Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork118
Generic helm chart for all kind of applications
License
NotificationsYou must be signed in to change notification settings
stakater/application
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Generic helm chart for applications which:
- are stateless
- creates only namespace scoped resources (e.g. it doesn't need CRB - Cluster Role Bindings)
- don't need privileged containers
- don't call the underlying Kubernetes API or use the underlying etcd as a database by defining custom resources
- run either as deployment, job or cronjob
To install the chart with the release namemy-application in namespacetest:
helm repo add stakater https://stakater.github.io/stakater-chartshelm repo updatehelm install my-application stakater/application --namespacetestTo uninstall the chart:
helm delete --namespacetest my-application| Key | Type | Default | Description |
|---|---|---|---|
| namespaceOverride | string | "" | Override the namespace for all resources. |
| componentOverride | string | "" | Override the component label for all resources. |
| partOfOverride | string | "" | Override the partOf label for all resources. |
| applicationName | string | {{ .Chart.Name }} | Application name. |
| additionalLabels | tpl/object | nil | Additional labels for all resources. |
| extraObjects | [list or object] of [tpl/object or tpl/string] | nil | Extra K8s manifests to deploy. Can be of type list or object. If object, keys are ignored and only values are used. The used values can be defined as object or string and are passed through tpl to render. |
| Key | Type | Default | Description |
|---|---|---|---|
| cronJob.enabled | bool | false | Deploy CronJob resources. |
| cronJob.jobs | object | nil | Map of CronJob resources. Key will be used as a name suffix for the CronJob. Value is the CronJob configuration. See values for more details. |
| Key | Type | Default | Description |
|---|---|---|---|
| job.enabled | bool | false | Deploy Job resources. |
| job.jobs | object | nil | Map of Job resources. Key will be used as a name suffix for the Job. Value is the Job configuration. See values for more details. |
| Key | Type | Default | Description |
|---|---|---|---|
| deployment.enabled | bool | true | Enable Deployment. |
| deployment.additionalLabels | object | nil | Additional labels for Deployment. |
| deployment.podLabels | object | nil | Additional pod labels which are used in Service's Label Selector. |
| deployment.annotations | object | nil | Annotations for Deployment. |
| deployment.additionalPodAnnotations | object | nil | Additional pod annotations. |
| deployment.strategy.type | string | "RollingUpdate" | Type of deployment strategy. |
| deployment.reloadOnChange | bool | true | Reload deployment if attached Secret/ConfigMap changes. |
| deployment.nodeSelector | object | nil | Select the node where the pods should be scheduled. |
| deployment.hostAliases | list | nil | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files. |
| deployment.initContainers | object | nil | Add init containers to the pods. |
| deployment.fluentdConfigAnnotations | object | nil | Configuration details for fluentdConfigurations. Only works for specific setup, seehttps://medium.com/stakater/dynamic-log-processing-with-fluentd-konfigurator-and-slack-935a5de4eddb. |
| deployment.replicas | int | nil | Number of replicas. |
| deployment.imagePullSecrets | list | [] | List of secrets to be used for pulling the images. |
| deployment.envFrom | object | nil | Mount environment variables from ConfigMap or Secret to the pod. See the README "Consuming environment variable in application chart" section for more details. |
| deployment.env | object | nil | Environment variables to be added to the pod. See the README "Consuming environment variable in application chart" section for more details. |
| deployment.volumes | object | nil | Volumes to be added to the pod. Key is the name of the volume. Value is the volume definition. |
| deployment.volumeMounts | object | nil | Mount path for Volumes. Key is the name of the volume. Value is the volume mount definition. |
| deployment.priorityClassName | string | "" | Define the priority class for the pod. |
| deployment.runtimeClassName | string | "" | Set the runtimeClassName for the deployment's pods. |
| deployment.tolerations | list | nil | Taint tolerations for the pods. |
| deployment.affinity | object | nil | Affinity for the pods. |
| deployment.topologySpreadConstraints | list | nil | Topology spread constraints for the pods. |
| deployment.revisionHistoryLimit | int | 2 | Number of ReplicaSet revisions to retain. |
| deployment.image.repository | tpl/string | "" | Repository. |
| deployment.image.tag | tpl/string | "" | Tag. |
| deployment.image.digest | tpl/string | "" | Image digest. If resolved to a non-empty value, digest takes precedence on the tag. |
| deployment.image.pullPolicy | string | "IfNotPresent" | Image pull policy. |
| deployment.dnsConfig | object | nil | DNS config for the pods. |
| deployment.dnsPolicy | string | "" | DNS Policy. |
| deployment.startupProbe | object | See below | Startup probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc |
| deployment.startupProbe.enabled | bool | false | Enable Startup probe. |
| deployment.startupProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. |
| deployment.startupProbe.periodSeconds | int | 10 | Time between retries. |
| deployment.startupProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. |
| deployment.startupProbe.timeoutSeconds | int | 1 | Time before the probe times out. |
| deployment.startupProbe.httpGet | object | {} | HTTP Get probe. |
| deployment.startupProbe.exec | object | {} | Exec probe. |
| deployment.startupProbe.tcpSocket | object | {} | TCP Socket probe. |
| deployment.startupProbe.grpc | object | {} | gRPC probe. |
| deployment.readinessProbe | object | See below | Readiness probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc |
| deployment.readinessProbe.enabled | bool | false | Enable Readiness probe. |
| deployment.readinessProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. |
| deployment.readinessProbe.periodSeconds | int | 10 | Time between retries. |
| deployment.readinessProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. |
| deployment.readinessProbe.timeoutSeconds | int | 1 | Time before the probe times out. |
| deployment.readinessProbe.httpGet | object | {} | HTTP Get probe. |
| deployment.readinessProbe.exec | object | {} | Exec probe. |
| deployment.readinessProbe.tcpSocket | object | {} | TCP Socket probe. |
| deployment.readinessProbe.grpc | object | {} | gRPC probe. |
| deployment.livenessProbe | object | See below | Liveness probe. Must specify either one of the following field when enabled: httpGet, exec, tcpSocket, grpc |
| deployment.livenessProbe.enabled | bool | false | Enable Liveness probe. |
| deployment.livenessProbe.failureThreshold | int | 30 | Number of retries before marking the pod as failed. |
| deployment.livenessProbe.periodSeconds | int | 10 | Time between retries. |
| deployment.livenessProbe.successThreshold | int | 1 | Number of successful probes before marking the pod as ready. |
| deployment.livenessProbe.timeoutSeconds | int | 1 | Time before the probe times out. |
| deployment.livenessProbe.httpGet | object | {} | HTTP Get probe. |
| deployment.livenessProbe.exec | object | {} | Exec probe. |
| deployment.livenessProbe.tcpSocket | object | {} | TCP Socket probe. |
| deployment.livenessProbe.grpc | object | {} | gRPC probe. |
| deployment.resources | object | {} | Resource limits and requests for the pod. |
| deployment.containerSecurityContext | object | {"readOnlyRootFilesystem":true,"runAsNonRoot":true} | Security Context at Container Level. |
| deployment.openshiftOAuthProxy.enabled | bool | false | EnableOpenShift OAuth Proxy. |
| deployment.openshiftOAuthProxy.port | int | 8080 | Port on which application is running inside container. |
| deployment.openshiftOAuthProxy.secretName | string | "openshift-oauth-proxy-tls" | Secret name for the OAuth Proxy TLS certificate. |
| deployment.openshiftOAuthProxy.image | string | "openshift/oauth-proxy:latest" | Image for the OAuth Proxy. |
| deployment.openshiftOAuthProxy.disableTLSArg | bool | false | If disabled--http-address=:8081 will be used instead of--https-address=:8443. It can be useful when an ingress is enabled for the application. |
| deployment.securityContext | object | nil | Security Context for the pod. |
| deployment.command | list | [] | Command for the app container. |
| deployment.args | list | [] | Args for the app container. |
| deployment.ports | list | nil | List of ports for the app container. |
| deployment.hostNetwork | bool | nil | Host network connectivity. |
| deployment.terminationGracePeriodSeconds | int | nil | Gracefull termination period. |
| deployment.minReadySeconds | int | nil | Minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing. |
| deployment.lifecycle | object | {} | Lifecycle configuration for the pod. |
| deployment.additionalContainers | list | nil | Additional containers besides init and app containers (without templating). |
| persistence.enabled | bool | false | Enable persistence. |
| persistence.mountPVC | bool | false | Whether to mount the created PVC to the deployment. |
| persistence.mountPath | string | "/" | Ifpersistence.mountPVC is enabled, where to mount the volume in the containers. |
| persistence.name | string | {{ include "application.name" $ }}-data | Name of the PVC. |
| persistence.accessMode | string | "ReadWriteOnce" | Access mode for volume. |
| persistence.storageClass | string | nil | Storage class for volume. If defined, use that value If set to "-" or "", disable dynamic provisioning If undefined or set to null (the default), no storageClass spec is set, choosing the default provisioner. |
| persistence.additionalLabels | object | nil | Additional labels for persistent volume. |
| persistence.annotations | object | nil | Annotations for persistent volume. |
| persistence.storageSize | string | "8Gi" | Size of the persistent volume. |
| persistence.volumeMode | string | "" | PVC Volume Mode. |
| persistence.volumeName | string | "" | Name of the volume. |
| Key | Type | Default | Description |
|---|---|---|---|
| service.enabled | bool | true | Enable Service. |
| service.additionalLabels | object | nil | Additional labels for service. |
| service.annotations | object | nil | Annotations for service. |
| service.ports | list | [{"name":"http","port":8080,"protocol":"TCP","targetPort":8080}] | Ports for applications service. |
| service.type | string | "ClusterIP" | Type of service. |
| service.clusterIP | string | nil | Fixed IP for a ClusterIP service. Set toNone for an headless service |
| service.loadBalancerClass | string | nil | LoadBalancer class name for LoadBalancer type services. |
| Key | Type | Default | Description |
|---|---|---|---|
| ingress.enabled | bool | false | Enable Ingress. |
| ingress.ingressClassName | string | "" | Name of the ingress class. |
| ingress.hosts[0].host | tpl/string | "chart-example.local" | Hostname. |
| ingress.hosts[0].paths[0].path | string | "/" | Path. |
| ingress.hosts[0].paths[0].pathType | string | ImplementationSpecific | Path type. |
| ingress.hosts[0].paths[0].serviceName | string | {{ include "application.name" $ }} | Service name. |
| ingress.hosts[0].paths[0].servicePort | string | http | Service port. |
| ingress.additionalLabels | object | nil | Additional labels for ingress. |
| ingress.annotations | object | nil | Annotations for ingress. |
| ingress.tls | list | nil | TLS configuration for ingress. Secrets must exist in the namespace. You may also configure Certificate resource to generate the secret. |
| Key | Type | Default | Description |
|---|---|---|---|
| httpRoute.enabled | bool | false | Enable HTTPRoute (Gateway API). |
| httpRoute.parentRefs | tpl/list | nil | Parent references for the HTTPRoute. |
| httpRoute.useDefaultGateways | string | nil | The default Gateway scope to use for this Route. If unset (the default) or set to None, the Route will not be attached to any default Gateway; if set, it will be attached to any default Gateway supporting the named scope, subject to the usual rules about which Routes a Gateway is allowed to claim. |
| httpRoute.gatewayNamespace | string | "" | Namespace of the Gateway to attach this HTTPRoute to. If not set, the HTTPRoute will be attached to the Gateway in the same namespace as the HTTPRoute. |
| httpRoute.hostnames | tpl/list | nil | Hostnames for the HTTPRoute. |
| httpRoute.additionalLabels | object | {} | Additional labels for HTTPRoute. |
| httpRoute.annotations | object | {} | Annotations for HTTPRoute. |
| httpRoute.rules | tpl/list | `[{"backendRefs":[{"name":"{{ include "application.name" $ }}","port":"{{ (first $.Values.service.ports).port | int }}"}],"matches":[{"path":{"type":"PathPrefix","value":"/"}}]}]` |
| Key | Type | Default | Description |
|---|---|---|---|
| route.enabled | bool | false | Deploy a Route (OpenShift) resource. |
| route.additionalLabels | object | nil | Additional labels for Route. |
| route.annotations | object | nil | Annotations for Route. |
| route.host | string | nil | Explicit host. If no host is added then openshift inserts the default hostname. |
| route.path | string | nil | Path. |
| route.port | object | {"targetPort":"http"} | Service port. |
| route.to.weight | int | 100 | Service weight. |
| route.wildcardPolicy | string | "None" | Wildcard policy. |
| route.tls.termination | string | "edge" | TLS termination strategy. |
| route.tls.insecureEdgeTerminationPolicy | string | "Redirect" | TLS insecure termination policy. |
| route.alternateBackends | list | nil | Alternate backend with it's weight. |
| Key | Type | Default | Description |
|---|---|---|---|
| secretProviderClass.enabled | bool | false | Deploy aSecrets Store CSI Driver SecretProviderClass resource. |
| secretProviderClass.name | string | "" | Name of the SecretProviderClass. Required ifsecretProviderClass.enabled is set totrue. |
| secretProviderClass.provider | string | "" | Name of the provider. Required ifsecretProviderClass.enabled is set totrue. |
| secretProviderClass.vaultAddress | string | "" | Vault Address. Required ifsecretProviderClass.provider is set tovault. |
| secretProviderClass.roleName | tpl/string | "" | Vault Role Name. Required ifsecretProviderClass.provider is set tovault. |
| secretProviderClass.objects | list | nil | Objects definitions. |
| secretProviderClass.secretObjects | list | nil | Objects mapping. |
| Key | Type | Default | Description |
|---|---|---|---|
| forecastle.enabled | bool | false | Deploy aForecastleApp resource. |
| forecastle.additionalLabels | object | nil | Additional labels for ForecastleApp. |
| forecastle.icon | string | "https://raw.githubusercontent.com/stakater/ForecastleIcons/master/stakater-big.png" | Icon URL. |
| forecastle.displayName | string | "" | Application Name. Required ifforecastle.enabled is set totrue. |
| forecastle.group | string | {{ .Release.Namespace }} | Application Group. |
| forecastle.properties | object | nil | Custom properties. |
| forecastle.networkRestricted | bool | false | Is application network restricted?. |
| Key | Type | Default | Description |
|---|---|---|---|
| rbac.enabled | bool | true | Enable RBAC. |
| rbac.serviceAccount.enabled | bool | false | Deploy Service Account. |
| rbac.serviceAccount.name | string | {{ include "application.name" $ }} | Service Account Name. |
| rbac.serviceAccount.additionalLabels | object | nil | Additional labels for Service Account. |
| rbac.serviceAccount.annotations | object | nil | Annotations for Service Account. |
| rbac.roles | list | nil | Namespaced Roles. |
| Key | Type | Default | Description |
|---|---|---|---|
| configMap.enabled | bool | false | Deploy additional ConfigMaps. |
| configMap.additionalLabels | object | nil | Additional labels for ConfigMaps. |
| configMap.annotations | object | nil | Annotations for ConfigMaps. |
| configMap.files | object | nil | List of ConfigMap entries. Key will be used as a name suffix for the ConfigMap. Value is the ConfigMap content. |
| Key | Type | Default | Description |
|---|---|---|---|
| sealedSecret.enabled | bool | false | DeploySealedSecret resources. |
| sealedSecret.additionalLabels | object | nil | Additional labels for SealedSecret. |
| sealedSecret.annotations | object | nil | Annotations for SealedSecret. |
| sealedSecret.files | object | nil | List of SealedSecret entries. Key will be used as a name suffix for the SealedSecret. Value is the SealedSecret content. |
| Key | Type | Default | Description |
|---|---|---|---|
| secret.enabled | bool | false | Deploy additional Secret resources. |
| secret.additionalLabels | object | nil | Additional labels for Secret. |
| secret.annotations | object | nil | Annotations for Secret. |
| secret.files | object | nil | List of Secrets entries. Key will be used as a name suffix for the Secret. There a three allowed modes: -data: Data is base64 encoded by the chart -encodedData: Use raw values (already base64ed) inside the data map -stringData: Use raw values inside the stringData map |
| Key | Type | Default | Description |
|---|---|---|---|
| serviceMonitor.enabled | bool | false | Deploy a ServiceMonitor (Prometheus Operator) resource. |
| serviceMonitor.additionalLabels | object | nil | Additional labels for ServiceMonitor. |
| serviceMonitor.annotations | object | nil | Annotations for ServiceMonitor. |
| serviceMonitor.endpoints | list | [{"interval":"5s","path":"/actuator/prometheus","port":"http"}] | Service endpoints from which prometheus will scrape data. |
| Key | Type | Default | Description |
|---|---|---|---|
| autoscaling.enabled | bool | false | Enable Horizontal Pod Autoscaling. |
| autoscaling.additionalLabels | object | nil | Additional labels for HPA. |
| autoscaling.annotations | object | nil | Annotations for HPA. |
| autoscaling.minReplicas | int | 1 | Minimum number of replicas. |
| autoscaling.maxReplicas | int | 10 | Maximum number of replicas. |
| autoscaling.metrics | list | [{"resource":{"name":"cpu","target":{"averageUtilization":60,"type":"Utilization"}},"type":"Resource"},{"resource":{"name":"memory","target":{"averageUtilization":60,"type":"Utilization"}},"type":"Resource"}] | Metrics used for autoscaling. |
| Key | Type | Default | Description |
|---|---|---|---|
| vpa.enabled | bool | false | Enable Vertical Pod Autoscaling. |
| vpa.additionalLabels | object | nil | Additional labels for VPA. |
| vpa.annotations | object | nil | Annotations for VPA. |
| vpa.containerPolicies | list | [] | Container policies for individual containers. |
| vpa.updatePolicy | object | {"updateMode":"Auto"} | Update policy. |
| Key | Type | Default | Description |
|---|---|---|---|
| endpointMonitor.enabled | bool | false | Deploy anIMC EndpointMonitor resource. |
| endpointMonitor.additionalLabels | object | nil | Additional labels for EndpointMonitor. |
| endpointMonitor.annotations | object | nil | Annotations for EndpointMonitor. |
| Key | Type | Default | Description |
|---|---|---|---|
| certificate.enabled | bool | false | Deploy acert-manager Certificate resource. |
| certificate.additionalLabels | object | nil | Additional labels for Certificate. |
| certificate.annotations | object | nil | Annotations for Certificate. |
| certificate.secretName | tpl/string | "tls-cert" | Name of the secret resource that will be automatically created and managed by this Certificate resource. |
| certificate.duration | string | "8760h0m0s" | The requested "duration" (i.e. lifetime) of the Certificate. |
| certificate.renewBefore | string | "720h0m0s" | The amount of time before the currently issued certificate's notAfter time that cert-manager will begin to attempt to renew the certificate. |
| certificate.subject | tpl/object | nil | Full X509 name specification for certificate. |
| certificate.commonName | tpl/string | nil | Common name as specified on the DER encoded CSR. This field is not recommended in cases when this certificate is an end-entity certificate. More information can be found in thecert-manager documentation. |
| certificate.keyAlgorithm | string | "rsa" | Private key algorithm of the corresponding private key for this certificate. |
| certificate.keyEncoding | string | "pkcs1" | Private key cryptography standards (PKCS) for this certificate's private key to be encoded in. |
| certificate.keySize | int | 2048 | Key bit size of the corresponding private key for this certificate. |
| certificate.isCA | bool | false | Mark this Certificate as valid for certificate signing. |
| certificate.usages | list | nil | Set of x509 usages that are requested for the certificate. |
| certificate.dnsNames | tpl/list | nil | List of DNS subjectAltNames to be set on the certificate. |
| certificate.ipAddresses | list | nil | List of IP address subjectAltNames to be set on the certificate. |
| certificate.uriSANs | list | nil | List of URI subjectAltNames to be set on the certificate. |
| certificate.emailSANs | list | nil | List of email subjectAltNames to be set on the Certificate. |
| certificate.privateKey.enabled | bool | false | Enable Private Key for the certificate. |
| certificate.privateKey.rotationPolicy | string | "Always" | Denotes how private keys should be generated or sourced when a certificate is being issued. |
| certificate.issuerRef.name | string | "ca-issuer" | Reference to the issuer for this certificate. |
| certificate.issuerRef.kind | string | "ClusterIssuer" | Kind of the issuer being referred to. |
| certificate.issuerRef.group | string | "cert-manager.io" | Group of the issuer resource being refered to. |
| certificate.keystores.enabled | bool | false | Enables keystore configuration. Keystores configures additional keystore output formats stored in the spec.secretName Secret resource. |
| certificate.keystores.pkcs12.create | bool | true | Enables PKCS12 keystore creation for the Certificate. PKCS12 configures options for storing a PKCS12 keystore in the spec.secretName Secret resource. |
| certificate.keystores.pkcs12.key | string | "test_key" | Key of the entry in the Secret resource's data field to be used. |
| certificate.keystores.pkcs12.name | string | "test-creds" | Name of the Secret resource being referred to. |
| certificate.keystores.jks.create | bool | false | Enables jks keystore creation for the Certificate. JKS configures options for storing a JKS keystore in the spec.secretName Secret resource. |
| certificate.keystores.jks.key | tpl/string | "test_key" | Key of the entry in the Secret resource's data field to be used. |
| certificate.keystores.jks.name | string | "test-creds" | Name of the Secret resource being referred to. |
| Key | Type | Default | Description |
|---|---|---|---|
| alertmanagerConfig.enabled | bool | false | Deploy an AlertmanagerConfig (Prometheus Operator) resource. |
| alertmanagerConfig.selectionLabels | object | {"alertmanagerConfig":"workload"} | Labels to be picked up by Alertmanager to add it to base config. Read more about it at [https://docs.openshift.com/container-platform/4.7/rest_api/monitoring_apis/alertmanager-monitoring-coreos-com-v1.html](OpenShift's AlermanagerConfig documentation) under .spec.alertmanagerConfigSelector. |
| alertmanagerConfig.spec | object | {"inhibitRules":[],"receivers":[],"route":null} | AlertmanagerConfig spec. Read more about it at [https://docs.openshift.com/container-platform/4.7/rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.html](OpenShift's AlermanagerConfig documentation). |
| alertmanagerConfig.spec.route | object | nil | Route definition for alerts matching the resource’s namespace. It will be added to the generated Alertmanager configuration as a first-level route. |
| alertmanagerConfig.spec.receivers | list | [] | List of receivers. |
| alertmanagerConfig.spec.inhibitRules | list | [] | Inhibition rules that allows to mute alerts when other alerts are already firing. |
| Key | Type | Default | Description |
|---|---|---|---|
| prometheusRule.enabled | bool | false | Deploy a PrometheusRule (Prometheus Operator) resource. |
| prometheusRule.additionalLabels | object | nil | Additional labels for PrometheusRule. |
| prometheusRule.groups | list | [] | Groups with alerting rules. Read more about it at [https://docs.openshift.com/container-platform/4.7/rest_api/monitoring_apis/prometheusrule-monitoring-coreos-com-v1.html](OpenShift's PrometheusRule documentation). |
| Key | Type | Default | Description |
|---|---|---|---|
| externalSecret.enabled | bool | false | DeployExternalSecret resources. |
| externalSecret.additionalLabels | object | nil | Additional labels for ExternalSecret. |
| externalSecret.annotations | object | nil | Annotations for ExternalSecret. |
| externalSecret.secretStore | object | {"kind":"SecretStore","name":"tenant-vault-secret-store"} | Default values for the SecretStore. Can be overriden per ExternalSecret in theexternalSecret.files object. |
| externalSecret.secretStore.name | string | "tenant-vault-secret-store" | Name of the SecretStore to use. |
| externalSecret.secretStore.kind | string | "SecretStore" | Kind of the SecretStore being refered to. |
| externalSecret.refreshInterval | string | "1m" | RefreshInterval is the amount of time before the values are read again from the SecretStore provider. |
| externalSecret.files | object | nil | List of ExternalSecret entries. Key will be used as a name suffix for the ExternalSecret. There a two allowed modes: -data: Data defines the connection between the Kubernetes Secret keys and the Provider data -dataFrom: Used to fetch all properties from the Provider key |
| Key | Type | Default | Description |
|---|---|---|---|
| networkPolicy.enabled | bool | false | Enable Network Policy. |
| networkPolicy.additionalLabels | object | nil | Additional labels for Network Policy. |
| networkPolicy.annotations | object | nil | Annotations for Network Policy. |
| networkPolicy.ingress | list | nil | Ingress rules for Network Policy. |
| networkPolicy.egress | list | nil | Egress rules for Network Policy. |
| Key | Type | Default | Description |
|---|---|---|---|
| pdb.enabled | bool | false | Enable Pod Disruption Budget. |
| pdb.minAvailable | int | 1 | Minimum number of pods that must be available after eviction. |
| pdb.maxUnavailable | int | nil | Maximum number of unavailable pods during voluntary disruptions. |
| Key | Type | Default | Description |
|---|---|---|---|
| grafanaDashboard.enabled | bool | false | DeployGrafanaDashboard resources. |
| grafanaDashboard.additionalLabels | object | nil | Additional labels for GrafanaDashboard. |
| grafanaDashboard.annotations | object | nil | Annotations for GrafanaDashboard. |
| grafanaDashboard.contents | object | nil | List of GrafanaDashboard entries. Key will be used as a name suffix for the GrafanaDashboard. Value is the GrafanaDashboard content. According to GrafanaDashboard behavior,url field takes precedence on thejson field. |
| Key | Type | Default | Description |
|---|---|---|---|
| backup.enabled | bool | false | Deploy aVelero/OADP Backup resource. |
| backup.namespace | string | {{ .Release.Namespace }} | Namespace for Backup. |
| backup.additionalLabels | object | nil | Additional labels for Backup. |
| backup.annotations | object | nil | Annotations for Backup. |
| backup.defaultVolumesToRestic | bool | true | Whether to use Restic to take snapshots of all pod volumes by default. |
| backup.snapshotVolumes | bool | true | Whether to take snapshots of persistent volumes as part of the backup. |
| backup.storageLocation | string | nil | Name of the backup storage location where the backup should be stored. |
| backup.ttl | string | "1h0m0s" | How long the Backup should be retained for. |
| backup.includedNamespaces | tpl/list | [ {{ include "application.namespace" $ }} ] | List of namespaces to include objects from. |
| backup.includedResources | list | nil | List of resource types to include in the backup. |
| backup.excludedResources | list | nil | List of resource types to exclude from the backup. |
Name format of ConfigMap, Secret, SealedSecret and ExternalSecret is{{ template "application.name" $ }}-{{ $nameSuffix }} then:
{{ template "application.name" }}is a helper function that outputs.Values.applicationNameif exist else return chart name as outputnameSuffixis the each key insecret.files,configMap.files,sealedSecret.filesandexternalSecret.files
For example if we have following values file:
applicationName:helloworld# {{ template "application.name" $ }}configMap:files:config:# {{ $nameSuffix }}key:value
then the configmap name will be namedhelloworld-config.
In order to use environment variable in deployment or cronjob, you will have to provide environment variable inkey/value pair inenv value. where key being environment variable key and value varies in different scenarios
For simple key/value environment variable, just provide
value: <value>env:KEY:value:MY_VALUE
To get environement variable value fromConfigMap
Suppose we have a configmap created from application chart
applicationName:my-applicationconfigMap:enabled:truefiles:application-config:LOG:DEBUGVERBOSE:v1
To get environment variable value from above created configmap, we will need to add following
env:APP_LOG_LEVEL:valueFrom:configMapKeyRef:name:my-application-application-configkey:LOG
To get all environment variables key/values fromConfigMap, where configmap key being key of environment variable and value being value
envFrom:application-config-env:type:configmapnameSuffix:application-config
You can either provide
nameSuffixwhich means name added after prefix<applicationName>-or static name withnameof configmap.You can specify whether the configmap is mandatory or optional for the pod to start with the
optional: true/falsevalue.Note: first key after
envFromis just used to uniquely identify different objects inenvFromblock. Make sure to keep it unique and relevant.To get environment variable value fromSecret
Suppose we have secret created from application chart
applicationName:my-applicationsecret:enabled:truefiles:db-credentials:PASSWORD:skljd#2Qer!!USER:postgres
To get environment variable value from above created secret, we will need to add following
env:KEY:valueFrom:secretKeyRef:name:my-application-db-credentialskey:USER
To get environement variable value fromSecret, where secret key being key of environment variable and value being value
envFrom:database-credentials:type:secretnameSuffix:db-credentials
You can either provide
nameSuffixwhich means name added after prefix<applicationName>-or static name withnameof secret.You can specify whether the secret is mandatory or optional for the pod to start with the
optional: true/falsevalue.Note: first key after
envFromis just used to uniquely identify different objects inenvFromblock. Make sure to keep it unique and relevant.
To disable liveness or readiness probe, set value ofenabled tofalse.
livenessProbe:enabled:false
By default probe handler type ishttpGet. You just need to overrideport andpath as per your need.
livenessProbe:enabled:truehttpGet:path:'/path'port:8080
In order to useexec handler, you can define fieldlivenessProbe.exec in your values.yaml.
livenessProbe:enabled:trueexec:command: -cat -/tmp/healthy
About
Generic helm chart for all kind of applications
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Sponsor this project
Uh oh!
There was an error while loading.Please reload this page.
Packages0
No packages published
Uh oh!
There was an error while loading.Please reload this page.