jonny/charts
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
master
charts/stackgres-operator/values.yaml
Jonny Ervine db34ed82a3 Add stackgres chart
2024-05-30 20:42:52 +08:00

414 lines
20 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# -- The container registry host (and port) where the images will be pulled from.
containerRegistry: quay.io
# -- Image pull policy used for images loaded by the Operator
imagePullPolicy: "IfNotPresent"
# Section to configure Operator Installation ServiceAccount
serviceAccount:
# -- If `true` the Operator Installation ServiceAccount will be created
create: true
# -- Section to configure Operator ServiceAccount annotations
annotations: {}
# -- Repositories credentials Secret names to attach to ServiceAccounts and Pods
repoCredentials: []
# Section to configure Operator Pod
operator:
# Section to configure Operator image
image:
# -- Operator image name
name: "stackgres/operator"
# -- Operator image tag
tag: "1.10.0"
# -- Operator image pull policy
pullPolicy: "IfNotPresent"
# -- Operator Pod annotations
annotations: {}
# -- Operator Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core
resources: {}
# -- Operator Pod node selector
nodeSelector: {}
# -- Operator Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core
tolerations: []
# -- Operator Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core
affinity: {}
# Section to configure Operator ServiceAccount
serviceAccount:
# -- Section to configure Operator ServiceAccount annotations
annotations: {}
# -- Repositories credentials Secret names to attach to ServiceAccounts and Pods
repoCredentials: []
# Section to configure Operator Service
service:
# -- Section to configure Operator Service annotations
annotations: {}
# Section to configure REST API Pod
restapi:
# -- REST API Pod name
name: stackgres-restapi
# Section to configure REST API image
image:
# -- REST API image name
name: "stackgres/restapi"
# -- REST API image tag
tag: "1.10.0"
# -- REST API image pull policy
pullPolicy: "IfNotPresent"
# -- REST API Pod annotations
annotations: {}
# -- REST API Pod resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core
resources: {}
# -- REST API Pod node selector
nodeSelector: {}
# -- REST API Pod tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core
tolerations: []
# -- REST API Pod affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core
affinity: {}
# Section to configure REST API ServiceAccount
serviceAccount:
# -- REST API ServiceAccount annotations
annotations: {}
# -- Repositories credentials Secret names to attach to ServiceAccounts and Pods
repoCredentials: []
# Section to configure REST API Service
service:
# -- REST API Service annotations
annotations: {}
# Section to configure Web Console container
adminui:
# Section to configure Web Console image
image:
# -- Web Console image name
name: "stackgres/admin-ui"
# -- Web Console image tag
tag: "1.10.0"
# -- Web Console image pull policy
pullPolicy: "IfNotPresent"
# -- Web Console resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core
resources: {}
# Section to configure Web Console service.
service:
# -- When set to `true` the HTTP port will be exposed in the Web Console Service
exposeHTTP: false
# -- The type used for the service of the UI:
# * Set to LoadBalancer to create a load balancer (if supported by the kubernetes cluster)
# to allow connect from Internet to the UI. Note that enabling this feature will probably incurr in
# some fee that depend on the host of the kubernetes cluster (for example this is true for EKS, GKE
# and AKS).
# * Set to NodePort to expose admin UI from kubernetes nodes.
type: ClusterIP
# -- (string) LoadBalancer will get created with the IP specified in
# this field. This feature depends on whether the underlying cloud-provider supports specifying
# the loadBalancerIP when a load balancer is created. This field will be ignored if the
# cloud-provider does not support the feature.
loadBalancerIP:
# -- (array) If specified and supported by the platform,
# this will restrict traffic through the cloud-provider load-balancer will be restricted to the
# specified client IPs. This field will be ignored if the cloud-provider does not support the
# feature.
# More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
loadBalancerSourceRanges:
# -- (integer) The HTTPS port used to expose the Service on Kubernetes nodes
nodePort:
# -- (integer) The HTTP port used to expose the Service on Kubernetes nodes
nodePortHTTP:
# Section to configure Operator Installation Jobs
jobs:
# Section to configure Operator Installation Jobs image
image:
# -- Operator Installation Jobs image name
name: "stackgres/jobs"
# -- Operator Installation Jobs image tag
tag: "1.10.0"
# -- Operator Installation Jobs image pull policy
pullPolicy: "IfNotPresent"
# -- Operator Installation Jobs annotations
annotations: {}
# -- Operator Installation Jobs resources. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#resourcerequirements-v1-core
resources: {}
# -- Operator Installation Jobs node selector
nodeSelector: {}
# -- Operator Installation Jobs tolerations. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core
tolerations: []
# -- Operator Installation Jobs affinity. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core
affinity: {}
# Section to configure deployment aspects.
deploy:
# -- When set to `true` the Operator will be deployed.
operator: true
# -- When set to `true` the Web Console / REST API will be deployed.
restapi: true
# Section to configure the Operator, REST API and Web Console certificates and JWT RSA key-pair.
cert:
# -- If set to `true` the CertificateSigningRequest used to generate the certificate used by
# Webhooks will be approved by the Operator Installation Job.
autoapprove: true
# -- When set to `true` the Operator certificate will be created.
createForOperator: true
# -- When set to `true` the Web Console / REST API certificate will be created.
createForWebApi: true
# -- (string) The Secret name with the Operator Webhooks certificate issued by the Kubernetes cluster CA
# of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
secretName:
# -- When set to `true` the Operator certificates will be regenerated if `createForOperator` is set to `true`, and the certificate is expired or invalid.
regenerateCert: true
# -- (integer) The duration in days of the generated certificate for the Operator after which it will expire and be regenerated.
# If not specified it will be set to 730 (2 years) by default.
certDuration: 730
# -- (string) The Secret name with the Web Console / REST API certificate
# of type kubernetes.io/tls. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
webSecretName:
# -- When set to `true` the Web Console / REST API certificates will be regenerated if `createForWebApi` is set to `true`, and the certificate is expired or invalid.
regenerateWebCert: true
# -- When set to `true` the Web Console / REST API RSA key pair will be regenerated if `createForWebApi` is set to `true`, and the certificate is expired or invalid.
regenerateWebRsa: true
# -- (integer) The duration in days of the generated certificate for the Web Console / REST API after which it will expire and be regenerated.
# If not specified it will be set to 730 (2 years) by default.
webCertDuration:
# -- (integer) The duration in days of the generated RSA key pair for the Web Console / REST API after which it will expire and be regenerated.
# If not specified it will be set to 730 (2 years) by default.
webRsaDuration:
# -- (string) The private RSA key used to create the Operator Webhooks certificate issued by the
# Kubernetes cluster CA.
key:
# -- (string) The Operator Webhooks certificate issued by Kubernetes cluster CA.
crt:
# -- (string) The private RSA key used to generate JWTs used in REST API authentication.
jwtRsaKey:
# -- (string) The public RSA key used to verify JWTs used in REST API authentication.
jwtRsaPub:
# -- (string) The private RSA key used to create the Web Console / REST API certificate
webKey:
# -- (string) The Web Console / REST API certificate
webCrt:
# Section to configure cert-manager integration to generate Operator certificates
certManager:
# -- When set to `true` then Issuer and Certificate for Operator and Web Console / REST API
# Pods will be generated
autoConfigure: false
# -- The requested duration (i.e. lifetime) of the Certificates. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1
duration: "2160h"
# -- How long before the currently issued certificates expiry cert-manager should renew the certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io%2fv1
renewBefore: "360h"
# -- The private key cryptography standards (PKCS) encoding for this certificates private key to be encoded in. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey
encoding: PKCS1
# -- Size is the key bit size of the corresponding private key for this certificate. See https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificatePrivateKey
size: 2048
# Section to configure RBAC for Web Console admin user
rbac:
# -- When set to `true` the admin user is assigned the `cluster-admin` ClusterRole by creating
# ClusterRoleBinding.
create: true
# Section to configure Web Console authentication
authentication:
# -- Specify the authentication mechanism to use. By default is `jwt`, see https://stackgres.io/doc/latest/api/rbac#local-secret-mechanism.
# If set to `oidc` then see https://stackgres.io/doc/latest/api/rbac/#openid-connect-provider-mechanism.
type: jwt
# -- (boolean) When `true` will create the secret used to store the `admin` user credentials to access the UI.
createAdminSecret: true
# -- The admin username that will be required to access the UI
user: admin
# -- (string) The admin password that will be required to access the UI
password:
# Section to configure Web Console OIDC authentication
oidc:
# tlsVerification -- (string) Can be one of `required`, `certificate-validation` or `none`
# tlsVerification:
# authServerUrl -- (string)
# authServerUrl:
# clientId -- (string)
# clientId:
# credentialsSecret -- (string)
# credentialsSecret:
# clientIdSecretRef -- (object)
# clientIdSecretRef:
# name -- (string)
# name:
# key -- (string)
# key:
# credentialsSecretSecretRef -- (object)
# credentialsSecretSecretRef:
# name -- (string)
# name:
# key -- (string)
# key:
# Section to configure Prometheus integration.
prometheus:
# -- If set to false disable automatic bind to Prometheus
# created using the [Prometheus Operator](https://github.com/prometheus-operator/prometheus-operator).
# If disabled the cluster will not be binded to Prometheus automatically and will require manual
# intervention by the Kubernetes cluster administrator.
allowAutobind: true
# Section to configure Grafana integration
grafana:
# -- When set to `true` embed automatically Grafana into the Web Console by creating the
# StackGres dashboards and the read-only role used to read it from the Web Console
autoEmbed: false
# -- The schema to access Grafana. By default http. (used to embed manually and
# automatically grafana)
schema: http
# -- (string) The service host name to access grafana (used to embed manually and
# automatically Grafana).
# The parameter value should point to the grafana service following the
# [DNS reference](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/) `svc_name.namespace`
webHost:
# -- The datasource name used to create the StackGres Dashboards into Grafana
datasourceName: Prometheus
# -- The username to access Grafana. By default admin. (used to embed automatically
# Grafana)
user: admin
# -- The password to access Grafana. By default prom-operator (the default in for
# kube-prometheus-stack helm chart). (used to embed automatically Grafana)
password: prom-operator
# -- Use follwing fields to indicate a secret where the grafana admin credentials are stored (replace user/password)
# -- (string) The namespace of secret with credentials to access Grafana. (used to
# embed automatically Grafana, alternative to use `user` and `password`)
secretNamespace:
# -- (string) The name of secret with credentials to access Grafana. (used to embed
# automatically Grafana, alternative to use `user` and `password`)
secretName:
# -- (string) The key of secret with username used to access Grafana. (used to embed
# automatically Grafana, alternative to use `user` and `password`)
secretUserKey:
# -- (string) The key of secret with password used to access Grafana. (used to
# embed automatically Grafana, alternative to use `user` and `password`)
secretPasswordKey:
# -- (string) The ConfigMap name with the dashboard JSONs
# that will be created in Grafana. If not set the default
# StackGres dashboards will be created. (used to embed automatically Grafana)
dashboardConfigMap:
# -- (array) The URLs of the PostgreSQL dashboards created in Grafana (used to embed manually
# Grafana). It must contain an entry for each JSON file under `grafana-dashboards` folder: `archiving.json`,
# `connection-pooling.json`, `current-activity.json`, `db-info.json`, `db-objects.json`, `db-os.json`, `queries.json`
# and `replication.json`
urls:
# Create and copy/paste grafana API token:
# - Grafana > Configuration > API Keys > Add API key (for viewer) > Copy key value
# -- (string) The Grafana API token to access the PostgreSQL dashboards created
# in Grafana (used to embed manually Grafana)
token:
# Section to configure extensions
extensions:
# -- A list of extensions repository URLs used to retrieve extensions
#
# To set a proxy for extensions repository add parameter proxyUrl to the URL:
# `https://extensions.stackgres.io/postgres/repository?proxyUrl=<proxy scheme>%3A%2F%2F<proxy host>[%3A<proxy port>]` (URL encoded)
#
# Other URL parameters are:
#
# * `skipHostnameVerification`: set it to `true` in order to use a server or a proxy with a self signed certificate
# * `retry`: set it to `<max retriex>[:<sleep before next retry>]` in order to retry a request on failure
# * `setHttpScheme`: set it to `true` in order to force using HTTP scheme
repositoryUrls:
- https://extensions.stackgres.io/postgres/repository
# Section to configure extensions cache (experimental).
#
# This feature is in beta and may cause failures, please use with caution and report any
# error to https://gitlab.com/ongresinc/stackgres/-/issues/new
cache:
# -- When set to `true` enable the extensions cache.
#
# This feature is in beta and may cause failures, please use with caution and report any
# error to https://gitlab.com/ongresinc/stackgres/-/issues/new
enabled: false
# -- An array of extensions pattern used to pre-loaded estensions into the extensions cache
preloadedExtensions:
- x86_64/linux/timescaledb-1\.7\.4-pg12
# Section to configure the extensions cache PersistentVolume
persistentVolume:
# -- The PersistentVolume size for the extensions cache
#
# Only use whole numbers (e.g. not 1e6) and K/Ki/M/Mi/G/Gi as units
size: 1Gi
# -- (string) If defined set storage class
# If set to "-" (equivalent to storageClass: "" in a PV spec) disables
# dynamic provisioning
# If undefined (the default) or set to null, no storageClass spec is
# set, choosing the default provisioner. (gp2 on AWS, standard on
# GKE, AWS & OpenStack)
storageClass:
# -- (string) If set, will use a host path volume with the specified path for the extensions cache
# instead of a PersistentVolume
hostPath:
# Following options are for developers only, but can also be useful in some cases ;)
# Section to configure developer options.
developer:
# -- (string) Set the operator version (used for testing)
version:
# -- (string) Set `quarkus.log.level`. See https://quarkus.io/guides/logging#root-logger-configuration
logLevel:
# -- If set to `true` add extra debug to any script controlled by the reconciliation cycle of the operator configuration
showDebug: false
# -- Set `quarkus.log.console.format` to `%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{4.}] (%t) %s%e%n`. See https://quarkus.io/guides/logging#logging-format
showStackTraces: false
# -- Only work with JVM version and allow connect
# on port 8000 of operator Pod with jdb or similar
enableJvmDebug: false
# -- Only work with JVM version and if `enableJvmDebug` is `true`
# suspend the JVM until a debugger session is started
enableJvmDebugSuspend: false
# -- (string) Set the external Operator IP
externalOperatorIp:
# -- (integer) Set the external Operator port
externalOperatorPort:
# -- (string) Set the external REST API IP
externalRestApiIp:
# -- (integer) Set the external REST API port
externalRestApiPort:
# -- If set to `true` and `extensions.cache.enabled` is also `true`
# it will try to download extensions from images (experimental)
allowPullExtensionsFromImageRepository: false
# -- It set to `true` disable arbitrary user that is set for OpenShift clusters
disableArbitraryUser: false
# Section to define patches for some StackGres Pods
patches:
# Section to define volumes to be used by the operator container
operator:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
# Section to define volumes to be used by the restapi container
restapi:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
# Section to define volumes to be used by the adminui container
adminui:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
# Section to define volumes to be used by the jobs container
jobs:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
# Section to define volumes to be used by the cluster controller container
clusterController:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
# Section to define volumes to be used by the distributedlogs controller container
distributedlogsController:
# -- Pod volumes. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volume-v1-core
volumes: []
# -- Pod's container volume mounts. See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#volumemount-v1-core
volumeMounts: []
Reference in New Issue View Git Blame Copy Permalink