-
Notifications
You must be signed in to change notification settings - Fork 10
/
values.yaml
209 lines (164 loc) · 8.12 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
# the following values are requried and have no sensible default
global: {}
lagoonTargetName: ""
rabbitMQHostname: ""
rabbitMQPassword: ""
rabbitMQUsername: ""
# This is here due to the removal of the passthrough from core https://github.com/uselagoon/lagoon/pull/3659
# if you leveraged this value in your core, you should ensure you update your remotes with this value to reflect what you previously had provided in core
# unauthenticatedRegistry: registry.lagoon.svc:5000
# NOTE!! lagoon api/host/port values if left empty fall back to the task api/host/port values
# taskSSHHost/lagoonTokenHost is the hostname for the lagoon token service
# taskSSHHost will be deprecated in favor of lagoonTokenHost
taskSSHHost: ""
lagoonTokenHost: ""
# taskSSHPort/lagoonTokenPort is the port number for the lagoon token service
# taskSSHPort will be deprecated in favor of lagoonTokenHost
taskSSHPort: ""
lagoonTokenPort: ""
# taskAPIHost/lagoonAPIHost is the lagoon graphql API hostname, omitting `/graphql, eg: https://api.example.com
# taskAPIHost will be deprecated in favor of lagoonAPIHost
taskAPIHost: ""
lagoonAPIHost: ""
# NOTE!! sshPortal host/port values if left empty fall back to the task ssh host/port values
# NOTE!! if `lagoonTokenHost/Port` are configured with the dedicated token service in lagoon core instead of the legacy ssh service in core
# NOTE!! you will need to define the sshPortalHost/Port values for the ssh-portal that this remote is configured with
# The sshPortalHost/Port can be configured with the legacy ssh service in core, but it is recommended that it is configured
# to be the ssh-portal configured for this remote cluster.
# sshPortalHost is the hostname for this remote clusters ssh portal service
# the internal service name can be used (eg: lagoon-remote-ssh-portal.lagoon.svc) but a public dns can also be set
sshPortalHost: ""
# sshPortalPort is the port number for this remote clusters ssh portal service (public or internal port depending on how the host is configured)
sshPortalPort: ""
# if using controller namespace prefixing, define that prefix here
# limited to 8 characters (will be truncated by controller if it exceeds this)
namespacePrefix: ""
# The following values are optional. They tell the build-deploy controller to
# set an environment variable on the build pods which enforces the state of the
# feature flag. Valid values are `enabled` or `disabled`.
# lagoonFeatureFlagForceRootlessWorkload: enabled
# lagoonFeatureFlagDefaultRootlessWorkload: enabled
# lagoonFeatureFlagForceIsolationNetworkPolicy: disabled
# lagoonFeatureFlagDefaultIsolationNetworkPolicy: disabled
# lagoonFeatureFlagForceInsights: disabled
# lagoonFeatureFlagDefaultInsights: disabled
# lagoonFeatureFlagForceRWX2RWO: disabled
# lagoonFeatureFlagDefaultRWX2RWO: disabled
# lagoonFeatureFlagSupportK8upV2: false
# It is also possible to define feature flags using `extraEnvs` by defining them like so
# this method is useful for enabling features on the fly, ones that might not have built in support
# in remote-controller, but as of v0.5.0 of remote-controller, these are passed into build pods
# automatically (anything prefixed with `LAGOON_FEATURE_FLAG_`)
# extraEnvs:
# - name: "LAGOON_FEATURE_FLAG_FORCE_ROOTLESS_WORKLOAD"
# value: "enabled"
# add extra environment variables if required
extraEnvs:
# the following values can be used to override the default
# backup configurations for a dedicated cluster
# lagoonFeatureFlagBackupWeeklyRandom: false
# lagoonBackupDefaultSchedule: "M H(22-2) * * *"
# lagoonBackupDefaultHourlyRetention: 0
# lagoonBackupDefaultDailyRetention: 7
# lagoonBackupDefaultWeeklyRetention: 5
# lagoonBackupDefaultMonthlyRetention: 12
# it is also possible to allow the controller to purge harbor of the associated repositories
# when an environment is deleted, this can be enabled by setting the following to true
# if the remote is sharing a harbor with another remote, and migrations are taking place then enabling
# this feature could cause issues with images missing if one remote deletes an environment that is migrated in another remote
# note: only works if harbor is enabled too
# enableHarborRepositoryCleanUp: false
# the controller supports cleaning up namespaces that have been migrated or no longer required, which have already been
# handled in lagoon, where the namespace remaining in the cluster can be deleted. this clean up process does not update Lagoon
# with the deletion completion, it is purely used to remove abandoned or otherwise detatched namespaces.
# enableExpiredNamespaceCleanup: false
# expiredNamespaceCleanupCron: 30 * * * *
# the following value can be used to override the default
# cronjob interval defined in builds
# nativeCronPodMinFrequency: 30
## proxy configurations
# httpProxy: ""
# httpsProxy: ""
# noProxy: ""
## enable build pods to be injected with the HTTP_PROXY, HTTPS_PROXY, NO_PROXY variables if they are defined
# enablePodProxy: false
## enable pods to use a different proxy than the controller
# podsUseDifferentProxy: false
# podHTTPProxy: ""
# podHTTPSProxy: ""
# podNoProxy: ""
# the following values are defaults which may be overridden
# the number of hours a build/task pod can run before forcefully cancelled.
timeoutForLongRunningBuildPods: 6
timeoutForLongRunningTaskPods: 6
adminLagoonFeatureFlag:
# Set the memory resource limit for containers deployed by Lagoon.
containerMemoryLimit: 16Gi
# Set the ephemeral storage limit for containers deployed by Lagoon.
# Setting just the limit will also set requests to be the same value.
# See the kubernetes docs before using these values to ensure you know what they do based on your workloads and nodes allocatable values
# https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#setting-requests-and-limits-for-local-ephemeral-storage
# Specifically how pods with requests are scheduled here https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#how-pods-with-ephemeral-storage-requests-are-scheduled
# You need to be aware that setting the limit or requests will impact how your pods are scheduled
# You may need to set the requests to be a very low value to maintain your desired pod density for Lagoon deployed environments
# ephemeralStorageRequests: 100Mi
# ephemeralStorageLimit: 4Gi
# rootlessBuildPods tells the build-deploy controller to create build pods
# which do not run as root. See https://github.com/amazeeio/lagoon/pull/2481
# for details.
rootlessBuildPods: false
# enableServiceMonitor adds a servicemonitor for lagoon metrics, and the ability to adjust the scraping interval
enableServiceMonitor: false
metrics:
interval: 30s
# set these to your harbor configuration
harbor:
enabled: false
# the following are REQUIRED values if harbor is enabled
adminPassword: Harbor12345
adminUser: admin
host: http://registry.172.16.0.1.nip.io:32080
# rotationCron: 0 1 * * *
# the expiration length of new robot credentials
# robotAccountExpiration: 30d
# length of time before expiry that the credential be rotated
# robotAccountExpiryInterval: 2d
# length of time to force rotation if the credential is expiring or already expired, last line of defence
# robotRotateInterval: 1d
extraArgs:
pendingMessageCron: "15,45 * * * *"
# The controller will use `uselagoon/kubectl-build-deploy-dind:latest` by
# default, but this can be overridden here.
overrideBuildDeployImage: ""
# override .Chart.Name
nameOverride: ""
image:
repository: uselagoon/remote-controller
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
serviceAccount:
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
securityContext: {}
service:
type: ClusterIP
port: 8443
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
# this is a sidecar in the same pod as the lagoonBuildDeploy container
kubeRBACProxy:
image:
repository: gcr.io/kubebuilder/kube-rbac-proxy
pullPolicy: IfNotPresent
tag: v0.4.1
securityContext: {}
resources: {}