Skip to content
Snippets Groups Projects
Verified Commit e9f95fa1 authored by Martin Weise's avatar Martin Weise
Browse files

Updated mariadb chart to be compatible with openshift

parent f7de051d
No related branches found
No related tags found
1 merge request!352Resolve "OpenShift Deployment"
Showing
with 275 additions and 56 deletions
...@@ -7,10 +7,10 @@ dependencies: ...@@ -7,10 +7,10 @@ dependencies:
version: 21.6.1 version: 21.6.1
- name: mariadb-galera - name: mariadb-galera
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
version: 10.1.3 version: 14.0.12
- name: mariadb-galera - name: mariadb-galera
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
version: 10.1.3 version: 14.0.12
- name: rabbitmq - name: rabbitmq
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
version: 14.0.0 version: 14.0.0
...@@ -26,5 +26,5 @@ dependencies: ...@@ -26,5 +26,5 @@ dependencies:
- name: prometheus - name: prometheus
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
version: 1.3.22 version: 1.3.22
digest: sha256:b146630948770f1ae6822564173eecfcc66f75502a0449fd3556c920f7202a2b digest: sha256:aa9cee8efad6f30ad296c7908cf4d9a5c50e1d87bcf2dde3b2e02306a686e1fd
generated: "2024-11-22T09:41:42.713329569+01:00" generated: "2024-11-22T19:46:10.620698662+01:00"
...@@ -6,7 +6,7 @@ description: Helm Chart for installing DBRepo ...@@ -6,7 +6,7 @@ description: Helm Chart for installing DBRepo
sources: sources:
- https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services - https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services
type: application type: application
version: "1.5.2-rc0" version: "1.5.1"
appVersion: "1.5.1" appVersion: "1.5.1"
keywords: keywords:
- dbrepo - dbrepo
...@@ -28,12 +28,12 @@ dependencies: ...@@ -28,12 +28,12 @@ dependencies:
condition: authservice.enabled condition: authservice.enabled
- name: mariadb-galera - name: mariadb-galera
alias: datadb alias: datadb
version: 10.1.3 # app version: 11.1.3 version: 14.0.12 # app version: 11.4.4-debian-12-r0
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
condition: database.enabled condition: datadb.enabled
- name: mariadb-galera - name: mariadb-galera
alias: metadatadb alias: metadatadb
version: 10.1.3 # app version: 11.1.3 version: 14.0.12 # app version: 11.4.4-debian-12-r0
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
condition: metadatadb.enabled condition: metadatadb.enabled
- name: rabbitmq - name: rabbitmq
...@@ -46,11 +46,6 @@ dependencies: ...@@ -46,11 +46,6 @@ dependencies:
version: 0.4.5 version: 0.4.5
repository: https://charts.bitnami.com/bitnami repository: https://charts.bitnami.com/bitnami
condition: storageservice.enabled condition: storageservice.enabled
- name: tusd
alias: uploadservice
version: 0.1.2
repository: https://charts.sagikazarmark.dev
condition: uploadservice.enabled
- name: grafana - name: grafana
alias: dashboardservice alias: dashboardservice
version: 10.1.1 version: 10.1.1
......
File deleted
File added
File deleted
{{/*
Copyright Broadcom, Inc. All Rights Reserved.
SPDX-License-Identifier: APACHE-2.0
*/}}
{{/* vim: set filetype=mustache: */}}
{{/*
Return a resource request/limit object based on a given preset.
These presets are for basic testing and not meant to be used in production
{{ include "common.resources.preset" (dict "type" "nano") -}}
*/}}
{{- define "common.resources.preset" -}}
{{/* The limits are the requests increased by 50% (except ephemeral-storage and xlarge/2xlarge sizes)*/}}
{{- $presets := dict
"nano" (dict
"requests" (dict "cpu" "100m" "memory" "128Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "150m" "memory" "192Mi" "ephemeral-storage" "2Gi")
)
"micro" (dict
"requests" (dict "cpu" "250m" "memory" "256Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "375m" "memory" "384Mi" "ephemeral-storage" "2Gi")
)
"small" (dict
"requests" (dict "cpu" "500m" "memory" "512Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "750m" "memory" "768Mi" "ephemeral-storage" "2Gi")
)
"medium" (dict
"requests" (dict "cpu" "500m" "memory" "1024Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "750m" "memory" "1536Mi" "ephemeral-storage" "2Gi")
)
"large" (dict
"requests" (dict "cpu" "1.0" "memory" "2048Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "1.5" "memory" "3072Mi" "ephemeral-storage" "2Gi")
)
"xlarge" (dict
"requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "3.0" "memory" "6144Mi" "ephemeral-storage" "2Gi")
)
"2xlarge" (dict
"requests" (dict "cpu" "1.0" "memory" "3072Mi" "ephemeral-storage" "50Mi")
"limits" (dict "cpu" "6.0" "memory" "12288Mi" "ephemeral-storage" "2Gi")
)
}}
{{- if hasKey $presets .type -}}
{{- index $presets .type | toYaml -}}
{{- else -}}
{{- printf "ERROR: Preset key '%s' invalid. Allowed values are %s" .type (join "," (keys $presets)) | fail -}}
{{- end -}}
{{- end -}}
\ No newline at end of file
...@@ -56,5 +56,7 @@ spec: ...@@ -56,5 +56,7 @@ spec:
periodSeconds: 10 periodSeconds: 10
{{- if .Values.analyseservice.resources }} {{- if .Values.analyseservice.resources }}
resources: {{- toYaml .Values.analyseservice.resources | nindent 12 }} resources: {{- toYaml .Values.analyseservice.resources | nindent 12 }}
{{- else if ne .Values.analyseservice.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.analyseservice.resourcesPreset) | nindent 12 }}
{{- end }} {{- end }}
{{- end }} {{- end }}
...@@ -56,7 +56,7 @@ spec: ...@@ -56,7 +56,7 @@ spec:
periodSeconds: 10 periodSeconds: 10
{{- if .Values.dataservice.resources }} {{- if .Values.dataservice.resources }}
resources: {{- toYaml .Values.dataservice.resources | nindent 12 }} resources: {{- toYaml .Values.dataservice.resources | nindent 12 }}
{{- else if ne .Values.dataservice.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.dataservice.resourcesPreset) | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: []
volumes: []
{{- end }} {{- end }}
...@@ -38,6 +38,11 @@ spec: ...@@ -38,6 +38,11 @@ spec:
envFrom: envFrom:
- secretRef: - secretRef:
name: identity-service-secret name: identity-service-secret
{{- if .Values.identityservice.persistence.enabled }}
volumeMounts:
- name: openldap-data
mountPath: /bitnami/openldap
{{- end }}
livenessProbe: livenessProbe:
exec: exec:
command: command:
...@@ -56,5 +61,20 @@ spec: ...@@ -56,5 +61,20 @@ spec:
periodSeconds: 10 periodSeconds: 10
{{- if .Values.identityservice.resources }} {{- if .Values.identityservice.resources }}
resources: {{- toYaml .Values.identityservice.resources | nindent 12 }} resources: {{- toYaml .Values.identityservice.resources | nindent 12 }}
{{- else if ne .Values.identityservice.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.identityservice.resourcesPreset) | nindent 12 }}
{{- end }}
{{- if .Values.identityservice.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: openldap-data
spec:
accessModes: [ "ReadWriteOnce" ]
{{- if .Values.global.storageClass }}
storageClassName: {{ .Values.global.storageClass }}
{{- end }}
resources:
requests:
storage: 8Gi
{{- end }} {{- end }}
{{- end }} {{- end }}
...@@ -12,7 +12,7 @@ data: ...@@ -12,7 +12,7 @@ data:
02-setup-data.sql: | 02-setup-data.sql: |
BEGIN; BEGIN;
INSERT INTO `mdb_containers` (name, internal_name, image_id, host, port, privileged_username, privileged_password) INSERT INTO `mdb_containers` (name, internal_name, image_id, host, port, privileged_username, privileged_password)
VALUES ('mariadb:11.1.3-debian-11-r6', 'mariadb_11_1_3', 1, 'data-db', 3306, '{{ .Values.datadb.rootUser.user }}', '{{ .Values.datadb.rootUser.password }}'); VALUES ('mariadb:11.4.4-debian-12-r0', 'mariadb_11_4_4', 1, 'data-db', 3306, '{{ .Values.datadb.rootUser.user }}', '{{ .Values.datadb.rootUser.password }}');
COMMIT; COMMIT;
01-setup-schema.sql: | 01-setup-schema.sql: |
BEGIN; BEGIN;
......
...@@ -56,5 +56,7 @@ spec: ...@@ -56,5 +56,7 @@ spec:
periodSeconds: 10 periodSeconds: 10
{{- if .Values.metadataservice.resources }} {{- if .Values.metadataservice.resources }}
resources: {{- toYaml .Values.metadataservice.resources | nindent 12 }} resources: {{- toYaml .Values.metadataservice.resources | nindent 12 }}
{{- else if ne .Values.metadataservice.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.metadataservice.resourcesPreset) | nindent 12 }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if .Values.uploadservice.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: upload-service
namespace: {{ include "common.names.namespace" . | quote }}
labels:
app: upload-service
service: upload-service
spec:
replicas: {{ .Values.uploadservice.replicaCount }}
strategy:
type: {{ .Values.strategyType }}
selector:
matchLabels:
app: upload-service
service: upload-service
template:
metadata:
labels:
app: upload-service
service: upload-service
spec:
{{- if .Values.uploadservice.podSecurityContext.enabled }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.uploadservice.podSecurityContext "context" $) | nindent 8 }}
{{- end }}
containers:
- name: upload-service
image: {{ .Values.uploadservice.image.name }}
imagePullPolicy: {{ .Values.uploadservice.image.pullPolicy | default "IfNotPresent" }}
{{- if .Values.uploadservice.containerSecurityContext.enabled }}
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.uploadservice.containerSecurityContext "context" $) | nindent 12 }}
{{- end }}
args:
- "-behind-proxy"
- "-max-size={{ .Values.uploadservice.s3.maxSize }}"
- "-base-path=/api/upload/files/"
- "-s3-endpoint={{ .Values.uploadservice.s3.endpoint}}"
- "-s3-bucket={{ .Values.uploadservice.s3.bucket }}"
ports:
- containerPort: 1080
protocol: TCP
envFrom:
- secretRef:
name: upload-service-secret
livenessProbe:
httpGet:
port: 1080
initialDelaySeconds: 120
periodSeconds: 10
readinessProbe:
httpGet:
port: 1080
initialDelaySeconds: 30
periodSeconds: 10
{{- if .Values.uploadservice.resources }}
resources: {{- toYaml .Values.uploadservice.resources | nindent 12 }}
{{- else if ne .Values.uploadservice.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.uploadservice.resourcesPreset) | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.uploadservice.enabled }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
...@@ -8,5 +7,4 @@ metadata: ...@@ -8,5 +7,4 @@ metadata:
stringData: stringData:
AWS_ACCESS_KEY_ID: "{{ .Values.storageservice.s3.auth.adminAccessKeyId }}" AWS_ACCESS_KEY_ID: "{{ .Values.storageservice.s3.auth.adminAccessKeyId }}"
AWS_SECRET_ACCESS_KEY: "{{ .Values.storageservice.s3.auth.adminSecretAccessKey }}" AWS_SECRET_ACCESS_KEY: "{{ .Values.storageservice.s3.auth.adminSecretAccessKey }}"
AWS_REGION: "default" AWS_REGION: "{{ .Values.storageservice.s3.region | default "default" }}"
{{- end }}
\ No newline at end of file
...@@ -179,23 +179,60 @@ searchdb: ...@@ -179,23 +179,60 @@ searchdb:
uploadservice: uploadservice:
## @param uploadservice.enabled Enable the Upload Service. ## @param uploadservice.enabled Enable the Upload Service.
enabled: true enabled: true
## @skip uploadservice.fullnameOverride
fullnameOverride: upload-service
## @skip uploadservice.image ## @skip uploadservice.image
image: image:
repository: tusproject/tusd name: docker.io/tusproject/tusd:v1.12
tag: v1.12 s3:
## @skip uploadservice.securityContext ## @param dataservice.s3.endpoint The S3-capable endpoint the microservice connects to.
securityContext: endpoint: http://storage-service-s3:8333
allowPrivilegeEscalation: false ## @param dataservice.s3.bucket The S3 bucket name.
bucket: dbrepo
## @param dataservice.s3.bucket The maximum file size in bytes.
maxSize: "2000000000"
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
## @param uploadservice.podSecurityContext.enabled Enable pods' Security Context
enabled: true
## @param uploadservice.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
fsGroupChangePolicy: Always
## @param uploadservice.podSecurityContext.sysctls Set kernel settings using the sysctl interface
sysctls: [ ]
## @param uploadservice.podSecurityContext.supplementalGroups Set filesystem extra groups
supplementalGroups: [ ]
## @param uploadservice.podSecurityContext.fsGroup Set RabbitMQ pod's Security Context fsGroup
fsGroup: 0
containerSecurityContext:
## @param uploadservice.containerSecurityContext.enabled Enable containers' Security Context
enabled: true
## @param uploadservice.containerSecurityContext.seLinuxOptions Set SELinux options in container
seLinuxOptions: { }
## @param uploadservice.containerSecurityContext.runAsUser Set RabbitMQ containers' Security Context runAsUser
runAsUser: 1000 runAsUser: 1000
## @param uploadservice.containerSecurityContext.runAsGroup Set RabbitMQ containers' Security Context runAsGroup
runAsGroup: 1000 runAsGroup: 1000
## @param uploadservice.containerSecurityContext.runAsNonRoot Set RabbitMQ container's Security Context runAsNonRoot
runAsNonRoot: true runAsNonRoot: true
seccompProfile: ## @param uploadservice.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
type: RuntimeDefault allowPrivilegeEscalation: false
## @param uploadservice.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
readOnlyRootFilesystem: false
capabilities: capabilities:
drop: ## @param uploadservice.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
- ALL drop: [ "ALL" ]
seccompProfile:
## @param uploadservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault"
## @param uploadservice.resourcesPreset The container resource preset
resourcesPreset: "micro"
## @param uploadservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 250m
## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @skip uploadservice.containerArgs ## @skip uploadservice.containerArgs
containerArgs: containerArgs:
- "-behind-proxy" - "-behind-proxy"
...@@ -266,6 +303,9 @@ brokerservice: ...@@ -266,6 +303,9 @@ brokerservice:
sslOptionsVerify: true sslOptionsVerify: true
failIfNoPeerCert: true failIfNoPeerCert: true
existingSecret: ingress-cert existingSecret: ingress-cert
rbac:
## @skip brokerservice.rbac.create
create: false
## @skip brokerservice.advancedConfigurationExistingSecret ## @skip brokerservice.advancedConfigurationExistingSecret
advancedConfigurationExistingSecret: broker-service-secret advancedConfigurationExistingSecret: broker-service-secret
## @skip brokerservice.loadDefinition ## @skip brokerservice.loadDefinition
...@@ -334,15 +374,18 @@ analyseservice: ...@@ -334,15 +374,18 @@ analyseservice:
seccompProfile: seccompProfile:
## @param analyseservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param analyseservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @skip analyseservice.resources ## @param analyseservice.resourcesPreset The container resource preset
resources: resourcesPreset: "micro"
requests: ## @param analyseservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
cpu: 250m ## Example:
memory: 512Mi ## resources:
limits: ## requests:
cpu: 500m ## cpu: 250m
memory: 2048Mi ## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
resources: { }
## @param analyseservice.endpoint The url of the endpoint. ## @param analyseservice.endpoint The url of the endpoint.
endpoint: http://analyse-service endpoint: http://analyse-service
s3: s3:
...@@ -398,14 +441,17 @@ metadataservice: ...@@ -398,14 +441,17 @@ metadataservice:
seccompProfile: seccompProfile:
## @param metadataservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param metadataservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @skip metadataservice.resources ## @param metadataservice.resourcesPreset The container resource preset
resources: resourcesPreset: "micro"
requests: ## @param metadataservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
cpu: 250m ## Example:
memory: 512Mi ## resources:
limits: ## requests:
cpu: 1000m ## cpu: 250m
memory: 2048Mi ## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @param metadataservice.endpoint The Metadata Service endpoint. ## @param metadataservice.endpoint The Metadata Service endpoint.
endpoint: http://metadata-service endpoint: http://metadata-service
crossref: crossref:
...@@ -497,6 +543,17 @@ dataservice: ...@@ -497,6 +543,17 @@ dataservice:
seccompProfile: seccompProfile:
## @param dataservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param dataservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @param dataservice.resourcesPreset The container resource preset
resourcesPreset: "large"
## @param dataservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 250m
## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @skip dataservice.resources ## @skip dataservice.resources
grant: grant:
## @param dataservice.grant.read The default database permissions for users with read access. ## @param dataservice.grant.read The default database permissions for users with read access.
...@@ -577,6 +634,17 @@ searchservice: ...@@ -577,6 +634,17 @@ searchservice:
seccompProfile: seccompProfile:
## @param searchservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param searchservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @param searchservice.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param searchservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 250m
## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @skip searchservice.resources ## @skip searchservice.resources
resources: resources:
requests: requests:
...@@ -605,6 +673,9 @@ storageservice: ...@@ -605,6 +673,9 @@ storageservice:
fullnameOverride: storage-service-db fullnameOverride: storage-service-db
## @skip storageservice.mariadb.enabled ## @skip storageservice.mariadb.enabled
enabled: true enabled: true
primary:
## @skip storageservice.mariadb.primary.resourcesPreset The container resource preset
resourcesPreset: "nano"
auth: auth:
## @param storageservice.mariadb.auth.rootPassword The user password for the root user. ## @param storageservice.mariadb.auth.rootPassword The user password for the root user.
rootPassword: seaweedfsdb rootPassword: seaweedfsdb
...@@ -675,7 +746,7 @@ identityservice: ...@@ -675,7 +746,7 @@ identityservice:
## @param identityservice.containerSecurityContext.runAsUser Set RabbitMQ containers' Security Context runAsUser ## @param identityservice.containerSecurityContext.runAsUser Set RabbitMQ containers' Security Context runAsUser
runAsUser: 1001 runAsUser: 1001
## @param identityservice.containerSecurityContext.runAsGroup Set RabbitMQ containers' Security Context runAsGroup ## @param identityservice.containerSecurityContext.runAsGroup Set RabbitMQ containers' Security Context runAsGroup
runAsGroup: 1001 runAsGroup: 0
## @param identityservice.containerSecurityContext.runAsNonRoot Set RabbitMQ container's Security Context runAsNonRoot ## @param identityservice.containerSecurityContext.runAsNonRoot Set RabbitMQ container's Security Context runAsNonRoot
runAsNonRoot: true runAsNonRoot: true
## @param identityservice.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation ## @param identityservice.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
...@@ -685,17 +756,22 @@ identityservice: ...@@ -685,17 +756,22 @@ identityservice:
capabilities: capabilities:
## @param identityservice.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot ## @param identityservice.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
drop: [ "ALL" ] drop: [ "ALL" ]
## @param identityservice.containerSecurityContext.capabilities.add Set container's Security Context runAsNonRoot
add: [ "NET_BIND_SERVICE" ]
seccompProfile: seccompProfile:
## @param identityservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param identityservice.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @skip identityservice.resources ## @param identityservice.resourcesPreset The container resource preset
resources: resourcesPreset: "nano"
requests: ## @param identityservice.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
cpu: 250m ## Example:
memory: 512Mi ## resources:
limits: ## requests:
cpu: 500m ## cpu: 250m
memory: 2048Mi ## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @param identityservice.users The admin username for internal authentication. ## @param identityservice.users The admin username for internal authentication.
users: admin users: admin
## @param identityservice.userPasswords The admin user password for internal authentication. ## @param identityservice.userPasswords The admin user password for internal authentication.
...@@ -766,6 +842,17 @@ ui: ...@@ -766,6 +842,17 @@ ui:
seccompProfile: seccompProfile:
## @param ui.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile ## @param ui.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
type: "RuntimeDefault" type: "RuntimeDefault"
## @param ui.resourcesPreset The container resource preset
resourcesPreset: "nano"
## @param ui.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## Example:
## resources:
## requests:
## cpu: 250m
## memory: 64Mi
## limits:
## cpu: 500m
## memory: 1024Mi
## @skip ui.resources ## @skip ui.resources
resources: resources:
requests: requests:
...@@ -881,6 +968,9 @@ metricdb: ...@@ -881,6 +968,9 @@ metricdb:
## @skip metricdb.alertmanager.service.type ## @skip metricdb.alertmanager.service.type
type: ClusterIP type: ClusterIP
server: server:
rbac:
## @skip metricdb.server.rbac.create
create: false
service: service:
## @skip metricdb.server.service.type ## @skip metricdb.server.service.type
type: ClusterIP type: ClusterIP
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment