Stash Community by AppsCode - Free community features for Stash by AppsCode
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm search repo appscode/stash-community --version=v0.20.1
$ helm upgrade -i stash-community appscode/stash-community -n stash --create-namespace --version=v0.20.1
This chart deploys a Stash community operator on a Kubernetes cluster using the Helm package manager.
- Kubernetes 1.14+
To install/upgrade the chart with the release name stash-community
:
$ helm upgrade -i stash-community appscode/stash-community -n stash --create-namespace --version=v0.20.1
The command deploys a Stash community operator on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.
Tip: List all releases using
helm list
To uninstall the stash-community
:
$ helm uninstall stash-community -n stash
The command removes all the Kubernetes components associated with the chart and deletes the release.
The following table lists the configurable parameters of the stash-community
chart and their default values.
Parameter | Description | Default |
---|---|---|
nameOverride | Overrides name template | "" |
fullnameOverride | Overrides fullname template | "" |
replicaCount | Number of stash operator replicas to create (only 1 is supported) | 1 |
license | License for the product. Get a license by following the steps from here. Example: helm install appscode/stash \ --set-file license=/path/to/license/file or helm install appscode/stash \ --set license=<license file content>
|
"" |
licenseApiService | Name of the ApiService to use by the addon to identify the respective service and certificate for license verification request | v1beta1.admission.stash.appscode.com |
registryFQDN | Docker registry fqdn used to pull Stash related images. Set this to use docker registry hosted at ${registryFQDN}/${registry}/${image} | "" |
operator.registry | Docker registry used to pull operator image | stashed |
operator.repository | Name of operator container image | stash |
operator.tag | Operator container image tag | v0.20.1 |
operator.resources | Compute Resources required by the operator container | {"requests":{"cpu":"100m"}} |
operator.securityContext | Security options the operator container should run with | {} |
crdInstaller.registry | Docker registry of the CRD installer image. By default, it will use the same registry as the operator. | "" |
crdInstaller.repository | Name of CRD crd installer image. Default stash-crd-installer
|
stash-crd-installer |
crdInstaller.tag | Tag of the CRD installer image. By default, it will use the same tag as the operator. | "" |
pushgateway.registry | Docker registry used to pull Prometheus pushgateway image | prom |
pushgateway.repository | Prometheus pushgateway container image | pushgateway |
pushgateway.tag | Prometheus pushgateway container image tag | v1.4.2 |
pushgateway.resources | Compute Resources required by the Prometheus pushgateway container | {} |
pushgateway.securityContext | Security options the Prometheus pushgateway container should run with | {} |
pushgateway.customURL | If you want to use a custom Pushgatway, specify its URL. Stash will not inject pushgatway sidecar if you set this field. | "" |
cleaner.registry | Docker registry used to pull Webhook cleaner image | appscode |
cleaner.repository | Webhook cleaner container image | kubectl |
cleaner.tag | Webhook cleaner container image tag | v1.16 |
cleaner.skip | Skip generating cleaner YAML | false |
imagePullSecrets | Specify an array of imagePullSecrets. Secrets must be manually created in the namespace. Example: helm template charts/stash \ --set imagePullSecrets[0].name=sec0 \ --set imagePullSecrets[1].name=sec1
|
[] |
imagePullPolicy | Container image pull policy | IfNotPresent |
criticalAddon | If true, installs Stash operator as critical addon | false |
logLevel | Log level for operator | 3 |
annotations | Annotations applied to operator deployment | {} |
podAnnotations | Annotations passed to operator pod(s). | {} |
nodeSelector | Node labels for pod assignment | {"kubernetes.io/os":"linux"} |
tolerations | Tolerations for pod assignment | [] |
affinity | Affinity rules for pod assignment | {} |
podSecurityContext | Security options the operator pod should run with. | {"fsGroup":65535} |
serviceAccount.create | Specifies whether a service account should be created | true |
serviceAccount.annotations | Annotations to add to the service account | {} |
serviceAccount.name | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
|
apiserver.groupPriorityMinimum | The minimum priority the webhook api group should have at least. Please see https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L58-L64 for more information on proper values of this field. | 10000 |
apiserver.versionPriority | The ordering of the webhook api inside of the group. Please see https://github.com/kubernetes/kube-aggregator/blob/release-1.9/pkg/apis/apiregistration/v1beta1/types.go#L66-L70 for more information on proper values of this field | 15 |
apiserver.enableMutatingWebhook | If true, mutating webhook is configured for Kubernetes workloads | true |
apiserver.enableValidatingWebhook | If true, validating webhook is configured for Stash CRDss | true |
apiserver.ca | CA certificate used by the Kubernetes api server. This field is automatically assigned by the operator. | not-ca-cert |
apiserver.bypassValidatingWebhookXray | If true, bypasses checks that validating webhook is actually enabled in the Kubernetes cluster. | false |
apiserver.useKubeapiserverFqdnForAks | If true, uses kube-apiserver FQDN for AKS cluster to workaround Azure/AKS#522 (default true) | true |
apiserver.healthcheck.enabled | If true, enables the readiness and liveliness probes for the operator pod. | false |
apiserver.servingCerts.generate | If true, generates on install/upgrade the certs that allow the kube-apiserver (and potentially ServiceMonitor) to authenticate operators pods. Otherwise specify certs in apiserver.servingCerts.{caCrt, serverCrt, serverKey} . |
true |
apiserver.servingCerts.caCrt | CA certficate used by serving certificate of webhook server. | "" |
apiserver.servingCerts.serverCrt | Serving certficate used by webhook server. | "" |
apiserver.servingCerts.serverKey | Private key for the serving certificate used by webhook server. | "" |
monitoring.agent | Name of monitoring agent (one of "prometheus.io", "prometheus.io/operator", "prometheus.io/builtin") | "" |
monitoring.backup | Specify whether to monitor Stash backup and recovery | false |
monitoring.operator | Specify whether to monitor Stash operator | false |
monitoring.serviceMonitor.labels | Specify the labels for ServiceMonitor. Prometheus crd will select ServiceMonitor using these labels. Only usable when monitoring agent is prometheus.io/operator . |
{} |
security.apparmor.enabled |
Optional: Allows the default AppArmor profile, requires setting the default. |
false |
security.seccomp.enabled |
Optional: Allows the default seccomp profile, requires setting the default. |
false |
security.podSecurityPolicies | PSP names passed to operator Example: helm install appscode/stash \ --set podSecurityPolicies[0]=abc \ --set podSecurityPolicies[1]=xyz
|
["baseline"] |
security.createPSPs.privileged | Set to false to prevent chart creating "privileged" PSP. | true |
security.createPSPs.baseline | Set to false to prevent chart creating "baseline" PSP. | true |
platform.openshift | Set true, if installed in OpenShift | false |
Specify each parameter using the --set key=value[,key=value]
argument to helm upgrade -i
. For example:
$ helm upgrade -i stash-community appscode/stash-community -n stash --create-namespace --version=v0.20.1 --set replicaCount=1
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example:
$ helm upgrade -i stash-community appscode/stash-community -n stash --create-namespace --version=v0.20.1 --values values.yaml