-
Notifications
You must be signed in to change notification settings - Fork 9
/
values.yaml
313 lines (303 loc) · 11.2 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
# SPDX-FileCopyrightText: Pachyderm, Inc. <info@pachyderm.com>
# SPDX-License-Identifier: Apache-2.0
# imagePullSecret sets the image pull secret used for all images. It
# is analogous to the --image-pull-secret argument to pachctl deploy.
#
# In accordance with pachctl deploy it is _not_ per-image.
imagePullSecret: ""
loadBalancer:
# IP is the load balancer IP to use. If blank, a load balancer will
# not be created.
ip: ""
dash:
# enabled controls whether the dash manifests are created or not.
enabled: true
image:
# repository is the image repo to pull from; together with tag it
# replicates the --dash-image & --registry arguments to pachctl
# deploy.
repository: "pachyderm/dash"
pullPolicy: "IfNotPresent"
# tag is the image repo to pull from; together with repository it
# replicates the --dash-image argument to pachctl deploy.
tag: "0.5.57"
# podLabels specifies labels to add to the dash pod.
podLabels: {}
# resources specifies the resource request and limits.
resources: {}
#limits:
# cpu: "1"
# memory: "2G"
#requests:
# cpu: "1"
# memory: "2G"
service:
# labels specifies labels to add to the dash service.
labels: {}
# type specifies the Kubernetes type of the dash service.
type: ClusterIP
# There are three options for TLS:
# 1. Disabled
# 2. Enabled, existingSecret, specify secret name
# 3. Enabled, newSecret, must specify cert, key, secretName and set newSecret.create to true
tls:
enabled: false
secretName: ""
newSecret:
create: false
crt: ""
key: ""
# url specifies the URL of the dash ingress, used as the host value
# of a rule.
url: ""
etcd:
affinity: {}
# dynamicNodes sets the number of nodes in the etcd StatefulSet. It
# is analogous to the --dynamic-etcd-nodes argument to pachctl
# deploy.
dynamicNodes: 1
image:
repository: "pachyderm/etcd"
tag: "v3.3.5"
pullPolicy: "IfNotPresent"
# podLabels specifies labels to add to the etcd pod.
podLabels: {}
# resources specifies the resource request and limits
resources: {}
#limits:
# cpu: "1"
# memory: "2G"
#requests:
# cpu: "1"
# memory: "2G"
# storageClass indicates the etcd should use an existing
# StorageClass for its storage. It is analogous to the
# --etcd-storage-class argument to pachctl deploy.
storageClass: ""
# storageSize specifies the size of the volume to use for etcd.
# If you do not specify, it will default to 256Gi on Azure and 100Gi on GCP/AWS
storageSize: ""
service:
# annotations specifies annotations to add to the etcd service.
annotations: {}
# labels specifies labels to add to the etcd service.
labels: {}
# type specifies the Kubernetes type of the etcd service.
type: ClusterIP
imageCredentials: {}
#registry: ""
#username: ""
#password: ""
#email: ""
pachd:
affinity: {}
# blockCacheBytes sets the size of the block cache. It is analogous
# to the --block-cache-size argument passed to pachctl deploy.
blockCacheBytes: "1G"
# clusterDeploymentID sets the Pachyderm cluster ID.
clusterDeploymentID: ""
# exposeDockerSocket controls whether the Docker socket is
# exposed. It is the inverse of the --no-expose-docker-socket
# argument passed to pachctl deploy.
exposeDockerSocket: false
# exposeObjectAPI controls whether the object API is exposed. It is
# analogous to --expose-object-api passed to pachctl deploy.
exposeObjectAPI: false
# goMaxProcs is passed as GOMAXPROCS to the pachd container.
goMaxProcs: 0
image:
repository: "pachyderm/pachd"
pullPolicy: "IfNotPresent"
# tag defaults to the chart’s specified appVersion.
tag: ""
logLevel: "info"
# lokiLogging enables Loki logging if set.
lokiLogging: false
metrics:
# enabled sets the METRICS environment variable if set.
enabled: true
# endpoint should be the URL of the metrics endpoint.
endpoint: ""
# numShards sets the maximum number of pachd nodes allowed in the
# cluster; increasing this number blindly can result in degraded
# performance. It is analogous to the --shards argument to pachctl
# deploy.
numShards: 16
# podLabels specifies labels to add to the pachd pod.
podLabels: {}
# resources specifies the resource requests and limits
resources: {}
#limits:
# cpu: "1"
# memory: "2G"
#requests:
# cpu: "1"
# memory: "2G"
# requireCriticalServersOnly only requires the critical pachd
# servers to startup and run without errors. It is analogous to the
# --require-critical-servers-only argument to pachctl deploy.
requireCriticalServersOnly: false
service:
# labels specifies labels to add to the pachd service.
labels: {}
# type specifies the Kubernetes type of the pachd service.
type: "ClusterIP"
#apiGrpcPort:
# expose: true
# port: 30650
serviceAccount:
create: true
additionalAnnotations: {}
name: "pachyderm" #TODO Set default in helpers / Wire up in templates
storage:
amazon:
# bucket sets the S3 bucket to use.
bucket: ""
# cloudFrontDistribution sets the CloudFront distribution in the
# storage secrets. It is analogous to the
# --cloudfront-distribution argument to pachctl deploy.
cloudFrontDistribution: ""
customEndpoint: ""
# disableSSL disables SSL. It is analogous to the --disable-ssl
# argument to pachctl deploy.
disableSSL: false
# iamRole specifies the IAM role. If specified, neither id,
# secret, token nor customEndpoint are used. It is analogous to
# the --iam-role argument to pachctl deploy.
iamRole: ""
# id sets the Amazon access key ID to use. Together with secret
# and token, it implements the functionality of the
# --credentials argument to pachctl deploy.
id: ""
# logOptions sets various log options in Pachyderm’s internal S3
# client. Comma-separated list containing zero or more of:
# 'Debug', 'Signing', 'HTTPBody', 'RequestRetries',
# 'RequestErrors', 'EventStreamBody', or 'all'
# (case-insensitive). See 'AWS SDK for Go' docs for details.
# logOptions is analogous to the --obj-log-options argument to
# pachctl deploy.
logOptions: ""
# maxUploadParts sets the maximum number of upload parts. It is
# analogous to the --max-upload-parts argument to pachctl
# deploy.
maxUploadParts: 10000
# verifySSL performs SSL certificate verification. It is the
# inverse of the --no-verify-ssl argument to pachctl deploy.
verifySSL: true
# partSize sets the part size for object storage uploads. It is
# analogous to the --part-size argument to pachctl deploy. It
# has to be a string due to Helm and YAML parsing integers as
# floats. Cf. https://github.com/helm/helm/issues/1707
partSize: "5242880"
# region sets the AWS region to use.
region: ""
# retries sets the number of retries for object storage
# requests. It is analogous to the --retries argument to
# pachctl deploy.
retries: 10
# reverse reverses object storage paths. It is analogous to the
# --reverse argument to pachctl deploy.
reverse: true
# secret sets the Amazon secret access key to use. Together with id
# and token, it implements the functionality of the
# --credentials argument to pachctl deploy.
secret: ""
# timeout sets the timeout for object storage requests. It is
# analogous to the --timeout argument to pachctl deploy.
timeout: "5m"
# token optionally sets the Amazon token to use. Together with
# id and secret, it implements the functionality of the
# --credentials argument to pachctl deploy.
token: ""
# uploadACL sets the upload ACL for object storage uploads. It
# is analogous to the --upload-acl argument to pachctl deploy.
uploadACL: "bucket-owner-full-control"
vault:
address: ""
role: ""
token: ""
# backend configures the storage backend to use. It must be one
# of GOOGLE, AMAZON, MINIO, MICROSOFT or LOCAL.
backend: ""
google:
bucket: ""
# cred is a string containing a GCP service account private key,
# in object (JSON or YAML) form. A simple way to pass this on
# the command line is with the set-file flag, e.g.:
#
# helm install pachd -f my-values.yaml --set-file storage.google.cred=creds.json pachyderm/pachyderm
cred: ""
# Example:
# cred: |
# {
# "type": "service_account",
# "project_id": "…",
# "private_key_id": "…",
# "private_key": "-----BEGIN PRIVATE KEY-----\n…\n-----END PRIVATE KEY-----\n",
# "client_email": "…@….iam.gserviceaccount.com",
# "client_id": "…",
# "auth_uri": "https://accounts.google.com/o/oauth2/auth",
# "token_uri": "https://oauth2.googleapis.com/token",
# "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
# "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/…%40….iam.gserviceaccount.com"
# }
serviceAccountName: "" # For Workload Identity access to the bucket
local:
# hostPath indicates the path on the host where the PFS metadata
# will be stored. It must end in /. It is analogous to the
# --host-path argument to pachctl deploy.
hostPath: ""
microsoft:
container: ""
id: ""
secret: ""
minio:
bucket: ""
endpoint: ""
id: ""
secret: ""
secure: ""
signature: ""
# putFileConcurrencyLimit sets the maximum number of files to
# upload or fetch from remote sources (HTTP, blob storage) using
# PutFile concurrently. It is analogous to the
# --put-file-concurrency-limit argument to pachctl deploy.
putFileConcurrencyLimit: 100
# uploadConcurrencyLimit sets the maximum number of concurrent
# object storage uploads per Pachd instance. It is analogous to
# the --upload-concurrency-limit argument to pachctl deploy.
uploadConcurrencyLimit: 100
# The options below are unusual. You probably will not want to
# change them.
authenticationDisabledForTesting: false
ppsWorkerGRPCPort: 80
# There are three options for TLS:
# 1. Disabled
# 2. Enabled, existingSecret, specify secret name
# 3. Enabled, newSecret, must specify cert, key and name
tls:
enabled: false
secretName: ""
newSecret:
create: false
crt: ""
key: ""
rbac:
# create indicates whether RBAC resources should be created.
# Setting it to false is analogous to passing --no-rbac to pachctl
# deploy.
create: true
# clusterRBAC indicates that ClusterRole and ClusterRoleBinding
# should be used rather than Role and RoleBinding; it is the inverse
# of --local-roles passed to pachctl deploy.
clusterRBAC: true
worker:
image:
repository: "pachyderm/worker"
pullPolicy: "IfNotPresent"
serviceAccount:
create: true
additionalAnnotations: {}
# name sets the name of the worker service account. Analogous to
# the --worker-service-account argument to pachctl deploy.
name: "pachyderm-worker" #TODO Set default in helpers / Wire up in templates