237 lines
7.3 KiB
YAML
237 lines
7.3 KiB
YAML
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
image:
|
|
repository: ghcr.io/mariadb-operator/mariadb-operator
|
|
pullPolicy: IfNotPresent
|
|
# -- Image tag to use. By default the chart appVersion is used
|
|
tag: ""
|
|
imagePullSecrets: []
|
|
|
|
# -- Controller log level
|
|
logLevel: INFO
|
|
|
|
# -- Cluster DNS name
|
|
clusterName: cluster.local
|
|
|
|
ha:
|
|
# -- Enable high availability
|
|
enabled: false
|
|
# -- Number of replicas
|
|
replicas: 3
|
|
|
|
metrics:
|
|
# -- Enable operator internal metrics. Prometheus must be installed in the cluster
|
|
enabled: false
|
|
serviceMonitor:
|
|
# -- Enable controller ServiceMonitor
|
|
enabled: true
|
|
# -- Labels to be added to the controller ServiceMonitor
|
|
additionalLabels: {}
|
|
# release: kube-prometheus-stack
|
|
# -- Interval to scrape metrics
|
|
interval: 30s
|
|
# -- Timeout if metrics can't be retrieved in given time interval
|
|
scrapeTimeout: 25s
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
enabled: true
|
|
# -- Automounts the service account token in all containers of the Pod
|
|
automount: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- Extra Labels to add to the service account
|
|
extraLabels: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and enabled is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
rbac:
|
|
# -- Specifies whether RBAC resources should be created
|
|
enabled: true
|
|
|
|
# -- Extra arguments to be passed to the controller entrypoint
|
|
extrArgs: []
|
|
|
|
# -- Extra environment variables to be passed to the controller
|
|
extraEnv: []
|
|
|
|
# -- Extra volumes to pass to pod.
|
|
extraVolumes: []
|
|
|
|
# -- Extra volumes to mount to the container.
|
|
extraVolumeMounts: []
|
|
|
|
# -- Annotations to add to controller Pod
|
|
podAnnotations: {}
|
|
|
|
# -- Security context to add to controller Pod
|
|
podSecurityContext: {}
|
|
|
|
# -- Security context to add to controller container
|
|
securityContext: {}
|
|
|
|
# -- Resources to add to controller container
|
|
resources: {}
|
|
# requests:
|
|
# cpu: 10m
|
|
# memory: 32Mi
|
|
|
|
# -- Node selectors to add to controller Pod
|
|
nodeSelector: {}
|
|
|
|
# -- Tolerations to add to controller Pod
|
|
tolerations: []
|
|
|
|
# -- Affinity to add to controller Pod
|
|
affinity: {}
|
|
|
|
webhook:
|
|
image:
|
|
repository: ghcr.io/mariadb-operator/mariadb-operator
|
|
pullPolicy: IfNotPresent
|
|
# -- Image tag to use. By default the chart appVersion is used
|
|
tag: ""
|
|
imagePullSecrets: []
|
|
ha:
|
|
# -- Enable high availability
|
|
enabled: false
|
|
# -- Number of replicas
|
|
replicas: 3
|
|
cert:
|
|
certManager:
|
|
# -- Whether to use cert-manager to issue and rotate the certificate. If set to false, mariadb-operator's cert-controller will be used instead.
|
|
enabled: false
|
|
# -- Issuer reference to be used in the Certificate resource. If not provided, a self-signed issuer will be used.
|
|
issuerRef: {}
|
|
# -- Duration to be used in the Certificate resource,
|
|
duration: ""
|
|
# -- Renew before duration to be used in the Certificate resource.
|
|
renewBefore: ""
|
|
# -- Annotatioms to be added to webhook TLS secret.
|
|
secretAnnotations: {}
|
|
# -- Path where the CA certificate will be mounted.
|
|
caPath: /tmp/k8s-webhook-server/certificate-authority
|
|
# -- Path where the certificate will be mounted.
|
|
path: /tmp/k8s-webhook-server/serving-certs
|
|
# -- Port to be used by the webhook server
|
|
port: 9443
|
|
# -- Expose the webhook server in the host network
|
|
hostNetwork: false
|
|
serviceMonitor:
|
|
# -- Enable webhook ServiceMonitor. Metrics must be enabled
|
|
enabled: true
|
|
# -- Labels to be added to the webhook ServiceMonitor
|
|
additionalLabels: {}
|
|
# release: kube-prometheus-stack
|
|
# -- Interval to scrape metrics
|
|
interval: 30s
|
|
# -- Timeout if metrics can't be retrieved in given time interval
|
|
scrapeTimeout: 25s
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
enabled: true
|
|
# -- Automounts the service account token in all containers of the Pod
|
|
automount: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- Extra Labels to add to the service account
|
|
extraLabels: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and enabled is true, a name is generated using the fullname template
|
|
name: ""
|
|
# -- Annotations for webhook configurations.
|
|
annotations: {}
|
|
# -- Extra arguments to be passed to the webhook entrypoint
|
|
extrArgs: []
|
|
# -- Extra volumes to pass to webhook Pod
|
|
extraVolumes: []
|
|
# -- Extra volumes to mount to webhook container
|
|
extraVolumeMounts: []
|
|
# -- Annotations to add to webhook Pod
|
|
podAnnotations: {}
|
|
# -- Security context to add to webhook Pod
|
|
podSecurityContext: {}
|
|
# -- Security context to add to webhook container
|
|
securityContext: {}
|
|
# -- Resources to add to webhook container
|
|
resources: {}
|
|
# requests:
|
|
# cpu: 10m
|
|
# memory: 32Mi
|
|
# -- Node selectors to add to controller Pod
|
|
nodeSelector: {}
|
|
# -- Tolerations to add to controller Pod
|
|
tolerations: []
|
|
# -- Affinity to add to controller Pod
|
|
affinity: {}
|
|
|
|
certController:
|
|
# -- Specifies whether the cert-controller should be created.
|
|
enabled: true
|
|
image:
|
|
repository: ghcr.io/mariadb-operator/mariadb-operator
|
|
pullPolicy: IfNotPresent
|
|
# -- Image tag to use. By default the chart appVersion is used
|
|
tag: ""
|
|
imagePullSecrets: []
|
|
ha:
|
|
# -- Enable high availability
|
|
enabled: false
|
|
# -- Number of replicas
|
|
replicas: 3
|
|
# -- CA certificate validity. It must be greater than certValidity.
|
|
caValidity: 35064h
|
|
# -- Certificate validity.
|
|
certValidity: 8766h
|
|
# -- Duration used to verify whether a certificate is valid or not.
|
|
lookaheadValidity: 2160h
|
|
# -- Requeue duration to ensure that certificate gets renewed.
|
|
requeueDuration: 5m
|
|
serviceMonitor:
|
|
# -- Enable cert-controller ServiceMonitor. Metrics must be enabled
|
|
enabled: true
|
|
# -- Labels to be added to the cert-controller ServiceMonitor
|
|
additionalLabels: {}
|
|
# release: kube-prometheus-stack
|
|
# -- Interval to scrape metrics
|
|
interval: 30s
|
|
# -- Timeout if metrics can't be retrieved in given time interval
|
|
scrapeTimeout: 25s
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
enabled: true
|
|
# -- Automounts the service account token in all containers of the Pod
|
|
automount: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- Extra Labels to add to the service account
|
|
extraLabels: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and enabled is true, a name is generated using the fullname template
|
|
name: ""
|
|
# -- Extra arguments to be passed to the cert-controller entrypoint
|
|
extrArgs: []
|
|
# -- Extra volumes to pass to cert-controller Pod
|
|
extraVolumes: []
|
|
# -- Extra volumes to mount to cert-controller container
|
|
extraVolumeMounts: []
|
|
# -- Annotations to add to cert-controller Pod
|
|
podAnnotations: {}
|
|
# -- Security context to add to cert-controller Pod
|
|
podSecurityContext: {}
|
|
# -- Security context to add to cert-controller container
|
|
securityContext: {}
|
|
# -- Resources to add to cert-controller container
|
|
resources: {}
|
|
# requests:
|
|
# cpu: 10m
|
|
# memory: 32Mi
|
|
# -- Node selectors to add to controller Pod
|
|
nodeSelector: {}
|
|
# -- Tolerations to add to controller Pod
|
|
tolerations: []
|
|
# -- Affinity to add to controller Pod
|
|
affinity: {}
|