extraHosts:
|
|
## - name: kong.local
|
|
## path: /
|
|
##
|
|
|
|
## Any additional arbitrary paths that may need to be added to the ingress under the main host.
|
|
## For example: The ALB ingress controller requires a special rule for handling SSL redirection.
|
|
## extraPaths:
|
|
## - path: /*
|
|
## backend:
|
|
## serviceName: ssl-redirect
|
|
## servicePort: use-annotation
|
|
##
|
|
|
|
## The tls configuration for additional hostnames to be covered with this ingress record.
|
|
## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
|
## extraTls:
|
|
## - hosts:
|
|
## - kong.local
|
|
## secretName: kong.local-tls
|
|
##
|
|
|
|
## If you're providing your own certificates, please use this to add the certificates as secrets
|
|
## key and certificate should start with -----BEGIN CERTIFICATE----- or
|
|
## -----BEGIN RSA PRIVATE KEY-----
|
|
##
|
|
## name should line up with a tlsSecret set further up
|
|
## If you're using cert-manager, this is unneeded, as it will create the secret for you if it is not set
|
|
##
|
|
## It is also possible to create and manage the certificates outside of this helm chart
|
|
## Please see README.md for more information
|
|
##
|
|
secrets: []
|
|
## - name: kong.local-tls
|
|
## key:
|
|
## certificate:
|
|
##
|
|
|
|
## SecurityContext configuration
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
|
##
|
|
containerSecurityContext:
|
|
runAsUser: 1001
|
|
runAsNonRoot: true
|
|
|
|
podSecurityContext: {}
|
|
|
|
## Node labels for pod assignment
|
|
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
|
|
##
|
|
nodeSelector: {}
|
|
|
|
## Tolerations for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
|
|
## Pod affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
## Allowed values: soft, hard
|
|
##
|
|
podAffinityPreset: ""
|
|
|
|
## Pod anti-affinity preset
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
## Allowed values: soft, hard
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
|
|
## Node affinity preset
|
|
## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
## Allowed values: soft, hard
|
|
##
|
|
nodeAffinityPreset:
|
|
## Node affinity type
|
|
## Allowed values: soft, hard
|
|
##
|
|
type: ""
|
|
## Node label key to match
|
|
## E.g.
|
|
## key: "kubernetes.io/e2e-az-name"
|
|
##
|
|
key: ""
|
|
## Node label values to match
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
|
|
## Affinity for pod assignment
|
|
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
|
|
## Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
|
|
## Pod labels
|
|
## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
|
|
## Prometheus metrics
|
|
##
|
|
metrics:
|
|
enabled: false
|
|
|
|
## Kong metrics service configuration
|
|
##
|
|
service:
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.metrics.service.port }}"
|
|
prometheus.io/path: "/metrics"
|
|
type: ClusterIP
|
|
port: 9119
|
|
|
|
## Kong ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
enabled: false
|
|
## Namespace in which Prometheus is running
|
|
##
|
|
# namespace: monitoring
|
|
|
|
## Service Account used by Prometheus
|
|
##
|
|
# serviceAccount: prometheus
|
|
|
|
## Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
# interval: 10s
|
|
|
|
## Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
# scrapeTimeout: 10s
|
|
|
|
## ServiceMonitor selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
# selector:
|
|
# prometheus: my-prometheus
|
|
|
|
## If RBAC enabled on the cluster, Additional resources will be required
|
|
## so Prometheus can reach kong's namespace
|
|
##
|
|
rbac:
|
|
enabled: true
|
|
|
|
## Add an horizontal pod autoscaler
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
enabled: false
|
|
apiVersion: autoscaling/v2beta1
|
|
minReplicas: 2
|
|
maxReplicas: 5
|
|
metrics:
|
|
- type: Resource
|
|
resource:
|
|
name: cpu
|
|
targetAverageUtilization: 80
|
|
|
|
## Kong Pod Disruption Budget
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
|
|
##
|
|
pdb:
|
|
enabled: false
|
|
maxUnavailable: "50%"
|
|
|
|
## Extra objects to deploy (value evaluated as a template)
|
|
##
|
|
extraDeploy: []
|
|
|
|
## PostgreSQL properties
|
|
##
|
|
postgresql:
|
|
## Deploy the postgresql sub-chart
|
|
##
|
|
enabled: true
|
|
## Mounts secrets as a file
|
|
##
|
|
usePasswordFile: false
|
|
## Properties for using an existing PostgreSQL installation
|
|
##
|
|
external:
|
|
## Host of the external PostgreSQL installation
|
|
##
|
|
host:
|
|
## Username of the external PostgreSQL installation
|
|
##
|
|
user:
|
|
## Password of the external PostgreSQL installation
|
|
##
|
|
password:
|
|
|
|
## Use an existing secret with the PostgreSQL password
|
|
##
|
|
existingSecret:
|
|
|
|
## Name of the Database for Kong to access
|
|
##
|
|
postgresqlDatabase: kong
|
|
|
|
## Create a username in the bundled PostgreSQL installation
|
|
##
|
|
postgresqlUsername: kong
|
|
|
|
## Cassandra properties
|
|
##
|
|
cassandra:
|
|
## Deploy the cassandra sub-chart
|
|
##
|
|
enabled: false
|
|
## Database user to create
|
|
##
|
|
dbUser:
|
|
user: kong
|
|
## Mount secrets as files
|
|
##
|
|
usePasswordFile: false
|
|
## Properties for using an existing Cassandra installation
|
|
##
|
|
external:
|
|
## Array with the contact points
|
|
##
|
|
hosts: []
|
|
# - host1
|
|
# - host2
|
|
|
|
## Port for accessing the external cassandra installation
|
|
##
|
|
port: 9042
|
|
|
|
## Username of the external Cassandra installation
|
|
##
|
|
user:
|
|
|
|
## Password of the external Cassandra installation
|
|
##
|
|
password:
|
|
|
|
## Use an existing secret with the Cassandra password
|
|
##
|
|
existingSecret:
|