mirror of
https://github.com/bitnami/charts.git
synced 2026-03-10 06:57:55 +08:00
faf8cf4282
* [bitnami/milvus] Release 16.0.1 updating components versions Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com> --------- Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
3922 lines
172 KiB
YAML
3922 lines
172 KiB
YAML
## Copyright Broadcom, Inc. All Rights Reserved.
|
|
## SPDX-License-Identifier: APACHE-2.0
|
|
|
|
## @section Global parameters
|
|
## Global Docker image parameters
|
|
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
|
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
|
|
##
|
|
|
|
## @param global.imageRegistry Global Docker image registry
|
|
## @param global.imagePullSecrets Global Docker registry secret names as an array
|
|
## @param global.defaultStorageClass Global default StorageClass for Persistent Volume(s)
|
|
##
|
|
global:
|
|
imageRegistry: ""
|
|
## E.g.
|
|
## imagePullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
imagePullSecrets: []
|
|
defaultStorageClass: ""
|
|
## Security parameters
|
|
##
|
|
security:
|
|
## @param global.security.allowInsecureImages Allows skipping image verification
|
|
allowInsecureImages: false
|
|
## Compatibility adaptations for Kubernetes platforms
|
|
##
|
|
compatibility:
|
|
## Compatibility adaptations for Openshift
|
|
##
|
|
openshift:
|
|
## @param global.compatibility.openshift.adaptSecurityContext Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)
|
|
##
|
|
adaptSecurityContext: auto
|
|
## @section Common parameters
|
|
##
|
|
|
|
## @param kubeVersion Override Kubernetes version
|
|
##
|
|
kubeVersion: ""
|
|
## @param apiVersions Override Kubernetes API versions reported by .Capabilities
|
|
##
|
|
apiVersions: []
|
|
## @param nameOverride String to partially override common.names.fullname
|
|
##
|
|
nameOverride: ""
|
|
## @param fullnameOverride String to fully override common.names.fullname
|
|
##
|
|
fullnameOverride: ""
|
|
## @param commonLabels Labels to add to all deployed objects
|
|
##
|
|
commonLabels: {}
|
|
## @param commonAnnotations Annotations to add to all deployed objects
|
|
##
|
|
commonAnnotations: {}
|
|
## @param clusterDomain Kubernetes cluster domain name
|
|
##
|
|
clusterDomain: cluster.local
|
|
## @param extraDeploy Array of extra objects to deploy with the release
|
|
##
|
|
extraDeploy: []
|
|
## @param enableServiceLinks Whether information about services should be injected into all pods' environment variable
|
|
## The environment variables injected by service links are not used, but can lead to slow boot times or slow running of the scripts when there are many services in the current namespace.
|
|
## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`.
|
|
##
|
|
enableServiceLinks: false
|
|
## @param usePasswordFiles Mount credentials as files instead of using environment variables
|
|
##
|
|
usePasswordFiles: true
|
|
## Enable diagnostic mode in the deployments/statefulsets
|
|
##
|
|
diagnosticMode:
|
|
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
|
|
##
|
|
enabled: false
|
|
## @param diagnosticMode.command Command to override all containers in the deployments/statefulsets
|
|
##
|
|
command:
|
|
- sleep
|
|
## @param diagnosticMode.args Args to override all containers in the deployments/statefulsets
|
|
##
|
|
args:
|
|
- infinity
|
|
## @section Common Milvus Parameters
|
|
##
|
|
milvus:
|
|
## Bitnami Milvus image
|
|
## ref: https://hub.docker.com/r/bitnami/milvus/tags/
|
|
## @param milvus.image.registry [default: REGISTRY_NAME] Milvus image registry
|
|
## @param milvus.image.repository [default: REPOSITORY_NAME/milvus] Milvus image repository
|
|
## @skip milvus.image.tag Milvus image tag (immutable tags are recommended)
|
|
## @param milvus.image.digest Milvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param milvus.image.pullPolicy Milvus image pull policy
|
|
## @param milvus.image.pullSecrets Milvus image pull secrets
|
|
## @param milvus.image.debug Enable debug mode
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/milvus
|
|
tag: 2.6.0-debian-12-r1
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Enable debug mode
|
|
##
|
|
debug: false
|
|
auth:
|
|
## @param milvus.auth.enabled enable Milvus authentication
|
|
##
|
|
enabled: false
|
|
## @param milvus.auth.username Milvus username
|
|
##
|
|
username: user
|
|
## @param milvus.auth.password Milvus username password
|
|
##
|
|
password: ""
|
|
## @param milvus.auth.rootPassword Milvus root password
|
|
##
|
|
rootPassword: ""
|
|
## @param milvus.auth.existingSecret Name of a secret containing the Milvus password
|
|
##
|
|
existingSecret: ""
|
|
## @param milvus.auth.existingSecretPasswordKey Name of the secret key containing the Milvus password
|
|
##
|
|
existingSecretPasswordKey: ""
|
|
## @param milvus.defaultConfig [string] Milvus components default configuration
|
|
##
|
|
defaultConfig: |
|
|
# etcd configuration
|
|
etcd:
|
|
endpoints:
|
|
{{- if .Values.etcd.enabled }}
|
|
{{- $replicas := $.Values.etcd.replicaCount | int }}
|
|
{{- range $i, $_e := until $replicas }}
|
|
- {{ printf "%s://%s-%d.%s:%v" (ternary "https" "http" $.Values.etcd.auth.client.secureTransport) (include "milvus.etcd.fullname" $ ) $i (include "milvus.etcd.headlessServiceName" $) ( include "milvus.etcd.port" $ ) }} {{- end }}
|
|
{{- else }}
|
|
{{- range $node := .Values.externalEtcd.servers }}
|
|
- {{ ternary "https" "http" $.Values.externalEtcd.tls.enabled }}://{{ printf "%s:%v" $node (include "milvus.etcd.port" $) }}
|
|
{{- end }}
|
|
ssl:
|
|
enabled: {{ .Values.externalEtcd.tls.enabled }}
|
|
tlsCert: /opt/bitnami/milvus/configs/cert/etcd/client/{{ .Values.externalEtcd.tls.cert }}
|
|
tlsKey: /opt/bitnami/milvus/configs/cert/etcd/client/{{ .Values.externalEtcd.tls.key }}
|
|
tlsCACert: /opt/bitnami/milvus/configs/cert/etcd/client/{{ .Values.externalEtcd.tls.caCert }}
|
|
{{- end }}
|
|
metastore:
|
|
type: etcd
|
|
|
|
# S3 configuration
|
|
minio:
|
|
address: {{ include "milvus.s3.host" . }}
|
|
port: {{ include "milvus.s3.port" . }}
|
|
accessKeyID: {{ print "{{ MILVUS_S3_ACCESS_ID }}" | quote }}
|
|
secretAccessKey: {{ print "{{ MILVUS_S3_SECRET_ACCESS_KEY }}" | quote }}
|
|
useSSL: {{ include "milvus.s3.useSSL" . }}
|
|
bucketName: {{ include "milvus.s3.bucket" . }}
|
|
rootPath: {{ include "milvus.s3.rootPath" . }}
|
|
useIAM: {{ include "milvus.s3.useIAM" . }}
|
|
{{- if not .Values.minio.enabled }}
|
|
cloudProvider: {{ .Values.externalS3.cloudProvider }}
|
|
iamEndpoint: {{ .Values.externalS3.iamEndpoint }}
|
|
{{- end }}
|
|
|
|
# Kafka configuration
|
|
kafka:
|
|
brokerList:
|
|
{{- if .Values.kafka.enabled }}
|
|
{{- $brokerReplicas := $.Values.kafka.broker.replicaCount | int }}
|
|
{{- $controllerReplicas := 0 }}
|
|
{{- if not .Values.kafka.controller.controllerOnly }}
|
|
{{- $controllerReplicas = $.Values.kafka.controller.replicaCount | int }}
|
|
{{- end }}
|
|
{{- range $i, $_e := until $brokerReplicas }}
|
|
- {{ printf "%s-broker-%d.%s:%v" (include "milvus.kafka.fullname" $ ) $i (include "milvus.kafka.broker.headlessServiceName" $) ( include "milvus.kafka.port" $ ) }}
|
|
{{- end }}
|
|
{{- range $i, $_e := until $controllerReplicas }}
|
|
- {{ printf "%s-controller-%d.%s:%v" (include "milvus.kafka.fullname" $ ) $i (include "milvus.kafka.controller.headlessServiceName" $) ( include "milvus.kafka.port" $ ) }}
|
|
{{- end }}
|
|
{{- else }}
|
|
{{- range $node := .Values.externalKafka.servers }}
|
|
- {{ printf "%s:%v" $node (include "milvus.kafka.port" $) }}
|
|
{{- end }}
|
|
{{- end }}
|
|
securityProtocol: {{ include "milvus.kafka.securityProtocol" . }}
|
|
{{- if include "milvus.kafka.authEnabled" . }}
|
|
saslMechanisms: {{ include "milvus.kafka.saslMechanisms" . }}
|
|
saslUsername: {{ include "milvus.kafka.user" . }}
|
|
saslPassword: {{ print "{{ MILVUS_KAFKA_PASSWORD }}" | quote }}
|
|
{{- end }}
|
|
|
|
# Data node
|
|
dataNode:
|
|
port: {{ .Values.dataNode.service.ports.grpc }}
|
|
|
|
# Streaming node
|
|
streamingNode:
|
|
port: {{ .Values.streamingNode.service.ports.grpc }}
|
|
|
|
# Query node
|
|
queryNode:
|
|
port: {{ .Values.queryNode.service.ports.grpc }}
|
|
|
|
proxy:
|
|
port: {{ .Values.proxy.service.ports.grpc }}
|
|
accessLog:
|
|
localPath: /dev
|
|
filename: stdout
|
|
http:
|
|
enabled: true
|
|
|
|
# Log configuration
|
|
log:
|
|
level: {{ ternary "debug" "info" .Values.milvus.image.debug }}
|
|
stdout: true
|
|
|
|
# Common configuration
|
|
common:
|
|
storageType: remote
|
|
security:
|
|
authorizationEnabled: {{ .Values.milvus.auth.enabled }}
|
|
{{- if .Values.milvus.auth.enabled }}
|
|
superUsers:
|
|
- {{ .Values.milvus.auth.username }}
|
|
{{- end }}
|
|
## @param milvus.extraConfig Extra configuration parameters
|
|
##
|
|
extraConfig: {}
|
|
## @param milvus.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param milvus.extraConfigExistingConfigMap name of a ConfigMap with existing configuration
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
initJob:
|
|
## @param initJob.forceRun Force the run of the credential job
|
|
##
|
|
forceRun: false
|
|
## Bitnami PyMilvus image
|
|
## ref: https://hub.docker.com/r/bitnami/jwt-cli/tags/
|
|
## @param initJob.image.registry [default: REGISTRY_NAME] PyMilvus image registry
|
|
## @param initJob.image.repository [default: REPOSITORY_NAME/pymilvus] PyMilvus image repository
|
|
## @skip initJob.image.tag PyMilvus image tag (immutable tags are recommended)
|
|
## @param initJob.image.digest PyMilvus image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)
|
|
## @param initJob.image.pullPolicy PyMilvus image pull policy
|
|
## @param initJob.image.pullSecrets PyMilvus image pull secrets
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/pymilvus
|
|
tag: 2.6.0-debian-12-r5
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: http://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## @param initJob.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @section TLS Client Configuration Parameters Connecting to Proxy
|
|
##
|
|
tls:
|
|
## @param initJob.tls.existingSecret Name of the existing secret containing the TLS certificates for initJob.
|
|
## if proxy.tls.mode equals to 1, existingSecret should contain a server cert
|
|
## if proxy.tls.mode equals to 2, existingSecret should contain a client cert, a client key and a CA cert
|
|
##
|
|
existingSecret: ""
|
|
## @param initJob.tls.cert The secret key from the existingSecret if 'cert' key different from the default (client.pem)
|
|
##
|
|
cert: client.pem
|
|
## @param initJob.tls.key The secret key from the existingSecret if 'key' key different from the default (client.key)
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted
|
|
##
|
|
key: client.key
|
|
## @param initJob.tls.caCert The secret key from the existingSecret if 'caCert' key different from the default (ca.pem)
|
|
##
|
|
caCert: ca.pem
|
|
## @param initJob.tls.keyPassword Password to access the password-protected PEM key if necessary.
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted, value here must be empty
|
|
##
|
|
keyPassword: ""
|
|
## @param initJob.backoffLimit set backoff limit of the job
|
|
##
|
|
backoffLimit: 10
|
|
## @param initJob.extraVolumes Optionally specify extra list of additional volumes for the credential init job
|
|
##
|
|
extraVolumes: []
|
|
## @param initJob.extraCommands Extra commands to pass to the generation job
|
|
##
|
|
extraCommands: ""
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param initJob.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param initJob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param initJob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param initJob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param initJob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param initJob.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param initJob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param initJob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param initJob.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param initJob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param initJob.podSecurityContext.enabled Enabled credential init job pods' Security Context
|
|
## @param initJob.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param initJob.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param initJob.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param initJob.podSecurityContext.fsGroup Set credential init job pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## @param initJob.extraEnvVars Array containing extra env vars to configure the credential init job
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
## @param initJob.extraEnvVarsCM ConfigMap containing extra env vars to configure the credential init job
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param initJob.extraEnvVarsSecret Secret containing extra env vars to configure the credential init job (in case of sensitive data)
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param initJob.extraVolumeMounts Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`.
|
|
##
|
|
extraVolumeMounts: []
|
|
## Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param initJob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if initJob.resources is set (initJob.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param initJob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure extra options for init job containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param initJob.livenessProbe.enabled Enable livenessProbe on init job
|
|
## @param initJob.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param initJob.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param initJob.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param initJob.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param initJob.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param initJob.readinessProbe.enabled Enable readinessProbe on init job
|
|
## @param initJob.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param initJob.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param initJob.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param initJob.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param initJob.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param initJob.startupProbe.enabled Enable startupProbe on init job
|
|
## @param initJob.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param initJob.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param initJob.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param initJob.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param initJob.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param initJob.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param initJob.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param initJob.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## @param initJob.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param initJob.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param initJob.annotations [object] Add annotations to the job
|
|
##
|
|
annotations:
|
|
helm.sh/hook: post-install
|
|
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
|
|
# This should be executed after the minio provisioning job
|
|
helm.sh/hook-weight: "10"
|
|
## @param initJob.podLabels Additional pod labels
|
|
## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param initJob.podAnnotations Additional pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param initJob.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param initJob.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param initJob.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param initJob.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param initJob.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param initJob.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Coordinator Deployment Parameters
|
|
##
|
|
coordinator:
|
|
## @param coordinator.enabled Enable Coordinator deployment
|
|
##
|
|
enabled: true
|
|
## @param coordinator.extraEnvVars Array with extra environment variables to add to coordinator nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param coordinator.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for coordinator nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param coordinator.extraEnvVarsSecret Name of existing Secret containing extra env vars for coordinator nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param coordinator.defaultConfig [string] Default override configuration from the common set in milvus.defaultConfig
|
|
##
|
|
defaultConfig: |
|
|
mixCoord:
|
|
enableActiveStandby: true
|
|
## @param coordinator.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param coordinator.extraConfig Override configuration
|
|
##
|
|
extraConfig: {}
|
|
## @param coordinator.extraConfigExistingConfigMap name of a ConfigMap with existing configuration
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
## @param coordinator.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param coordinator.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param coordinator.replicaCount Number of Coordinator replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param coordinator.containerPorts.metrics Metrics port for Coordinator
|
|
containerPorts:
|
|
metrics: 9091
|
|
## Configure extra options for Coordinator containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param coordinator.livenessProbe.enabled Enable livenessProbe on Coordinator nodes
|
|
## @param coordinator.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param coordinator.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param coordinator.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param coordinator.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param coordinator.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param coordinator.readinessProbe.enabled Enable readinessProbe on Coordinator nodes
|
|
## @param coordinator.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param coordinator.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param coordinator.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param coordinator.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param coordinator.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param coordinator.startupProbe.enabled Enable startupProbe on Coordinator containers
|
|
## @param coordinator.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param coordinator.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param coordinator.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param coordinator.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param coordinator.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param coordinator.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param coordinator.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param coordinator.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## coordinator resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param coordinator.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if coordinator.resources is set (coordinator.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param coordinator.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param coordinator.podSecurityContext.enabled Enabled Coordinator pods' Security Context
|
|
## @param coordinator.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param coordinator.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param coordinator.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param coordinator.podSecurityContext.fsGroup Set Coordinator pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param coordinator.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param coordinator.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param coordinator.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param coordinator.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param coordinator.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param coordinator.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param coordinator.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param coordinator.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param coordinator.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param coordinator.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param coordinator.lifecycleHooks for the coordinator container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param coordinator.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param coordinator.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param coordinator.hostAliases coordinator pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param coordinator.podLabels Extra labels for coordinator pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param coordinator.podAnnotations Annotations for coordinator pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param coordinator.podAffinityPreset Pod affinity preset. Ignored if `coordinator.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param coordinator.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `coordinator.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node coordinator.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param coordinator.nodeAffinityPreset.type Node affinity preset type. Ignored if `coordinator.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param coordinator.nodeAffinityPreset.key Node label key to match. Ignored if `coordinator.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param coordinator.nodeAffinityPreset.values Node label values to match. Ignored if `coordinator.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param coordinator.affinity Affinity for Coordinator pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `coordinator.podAffinityPreset`, `coordinator.podAntiAffinityPreset`, and `coordinator.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param coordinator.nodeSelector Node labels for Coordinator pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param coordinator.tolerations Tolerations for Coordinator pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param coordinator.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param coordinator.priorityClassName Coordinator pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param coordinator.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param coordinator.updateStrategy.type Coordinator statefulset strategy type
|
|
## @param coordinator.updateStrategy.rollingUpdate Coordinator statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param coordinator.extraVolumes Optionally specify extra list of additional volumes for the Coordinator pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param coordinator.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Coordinator container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param coordinator.sidecars Add additional sidecar containers to the Coordinator pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param coordinator.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param coordinator.initContainers Add additional init containers to the Coordinator pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Coordinator to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param coordinator.serviceAccount.create Enable creation of ServiceAccount for Coordinator pods
|
|
##
|
|
create: true
|
|
## @param coordinator.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param coordinator.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param coordinator.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param coordinator.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param coordinator.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param coordinator.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `coordinator.pdb.minAvailable` and `coordinator.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Coordinator Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param coordinator.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param coordinator.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param coordinator.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param coordinator.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param coordinator.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param coordinator.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param coordinator.autoscaling.hpa.enabled Enable HPA for Milvus Coordinator
|
|
##
|
|
enabled: false
|
|
## @param coordinator.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param coordinator.autoscaling.hpa.minReplicas Minimum number of Milvus Coordinator replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param coordinator.autoscaling.hpa.maxReplicas Maximum number of Milvus Coordinator replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param coordinator.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param coordinator.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Coordinator Traffic Exposure Parameters
|
|
##
|
|
|
|
## coordinator service parameters
|
|
##
|
|
service:
|
|
## @param coordinator.service.type Coordinator service type
|
|
##
|
|
type: ClusterIP
|
|
## @param coordinator.service.ports.metrics Coordinator Metrics service port
|
|
##
|
|
ports:
|
|
metrics: 9091
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param coordinator.service.nodePorts.metrics Node port for Metrics
|
|
##
|
|
nodePorts:
|
|
metrics: ""
|
|
## @param coordinator.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param coordinator.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param coordinator.service.clusterIP Coordinator service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param coordinator.service.loadBalancerIP Coordinator service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param coordinator.service.loadBalancerSourceRanges Coordinator service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param coordinator.service.externalTrafficPolicy Coordinator service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param coordinator.service.annotations Additional custom annotations for Coordinator service
|
|
##
|
|
annotations: {}
|
|
## @param coordinator.service.extraPorts Extra ports to expose in the Coordinator service
|
|
##
|
|
extraPorts: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param coordinator.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param coordinator.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param coordinator.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param coordinator.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param coordinator.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param coordinator.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param coordinator.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Coordinator Metrics Parameters
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param coordinator.metrics.enabled Enable metrics
|
|
##
|
|
enabled: false
|
|
## @param coordinator.metrics.annotations [object] Annotations for the server service in order to scrape metrics
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.coordinator.service.ports.metrics }}"
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param coordinator.metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param coordinator.metrics.serviceMonitor.annotations Annotations for the ServiceMonitor Resource
|
|
##
|
|
annotations: ""
|
|
## @param coordinator.metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param coordinator.metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
interval: ""
|
|
## @param coordinator.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param coordinator.metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
|
|
##
|
|
labels: {}
|
|
## @param coordinator.metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param coordinator.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
##
|
|
relabelings: []
|
|
## @param coordinator.metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
##
|
|
metricRelabelings: []
|
|
## @param coordinator.metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param coordinator.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @section Data Node Deployment Parameters
|
|
##
|
|
dataNode:
|
|
## @param dataNode.enabled Enable Data Node deployment
|
|
##
|
|
enabled: true
|
|
## @param dataNode.extraEnvVars Array with extra environment variables to add to data node nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param dataNode.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param dataNode.extraEnvVarsSecret Name of existing Secret containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param dataNode.defaultConfig [string] Default override configuration from the common set in milvus.defaultConfig
|
|
##
|
|
defaultConfig: |
|
|
# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)
|
|
dataNode:
|
|
port: {{ .Values.dataNode.containerPorts.grpc }}
|
|
enableDisk: true
|
|
## @param dataNode.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param dataNode.extraConfig Override configuration
|
|
##
|
|
extraConfig: {}
|
|
## @param dataNode.extraConfigExistingConfigMap name of a ConfigMap with existing configuration
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
## @param dataNode.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param dataNode.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param dataNode.replicaCount Number of Data Node replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param dataNode.containerPorts.grpc GRPC port for Data Node
|
|
## @param dataNode.containerPorts.metrics Metrics port for Data Node
|
|
containerPorts:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Configure extra options for Data Node containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param dataNode.livenessProbe.enabled Enable livenessProbe on Data Node nodes
|
|
## @param dataNode.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param dataNode.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param dataNode.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param dataNode.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param dataNode.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param dataNode.readinessProbe.enabled Enable readinessProbe on Data Node nodes
|
|
## @param dataNode.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param dataNode.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param dataNode.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param dataNode.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param dataNode.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param dataNode.startupProbe.enabled Enable startupProbe on Data Node containers
|
|
## @param dataNode.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param dataNode.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param dataNode.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param dataNode.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param dataNode.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param dataNode.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param dataNode.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param dataNode.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## data node resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param dataNode.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dataNode.resources is set (dataNode.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param dataNode.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param dataNode.podSecurityContext.enabled Enabled Data Node pods' Security Context
|
|
## @param dataNode.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param dataNode.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param dataNode.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param dataNode.podSecurityContext.fsGroup Set Data Node pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param dataNode.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param dataNode.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param dataNode.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param dataNode.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param dataNode.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param dataNode.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param dataNode.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param dataNode.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param dataNode.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param dataNode.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param dataNode.lifecycleHooks for the data node container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param dataNode.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param dataNode.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param dataNode.hostAliases data node pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param dataNode.podLabels Extra labels for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param dataNode.podAnnotations Annotations for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param dataNode.podAffinityPreset Pod affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param dataNode.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node data node.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param dataNode.nodeAffinityPreset.type Node affinity preset type. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param dataNode.nodeAffinityPreset.key Node label key to match. Ignored if `data node.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param dataNode.nodeAffinityPreset.values Node label values to match. Ignored if `data node.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param dataNode.affinity Affinity for Data Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `dataNode.podAffinityPreset`, `dataNode.podAntiAffinityPreset`, and `dataNode.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param dataNode.nodeSelector Node labels for Data Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param dataNode.tolerations Tolerations for Data Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param dataNode.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param dataNode.priorityClassName Data Node pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param dataNode.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param dataNode.updateStrategy.type Data Node statefulset strategy type
|
|
## @param dataNode.updateStrategy.rollingUpdate Data Node statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param dataNode.extraVolumes Optionally specify extra list of additional volumes for the Data Node pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param dataNode.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Data Node container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param dataNode.sidecars Add additional sidecar containers to the Data Node pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param dataNode.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param dataNode.initContainers Add additional init containers to the Data Node pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Data Node to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param dataNode.serviceAccount.create Enable creation of ServiceAccount for Data Node pods
|
|
##
|
|
create: true
|
|
## @param dataNode.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param dataNode.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param dataNode.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param dataNode.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param dataNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param dataNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `dataNode.pdb.minAvailable` and `dataNode.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Data Node Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param dataNode.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param dataNode.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param dataNode.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param dataNode.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param dataNode.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param dataNode.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param dataNode.autoscaling.hpa.enabled Enable HPA for Milvus Data node
|
|
##
|
|
enabled: false
|
|
## @param dataNode.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param dataNode.autoscaling.hpa.minReplicas Minimum number of Milvus Data node replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param dataNode.autoscaling.hpa.maxReplicas Maximum number of Milvus Data node replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param dataNode.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param dataNode.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Data Node Traffic Exposure Parameters
|
|
##
|
|
|
|
## data node service parameters
|
|
##
|
|
service:
|
|
## @param dataNode.service.type Data Node service type
|
|
##
|
|
type: ClusterIP
|
|
## @param dataNode.service.ports.grpc Data Node GRPC service port
|
|
## @param dataNode.service.ports.metrics Data Node Metrics service port
|
|
##
|
|
ports:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param dataNode.service.nodePorts.grpc Node port for GRPC
|
|
## @param dataNode.service.nodePorts.metrics Node port for Metrics
|
|
##
|
|
nodePorts:
|
|
grpc: ""
|
|
metrics: ""
|
|
## @param dataNode.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param dataNode.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param dataNode.service.clusterIP Data Node service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param dataNode.service.loadBalancerIP Data Node service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param dataNode.service.loadBalancerSourceRanges Data Node service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param dataNode.service.externalTrafficPolicy Data Node service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param dataNode.service.annotations Additional custom annotations for Data Node service
|
|
##
|
|
annotations: {}
|
|
## @param dataNode.service.extraPorts Extra ports to expose in the Data Node service
|
|
##
|
|
extraPorts: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param dataNode.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param dataNode.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param dataNode.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param dataNode.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param dataNode.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param dataNode.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param dataNode.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Data Node Metrics Parameters
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param dataNode.metrics.enabled Enable metrics
|
|
##
|
|
enabled: false
|
|
## @param dataNode.metrics.annotations [object] Annotations for the server service in order to scrape metrics
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.dataNode.service.ports.metrics }}"
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param dataNode.metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param dataNode.metrics.serviceMonitor.annotations Annotations for the ServiceMonitor Resource
|
|
##
|
|
annotations: ""
|
|
## @param dataNode.metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param dataNode.metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
interval: ""
|
|
## @param dataNode.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param dataNode.metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
|
|
##
|
|
labels: {}
|
|
## @param dataNode.metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param dataNode.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
##
|
|
relabelings: []
|
|
## @param dataNode.metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
##
|
|
metricRelabelings: []
|
|
## @param dataNode.metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param dataNode.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @section Query Node Deployment Parameters
|
|
##
|
|
queryNode:
|
|
## @param queryNode.enabled Enable Query Node deployment
|
|
##
|
|
enabled: true
|
|
## @param queryNode.extraEnvVars Array with extra environment variables to add to data node nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param queryNode.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param queryNode.extraEnvVarsSecret Name of existing Secret containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param queryNode.defaultConfig [string] Default override configuration from the common set in milvus.defaultConfig
|
|
##
|
|
defaultConfig: |
|
|
# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)
|
|
queryNode:
|
|
port: {{ .Values.queryNode.containerPorts.grpc }}
|
|
enableDisk: true
|
|
## @param queryNode.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param queryNode.extraConfig Override configuration
|
|
##
|
|
extraConfig: {}
|
|
## @param queryNode.extraConfigExistingConfigMap name of a ConfigMap with existing configuration
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
## @param queryNode.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param queryNode.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param queryNode.replicaCount Number of Query Node replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param queryNode.containerPorts.grpc GRPC port for Query Node
|
|
## @param queryNode.containerPorts.metrics Metrics port for Query Node
|
|
containerPorts:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Configure extra options for Query Node containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param queryNode.livenessProbe.enabled Enable livenessProbe on Query Node nodes
|
|
## @param queryNode.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param queryNode.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param queryNode.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param queryNode.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param queryNode.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param queryNode.readinessProbe.enabled Enable readinessProbe on Query Node nodes
|
|
## @param queryNode.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param queryNode.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param queryNode.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param queryNode.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param queryNode.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param queryNode.startupProbe.enabled Enable startupProbe on Query Node containers
|
|
## @param queryNode.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param queryNode.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param queryNode.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param queryNode.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param queryNode.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param queryNode.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param queryNode.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param queryNode.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## data node resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param queryNode.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if queryNode.resources is set (queryNode.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param queryNode.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param queryNode.podSecurityContext.enabled Enabled Query Node pods' Security Context
|
|
## @param queryNode.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param queryNode.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param queryNode.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param queryNode.podSecurityContext.fsGroup Set Query Node pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param queryNode.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param queryNode.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param queryNode.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param queryNode.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param queryNode.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param queryNode.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param queryNode.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param queryNode.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param queryNode.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param queryNode.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param queryNode.lifecycleHooks for the data node container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param queryNode.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param queryNode.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param queryNode.hostAliases data node pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param queryNode.podLabels Extra labels for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param queryNode.podAnnotations Annotations for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param queryNode.podAffinityPreset Pod affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param queryNode.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node data node.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param queryNode.nodeAffinityPreset.type Node affinity preset type. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param queryNode.nodeAffinityPreset.key Node label key to match. Ignored if `data node.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param queryNode.nodeAffinityPreset.values Node label values to match. Ignored if `data node.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param queryNode.affinity Affinity for Query Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `queryNode.podAffinityPreset`, `queryNode.podAntiAffinityPreset`, and `queryNode.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param queryNode.nodeSelector Node labels for Query Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param queryNode.tolerations Tolerations for Query Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param queryNode.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param queryNode.priorityClassName Query Node pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param queryNode.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param queryNode.updateStrategy.type Query Node statefulset strategy type
|
|
## @param queryNode.updateStrategy.rollingUpdate Query Node statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param queryNode.extraVolumes Optionally specify extra list of additional volumes for the Query Node pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param queryNode.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Query Node container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param queryNode.sidecars Add additional sidecar containers to the Query Node pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param queryNode.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param queryNode.initContainers Add additional init containers to the Query Node pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Query Node to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param queryNode.serviceAccount.create Enable creation of ServiceAccount for Query Node pods
|
|
##
|
|
create: true
|
|
## @param queryNode.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param queryNode.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param queryNode.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param queryNode.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param queryNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param queryNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `queryNode.pdb.minAvailable` and `queryNode.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Query Node Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param queryNode.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param queryNode.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param queryNode.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param queryNode.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param queryNode.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param queryNode.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param queryNode.autoscaling.hpa.enabled Enable HPA for Milvus Query node
|
|
##
|
|
enabled: false
|
|
## @param queryNode.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param queryNode.autoscaling.hpa.minReplicas Minimum number of Milvus Query node replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param queryNode.autoscaling.hpa.maxReplicas Maximum number of Milvus Query node replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param queryNode.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param queryNode.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Query Node Traffic Exposure Parameters
|
|
##
|
|
|
|
## data node service parameters
|
|
##
|
|
service:
|
|
## @param queryNode.service.type Query Node service type
|
|
##
|
|
type: ClusterIP
|
|
## @param queryNode.service.ports.grpc Query Node GRPC service port
|
|
## @param queryNode.service.ports.metrics Query Node Metrics service port
|
|
##
|
|
ports:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param queryNode.service.nodePorts.grpc Node port for GRPC
|
|
## @param queryNode.service.nodePorts.metrics Node port for Metrics
|
|
##
|
|
nodePorts:
|
|
grpc: ""
|
|
metrics: ""
|
|
## @param queryNode.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param queryNode.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param queryNode.service.clusterIP Query Node service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param queryNode.service.loadBalancerIP Query Node service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param queryNode.service.loadBalancerSourceRanges Query Node service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param queryNode.service.externalTrafficPolicy Query Node service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param queryNode.service.annotations Additional custom annotations for Query Node service
|
|
##
|
|
annotations: {}
|
|
## @param queryNode.service.extraPorts Extra ports to expose in the Query Node service
|
|
##
|
|
extraPorts: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param queryNode.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param queryNode.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param queryNode.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param queryNode.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param queryNode.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param queryNode.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param queryNode.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Query Node Metrics Parameters
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param queryNode.metrics.enabled Enable metrics
|
|
##
|
|
enabled: false
|
|
## @param queryNode.metrics.annotations [object] Annotations for the server service in order to scrape metrics
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.queryNode.service.ports.metrics }}"
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param queryNode.metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param queryNode.metrics.serviceMonitor.annotations Annotations for the ServiceMonitor Resource
|
|
##
|
|
annotations: ""
|
|
## @param queryNode.metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param queryNode.metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
interval: ""
|
|
## @param queryNode.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param queryNode.metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
|
|
##
|
|
labels: {}
|
|
## @param queryNode.metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param queryNode.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
##
|
|
relabelings: []
|
|
## @param queryNode.metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
##
|
|
metricRelabelings: []
|
|
## @param queryNode.metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param queryNode.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @section Streaming Node Deployment Parameters
|
|
##
|
|
streamingNode:
|
|
## @param streamingNode.enabled Enable Streaming Node deployment
|
|
##
|
|
enabled: true
|
|
## @param streamingNode.extraEnvVars Array with extra environment variables to add to data node nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param streamingNode.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param streamingNode.extraEnvVarsSecret Name of existing Secret containing extra env vars for data node nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param streamingNode.defaultConfig [string] Default override configuration from the common set in milvus.defaultConfig
|
|
##
|
|
defaultConfig: |
|
|
# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)
|
|
streamingNode:
|
|
port: {{ .Values.streamingNode.containerPorts.grpc }}
|
|
## @param streamingNode.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param streamingNode.extraConfig Override configuration
|
|
##
|
|
extraConfig: {}
|
|
## @param streamingNode.extraConfigExistingConfigMap name of a ConfigMap with existing configuration
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
## @param streamingNode.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param streamingNode.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param streamingNode.replicaCount Number of Streaming Node replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param streamingNode.containerPorts.grpc GRPC port for Streaming Node
|
|
## @param streamingNode.containerPorts.metrics Metrics port for Streaming Node
|
|
containerPorts:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Configure extra options for Streaming Node containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param streamingNode.livenessProbe.enabled Enable livenessProbe on Streaming Node nodes
|
|
## @param streamingNode.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param streamingNode.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param streamingNode.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param streamingNode.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param streamingNode.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param streamingNode.readinessProbe.enabled Enable readinessProbe on Streaming Node nodes
|
|
## @param streamingNode.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param streamingNode.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param streamingNode.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param streamingNode.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param streamingNode.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param streamingNode.startupProbe.enabled Enable startupProbe on Streaming Node containers
|
|
## @param streamingNode.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param streamingNode.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param streamingNode.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param streamingNode.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param streamingNode.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param streamingNode.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param streamingNode.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param streamingNode.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## data node resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param streamingNode.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if streamingNode.resources is set (streamingNode.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param streamingNode.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param streamingNode.podSecurityContext.enabled Enabled Streaming Node pods' Security Context
|
|
## @param streamingNode.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param streamingNode.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param streamingNode.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param streamingNode.podSecurityContext.fsGroup Set Streaming Node pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param streamingNode.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param streamingNode.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param streamingNode.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param streamingNode.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param streamingNode.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param streamingNode.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param streamingNode.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param streamingNode.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param streamingNode.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param streamingNode.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param streamingNode.lifecycleHooks for the data node container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param streamingNode.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param streamingNode.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param streamingNode.hostAliases data node pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param streamingNode.podLabels Extra labels for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param streamingNode.podAnnotations Annotations for data node pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param streamingNode.podAffinityPreset Pod affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param streamingNode.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node data node.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param streamingNode.nodeAffinityPreset.type Node affinity preset type. Ignored if `data node.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param streamingNode.nodeAffinityPreset.key Node label key to match. Ignored if `data node.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param streamingNode.nodeAffinityPreset.values Node label values to match. Ignored if `data node.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param streamingNode.affinity Affinity for Streaming Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `streamingNode.podAffinityPreset`, `streamingNode.podAntiAffinityPreset`, and `streamingNode.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param streamingNode.nodeSelector Node labels for Streaming Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param streamingNode.tolerations Tolerations for Streaming Node pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param streamingNode.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param streamingNode.priorityClassName Streaming Node pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param streamingNode.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param streamingNode.updateStrategy.type Streaming Node statefulset strategy type
|
|
## @param streamingNode.updateStrategy.rollingUpdate Streaming Node statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param streamingNode.extraVolumes Optionally specify extra list of additional volumes for the Streaming Node pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param streamingNode.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Streaming Node container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param streamingNode.sidecars Add additional sidecar containers to the Streaming Node pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param streamingNode.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param streamingNode.initContainers Add additional init containers to the Streaming Node pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Streaming Node to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param streamingNode.serviceAccount.create Enable creation of ServiceAccount for Streaming Node pods
|
|
##
|
|
create: true
|
|
## @param streamingNode.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param streamingNode.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param streamingNode.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param streamingNode.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param streamingNode.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param streamingNode.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `streamingNode.pdb.minAvailable` and `streamingNode.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Streaming Node Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param streamingNode.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param streamingNode.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param streamingNode.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param streamingNode.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param streamingNode.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param streamingNode.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param streamingNode.autoscaling.hpa.enabled Enable HPA for Milvus Streaming node
|
|
##
|
|
enabled: false
|
|
## @param streamingNode.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param streamingNode.autoscaling.hpa.minReplicas Minimum number of Milvus Streaming node replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param streamingNode.autoscaling.hpa.maxReplicas Maximum number of Milvus Streaming node replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param streamingNode.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param streamingNode.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Streaming Node Traffic Exposure Parameters
|
|
##
|
|
|
|
## data node service parameters
|
|
##
|
|
service:
|
|
## @param streamingNode.service.type Streaming Node service type
|
|
##
|
|
type: ClusterIP
|
|
## @param streamingNode.service.ports.grpc Streaming Node GRPC service port
|
|
## @param streamingNode.service.ports.metrics Streaming Node Metrics service port
|
|
##
|
|
ports:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param streamingNode.service.nodePorts.grpc Node port for GRPC
|
|
## @param streamingNode.service.nodePorts.metrics Node port for Metrics
|
|
##
|
|
nodePorts:
|
|
grpc: ""
|
|
metrics: ""
|
|
## @param streamingNode.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param streamingNode.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param streamingNode.service.clusterIP Streaming Node service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param streamingNode.service.loadBalancerIP Streaming Node service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param streamingNode.service.loadBalancerSourceRanges Streaming Node service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param streamingNode.service.externalTrafficPolicy Streaming Node service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param streamingNode.service.annotations Additional custom annotations for Streaming Node service
|
|
##
|
|
annotations: {}
|
|
## @param streamingNode.service.extraPorts Extra ports to expose in the Streaming Node service
|
|
##
|
|
extraPorts: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param streamingNode.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param streamingNode.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param streamingNode.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param streamingNode.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param streamingNode.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param streamingNode.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param streamingNode.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Streaming Node Metrics Parameters
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param streamingNode.metrics.enabled Enable metrics
|
|
##
|
|
enabled: false
|
|
## @param streamingNode.metrics.annotations [object] Annotations for the server service in order to scrape metrics
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.streamingNode.service.ports.metrics }}"
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param streamingNode.metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param streamingNode.metrics.serviceMonitor.annotations Annotations for the ServiceMonitor Resource
|
|
##
|
|
annotations: ""
|
|
## @param streamingNode.metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param streamingNode.metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
interval: ""
|
|
## @param streamingNode.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param streamingNode.metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
|
|
##
|
|
labels: {}
|
|
## @param streamingNode.metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param streamingNode.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
##
|
|
relabelings: []
|
|
## @param streamingNode.metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
##
|
|
metricRelabelings: []
|
|
## @param streamingNode.metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param streamingNode.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @section Proxy Deployment Parameters
|
|
##
|
|
proxy:
|
|
## @param proxy.enabled Enable Proxy deployment
|
|
##
|
|
enabled: true
|
|
## @section Proxy TLS Connection Configuration Parameters
|
|
##
|
|
tls:
|
|
## @param proxy.tls.mode TLS mode for proxy. Allowed values: `0`, `1`, `2`
|
|
## 0 for close, 1 for one-way authentication, 2 for two-way authentication.
|
|
##
|
|
mode: 0
|
|
## @param proxy.tls.existingSecret Name of the existing secret containing the TLS certificates for proxy.
|
|
## if mode equals to 1, existingSecret should contain a server cert and a server key
|
|
## if mode equals to 2, existingSecret should contain a server cert, a server key and a CA cert
|
|
##
|
|
existingSecret: ""
|
|
## @param proxy.tls.cert The secret key from the existingSecret if 'cert' key different from the default (server.pem)
|
|
##
|
|
cert: server.pem
|
|
## @param proxy.tls.key The secret key from the existingSecret if 'key' key different from the default (server.key)
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted
|
|
##
|
|
key: server.key
|
|
## @param proxy.tls.caCert The secret key from the existingSecret if 'caCert' key different from the default (ca.pem)
|
|
##
|
|
caCert: ca.pem
|
|
## @param proxy.tls.keyPassword Password to access the password-protected PEM key if necessary.
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted, value here must be empty
|
|
##
|
|
keyPassword: ""
|
|
## @param proxy.extraEnvVars Array with extra environment variables to add to proxy nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param proxy.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for proxy nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param proxy.extraEnvVarsSecret Name of existing Secret containing extra env vars for proxy nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param proxy.defaultConfig [string] Default override configuration from the common set in milvus.defaultConfig
|
|
##
|
|
defaultConfig: |
|
|
# Override the port for internal binding (the external components will use the service port defined in milvus.defaultConfig)
|
|
proxy:
|
|
port: {{ .Values.proxy.containerPorts.grpc }}
|
|
internalPort: {{ .Values.proxy.containerPorts.grpcInternal }}
|
|
## @param proxy.existingConfigMap name of a ConfigMap with existing configuration for the default configuration
|
|
##
|
|
existingConfigMap: ""
|
|
## @param proxy.extraConfig Override configuration
|
|
##
|
|
extraConfig: {}
|
|
## @param proxy.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the proxy nodes
|
|
##
|
|
extraConfigExistingConfigMap: ""
|
|
## @param proxy.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param proxy.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param proxy.replicaCount Number of Proxy replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param proxy.containerPorts.grpc GRPC port for Proxy
|
|
## @param proxy.containerPorts.grpcInternal GRPC internal port for Proxy
|
|
## @param proxy.containerPorts.metrics Metrics port for Proxy
|
|
containerPorts:
|
|
grpc: 19530
|
|
grpcInternal: 19529
|
|
metrics: 9091
|
|
## Configure extra options for Proxy containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param proxy.livenessProbe.enabled Enable livenessProbe on Proxy nodes
|
|
## @param proxy.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param proxy.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param proxy.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param proxy.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param proxy.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param proxy.readinessProbe.enabled Enable readinessProbe on Proxy nodes
|
|
## @param proxy.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param proxy.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param proxy.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param proxy.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param proxy.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param proxy.startupProbe.enabled Enable startupProbe on Proxy containers
|
|
## @param proxy.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param proxy.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param proxy.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param proxy.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param proxy.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param proxy.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param proxy.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param proxy.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## proxy resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param proxy.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if proxy.resources is set (proxy.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param proxy.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param proxy.podSecurityContext.enabled Enabled Proxy pods' Security Context
|
|
## @param proxy.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param proxy.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param proxy.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param proxy.podSecurityContext.fsGroup Set Proxy pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param proxy.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param proxy.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param proxy.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param proxy.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param proxy.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param proxy.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param proxy.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param proxy.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param proxy.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param proxy.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param proxy.lifecycleHooks for the proxy container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param proxy.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param proxy.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param proxy.hostAliases proxy pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param proxy.podLabels Extra labels for proxy pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param proxy.podAnnotations Annotations for proxy pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param proxy.podAffinityPreset Pod affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param proxy.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node proxy.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param proxy.nodeAffinityPreset.type Node affinity preset type. Ignored if `proxy.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param proxy.nodeAffinityPreset.key Node label key to match. Ignored if `proxy.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param proxy.nodeAffinityPreset.values Node label values to match. Ignored if `proxy.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param proxy.affinity Affinity for Proxy pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `proxy.podAffinityPreset`, `proxy.podAntiAffinityPreset`, and `proxy.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param proxy.nodeSelector Node labels for Proxy pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param proxy.tolerations Tolerations for Proxy pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param proxy.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param proxy.priorityClassName Proxy pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param proxy.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param proxy.updateStrategy.type Proxy statefulset strategy type
|
|
## @param proxy.updateStrategy.rollingUpdate Proxy statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param proxy.extraVolumes Optionally specify extra list of additional volumes for the Proxy pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param proxy.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Proxy container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param proxy.sidecars Add additional sidecar containers to the Proxy pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param proxy.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param proxy.initContainers Add additional init containers to the Proxy pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Proxy to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param proxy.serviceAccount.create Enable creation of ServiceAccount for Proxy pods
|
|
##
|
|
create: true
|
|
## @param proxy.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param proxy.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param proxy.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param proxy.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param proxy.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param proxy.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `proxy.pdb.minAvailable` and `proxy.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Proxy Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param proxy.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param proxy.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param proxy.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param proxy.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param proxy.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param proxy.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param proxy.autoscaling.hpa.enabled Enable HPA for Milvus proxy
|
|
##
|
|
enabled: false
|
|
## @param proxy.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param proxy.autoscaling.hpa.minReplicas Minimum number of Milvus proxy replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param proxy.autoscaling.hpa.maxReplicas Maximum number of Milvus proxy replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param proxy.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param proxy.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Proxy Traffic Exposure Parameters
|
|
##
|
|
|
|
## proxy service parameters
|
|
##
|
|
service:
|
|
## @param proxy.service.type Proxy service type
|
|
##
|
|
type: LoadBalancer
|
|
## @param proxy.service.ports.grpc Proxy GRPC service port
|
|
## @param proxy.service.ports.metrics Proxy Metrics service port
|
|
##
|
|
ports:
|
|
grpc: 19530
|
|
metrics: 9091
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param proxy.service.nodePorts.grpc Node port for GRPC
|
|
## @param proxy.service.nodePorts.metrics Node port for Metrics
|
|
##
|
|
nodePorts:
|
|
grpc: ""
|
|
metrics: ""
|
|
## @param proxy.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param proxy.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param proxy.service.clusterIP Proxy service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param proxy.service.loadBalancerIP Proxy service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param proxy.service.loadBalancerSourceRanges Proxy service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param proxy.service.externalTrafficPolicy Proxy service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param proxy.service.annotations Additional custom annotations for Proxy service
|
|
##
|
|
annotations: {}
|
|
## @param proxy.service.extraPorts Extra ports to expose in the Proxy service
|
|
##
|
|
extraPorts: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param proxy.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param proxy.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param proxy.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param proxy.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param proxy.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param proxy.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param proxy.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Proxy Metrics Parameters
|
|
## Prometheus Exporter / Metrics
|
|
##
|
|
metrics:
|
|
## @param proxy.metrics.enabled Enable metrics
|
|
##
|
|
enabled: false
|
|
## @param proxy.metrics.annotations [object] Annotations for the server service in order to scrape metrics
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.proxy.service.ports.metrics }}"
|
|
## Prometheus Operator ServiceMonitor configuration
|
|
##
|
|
serviceMonitor:
|
|
## @param proxy.metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param proxy.metrics.serviceMonitor.annotations Annotations for the ServiceMonitor Resource
|
|
##
|
|
annotations: ""
|
|
## @param proxy.metrics.serviceMonitor.namespace Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)
|
|
##
|
|
namespace: ""
|
|
## @param proxy.metrics.serviceMonitor.interval Interval at which metrics should be scraped.
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
interval: ""
|
|
## @param proxy.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param proxy.metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus
|
|
##
|
|
labels: {}
|
|
## @param proxy.metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param proxy.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
|
|
##
|
|
relabelings: []
|
|
## @param proxy.metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
|
|
##
|
|
metricRelabelings: []
|
|
## @param proxy.metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param proxy.metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## @section Attu Deployment Parameters
|
|
##
|
|
attu:
|
|
## @param attu.enabled Enable Attu deployment
|
|
##
|
|
enabled: true
|
|
## Bitnami Attu image
|
|
## ref: https://hub.docker.com/r/bitnami/attu/tags/
|
|
## @param attu.image.registry [default: REGISTRY_NAME] Attu image registry
|
|
## @param attu.image.repository [default: REPOSITORY_NAME/attu] Attu image repository
|
|
## @skip attu.image.tag Attu image tag (immutable tags are recommended)
|
|
## @param attu.image.digest Attu image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param attu.image.pullPolicy Attu image pull policy
|
|
## @param attu.image.pullSecrets Attu image pull secrets
|
|
## @param attu.image.debug Enable debug mode
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/attu
|
|
tag: 2.5.12-debian-12-r0
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Enable debug mode
|
|
##
|
|
debug: false
|
|
## @param attu.extraEnvVars Array with extra environment variables to add to attu nodes
|
|
## e.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: "bar"
|
|
##
|
|
extraEnvVars: []
|
|
## @param attu.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for attu nodes
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param attu.extraEnvVarsSecret Name of existing Secret containing extra env vars for attu nodes
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param attu.command Override default container command (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param attu.args Override default container args (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param attu.replicaCount Number of Attu replicas to deploy
|
|
##
|
|
replicaCount: 1
|
|
## @param attu.containerPorts.http HTTP port for Attu
|
|
containerPorts:
|
|
http: 3000
|
|
## Configure extra options for Attu containers' liveness, readiness and startup probes
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes
|
|
## @param attu.livenessProbe.enabled Enable livenessProbe on Attu nodes
|
|
## @param attu.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param attu.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param attu.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param attu.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param attu.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param attu.readinessProbe.enabled Enable readinessProbe on Attu nodes
|
|
## @param attu.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param attu.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param attu.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param attu.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param attu.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param attu.startupProbe.enabled Enable startupProbe on Attu containers
|
|
## @param attu.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param attu.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param attu.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param attu.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param attu.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 5
|
|
successThreshold: 1
|
|
## @param attu.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param attu.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param attu.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## attu resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param attu.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if attu.resources is set (attu.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param attu.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param attu.podSecurityContext.enabled Enabled Attu pods' Security Context
|
|
## @param attu.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param attu.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param attu.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param attu.podSecurityContext.fsGroup Set Attu pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param attu.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param attu.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param attu.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param attu.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param attu.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param attu.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param attu.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param attu.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param attu.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param attu.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## @param attu.lifecycleHooks for the attu container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param attu.runtimeClassName Name of the runtime class to be used by pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## @param attu.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param attu.hostAliases attu pods host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param attu.podLabels Extra labels for attu pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param attu.podAnnotations Annotations for attu pods
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param attu.podAffinityPreset Pod affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param attu.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node attu.affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param attu.nodeAffinityPreset.type Node affinity preset type. Ignored if `attu.affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param attu.nodeAffinityPreset.key Node label key to match. Ignored if `attu.affinity` is set
|
|
##
|
|
key: ""
|
|
## @param attu.nodeAffinityPreset.values Node label values to match. Ignored if `attu.affinity` is set
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param attu.affinity Affinity for Attu pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## NOTE: `attu.podAffinityPreset`, `attu.podAntiAffinityPreset`, and `attu.nodeAffinityPreset` will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param attu.nodeSelector Node labels for Attu pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param attu.tolerations Tolerations for Attu pods assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param attu.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains
|
|
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param attu.priorityClassName Attu pods' priorityClassName
|
|
##
|
|
priorityClassName: ""
|
|
## @param attu.schedulerName Kubernetes pod scheduler registry
|
|
## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param attu.updateStrategy.type Attu statefulset strategy type
|
|
## @param attu.updateStrategy.rollingUpdate Attu statefulset rolling update configuration parameters
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
rollingUpdate: {}
|
|
## @param attu.extraVolumes Optionally specify extra list of additional volumes for the Attu pod(s)
|
|
##
|
|
extraVolumes: []
|
|
## @param attu.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Attu container(s)
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param attu.sidecars Add additional sidecar containers to the Attu pod(s)
|
|
## e.g:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param attu.enableDefaultInitContainers Deploy default init containers
|
|
##
|
|
enableDefaultInitContainers: true
|
|
## @param attu.initContainers Add additional init containers to the Attu pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
|
## e.g:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## command: ['sh', '-c', 'echo "hello world"']
|
|
##
|
|
initContainers: []
|
|
## Service account for Attu to use
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param attu.serviceAccount.create Enable creation of ServiceAccount for Attu pods
|
|
##
|
|
create: true
|
|
## @param attu.serviceAccount.name The name of the ServiceAccount to use
|
|
## If not set and create is true, a name is generated using the common.names.fullname template
|
|
##
|
|
name: ""
|
|
## @param attu.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param attu.serviceAccount.annotations Additional custom annotations for the ServiceAccount
|
|
##
|
|
annotations: {}
|
|
## Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb
|
|
## @param attu.pdb.create Enable/disable a Pod Disruption Budget creation
|
|
## @param attu.pdb.minAvailable [object] Minimum number/percentage of pods that should remain scheduled
|
|
## @param attu.pdb.maxUnavailable [object] Maximum number/percentage of pods that may be made unavailable. Defaults to `1` if both `attu.pdb.minAvailable` and `attu.pdb.maxUnavailable` are empty.
|
|
##
|
|
pdb:
|
|
create: true
|
|
minAvailable: ""
|
|
maxUnavailable: ""
|
|
## @section Attu Autoscaling configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
|
##
|
|
autoscaling:
|
|
vpa:
|
|
## @param attu.autoscaling.vpa.enabled Enable VPA
|
|
##
|
|
enabled: false
|
|
## @param attu.autoscaling.vpa.annotations Annotations for VPA resource
|
|
##
|
|
annotations: {}
|
|
## @param attu.autoscaling.vpa.controlledResources VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory
|
|
##
|
|
controlledResources: []
|
|
## @param attu.autoscaling.vpa.maxAllowed VPA Max allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
maxAllowed: {}
|
|
## @param attu.autoscaling.vpa.minAllowed VPA Min allowed resources for the pod
|
|
## cpu: 200m
|
|
## memory: 100Mi
|
|
minAllowed: {}
|
|
updatePolicy:
|
|
## @param attu.autoscaling.vpa.updatePolicy.updateMode Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod
|
|
## Possible values are "Off", "Initial", "Recreate", and "Auto".
|
|
##
|
|
updateMode: Auto
|
|
hpa:
|
|
## @param attu.autoscaling.hpa.enabled Enable HPA for Milvus attu
|
|
##
|
|
enabled: false
|
|
## @param attu.autoscaling.hpa.annotations Annotations for HPA resource
|
|
##
|
|
annotations: {}
|
|
## @param attu.autoscaling.hpa.minReplicas Minimum number of Milvus attu replicas
|
|
##
|
|
minReplicas: ""
|
|
## @param attu.autoscaling.hpa.maxReplicas Maximum number of Milvus attu replicas
|
|
##
|
|
maxReplicas: ""
|
|
## @param attu.autoscaling.hpa.targetCPU Target CPU utilization percentage
|
|
##
|
|
targetCPU: ""
|
|
## @param attu.autoscaling.hpa.targetMemory Target Memory utilization percentage
|
|
##
|
|
targetMemory: ""
|
|
## @section Attu Traffic Exposure Parameters
|
|
##
|
|
|
|
## attu service parameters
|
|
##
|
|
service:
|
|
## @param attu.service.type Attu service type
|
|
##
|
|
type: LoadBalancer
|
|
## @param attu.service.ports.http Attu HTTP service port
|
|
##
|
|
ports:
|
|
http: 80
|
|
## Node ports to expose
|
|
## NOTE: choose port between <30000-32767>
|
|
## @param attu.service.nodePorts.http Node port for HTTP
|
|
##
|
|
nodePorts:
|
|
http: ""
|
|
## @param attu.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @param attu.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param attu.service.clusterIP Attu service Cluster IP
|
|
## e.g.:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param attu.service.loadBalancerIP Attu service Load Balancer IP
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param attu.service.loadBalancerSourceRanges Attu service Load Balancer sources
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## e.g:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param attu.service.externalTrafficPolicy Attu service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Cluster
|
|
## @param attu.service.annotations Additional custom annotations for Attu service
|
|
##
|
|
annotations: {}
|
|
## @param attu.service.extraPorts Extra ports to expose in the Attu service
|
|
##
|
|
extraPorts: []
|
|
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
|
|
##
|
|
ingress:
|
|
## @param attu.ingress.enabled Enable ingress record generation for Milvus
|
|
##
|
|
enabled: false
|
|
## @param attu.ingress.pathType Ingress path type
|
|
##
|
|
pathType: ImplementationSpecific
|
|
## @param attu.ingress.apiVersion Force Ingress API version (automatically detected if not set)
|
|
##
|
|
apiVersion: ""
|
|
## @param attu.ingress.hostname Default host for the ingress record
|
|
##
|
|
hostname: milvus.local
|
|
## @param attu.ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
|
|
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
|
|
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
|
|
##
|
|
ingressClassName: ""
|
|
## @param attu.ingress.path Default path for the ingress record
|
|
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
|
|
##
|
|
path: /
|
|
## @param attu.ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
|
|
## Use this parameter to set the required annotations for cert-manager, see
|
|
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
|
|
## e.g:
|
|
## annotations:
|
|
## kubernetes.io/ingress.class: nginx
|
|
## cert-manager.io/cluster-issuer: cluster-issuer-name
|
|
##
|
|
annotations: {}
|
|
## @param attu.ingress.tls Enable TLS configuration for the host defined at `attu.ingress.hostname` parameter
|
|
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
|
|
## You can:
|
|
## - Use the `attu.ingress.secrets` parameter to create this TLS secret
|
|
## - Rely on cert-manager to create it by setting the corresponding annotations
|
|
## - Rely on Helm to create self-signed certificates by setting `attu.ingress.selfSigned=true`
|
|
##
|
|
tls: false
|
|
## @param attu.ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
|
|
##
|
|
selfSigned: false
|
|
## @param attu.ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record
|
|
## e.g:
|
|
## extraHosts:
|
|
## - name: milvus.local
|
|
## path: /
|
|
##
|
|
extraHosts: []
|
|
## @param attu.ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host
|
|
## e.g:
|
|
## extraPaths:
|
|
## - path: /*
|
|
## backend:
|
|
## serviceName: ssl-redirect
|
|
## servicePort: use-annotation
|
|
##
|
|
extraPaths: []
|
|
## @param attu.ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
|
## e.g:
|
|
## extraTls:
|
|
## - hosts:
|
|
## - milvus.local
|
|
## secretName: milvus.local-tls
|
|
##
|
|
extraTls: []
|
|
## @param attu.ingress.secrets Custom TLS certificates as secrets
|
|
## NOTE: 'key' and 'certificate' are expected in PEM format
|
|
## NOTE: 'name' should line up with a 'secretName' set further up
|
|
## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates
|
|
## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days
|
|
## It is also possible to create and manage the certificates outside of this helm chart
|
|
## Please see README.md for more information
|
|
## e.g:
|
|
## secrets:
|
|
## - name: milvus.local-tls
|
|
## key: |-
|
|
## -----BEGIN RSA PRIVATE KEY-----
|
|
## ...
|
|
## -----END RSA PRIVATE KEY-----
|
|
## certificate: |-
|
|
## -----BEGIN CERTIFICATE-----
|
|
## ...
|
|
## -----END CERTIFICATE-----
|
|
##
|
|
secrets: []
|
|
## @param attu.ingress.extraRules Additional rules to be covered with this ingress record
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
|
|
## e.g:
|
|
## extraRules:
|
|
## - host: example.local
|
|
## http:
|
|
## path: /
|
|
## backend:
|
|
## service:
|
|
## name: example-svc
|
|
## port:
|
|
## name: http
|
|
##
|
|
extraRules: []
|
|
## Network Policy configuration
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param attu.networkPolicy.enabled Enable creation of NetworkPolicy resources
|
|
##
|
|
enabled: true
|
|
## @param attu.networkPolicy.allowExternal The Policy model to apply
|
|
## When set to false, only pods with the correct client label will have network access to the ports Milvus is
|
|
## listening on. When true, Milvus will accept connections from any source (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param attu.networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param attu.networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraIngress: []
|
|
## @param attu.networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param attu.networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
|
## @param attu.networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
## @section Init Container Parameters
|
|
##
|
|
waitContainer:
|
|
## @param waitContainer.image.registry [default: REGISTRY_NAME] Init container wait-container image registry
|
|
## @param waitContainer.image.repository [default: REPOSITORY_NAME/os-shell] Init container wait-container image name
|
|
## @skip waitContainer.image.tag Init container wait-container image tag
|
|
## @param waitContainer.image.digest Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/os-shell
|
|
tag: 12-debian-12-r50
|
|
digest: ""
|
|
## @param waitContainer.image.pullPolicy Init container wait-container image pull policy
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## @param waitContainer.image.pullSecrets [array] Specify docker-registry secret names as an array
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param waitContainer.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param waitContainer.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param waitContainer.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param waitContainer.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param waitContainer.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param waitContainer.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param waitContainer.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param waitContainer.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param waitContainer.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param waitContainer.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param waitContainer.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if initJob.resources is set (initJob.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param waitContainer.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @section External etcd settings
|
|
##
|
|
externalEtcd:
|
|
## @param externalEtcd.servers List of hostnames of the external etcd
|
|
##
|
|
servers: []
|
|
## @param externalEtcd.port Port of the external etcd instance
|
|
##
|
|
port: 2379
|
|
## @param externalEtcd.user User of the external etcd instance
|
|
##
|
|
user: root
|
|
## @param externalEtcd.password Password of the external etcd instance
|
|
##
|
|
password: ""
|
|
## @param externalEtcd.existingSecret Name of a secret containing the external etcd password
|
|
##
|
|
existingSecret: ""
|
|
## @param externalEtcd.existingSecretPasswordKey Key inside the secret containing the external etcd password
|
|
##
|
|
existingSecretPasswordKey: "etcd-root-password"
|
|
## External etcd TLS connection configuration
|
|
##
|
|
tls:
|
|
## @param externalEtcd.tls.enabled Enable TLS for etcd client connections.
|
|
##
|
|
enabled: false
|
|
## @param externalEtcd.tls.existingSecret Name of the existing secret containing the TLS certificates for external etcd client communications.
|
|
##
|
|
existingSecret: ""
|
|
## @param externalEtcd.tls.cert The secret key from the existingSecret if 'cert' key different from the default (tls.crt)
|
|
##
|
|
cert: tls.crt
|
|
## @param externalEtcd.tls.key The secret key from the existingSecret if 'key' key different from the default (tls.key)
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted
|
|
##
|
|
key: tls.key
|
|
## @param externalEtcd.tls.caCert The secret key from the existingSecret if 'caCert' key different from the default (ca.crt)
|
|
##
|
|
caCert: ca.crt
|
|
## @param externalEtcd.tls.keyPassword Password to access the password-protected PEM key if necessary.
|
|
## Milvus cannot decrypt key file with password, so now the key must not be encrypted, value here must be empty
|
|
##
|
|
keyPassword: ""
|
|
## @section External S3 parameters
|
|
## All of these values are only used when minio.enabled is set to false
|
|
## @param externalS3.host External S3 host
|
|
## @param externalS3.port External S3 port number
|
|
## @param externalS3.accessKeyID External S3 access key ID
|
|
## @param externalS3.accessKeySecret External S3 access key secret
|
|
## @param externalS3.existingSecret Name of an existing secret resource containing the S3 credentials
|
|
## @param externalS3.existingSecretAccessKeyIDKey Name of an existing secret key containing the S3 access key ID
|
|
## @param externalS3.existingSecretKeySecretKey Name of an existing secret key containing the S3 access key secret
|
|
## @param externalS3.bucket External S3 bucket
|
|
## @param externalS3.rootPath External S3 root path
|
|
## @param externalS3.iamEndpoint External S3 IAM endpoint
|
|
## @param externalS3.cloudProvider External S3 cloud provider
|
|
##
|
|
externalS3:
|
|
host: ""
|
|
port: 443
|
|
accessKeyID: ""
|
|
accessKeySecret: ""
|
|
existingSecret: ""
|
|
existingSecretAccessKeyIDKey: "root-user"
|
|
existingSecretKeySecretKey: "root-password"
|
|
## External S3 TLS connection configuration
|
|
##
|
|
tls:
|
|
## @param externalS3.tls.enabled Enable TLS for externalS3 client connections.
|
|
##
|
|
enabled: false
|
|
## @param externalS3.tls.existingSecret Name of the existing secret containing the TLS certificates for externalS3 client communications.
|
|
##
|
|
existingSecret: ""
|
|
## @param externalS3.tls.caCert The secret key from the existingSecret if 'caCert' key different from the default (ca.crt)
|
|
##
|
|
caCert: ca.crt
|
|
bucket: "milvus"
|
|
rootPath: "file"
|
|
iamEndpoint: ""
|
|
cloudProvider: ""
|
|
## @section External Kafka parameters
|
|
## All of these values are ignored when kafka.enabled is set to true
|
|
##
|
|
externalKafka:
|
|
## @param externalKafka.servers External Kafka brokers
|
|
## Multiple brokers can be provided in a comma separated list, e.g. host1:port1,host2:port2
|
|
##
|
|
servers:
|
|
- localhost
|
|
## @param externalKafka.port External Kafka port
|
|
##
|
|
port: 9092
|
|
## @param externalKafka.listener.protocol Kafka listener protocol. Allowed protocols: PLAINTEXT, SASL_PLAINTEXT, SASL_SSL and SSL
|
|
##
|
|
listener:
|
|
protocol: PLAINTEXT
|
|
## Authentication parameters
|
|
## @param externalKafka.sasl.user User for SASL authentication
|
|
## @param externalKafka.sasl.password Password for SASL authentication
|
|
## @param externalKafka.sasl.existingSecret Name of the existing secret containing a password for SASL authentication (under the key named "client-passwords")
|
|
## @param externalKafka.sasl.existingSecretPasswordKey Name of the secret key containing the Kafka client user password
|
|
## @param externalKafka.sasl.enabledMechanisms Kafka enabled SASL mechanisms
|
|
##
|
|
sasl:
|
|
user: user
|
|
password: ""
|
|
existingSecret: ""
|
|
existingSecretPasswordKey: "kafka-root-password"
|
|
enabledMechanisms: "PLAIN"
|
|
## External kafka TLS connection configuration
|
|
##
|
|
tls:
|
|
## @param externalKafka.tls.enabled Enable TLS for kafka client connections.
|
|
##
|
|
enabled: false
|
|
## @param externalKafka.tls.existingSecret Name of the existing secret containing the TLS certificates for external kafka client communications.
|
|
##
|
|
existingSecret: ""
|
|
## @param externalKafka.tls.cert The secret key from the existingSecret if 'cert' key different from the default (tls.crt)
|
|
##
|
|
cert: tls.crt
|
|
## @param externalKafka.tls.key The secret key from the existingSecret if 'key' key different from the default (tls.key)
|
|
##
|
|
key: tls.key
|
|
## @param externalKafka.tls.caCert The secret key from the existingSecret if 'caCert' key different from the default (ca.crt)
|
|
##
|
|
caCert: ca.crt
|
|
## @param externalKafka.tls.keyPassword Password to access the password-protected PEM key if necessary.
|
|
##
|
|
keyPassword: ""
|
|
|
|
|
|
## @section etcd sub-chart parameters
|
|
##
|
|
etcd:
|
|
## @param etcd.enabled Deploy etcd sub-chart
|
|
##
|
|
enabled: true
|
|
## @param etcd.replicaCount Number of etcd replicas
|
|
##
|
|
replicaCount: 3
|
|
## @param etcd.containerPorts.client Container port for etcd
|
|
##
|
|
containerPorts:
|
|
client: 2379
|
|
## @param etcd.auth.rbac.create Switch to enable RBAC authentication
|
|
## @param etcd.auth.client.secureTransport use TLS for client-to-server communications
|
|
##
|
|
auth:
|
|
rbac:
|
|
# Milvus does not have support for etcd authentication
|
|
# https://github.com/milvus-io/milvus/blob/master/pkg/util/paramtable/service_param.go#L93
|
|
create: false
|
|
client:
|
|
secureTransport: false
|
|
## @section MinIO® chart parameters
|
|
## @extra minio For full list of MinIO® values configurations please refere [here](https://github.com/bitnami/charts/tree/main/bitnami/minio)
|
|
##
|
|
minio:
|
|
## @param minio.enabled Enable/disable MinIO® chart installation
|
|
## to be used as an objstore for Mastodon
|
|
##
|
|
enabled: true
|
|
## MinIO® authentication parameters
|
|
##
|
|
auth:
|
|
## @param minio.auth.rootUser MinIO® root username
|
|
##
|
|
rootUser: admin
|
|
## @param minio.auth.rootPassword Password for MinIO® root user
|
|
##
|
|
rootPassword: ""
|
|
## @param minio.auth.existingSecret Name of an existing secret containing the MinIO® credentials
|
|
##
|
|
existingSecret: ""
|
|
## @param minio.defaultBuckets Comma, semi-colon or space separated list of MinIO® buckets to create
|
|
##
|
|
defaultBuckets: "milvus"
|
|
## @param minio.provisioning.enabled Enable/disable MinIO® provisioning job
|
|
## @param minio.provisioning.extraCommands Extra commands to run on MinIO® provisioning job
|
|
##
|
|
provisioning:
|
|
enabled: true
|
|
# We need to allow downloads in order for the UI to work
|
|
extraCommands: ["mc anonymous set download provisioning/milvus"]
|
|
## @param minio.tls.enabled Enable/disable MinIO® TLS support
|
|
##
|
|
tls:
|
|
enabled: false
|
|
## @param minio.service.type MinIO® service type
|
|
## @param minio.service.loadBalancerIP MinIO® service LoadBalancer IP
|
|
## @param minio.service.ports.api MinIO® service port
|
|
##
|
|
service:
|
|
type: ClusterIP
|
|
loadBalancerIP: ""
|
|
ports:
|
|
api: 80
|
|
## @param minio.console.enabled Enable MinIO® Console
|
|
##
|
|
console:
|
|
enabled: false
|
|
## @section kafka sub-chart paramaters
|
|
## https://github.com/bitnami/charts/blob/main/bitnami/kafka/values.yaml
|
|
##
|
|
kafka:
|
|
## @param kafka.enabled Enable/disable Kafka chart installation
|
|
##
|
|
enabled: true
|
|
## @param kafka.controller.replicaCount Number of Kafka controller eligible (controller+broker) nodes
|
|
##
|
|
controller:
|
|
replicaCount: 1
|
|
## @param kafka.service.ports.client Kafka svc port for client connections
|
|
##
|
|
service:
|
|
ports:
|
|
client: 9092
|
|
## @param kafka.overrideConfiguration [object] Kafka common configuration override
|
|
##
|
|
overrideConfiguration:
|
|
offsets.topic.replication.factor: 1
|
|
## @param kafka.listeners.client.protocol Kafka authentication protocol for the client listener
|
|
##
|
|
listeners:
|
|
client:
|
|
protocol: SASL_PLAINTEXT
|
|
sasl:
|
|
## @param kafka.sasl.enabledMechanisms Kafka enabled SASL mechanisms
|
|
##
|
|
enabledMechanisms: "PLAIN"
|
|
## @param kafka.sasl.client.users Kafka client users
|
|
##
|
|
client:
|
|
users:
|
|
- user
|