-
Notifications
You must be signed in to change notification settings - Fork 156
/
Copy pathvalues.yaml
183 lines (168 loc) · 7.53 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
# uninstallVPA -- Enabling this flag will remove a vpa installation that was previously managed with this chart. It is considered deprecated and will be removed in a later release.
uninstallVPA: false
vpa:
# vpa.enabled -- If true, the vpa will be installed as a sub-chart
enabled: false
updater:
enabled: false
metrics-server:
# metrics-server.enabled -- If true, the metrics-server will be installed as a sub-chart
enabled: false
apiService:
create: true
image:
# image.repository -- Repository for the goldilocks image
repository: us-docker.pkg.dev/fairwinds-ops/oss/goldilocks
# image.tag -- The goldilocks image tag to use
tag: v4.13.0
# image.pullPolicy -- imagePullPolicy - Highly recommended to leave this as `Always`
pullPolicy: Always
# imagePullSecrets -- A list of image pull secret names to use
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
controller:
# controller.enabled -- Whether or not to install the controller deployment
enabled: true
# controller.revisionHistoryLimit -- Number of old replicasets to retain, default is 10, 0 will garbage-collect old replicasets
revisionHistoryLimit: 10
rbac:
# controller.rbac.create -- If set to true, rbac resources will be created for the controller
create: true
# controller.rbac.enableArgoproj -- If set to true, the clusterrole will give access to argoproj.io resources
enableArgoproj: true
# controller.rbac.extraRules -- Extra rbac rules for the controller clusterrole
extraRules: []
# controller.rbac.extraClusterRoleBindings -- A list of ClusterRoles for which ClusterRoleBindings will be created for the ServiceAccount, if enabled
extraClusterRoleBindings: []
serviceAccount:
# controller.serviceAccount.create -- If true, a service account will be created for the controller. If set to false, you must set `controller.serviceAccount.name`
create: true
# controller.serviceAccount.name -- The name of an existing service account to use for the controller. Combined with `controller.serviceAccount.create`
name:
# controller.flags -- A map of additional flags to pass to the controller. For monitoring all namespaces out of the box, add the following flag "on-by-default: true"
flags: {}
# controller.logVerbosity -- Controller log verbosity. Can be set from 1-10 with 10 being extremely verbose
logVerbosity: "2"
# controller.nodeSelector -- Node selector for the controller pod
nodeSelector: {}
# controller.tolerations -- Tolerations for the controller pod
tolerations: []
# controller.affinity -- Affinity for the controller pods
affinity: {}
# controller.topologySpreadConstraints -- Topology spread constraints for the controller pods
topologySpreadConstraints: []
# controller.resources -- The resources block for the controller pods
resources:
limits: {}
requests:
cpu: 25m
memory: 256Mi
# controller.podSecurityContext -- Defines the podSecurityContext for the controller pod
podSecurityContext:
seccompProfile:
type: RuntimeDefault
# controller.securityContext -- The container securityContext for the controller container
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 10324
capabilities:
drop:
- ALL
deployment:
# controller.deployment.extraVolumeMounts -- Extra volume mounts for the controller container
extraVolumeMounts: []
# controller.deployment.extraVolumes -- Extra volumes for the controller pod
extraVolumes: []
# controller.deployment.annotations -- Extra annotations for the controller deployment
annotations: {}
# controller.deployment.additionalLabels -- Extra labels for the controller deployment
additionalLabels: {}
# controller.deployment.podAnnotations -- Extra annotations for the controller pod
podAnnotations: {}
dashboard:
# dashboard.basePath -- Path on which the dashboard is served. Defaults to `/`
basePath: null
# dashboard.enabled -- If true, the dashboard component will be installed
enabled: true
# dashboard.revisionHistoryLimit -- Number of old replicasets to retain, default is 10, 0 will garbage-collect old replicasets
revisionHistoryLimit: 10
# dashboard.replicaCount -- Number of dashboard pods to run
replicaCount: 2
service:
# dashboard.service.type -- The type of the dashboard service
type: ClusterIP
# dashboard.service.port -- The port to run the dashboard service on
port: 80
# dashboard.service.annotations -- Extra annotations for the dashboard service
annotations: {}
# dashboard.flags -- A map of additional flags to pass to the dashboard. For monitoring all namespaces out of the box, add the following flag "on-by-default: true".
flags: {}
# dashboard.logVerbosity -- Dashboard log verbosity. Can be set from 1-10 with 10 being extremely verbose
logVerbosity: "2"
# dashboard.excludeContainers -- Container names to exclude from displaying in the Goldilocks dashboard
excludeContainers: "linkerd-proxy,istio-proxy"
rbac:
# dashboard.rbac.create -- If set to true, rbac resources will be created for the dashboard
create: true
# dashboard.rbac.enableArgoproj -- If set to true, the clusterrole will give access to argoproj.io resources
enableArgoproj: true
serviceAccount:
# dashboard.serviceAccount.create -- If true, a service account will be created for the dashboard. If set to false, you must set `dashboard.serviceAccount.name`
create: true
# dashboard.serviceAccount.name -- The name of an existing service account to use for the controller. Combined with `dashboard.serviceAccount.create`
name:
deployment:
# dashboard.deployment.annotations -- Extra annotations for the dashboard deployment
annotations: {}
# dashboard.deployment.additionalLabels -- Extra labels for the dashboard deployment
additionalLabels: {}
# dashboard.deployment.extraVolumeMounts -- Extra volume mounts for the dashboard container
extraVolumeMounts: []
# dashboard.deployment.extraVolumes -- Extra volumes for the dashboard pod
extraVolumes: []
# dashboard.deployment.podAnnotations -- Extra annotations for the dashboard pod
podAnnotations: {}
ingress:
# dashboard.ingress.enabled -- Enables an ingress object for the dashboard.
enabled: false
# dashboard.ingress.ingressClassName -- From Kubernetes 1.18+ this field is supported in case your ingress controller supports it. When set, you do not need to add the ingress class as annotation.
ingressClassName:
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
type: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
# dashboard.resources -- A resources block for the dashboard.
resources:
limits: {}
requests:
cpu: 25m
memory: 256Mi
# dashboard.podSecurityContext -- Defines the podSecurityContext for the dashboard pod
podSecurityContext:
seccompProfile:
type: RuntimeDefault
# dashboard.securityContext -- The container securityContext for the dashboard container
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 10324
capabilities:
drop:
- ALL
nodeSelector: {}
tolerations: []
affinity: {}
# dashboard.topologySpreadConstraints -- Topology spread constraints for the dashboard pods
topologySpreadConstraints: []