-
Notifications
You must be signed in to change notification settings - Fork 153
/
values.yaml
91 lines (91 loc) · 3.22 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# Default values for kanister-operator.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
repository: ghcr.io/kanisterio/controller
tag: 0.111.0
pullPolicy: IfNotPresent
repositoryServerControllerImage:
registry: ghcr.io/kanisterio
name: repo-server-controller
tag: 0.111.0
pullPolicy: IfNotPresent
kanisterToolsImage:
override: false
image: ghcr.io/kanisterio/kanister-tools
tag: 0.111.0
rbac:
create: true
serviceAccount:
create: true
name:
annotations:
controller:
logLevel: info
service:
# port is used as the secured service port if the validating
# webhook is enabled. Otherwise, insecuredPort is used.
port: 443
insecuredPort: 8000
# updateCRDs specifies if kanister controller should create/update the CRDs
# false : CRDs would be created by helm
# true : CRDs would be created by kanister controller
updateCRDs: true
metrics:
# metrics.enabled specified if the kanister-prometheus framework has been enabled
# false : kanister-prometheus framework has been disabled
# true: kanister-prometheus framework has been enabled
enabled: false
dataStore:
parallelism:
upload: 8
download: 8
bpValidatingWebhook:
enabled: true
# `tls` field is used to specify TLS information for both blueprint and repositoryserver validating webhook server
tls:
mode: auto # If set to `custom` then secretName and caBundle should be provided
secretName: '' # An already created Secret in kanister controller namespace having tls cert details
caBundle: '' # A valid, CA bundle which is a PEM-encoded CA bundle for validating the webhook's server certificate
validatingWebhook:
# This flag is used to enable validating webhook for repository server CR
# The TLS certificates for blueprint validating webhook server and
# repositoryserver validing webhook server are same and can be provided
# under field `bpValidatingWebhook.tls`
# Webhook can only be enabled for k8s server versions < 1.25
# For versions > 1.25 we will be using k8s CEL validation rules -https://kubernetes.io/blog/2022/09/23/crd-validation-rules-beta/
repositoryserver:
enabled: false
repositoryServerController:
enabled: false
# startTimeout is used to specify the time in seconds to wait for starting the kopia repository server
# Default timeout is 600 seconds
serverStartTimeout: 600
logLevel: 'info'
container:
name: 'repository-server-controller'
service:
# port is used as the secured service port if the validating
# webhook is enabled.
port: 444
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
#
# tolerations for pod assignment. Evaluated as a template
tolerations: []
#- effect: NoSchedule
# key: CriticalAddonsOnly
# operator: Equal
# value: "true"
#
# node labels for pod assignment. Evaluated as template
nodeSelector: {}