2167 lines
98 KiB
YAML
2167 lines
98 KiB
YAML
global:
|
|
defaultStorageClass: ""
|
|
storageClass: ""
|
|
security:
|
|
allowInsecureImages: false
|
|
namespaceOverride: "freeleaps-alpha"
|
|
clusterDomain: freeleaps.cluster
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/mongodb
|
|
tag: 8.0.4-debian-12-r3
|
|
pullPolicy: IfNotPresent
|
|
architecture: standalone
|
|
## @param useStatefulSet Set to true to use a StatefulSet instead of a Deployment (only when `architecture=standalone`)
|
|
##
|
|
useStatefulSet: true
|
|
auth:
|
|
enabled: false
|
|
extraEnvVars: []
|
|
replicaCount: 1
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## @param affinity MongoDB(®) Affinity for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param nodeSelector MongoDB(®) Node labels for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param tolerations MongoDB(®) Tolerations for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param topologySpreadConstraints MongoDB(®) Spread Constraints for Pods
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param lifecycleHooks LifecycleHook for the MongoDB(®) container(s) to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param terminationGracePeriodSeconds MongoDB(®) Termination Grace Period
|
|
##
|
|
terminationGracePeriodSeconds: ""
|
|
## @param podLabels MongoDB(®) pod labels
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param podAnnotations MongoDB(®) Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param priorityClassName Name of the existing priority class to be used by MongoDB(®) pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
##
|
|
priorityClassName: ""
|
|
## @param runtimeClassName Name of the runtime class to be used by MongoDB(®) pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## MongoDB(®) pods' Security Context.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param podSecurityContext.enabled Enable MongoDB(®) pod(s)' Security Context
|
|
## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param podSecurityContext.fsGroup Group ID for the volumes of the MongoDB(®) pod(s)
|
|
## @param podSecurityContext.sysctls sysctl settings of the MongoDB(®) pod(s)'
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## sysctl settings
|
|
## Example:
|
|
## sysctls:
|
|
## - name: net.core.somaxconn
|
|
## value: "10000"
|
|
##
|
|
sysctls: []
|
|
## MongoDB(®) containers' Security Context (main and metrics container).
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## MongoDB(®) containers' resource requests and limits.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "small"
|
|
## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param containerPorts.mongodb MongoDB(®) container port
|
|
##
|
|
containerPorts:
|
|
mongodb: 27017
|
|
## MongoDB(®) pods' liveness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param livenessProbe.enabled Enable livenessProbe
|
|
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## MongoDB(®) pods' readiness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param readinessProbe.enabled Enable readinessProbe
|
|
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Slow starting containers can be protected through startup probes
|
|
## Startup probes are available in Kubernetes version 1.16 and above
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
|
|
## @param startupProbe.enabled Enable startupProbe
|
|
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
successThreshold: 1
|
|
failureThreshold: 30
|
|
## @param customLivenessProbe Override default liveness probe for MongoDB(®) containers
|
|
## Ignored when livenessProbe.enabled=true
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param customReadinessProbe Override default readiness probe for MongoDB(®) containers
|
|
## Ignored when readinessProbe.enabled=true
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param customStartupProbe Override default startup probe for MongoDB(®) containers
|
|
## Ignored when startupProbe.enabled=true
|
|
##
|
|
customStartupProbe: {}
|
|
## @param initContainers Add additional init containers for the hidden node pod(s)
|
|
## Example:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
initContainers: []
|
|
## @param sidecars Add additional sidecar containers for the MongoDB(®) pod(s)
|
|
## Example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
## This is an optional 'mongo-labeler' sidecar container that tracks replica-set for the primary mongodb pod
|
|
## and labels it dynamically with ' primary: "true" ' in order for an extra-deployed service to always expose
|
|
## and attach to the primary pod, this needs to be uncommented along with the suggested 'extraDeploy' example
|
|
## and the suggested rbac example for the pod to be allowed adding labels to mongo replica pods
|
|
## search 'mongo-labeler' through this file to find the sections that needs to be uncommented to make it work
|
|
##
|
|
## - name: mongo-labeler
|
|
## image: korenlev/k8s-mongo-labeler-sidecar
|
|
## imagePullPolicy: Always
|
|
## env:
|
|
## - name: LABEL_SELECTOR
|
|
## value: "app.kubernetes.io/component=mongodb,app.kubernetes.io/instance=mongodb,app.kubernetes.io/name=mongodb"
|
|
## - name: NAMESPACE
|
|
## value: "the-mongodb-namespace"
|
|
## - name: DEBUG
|
|
## value: "true"
|
|
##
|
|
sidecars: []
|
|
## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the MongoDB(®) container(s)
|
|
## Examples:
|
|
## extraVolumeMounts:
|
|
## - name: extras
|
|
## mountPath: /usr/share/extras
|
|
## readOnly: true
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param extraVolumes Optionally specify extra list of additional volumes to the MongoDB(®) statefulset
|
|
## extraVolumes:
|
|
## - name: extras
|
|
## emptyDir: {}
|
|
##
|
|
extraVolumes: []
|
|
## MongoDB(®) Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
|
##
|
|
pdb:
|
|
## @param pdb.create Enable/disable a Pod Disruption Budget creation for MongoDB(®) pod(s)
|
|
##
|
|
create: true
|
|
## @param pdb.minAvailable Minimum number/percentage of MongoDB(®) pods that must still be available after the eviction
|
|
##
|
|
minAvailable: ""
|
|
## @param pdb.maxUnavailable Maximum number/percentage of MongoDB(®) pods that may be made unavailable after the eviction. Defaults to `1` if both `pdb.minAvailable` and `pdb.maxUnavailable` are empty.
|
|
##
|
|
maxUnavailable: ""
|
|
## @section Traffic exposure parameters
|
|
##
|
|
|
|
## Service parameters
|
|
##
|
|
service:
|
|
## @param service.nameOverride MongoDB(®) service name
|
|
##
|
|
nameOverride: ""
|
|
## @param service.type Kubernetes Service type (only for standalone architecture)
|
|
##
|
|
type: ClusterIP
|
|
## @param service.portName MongoDB(®) service port name (only for standalone architecture)
|
|
##
|
|
portName: mongodb
|
|
## @param service.ports.mongodb MongoDB(®) service port.
|
|
##
|
|
ports:
|
|
mongodb: 27017
|
|
## @param service.nodePorts.mongodb Port to bind to for NodePort and LoadBalancer service types (only for standalone architecture)
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
|
|
##
|
|
nodePorts:
|
|
mongodb: ""
|
|
## @param service.clusterIP MongoDB(®) service cluster IP (only for standalone architecture)
|
|
## e.g:
|
|
## clusterIP: None
|
|
##
|
|
clusterIP: ""
|
|
## @param service.externalIPs Specify the externalIP value ClusterIP service type (only for standalone architecture)
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
|
|
##
|
|
externalIPs: []
|
|
## @param service.loadBalancerIP loadBalancerIP for MongoDB(®) Service (only for standalone architecture)
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
|
|
##
|
|
loadBalancerIP: ""
|
|
## @param service.loadBalancerClass loadBalancerClass for MongoDB(®) Service (only for standalone architecture)
|
|
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
|
|
loadBalancerClass: ""
|
|
## @param service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer (only for standalone architecture)
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
|
|
##
|
|
allocateLoadBalancerNodePorts: true
|
|
## @param service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## @param service.annotations Provide any additional annotations that may be required
|
|
##
|
|
annotations: {}
|
|
## @param service.externalTrafficPolicy service external traffic policy (only for standalone architecture)
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Local
|
|
## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## Headless service properties
|
|
##
|
|
headless:
|
|
## @param service.headless.annotations Annotations for the headless service.
|
|
##
|
|
annotations: {}
|
|
## External Access to MongoDB(®) nodes configuration
|
|
##
|
|
externalAccess:
|
|
## @param externalAccess.enabled Enable Kubernetes external cluster access to MongoDB(®) nodes (only for replicaset architecture)
|
|
##
|
|
enabled: false
|
|
## External IPs auto-discovery configuration
|
|
## An init container is used to auto-detect LB IPs or node ports by querying the K8s API
|
|
## Note: RBAC might be required
|
|
##
|
|
autoDiscovery:
|
|
## @param externalAccess.autoDiscovery.enabled Enable using an init container to auto-detect external IPs by querying the K8s API
|
|
##
|
|
enabled: false
|
|
## Bitnami Kubectl image
|
|
## ref: https://hub.docker.com/r/bitnami/kubectl/tags/
|
|
## @param externalAccess.autoDiscovery.image.registry [default: REGISTRY_NAME] Init container auto-discovery image registry
|
|
## @param externalAccess.autoDiscovery.image.repository [default: REPOSITORY_NAME/kubectl] Init container auto-discovery image repository
|
|
## @skip externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended)
|
|
## @param externalAccess.autoDiscovery.image.digest Init container auto-discovery image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy
|
|
## @param externalAccess.autoDiscovery.image.pullSecrets Init container auto-discovery image pull secrets
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/kubectl
|
|
tag: 1.32.1-debian-12-r4
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## Example:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Init Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param externalAccess.autoDiscovery.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param externalAccess.autoDiscovery.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Init container what mission is ensure public names can be resolved.
|
|
##
|
|
dnsCheck:
|
|
## Bitnami os-shell image
|
|
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
|
## @param externalAccess.dnsCheck.image.registry [default: REGISTRY_NAME] Init container dns-check image registry
|
|
## @param externalAccess.dnsCheck.image.repository [default: REPOSITORY_NAME/kubectl] Init container dns-check image repository
|
|
## @skip externalAccess.dnsCheck.image.tag Init container dns-check image tag (immutable tags are recommended)
|
|
## @param externalAccess.dnsCheck.image.digest Init container dns-check image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param externalAccess.dnsCheck.image.pullPolicy Init container dns-check image pull policy
|
|
## @param externalAccess.dnsCheck.image.pullSecrets Init container dns-check image pull secrets
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/os-shell
|
|
tag: 12-debian-12-r36
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## Example:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Init Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param externalAccess.dnsCheck.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if externalAccess.autoDiscovery.resources is set (externalAccess.autoDiscovery.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param externalAccess.dnsCheck.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Parameters to configure a set of Pods that connect to an existing MongoDB(®) deployment that lies outside of Kubernetes.
|
|
## @param externalAccess.externalMaster.enabled Use external master for bootstrapping
|
|
## @param externalAccess.externalMaster.host External master host to bootstrap from
|
|
## @param externalAccess.externalMaster.port Port for MongoDB(®) service external master host
|
|
##
|
|
externalMaster:
|
|
enabled: false
|
|
host: ""
|
|
port: 27017
|
|
## Parameters to configure K8s service(s) used to externally access MongoDB(®)
|
|
## A new service per broker will be created
|
|
##
|
|
service:
|
|
## @param externalAccess.service.type Kubernetes Service type for external access. Allowed values: NodePort, LoadBalancer or ClusterIP
|
|
##
|
|
type: LoadBalancer
|
|
## @param externalAccess.service.portName MongoDB(®) port name used for external access when service type is LoadBalancer
|
|
##
|
|
portName: "mongodb"
|
|
## @param externalAccess.service.ports.mongodb MongoDB(®) port used for external access when service type is LoadBalancer
|
|
##
|
|
ports:
|
|
mongodb: 27017
|
|
## @param externalAccess.service.loadBalancerIPs Array of load balancer IPs for MongoDB(®) nodes
|
|
## Example:
|
|
## loadBalancerIPs:
|
|
## - X.X.X.X
|
|
## - Y.Y.Y.Y
|
|
##
|
|
loadBalancerIPs: []
|
|
## @param externalAccess.service.publicNames Array of public names. The size should be equal to the number of replicas.
|
|
##
|
|
publicNames: []
|
|
## @param externalAccess.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer
|
|
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
|
|
loadBalancerClass: ""
|
|
## @param externalAccess.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## Example:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param externalAccess.service.allocateLoadBalancerNodePorts Whether to allocate node ports when service type is LoadBalancer
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
|
|
##
|
|
allocateLoadBalancerNodePorts: true
|
|
## @param externalAccess.service.externalTrafficPolicy MongoDB(®) service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Local
|
|
## @param externalAccess.service.nodePorts Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort
|
|
## Example:
|
|
## nodePorts:
|
|
## - 30001
|
|
## - 30002
|
|
##
|
|
nodePorts: []
|
|
## @param externalAccess.service.domain Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort
|
|
## If not specified, the container will try to get the kubernetes node external IP
|
|
## e.g:
|
|
## domain: mydomain.com
|
|
##
|
|
domain: ""
|
|
## @param externalAccess.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## @param externalAccess.service.annotations Service annotations for external access. These annotations are common for all services created.
|
|
##
|
|
annotations: {}
|
|
## @param externalAccess.service.annotationsList Service annotations for eache external service. This value contains a list allowing different annotations per each external service.
|
|
## Eg:
|
|
## annotationsList:
|
|
## - external-dns.alpha.kubernetes.io/hostname: mongodb-0.example.com
|
|
## - external-dns.alpha.kubernetes.io/hostname: mongodb-1.example.com
|
|
##
|
|
annotationsList: []
|
|
## @param externalAccess.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param externalAccess.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## External Access to MongoDB(®) Hidden nodes configuration
|
|
##
|
|
hidden:
|
|
## @param externalAccess.hidden.enabled Enable Kubernetes external cluster access to MongoDB(®) hidden nodes
|
|
##
|
|
enabled: false
|
|
## Parameters to configure K8s service(s) used to externally access MongoDB(®)
|
|
## A new service per broker will be created
|
|
##
|
|
service:
|
|
## @param externalAccess.hidden.service.type Kubernetes Service type for external access. Allowed values: NodePort or LoadBalancer
|
|
##
|
|
type: LoadBalancer
|
|
## @param externalAccess.hidden.service.portName MongoDB(®) port name used for external access when service type is LoadBalancer
|
|
##
|
|
portName: "mongodb"
|
|
## @param externalAccess.hidden.service.ports.mongodb MongoDB(®) port used for external access when service type is LoadBalancer
|
|
##
|
|
ports:
|
|
mongodb: 27017
|
|
## @param externalAccess.hidden.service.loadBalancerIPs Array of load balancer IPs for MongoDB(®) nodes
|
|
## Example:
|
|
## loadBalancerIPs:
|
|
## - X.X.X.X
|
|
## - Y.Y.Y.Y
|
|
##
|
|
loadBalancerIPs: []
|
|
## @param externalAccess.hidden.service.loadBalancerClass loadBalancerClass when service type is LoadBalancer
|
|
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-class
|
|
loadBalancerClass: ""
|
|
## @param externalAccess.hidden.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer
|
|
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
|
## Example:
|
|
## loadBalancerSourceRanges:
|
|
## - 10.10.10.0/24
|
|
##
|
|
loadBalancerSourceRanges: []
|
|
## @param externalAccess.hidden.service.allocateLoadBalancerNodePorts Wheter to allocate node ports when service type is LoadBalancer
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#load-balancer-nodeport-allocation
|
|
##
|
|
allocateLoadBalancerNodePorts: true
|
|
## @param externalAccess.hidden.service.externalTrafficPolicy MongoDB(®) service external traffic policy
|
|
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
##
|
|
externalTrafficPolicy: Local
|
|
## @param externalAccess.hidden.service.nodePorts Array of node ports used to configure MongoDB(®) advertised hostname when service type is NodePort. Length must be the same as replicaCount
|
|
## Example:
|
|
## nodePorts:
|
|
## - 30001
|
|
## - 30002
|
|
##
|
|
nodePorts: []
|
|
## @param externalAccess.hidden.service.domain Domain or external IP used to configure MongoDB(®) advertised hostname when service type is NodePort
|
|
## If not specified, the container will try to get the kubernetes node external IP
|
|
## e.g:
|
|
## domain: mydomain.com
|
|
##
|
|
domain: ""
|
|
## @param externalAccess.hidden.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## @param externalAccess.hidden.service.annotations Service annotations for external access
|
|
##
|
|
annotations: {}
|
|
## @param externalAccess.hidden.service.sessionAffinity Control where client requests go, to the same pod or round-robin
|
|
## Values: ClientIP or None
|
|
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
##
|
|
sessionAffinity: None
|
|
## @param externalAccess.hidden.service.sessionAffinityConfig Additional settings for the sessionAffinity
|
|
## sessionAffinityConfig:
|
|
## clientIP:
|
|
## timeoutSeconds: 300
|
|
##
|
|
sessionAffinityConfig: {}
|
|
## @section Password update job
|
|
##
|
|
passwordUpdateJob:
|
|
## @param passwordUpdateJob.enabled Enable password update job
|
|
##
|
|
enabled: false
|
|
## @param passwordUpdateJob.backoffLimit set backoff limit of the job
|
|
##
|
|
backoffLimit: 10
|
|
## @param passwordUpdateJob.command Override default container command on mysql Primary container(s) (useful when using custom images)
|
|
##
|
|
command: []
|
|
## @param passwordUpdateJob.args Override default container args on mysql Primary container(s) (useful when using custom images)
|
|
##
|
|
args: []
|
|
## @param passwordUpdateJob.extraCommands Extra commands to pass to the generation job
|
|
##
|
|
extraCommands: ""
|
|
## @param passwordUpdateJob.previousPasswords.rootPassword Previous root password (set if the password secret was already changed)
|
|
## @param passwordUpdateJob.previousPasswords.existingSecret Name of a secret containing the previous passwords (set if the password secret was already changed)
|
|
previousPasswords:
|
|
rootPassword: ""
|
|
existingSecret: ""
|
|
## Configure Container Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param passwordUpdateJob.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param passwordUpdateJob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param passwordUpdateJob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param passwordUpdateJob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param passwordUpdateJob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param passwordUpdateJob.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param passwordUpdateJob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param passwordUpdateJob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param passwordUpdateJob.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param passwordUpdateJob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## Configure Pods Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param passwordUpdateJob.podSecurityContext.enabled Enabled credential init job pods' Security Context
|
|
## @param passwordUpdateJob.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param passwordUpdateJob.podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
|
## @param passwordUpdateJob.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param passwordUpdateJob.podSecurityContext.fsGroup Set credential init job pod's Security Context fsGroup
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
sysctls: []
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## @param passwordUpdateJob.extraEnvVars Array containing extra env vars to configure the credential init job
|
|
## For example:
|
|
## extraEnvVars:
|
|
## - name: GF_DEFAULT_INSTANCE_NAME
|
|
## value: my-instance
|
|
##
|
|
extraEnvVars: []
|
|
## @param passwordUpdateJob.extraEnvVarsCM ConfigMap containing extra env vars to configure the credential init job
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param passwordUpdateJob.extraEnvVarsSecret Secret containing extra env vars to configure the credential init job (in case of sensitive data)
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param passwordUpdateJob.extraVolumes Optionally specify extra list of additional volumes for the credential init job
|
|
##
|
|
extraVolumes: []
|
|
## @param passwordUpdateJob.extraVolumeMounts Array of extra volume mounts to be added to the jwt Container (evaluated as template). Normally used with `extraVolumes`.
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param passwordUpdateJob.initContainers Add additional init containers for the mysql Primary pod(s)
|
|
##
|
|
initContainers: []
|
|
## Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## @param passwordUpdateJob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if passwordUpdateJob.resources is set (passwordUpdateJob.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param passwordUpdateJob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param passwordUpdateJob.customLivenessProbe Custom livenessProbe that overrides the default one
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param passwordUpdateJob.customReadinessProbe Custom readinessProbe that overrides the default one
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param passwordUpdateJob.customStartupProbe Custom startupProbe that overrides the default one
|
|
##
|
|
customStartupProbe: {}
|
|
## @param passwordUpdateJob.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param passwordUpdateJob.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param passwordUpdateJob.annotations [object] Add annotations to the job
|
|
##
|
|
annotations: {}
|
|
## @param passwordUpdateJob.podLabels Additional pod labels
|
|
## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param passwordUpdateJob.podAnnotations Additional pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
|
|
## @section Network policy parameters
|
|
##
|
|
|
|
## Network Policies
|
|
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
|
##
|
|
networkPolicy:
|
|
## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
|
|
##
|
|
enabled: true
|
|
## @param networkPolicy.allowExternal Don't require server label for connections
|
|
## The Policy model to apply. When set to false, only pods with the correct
|
|
## server label will have network access to the ports server is listening
|
|
## on. When true, server will accept connections from any source
|
|
## (with the correct destination port).
|
|
##
|
|
allowExternal: true
|
|
## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
|
##
|
|
allowExternalEgress: true
|
|
## @param networkPolicy.addExternalClientAccess Allow access from pods with client label set to "true". Ignored if `networkPolicy.allowExternal` is true.
|
|
##
|
|
addExternalClientAccess: true
|
|
## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraIngress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## from:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
extraIngress: []
|
|
## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
|
## e.g:
|
|
## extraEgress:
|
|
## - ports:
|
|
## - port: 1234
|
|
## to:
|
|
## - podSelector:
|
|
## - matchLabels:
|
|
## - role: frontend
|
|
## - podSelector:
|
|
## - matchExpressions:
|
|
## - key: role
|
|
## operator: In
|
|
## values:
|
|
## - frontend
|
|
##
|
|
extraEgress: []
|
|
## @param networkPolicy.ingressPodMatchLabels [object] Labels to match to allow traffic from other pods. Ignored if `networkPolicy.allowExternal` is true.
|
|
## e.g:
|
|
## ingressPodMatchLabels:
|
|
## my-client: "true"
|
|
#
|
|
ingressPodMatchLabels: {}
|
|
## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.
|
|
## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces. Ignored if `networkPolicy.allowExternal` is true.
|
|
##
|
|
ingressNSMatchLabels: {}
|
|
ingressNSPodMatchLabels: {}
|
|
persistence:
|
|
## @param persistence.enabled Enable MongoDB(®) data persistence using PVC
|
|
##
|
|
enabled: true
|
|
## @param persistence.name Name of the PVC and mounted volume
|
|
##
|
|
name: "datadir"
|
|
## @param persistence.medium Provide a medium for `emptyDir` volumes.
|
|
## Requires persistence.enabled: false
|
|
##
|
|
medium: ""
|
|
## @param persistence.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
|
|
## Requires persistence.enabled: true
|
|
## If defined, PVC must be created manually before volume will be bound
|
|
## Ignored when mongodb.architecture=replicaset
|
|
##
|
|
existingClaim: ""
|
|
## @param persistence.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
|
|
##
|
|
resourcePolicy: ""
|
|
## @param persistence.storageClass PVC Storage Class for MongoDB(®) data volume
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner.
|
|
##
|
|
storageClass: ""
|
|
## @param persistence.accessModes PV Access Mode
|
|
##
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
## @param persistence.size PVC Storage Request for MongoDB(®) data volume
|
|
##
|
|
size: 8Gi
|
|
## @param persistence.annotations PVC annotations
|
|
##
|
|
annotations: {}
|
|
## @param persistence.labels PVC labels
|
|
##
|
|
labels: {}
|
|
## @param persistence.mountPath Path to mount the volume at
|
|
## MongoDB(®) images.
|
|
##
|
|
mountPath: /bitnami/mongodb
|
|
## @param persistence.subPath Subdirectory of the volume to mount at
|
|
## and one PV for multiple services.
|
|
##
|
|
subPath: ""
|
|
## Fine tuning for volumeClaimTemplates
|
|
##
|
|
volumeClaimTemplates:
|
|
## @param persistence.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
|
|
## A label query over volumes to consider for binding (e.g. when using local volumes)
|
|
## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
|
|
##
|
|
selector: {}
|
|
## @param persistence.volumeClaimTemplates.requests Custom PVC requests attributes
|
|
## Sometime cloud providers use additional requests attributes to provision custom storage instance
|
|
## See https://cloud.ibm.com/docs/containers?topic=containers-file_storage#file_dynamic_statefulset
|
|
##
|
|
requests: {}
|
|
## @param persistence.volumeClaimTemplates.dataSource Add dataSource to the VolumeClaimTemplate
|
|
##
|
|
dataSource: {}
|
|
## Persistent Volume Claim Retention Policy
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
|
|
##
|
|
persistentVolumeClaimRetentionPolicy:
|
|
## @param persistentVolumeClaimRetentionPolicy.enabled Enable Persistent volume retention policy for MongoDB(®) Statefulset
|
|
##
|
|
enabled: false
|
|
## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
|
|
##
|
|
whenScaled: Retain
|
|
## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
|
|
##
|
|
whenDeleted: Retain
|
|
## @section Backup parameters
|
|
## This section implements a trivial logical dump cronjob of the database.
|
|
## This only comes with the consistency guarantees of the dump program.
|
|
## This is not a snapshot based roll forward/backward recovery backup.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/
|
|
##
|
|
backup:
|
|
## @param backup.enabled Enable the logical dump of the database "regularly"
|
|
##
|
|
enabled: false
|
|
## Fine tuning cronjob's config
|
|
##
|
|
cronjob:
|
|
## @param backup.cronjob.schedule Set the cronjob parameter schedule
|
|
##
|
|
schedule: "@daily"
|
|
## @param backup.cronjob.timeZone Set the cronjob parameter timeZone
|
|
##
|
|
timeZone: ""
|
|
## @param backup.cronjob.concurrencyPolicy Set the cronjob parameter concurrencyPolicy
|
|
##
|
|
concurrencyPolicy: Allow
|
|
## @param backup.cronjob.failedJobsHistoryLimit Set the cronjob parameter failedJobsHistoryLimit
|
|
##
|
|
failedJobsHistoryLimit: 1
|
|
## @param backup.cronjob.successfulJobsHistoryLimit Set the cronjob parameter successfulJobsHistoryLimit
|
|
##
|
|
successfulJobsHistoryLimit: 3
|
|
## @param backup.cronjob.startingDeadlineSeconds Set the cronjob parameter startingDeadlineSeconds
|
|
##
|
|
startingDeadlineSeconds: ""
|
|
## @param backup.cronjob.ttlSecondsAfterFinished Set the cronjob parameter ttlSecondsAfterFinished
|
|
##
|
|
ttlSecondsAfterFinished: ""
|
|
## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy
|
|
##
|
|
restartPolicy: OnFailure
|
|
## @param backup.cronjob.backoffLimit Set the cronjob parameter backoffLimit
|
|
backoffLimit: 6
|
|
## backup container's Security Context
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param backup.cronjob.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param backup.cronjob.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param backup.cronjob.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param backup.cronjob.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param backup.cronjob.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param backup.cronjob.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param backup.cronjob.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param backup.cronjob.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param backup.cronjob.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param backup.cronjob.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## backup container's resource requests and limits.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param backup.cronjob.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "none"
|
|
## @param backup.cronjob.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param backup.cronjob.command Set backup container's command to run
|
|
##
|
|
command: []
|
|
## @param backup.cronjob.labels Set the cronjob labels
|
|
##
|
|
labels: {}
|
|
## @param backup.cronjob.annotations Set the cronjob annotations
|
|
##
|
|
annotations: {}
|
|
## Backup container's
|
|
##
|
|
storage:
|
|
## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
|
|
## If defined, PVC must be created manually before volume will be bound
|
|
##
|
|
existingClaim: ""
|
|
## @param backup.cronjob.storage.resourcePolicy Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted
|
|
##
|
|
resourcePolicy: ""
|
|
## @param backup.cronjob.storage.storageClass PVC Storage Class for the backup data volume
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner.
|
|
##
|
|
storageClass: ""
|
|
## @param backup.cronjob.storage.accessModes PV Access Mode
|
|
##
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
## @param backup.cronjob.storage.size PVC Storage Request for the backup data volume
|
|
##
|
|
size: 8Gi
|
|
## @param backup.cronjob.storage.annotations PVC annotations
|
|
##
|
|
annotations: {}
|
|
## @param backup.cronjob.storage.mountPath Path to mount the volume at
|
|
##
|
|
mountPath: /backup/mongodb
|
|
## @param backup.cronjob.storage.subPath Subdirectory of the volume to mount at
|
|
## and one PV for multiple services.
|
|
##
|
|
subPath: ""
|
|
## Fine tuning for volumeClaimTemplates
|
|
##
|
|
volumeClaimTemplates:
|
|
## @param backup.cronjob.storage.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
|
|
## A label query over volumes to consider for binding (e.g. when using local volumes)
|
|
## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
|
|
##
|
|
selector: {}
|
|
## @section RBAC parameters
|
|
##
|
|
|
|
## ServiceAccount
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
|
##
|
|
serviceAccount:
|
|
## @param serviceAccount.create Enable creation of ServiceAccount for MongoDB(®) pods
|
|
##
|
|
create: true
|
|
## @param serviceAccount.name Name of the created serviceAccount
|
|
## If not set and create is true, a name is generated using the mongodb.fullname template
|
|
##
|
|
name: ""
|
|
## @param serviceAccount.annotations Additional Service Account annotations
|
|
##
|
|
annotations: {}
|
|
## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created
|
|
## Can be set to false if pods using this serviceAccount do not need to use K8s API
|
|
##
|
|
automountServiceAccountToken: false
|
|
## Role Based Access
|
|
## ref: https://kubernetes.io/docs/admin/authorization/rbac/
|
|
##
|
|
rbac:
|
|
## @param rbac.create Whether to create & use RBAC resources or not
|
|
## binding MongoDB(®) ServiceAccount to a role
|
|
## that allows MongoDB(®) pods querying the K8s API
|
|
## this needs to be set to 'true' to enable the mongo-labeler sidecar primary mongodb discovery
|
|
##
|
|
create: false
|
|
## @param rbac.rules Custom rules to create following the role specification
|
|
## The example below needs to be uncommented to use the 'mongo-labeler' sidecar for dynamic discovery of the primary mongodb pod:
|
|
## rules:
|
|
## - apiGroups:
|
|
## - ""
|
|
## resources:
|
|
## - pods
|
|
## verbs:
|
|
## - get
|
|
## - list
|
|
## - watch
|
|
## - update
|
|
##
|
|
rules: []
|
|
## PodSecurityPolicy configuration
|
|
## Be sure to also set rbac.create to true, otherwise Role and RoleBinding won't be created.
|
|
## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
|
|
##
|
|
podSecurityPolicy:
|
|
## @param podSecurityPolicy.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
|
|
##
|
|
create: false
|
|
## @param podSecurityPolicy.allowPrivilegeEscalation Enable privilege escalation
|
|
## Either use predefined policy with some adjustments or use `podSecurityPolicy.spec`
|
|
##
|
|
allowPrivilegeEscalation: false
|
|
## @param podSecurityPolicy.privileged Allow privileged
|
|
##
|
|
privileged: false
|
|
## @param podSecurityPolicy.spec Specify the full spec to use for Pod Security Policy
|
|
## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
|
|
## Defining a spec ignores the above values.
|
|
##
|
|
spec: {}
|
|
## Example:
|
|
## allowPrivilegeEscalation: false
|
|
## fsGroup:
|
|
## rule: 'MustRunAs'
|
|
## ranges:
|
|
## - min: 1001
|
|
## max: 1001
|
|
## hostIPC: false
|
|
## hostNetwork: false
|
|
## hostPID: false
|
|
## privileged: false
|
|
## readOnlyRootFilesystem: true
|
|
## requiredDropCapabilities:
|
|
## - ALL
|
|
## runAsUser:
|
|
## rule: 'MustRunAs'
|
|
## ranges:
|
|
## - min: 1001
|
|
## max: 1001
|
|
## seLinux:
|
|
## rule: 'RunAsAny'
|
|
## supplementalGroups:
|
|
## rule: 'MustRunAs'
|
|
## ranges:
|
|
## - min: 1001
|
|
## max: 1001
|
|
## volumes:
|
|
## - 'configMap'
|
|
## - 'secret'
|
|
## - 'emptyDir'
|
|
## - 'persistentVolumeClaim'
|
|
##
|
|
## @section Volume Permissions parameters
|
|
##
|
|
## Init Container parameters
|
|
## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component
|
|
## values from the securityContext section of the component
|
|
##
|
|
volumePermissions:
|
|
## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup`
|
|
##
|
|
enabled: false
|
|
## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry
|
|
## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository
|
|
## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended)
|
|
## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy
|
|
## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/os-shell
|
|
tag: 12-debian-12-r36
|
|
digest: ""
|
|
## Specify a imagePullPolicy
|
|
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
|
##
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## Example:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## Init Container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## Init container Security Context
|
|
## Note: the chown of the data folder is done to containerSecurityContext.runAsUser
|
|
## and not the below volumePermissions.securityContext.runAsUser
|
|
## When runAsUser is set to special value "auto", init container will try to chwon the
|
|
## data folder to autodetermined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
|
|
## "auto" is especially useful for OpenShift which has scc with dynamic userids (and 0 is not allowed).
|
|
## You may want to use this volumePermissions.securityContext.runAsUser="auto" in combination with
|
|
## podSecurityContext.enabled=false,containerSecurityContext.enabled=false and shmVolume.chmod.enabled=false
|
|
## @param volumePermissions.securityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param volumePermissions.securityContext.runAsUser User ID for the volumePermissions container
|
|
##
|
|
securityContext:
|
|
seLinuxOptions: {}
|
|
runAsUser: 0
|
|
## @section Arbiter parameters
|
|
##
|
|
arbiter:
|
|
## @param arbiter.enabled Enable deploying the arbiter
|
|
## https://docs.mongodb.com/manual/tutorial/add-replica-set-arbiter/
|
|
##
|
|
enabled: true
|
|
## @param arbiter.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param arbiter.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param arbiter.configuration Arbiter configuration file to be used
|
|
## http://docs.mongodb.org/manual/reference/configuration-options/
|
|
##
|
|
configuration: ""
|
|
## @param arbiter.existingConfigmap Name of existing ConfigMap with Arbiter configuration
|
|
## NOTE: When it's set the arbiter.configuration parameter is ignored
|
|
##
|
|
existingConfigmap: ""
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
## @param arbiter.command Override default container command (useful when using custom images)
|
|
## @param arbiter.args Override default container args (useful when using custom images)
|
|
##
|
|
command: []
|
|
args: []
|
|
## @param arbiter.extraFlags Arbiter additional command line flags
|
|
## Example:
|
|
## extraFlags:
|
|
## - "--wiredTigerCacheSizeGB=2"
|
|
##
|
|
extraFlags: []
|
|
## @param arbiter.extraEnvVars Extra environment variables to add to Arbiter pods
|
|
## E.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: BAR
|
|
##
|
|
extraEnvVars: []
|
|
## @param arbiter.extraEnvVarsCM Name of existing ConfigMap containing extra env vars
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param arbiter.extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param arbiter.annotations Additional labels to be added to the Arbiter statefulset
|
|
##
|
|
annotations: {}
|
|
## @param arbiter.labels Annotations to be added to the Arbiter statefulset
|
|
##
|
|
labels: {}
|
|
## @param arbiter.topologySpreadConstraints MongoDB(®) Spread Constraints for arbiter Pods
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param arbiter.lifecycleHooks LifecycleHook for the Arbiter container to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param arbiter.terminationGracePeriodSeconds Arbiter Termination Grace Period
|
|
##
|
|
terminationGracePeriodSeconds: ""
|
|
## @param arbiter.updateStrategy.type Strategy that will be employed to update Pods in the StatefulSet
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
## updateStrategy:
|
|
## type: RollingUpdate
|
|
## rollingUpdate:
|
|
## maxSurge: 25%
|
|
## maxUnavailable: 25%
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## @param arbiter.podManagementPolicy Pod management policy for MongoDB(®)
|
|
## Should be initialized one by one when building the replicaset for the first time
|
|
##
|
|
podManagementPolicy: OrderedReady
|
|
## @param arbiter.schedulerName Name of the scheduler (other than default) to dispatch pods
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param arbiter.podAffinityPreset Arbiter Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param arbiter.podAntiAffinityPreset Arbiter Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param arbiter.nodeAffinityPreset.type Arbiter Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param arbiter.nodeAffinityPreset.key Arbiter Node label key to match Ignored if `affinity` is set.
|
|
## E.g.
|
|
## key: "kubernetes.io/e2e-az-name"
|
|
##
|
|
key: ""
|
|
## @param arbiter.nodeAffinityPreset.values Arbiter Node label values to match. Ignored if `affinity` is set.
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param arbiter.affinity Arbiter Affinity for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: arbiter.podAffinityPreset, arbiter.podAntiAffinityPreset, and arbiter.nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param arbiter.nodeSelector Arbiter Node labels for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param arbiter.tolerations Arbiter Tolerations for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param arbiter.podLabels Arbiter pod labels
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param arbiter.podAnnotations Arbiter Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param arbiter.priorityClassName Name of the existing priority class to be used by Arbiter pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
##
|
|
priorityClassName: ""
|
|
## @param arbiter.runtimeClassName Name of the runtime class to be used by Arbiter pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## MongoDB(®) Arbiter pods' Security Context.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param arbiter.podSecurityContext.enabled Enable Arbiter pod(s)' Security Context
|
|
## @param arbiter.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param arbiter.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param arbiter.podSecurityContext.fsGroup Group ID for the volumes of the Arbiter pod(s)
|
|
## @param arbiter.podSecurityContext.sysctls sysctl settings of the Arbiter pod(s)'
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## sysctl settings
|
|
## Example:
|
|
## sysctls:
|
|
## - name: net.core.somaxconn
|
|
## value: "10000"
|
|
##
|
|
sysctls: []
|
|
## MongoDB(®) Arbiter containers' Security Context (only main container).
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param arbiter.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param arbiter.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param arbiter.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param arbiter.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param arbiter.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param arbiter.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param arbiter.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param arbiter.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param arbiter.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param arbiter.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## MongoDB(®) Arbiter containers' resource requests and limits.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param arbiter.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if arbiter.resources is set (arbiter.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "small"
|
|
## @param arbiter.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param arbiter.containerPorts.mongodb MongoDB(®) arbiter container port
|
|
##
|
|
containerPorts:
|
|
mongodb: 27017
|
|
## MongoDB(®) Arbiter pods' liveness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param arbiter.livenessProbe.enabled Enable livenessProbe
|
|
## @param arbiter.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param arbiter.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param arbiter.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param arbiter.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param arbiter.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## MongoDB(®) Arbiter pods' readiness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param arbiter.readinessProbe.enabled Enable readinessProbe
|
|
## @param arbiter.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param arbiter.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param arbiter.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param arbiter.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param arbiter.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## MongoDB(®) Arbiter pods' startup probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param arbiter.startupProbe.enabled Enable startupProbe
|
|
## @param arbiter.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param arbiter.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param arbiter.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param arbiter.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param arbiter.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 30
|
|
## @param arbiter.customLivenessProbe Override default liveness probe for Arbiter containers
|
|
## Ignored when arbiter.livenessProbe.enabled=true
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param arbiter.customReadinessProbe Override default readiness probe for Arbiter containers
|
|
## Ignored when arbiter.readinessProbe.enabled=true
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param arbiter.customStartupProbe Override default startup probe for Arbiter containers
|
|
## Ignored when arbiter.startupProbe.enabled=true
|
|
##
|
|
customStartupProbe: {}
|
|
## @param arbiter.initContainers Add additional init containers for the Arbiter pod(s)
|
|
## Example:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
initContainers: []
|
|
## @param arbiter.sidecars Add additional sidecar containers for the Arbiter pod(s)
|
|
## Example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param arbiter.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Arbiter container(s)
|
|
## Examples:
|
|
## extraVolumeMounts:
|
|
## - name: extras
|
|
## mountPath: /usr/share/extras
|
|
## readOnly: true
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param arbiter.extraVolumes Optionally specify extra list of additional volumes to the Arbiter statefulset
|
|
## extraVolumes:
|
|
## - name: extras
|
|
## emptyDir: {}
|
|
##
|
|
extraVolumes: []
|
|
## MongoDB(®) Arbiter Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
|
##
|
|
pdb:
|
|
## @param arbiter.pdb.create Enable/disable a Pod Disruption Budget creation for Arbiter pod(s)
|
|
##
|
|
create: true
|
|
## @param arbiter.pdb.minAvailable Minimum number/percentage of Arbiter pods that should remain scheduled
|
|
##
|
|
minAvailable: ""
|
|
## @param arbiter.pdb.maxUnavailable Maximum number/percentage of Arbiter pods that may be made unavailable. Defaults to `1` if both `arbiter.pdb.minAvailable` and `arbiter.pdb.maxUnavailable` are empty.
|
|
##
|
|
maxUnavailable: ""
|
|
## MongoDB(®) Arbiter service parameters
|
|
##
|
|
service:
|
|
## @param arbiter.service.nameOverride The arbiter service name
|
|
##
|
|
nameOverride: ""
|
|
## @param arbiter.service.ports.mongodb MongoDB(®) service port
|
|
##
|
|
ports:
|
|
mongodb: 27017
|
|
## @param arbiter.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## @param arbiter.service.annotations Provide any additional annotations that may be required
|
|
##
|
|
annotations: {}
|
|
## Headless service properties
|
|
##
|
|
headless:
|
|
## @param arbiter.service.headless.annotations Annotations for the headless service.
|
|
##
|
|
annotations: {}
|
|
## @section Hidden Node parameters
|
|
##
|
|
hidden:
|
|
## @param hidden.enabled Enable deploying the hidden nodes
|
|
## https://docs.mongodb.com/manual/tutorial/configure-a-hidden-replica-set-member/
|
|
##
|
|
enabled: false
|
|
## @param hidden.automountServiceAccountToken Mount Service Account token in pod
|
|
##
|
|
automountServiceAccountToken: false
|
|
## @param hidden.hostAliases Add deployment host aliases
|
|
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
|
##
|
|
hostAliases: []
|
|
## @param hidden.configuration Hidden node configuration file to be used
|
|
## http://docs.mongodb.org/manual/reference/configuration-options/
|
|
##
|
|
configuration: ""
|
|
## @param hidden.existingConfigmap Name of existing ConfigMap with Hidden node configuration
|
|
## NOTE: When it's set the hidden.configuration parameter is ignored
|
|
##
|
|
existingConfigmap: ""
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
## @param hidden.command Override default container command (useful when using custom images)
|
|
## @param hidden.args Override default container args (useful when using custom images)
|
|
##
|
|
command: []
|
|
args: []
|
|
## @param hidden.extraFlags Hidden node additional command line flags
|
|
## Example:
|
|
## extraFlags:
|
|
## - "--wiredTigerCacheSizeGB=2"
|
|
##
|
|
extraFlags: []
|
|
## @param hidden.extraEnvVars Extra environment variables to add to Hidden node pods
|
|
## E.g:
|
|
## extraEnvVars:
|
|
## - name: FOO
|
|
## value: BAR
|
|
##
|
|
extraEnvVars: []
|
|
## @param hidden.extraEnvVarsCM Name of existing ConfigMap containing extra env vars
|
|
##
|
|
extraEnvVarsCM: ""
|
|
## @param hidden.extraEnvVarsSecret Name of existing Secret containing extra env vars (in case of sensitive data)
|
|
##
|
|
extraEnvVarsSecret: ""
|
|
## @param hidden.annotations Additional labels to be added to thehidden node statefulset
|
|
##
|
|
annotations: {}
|
|
## @param hidden.labels Annotations to be added to the hidden node statefulset
|
|
##
|
|
labels: {}
|
|
## @param hidden.topologySpreadConstraints MongoDB(®) Spread Constraints for hidden Pods
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
|
|
##
|
|
topologySpreadConstraints: []
|
|
## @param hidden.lifecycleHooks LifecycleHook for the Hidden container to automate configuration before or after startup
|
|
##
|
|
lifecycleHooks: {}
|
|
## @param hidden.replicaCount Number of hidden nodes (only when `architecture=replicaset`)
|
|
## Ignored when mongodb.architecture=standalone
|
|
##
|
|
replicaCount: 1
|
|
## @param hidden.terminationGracePeriodSeconds Hidden Termination Grace Period
|
|
##
|
|
terminationGracePeriodSeconds: ""
|
|
## @param hidden.updateStrategy.type Strategy that will be employed to update Pods in the StatefulSet
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
|
|
## updateStrategy:
|
|
## type: RollingUpdate
|
|
## rollingUpdate:
|
|
## maxSurge: 25%
|
|
## maxUnavailable: 25%
|
|
##
|
|
updateStrategy:
|
|
type: RollingUpdate
|
|
## @param hidden.podManagementPolicy Pod management policy for hidden node
|
|
##
|
|
podManagementPolicy: OrderedReady
|
|
## @param hidden.schedulerName Name of the scheduler (other than default) to dispatch pods
|
|
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
|
##
|
|
schedulerName: ""
|
|
## @param hidden.podAffinityPreset Hidden node Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAffinityPreset: ""
|
|
## @param hidden.podAntiAffinityPreset Hidden node Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
|
##
|
|
podAntiAffinityPreset: soft
|
|
## Node affinity preset
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
|
## Allowed values: soft, hard
|
|
##
|
|
nodeAffinityPreset:
|
|
## @param hidden.nodeAffinityPreset.type Hidden Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
|
##
|
|
type: ""
|
|
## @param hidden.nodeAffinityPreset.key Hidden Node label key to match Ignored if `affinity` is set.
|
|
## E.g.
|
|
## key: "kubernetes.io/e2e-az-name"
|
|
##
|
|
key: ""
|
|
## @param hidden.nodeAffinityPreset.values Hidden Node label values to match. Ignored if `affinity` is set.
|
|
## E.g.
|
|
## values:
|
|
## - e2e-az1
|
|
## - e2e-az2
|
|
##
|
|
values: []
|
|
## @param hidden.affinity Hidden node Affinity for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
|
## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
|
|
##
|
|
affinity: {}
|
|
## @param hidden.nodeSelector Hidden node Node labels for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
|
##
|
|
nodeSelector: {}
|
|
## @param hidden.tolerations Hidden node Tolerations for pod assignment
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
|
##
|
|
tolerations: []
|
|
## @param hidden.podLabels Hidden node pod labels
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
##
|
|
podLabels: {}
|
|
## @param hidden.podAnnotations Hidden node Pod annotations
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
podAnnotations: {}
|
|
## @param hidden.priorityClassName Name of the existing priority class to be used by hidden node pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
|
|
##
|
|
priorityClassName: ""
|
|
## @param hidden.runtimeClassName Name of the runtime class to be used by hidden node pod(s)
|
|
## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/
|
|
##
|
|
runtimeClassName: ""
|
|
## MongoDB(®) Hidden pods' Security Context.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
|
## @param hidden.podSecurityContext.enabled Enable Hidden pod(s)' Security Context
|
|
## @param hidden.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
|
## @param hidden.podSecurityContext.supplementalGroups Set filesystem extra groups
|
|
## @param hidden.podSecurityContext.fsGroup Group ID for the volumes of the Hidden pod(s)
|
|
## @param hidden.podSecurityContext.sysctls sysctl settings of the Hidden pod(s)'
|
|
##
|
|
podSecurityContext:
|
|
enabled: true
|
|
fsGroupChangePolicy: Always
|
|
supplementalGroups: []
|
|
fsGroup: 1001
|
|
## sysctl settings
|
|
## Example:
|
|
## sysctls:
|
|
## - name: net.core.somaxconn
|
|
## value: "10000"
|
|
##
|
|
sysctls: []
|
|
## MongoDB(®) Hidden containers' Security Context (only main container).
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
|
## @param hidden.containerSecurityContext.enabled Enabled containers' Security Context
|
|
## @param hidden.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
|
## @param hidden.containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
|
## @param hidden.containerSecurityContext.runAsGroup Set containers' Security Context runAsGroup
|
|
## @param hidden.containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
|
## @param hidden.containerSecurityContext.privileged Set container's Security Context privileged
|
|
## @param hidden.containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
|
## @param hidden.containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
|
## @param hidden.containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
|
## @param hidden.containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
|
##
|
|
containerSecurityContext:
|
|
enabled: true
|
|
seLinuxOptions: {}
|
|
runAsUser: 1001
|
|
runAsGroup: 1001
|
|
runAsNonRoot: true
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
## MongoDB(®) Hidden containers' resource requests and limits.
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param hidden.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if hidden.resources is set (hidden.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "micro"
|
|
## @param hidden.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param hidden.containerPorts.mongodb MongoDB(®) hidden container port
|
|
##
|
|
containerPorts:
|
|
mongodb: 27017
|
|
## MongoDB(®) Hidden pods' liveness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param hidden.livenessProbe.enabled Enable livenessProbe
|
|
## @param hidden.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param hidden.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param hidden.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param hidden.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param hidden.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## MongoDB(®) Hidden pods' readiness probe. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
|
|
## @param hidden.readinessProbe.enabled Enable readinessProbe
|
|
## @param hidden.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param hidden.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param hidden.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param hidden.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param hidden.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 20
|
|
timeoutSeconds: 10
|
|
failureThreshold: 6
|
|
successThreshold: 1
|
|
## Slow starting containers can be protected through startup probes
|
|
## Startup probes are available in Kubernetes version 1.16 and above
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
|
|
## @param hidden.startupProbe.enabled Enable startupProbe
|
|
## @param hidden.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param hidden.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param hidden.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param hidden.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param hidden.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 30
|
|
## @param hidden.customLivenessProbe Override default liveness probe for hidden node containers
|
|
## Ignored when hidden.livenessProbe.enabled=true
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param hidden.customReadinessProbe Override default readiness probe for hidden node containers
|
|
## Ignored when hidden.readinessProbe.enabled=true
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param hidden.customStartupProbe Override default startup probe for MongoDB(®) containers
|
|
## Ignored when hidden.startupProbe.enabled=true
|
|
##
|
|
customStartupProbe: {}
|
|
## @param hidden.initContainers Add init containers to the MongoDB(®) Hidden pods.
|
|
## Example:
|
|
## initContainers:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
initContainers: []
|
|
## @param hidden.sidecars Add additional sidecar containers for the hidden node pod(s)
|
|
## Example:
|
|
## sidecars:
|
|
## - name: your-image-name
|
|
## image: your-image
|
|
## imagePullPolicy: Always
|
|
## ports:
|
|
## - name: portname
|
|
## containerPort: 1234
|
|
##
|
|
sidecars: []
|
|
## @param hidden.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the hidden node container(s)
|
|
## Examples:
|
|
## extraVolumeMounts:
|
|
## - name: extras
|
|
## mountPath: /usr/share/extras
|
|
## readOnly: true
|
|
##
|
|
extraVolumeMounts: []
|
|
## @param hidden.extraVolumes Optionally specify extra list of additional volumes to the hidden node statefulset
|
|
## extraVolumes:
|
|
## - name: extras
|
|
## emptyDir: {}
|
|
##
|
|
extraVolumes: []
|
|
## MongoDB(®) Hidden Pod Disruption Budget configuration
|
|
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
|
|
##
|
|
pdb:
|
|
## @param hidden.pdb.create Enable/disable a Pod Disruption Budget creation for hidden node pod(s)
|
|
##
|
|
create: true
|
|
## @param hidden.pdb.minAvailable Minimum number/percentage of hidden node pods that should remain scheduled
|
|
##
|
|
minAvailable: ""
|
|
## @param hidden.pdb.maxUnavailable Maximum number/percentage of hidden node pods that may be made unavailable. Defaults to `1` if both `hidden.pdb.minAvailable` and `hidden.pdb.maxUnavailable` are empty.
|
|
##
|
|
maxUnavailable: ""
|
|
## Enable persistence using Persistent Volume Claims
|
|
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
|
|
##
|
|
persistence:
|
|
## @param hidden.persistence.enabled Enable hidden node data persistence using PVC
|
|
##
|
|
enabled: true
|
|
## @param hidden.persistence.medium Provide a medium for `emptyDir` volumes.
|
|
## Requires hidden.persistence.enabled: false
|
|
##
|
|
medium: ""
|
|
## @param hidden.persistence.storageClass PVC Storage Class for hidden node data volume
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner.
|
|
##
|
|
storageClass: ""
|
|
## @param hidden.persistence.accessModes PV Access Mode
|
|
##
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
## @param hidden.persistence.size PVC Storage Request for hidden node data volume
|
|
##
|
|
size: 8Gi
|
|
## @param hidden.persistence.annotations PVC annotations
|
|
##
|
|
annotations: {}
|
|
## @param hidden.persistence.mountPath The path the volume will be mounted at, useful when using different MongoDB(®) images.
|
|
##
|
|
mountPath: /bitnami/mongodb
|
|
## @param hidden.persistence.subPath The subdirectory of the volume to mount to, useful in dev environments
|
|
## and one PV for multiple services.
|
|
##
|
|
subPath: ""
|
|
## Fine tuning for volumeClaimTemplates
|
|
##
|
|
volumeClaimTemplates:
|
|
## @param hidden.persistence.volumeClaimTemplates.selector A label query over volumes to consider for binding (e.g. when using local volumes)
|
|
## See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#labelselector-v1-meta for more details
|
|
##
|
|
selector: {}
|
|
## @param hidden.persistence.volumeClaimTemplates.requests Custom PVC requests attributes
|
|
## Sometime cloud providers use additional requests attributes to provision custom storage instance
|
|
## See https://cloud.ibm.com/docs/containers?topic=containers-file_storage#file_dynamic_statefulset
|
|
##
|
|
requests: {}
|
|
## @param hidden.persistence.volumeClaimTemplates.dataSource Set volumeClaimTemplate dataSource
|
|
##
|
|
dataSource: {}
|
|
service:
|
|
## @param hidden.service.nameOverride The hidden service name
|
|
##
|
|
nameOverride: ""
|
|
## @param hidden.service.portName MongoDB(®) service port name
|
|
##
|
|
portName: "mongodb"
|
|
## @param hidden.service.ports.mongodb MongoDB(®) service port
|
|
##
|
|
ports:
|
|
mongodb: 27017
|
|
## @param hidden.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## @param hidden.service.annotations Provide any additional annotations that may be required
|
|
##
|
|
annotations: {}
|
|
## Headless service properties
|
|
##
|
|
headless:
|
|
## @param hidden.service.headless.annotations Annotations for the headless service.
|
|
##
|
|
annotations: {}
|
|
## @section Metrics parameters
|
|
##
|
|
metrics:
|
|
## @param metrics.enabled Enable using a sidecar Prometheus exporter
|
|
##
|
|
enabled: false
|
|
## Bitnami MongoDB(®) Promtheus Exporter image
|
|
## ref: https://hub.docker.com/r/bitnami/mongodb-exporter/tags/
|
|
## @param metrics.image.registry [default: REGISTRY_NAME] MongoDB(®) Prometheus exporter image registry
|
|
## @param metrics.image.repository [default: REPOSITORY_NAME/mongodb-exporter] MongoDB(®) Prometheus exporter image repository
|
|
## @skip metrics.image.tag MongoDB(®) Prometheus exporter image tag (immutable tags are recommended)
|
|
## @param metrics.image.digest MongoDB(®) image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
|
## @param metrics.image.pullPolicy MongoDB(®) Prometheus exporter image pull policy
|
|
## @param metrics.image.pullSecrets Specify docker-registry secret names as an array
|
|
##
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/mongodb-exporter
|
|
tag: 0.43.1-debian-12-r3
|
|
digest: ""
|
|
pullPolicy: IfNotPresent
|
|
## Optionally specify an array of imagePullSecrets.
|
|
## Secrets must be manually created in the namespace.
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
## e.g:
|
|
## pullSecrets:
|
|
## - myRegistryKeySecretName
|
|
##
|
|
pullSecrets: []
|
|
## @param metrics.username String with username for the metrics exporter
|
|
## If undefined the root user will be used for the metrics exporter
|
|
##
|
|
username: ""
|
|
## @param metrics.password String with password for the metrics exporter
|
|
## If undefined but metrics.username is defined, a random password will be generated
|
|
##
|
|
password: ""
|
|
## @param metrics.compatibleMode Enables old style mongodb-exporter metrics
|
|
compatibleMode: true
|
|
collector:
|
|
## @param metrics.collector.all Enable all collectors. Same as enabling all individual metrics
|
|
## Enabling all metrics will cause significant CPU load on mongod
|
|
all: false
|
|
## @param metrics.collector.diagnosticdata Boolean Enable collecting metrics from getDiagnosticData
|
|
diagnosticdata: true
|
|
## @param metrics.collector.replicasetstatus Boolean Enable collecting metrics from replSetGetStatus
|
|
replicasetstatus: true
|
|
## @param metrics.collector.dbstats Boolean Enable collecting metrics from dbStats
|
|
dbstats: false
|
|
## @param metrics.collector.topmetrics Boolean Enable collecting metrics from top admin command
|
|
topmetrics: false
|
|
## @param metrics.collector.indexstats Boolean Enable collecting metrics from $indexStats
|
|
indexstats: false
|
|
## @param metrics.collector.collstats Boolean Enable collecting metrics from $collStats
|
|
collstats: false
|
|
## @param metrics.collector.collstatsColls List of \<databases\>.\<collections\> to get $collStats
|
|
collstatsColls: []
|
|
## @param metrics.collector.indexstatsColls List - List of \<databases\>.\<collections\> to get $indexStats
|
|
indexstatsColls: []
|
|
## @param metrics.collector.collstatsLimit Number - Disable collstats, dbstats, topmetrics and indexstats collector if there are more than \<n\> collections. 0=No limit
|
|
collstatsLimit: 0
|
|
## @param metrics.extraFlags String with extra flags to the metrics exporter
|
|
## ref: https://github.com/percona/mongodb_exporter/blob/main/main.go
|
|
##
|
|
extraFlags: ""
|
|
## Command and args for running the container (set to default if not set). Use array form
|
|
## @param metrics.command Override default container command (useful when using custom images)
|
|
## @param metrics.args Override default container args (useful when using custom images)
|
|
##
|
|
command: []
|
|
args: []
|
|
## Metrics exporter container resource requests and limits
|
|
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
|
## We usually recommend not to specify default resources and to leave this as a conscious
|
|
## choice for the user. This also increases chances charts run on environments with little
|
|
## resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
## @param metrics.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if metrics.resources is set (metrics.resources is recommended for production).
|
|
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
|
##
|
|
resourcesPreset: "nano"
|
|
## @param metrics.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
|
|
## Example:
|
|
## resources:
|
|
## requests:
|
|
## cpu: 2
|
|
## memory: 512Mi
|
|
## limits:
|
|
## cpu: 3
|
|
## memory: 1024Mi
|
|
##
|
|
resources: {}
|
|
## @param metrics.containerPort Port of the Prometheus metrics container
|
|
##
|
|
containerPort: 9216
|
|
## Prometheus Exporter service configuration
|
|
##
|
|
service:
|
|
## @param metrics.service.annotations [object] Annotations for Prometheus Exporter pods. Evaluated as a template.
|
|
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
##
|
|
annotations:
|
|
prometheus.io/scrape: "true"
|
|
prometheus.io/port: "{{ .Values.metrics.service.ports.metrics }}"
|
|
prometheus.io/path: "/metrics"
|
|
## @param metrics.service.type Type of the Prometheus metrics service
|
|
##
|
|
type: ClusterIP
|
|
## @param metrics.service.ports.metrics Port of the Prometheus metrics service
|
|
##
|
|
ports:
|
|
metrics: 9216
|
|
## @param metrics.service.extraPorts Extra ports to expose (normally used with the `sidecar` value)
|
|
##
|
|
extraPorts: []
|
|
## Metrics exporter liveness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
|
|
## @param metrics.livenessProbe.enabled Enable livenessProbe
|
|
## @param metrics.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
|
## @param metrics.livenessProbe.periodSeconds Period seconds for livenessProbe
|
|
## @param metrics.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
|
## @param metrics.livenessProbe.failureThreshold Failure threshold for livenessProbe
|
|
## @param metrics.livenessProbe.successThreshold Success threshold for livenessProbe
|
|
##
|
|
livenessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 5
|
|
timeoutSeconds: 10
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
## Metrics exporter readiness probe
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
|
|
## @param metrics.readinessProbe.enabled Enable readinessProbe
|
|
## @param metrics.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
|
## @param metrics.readinessProbe.periodSeconds Period seconds for readinessProbe
|
|
## @param metrics.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
|
## @param metrics.readinessProbe.failureThreshold Failure threshold for readinessProbe
|
|
## @param metrics.readinessProbe.successThreshold Success threshold for readinessProbe
|
|
##
|
|
readinessProbe:
|
|
enabled: true
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
timeoutSeconds: 10
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
## Slow starting containers can be protected through startup probes
|
|
## Startup probes are available in Kubernetes version 1.16 and above
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#define-startup-probes
|
|
## @param metrics.startupProbe.enabled Enable startupProbe
|
|
## @param metrics.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
|
## @param metrics.startupProbe.periodSeconds Period seconds for startupProbe
|
|
## @param metrics.startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
|
## @param metrics.startupProbe.failureThreshold Failure threshold for startupProbe
|
|
## @param metrics.startupProbe.successThreshold Success threshold for startupProbe
|
|
##
|
|
startupProbe:
|
|
enabled: false
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 30
|
|
## @param metrics.customLivenessProbe Override default liveness probe for MongoDB(®) containers
|
|
## Ignored when livenessProbe.enabled=true
|
|
##
|
|
customLivenessProbe: {}
|
|
## @param metrics.customReadinessProbe Override default readiness probe for MongoDB(®) containers
|
|
## Ignored when readinessProbe.enabled=true
|
|
##
|
|
customReadinessProbe: {}
|
|
## @param metrics.customStartupProbe Override default startup probe for MongoDB(®) containers
|
|
## Ignored when startupProbe.enabled=true
|
|
##
|
|
customStartupProbe: {}
|
|
## @param metrics.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the metrics container(s)
|
|
## Examples:
|
|
## extraVolumeMounts:
|
|
## - name: extras
|
|
## mountPath: /usr/share/extras
|
|
## readOnly: true
|
|
##
|
|
extraVolumeMounts: []
|
|
## Prometheus Service Monitor
|
|
## ref: https://github.com/coreos/prometheus-operator
|
|
## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md
|
|
##
|
|
serviceMonitor:
|
|
## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using Prometheus Operator
|
|
##
|
|
enabled: false
|
|
## @param metrics.serviceMonitor.namespace Namespace which Prometheus is running in
|
|
##
|
|
namespace: ""
|
|
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
|
|
##
|
|
interval: 30s
|
|
## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
|
|
## e.g:
|
|
## scrapeTimeout: 30s
|
|
##
|
|
scrapeTimeout: ""
|
|
## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping.
|
|
##
|
|
relabelings: []
|
|
## @param metrics.serviceMonitor.metricRelabelings MetricsRelabelConfigs to apply to samples before ingestion.
|
|
##
|
|
metricRelabelings: []
|
|
## @param metrics.serviceMonitor.labels Used to pass Labels that are used by the Prometheus installed in your cluster to select Service Monitors to work with
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec
|
|
##
|
|
labels: {}
|
|
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
|
|
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
|
##
|
|
selector: {}
|
|
## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint
|
|
##
|
|
honorLabels: false
|
|
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
|
|
##
|
|
jobLabel: ""
|
|
## Custom PrometheusRule to be defined
|
|
## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
|
|
##
|
|
prometheusRule:
|
|
## @param metrics.prometheusRule.enabled Set this to true to create prometheusRules for Prometheus operator
|
|
##
|
|
enabled: false
|
|
## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so prometheusRules will be discovered by Prometheus
|
|
##
|
|
additionalLabels: {}
|
|
## @param metrics.prometheusRule.namespace Namespace where prometheusRules resource should be created
|
|
##
|
|
namespace: ""
|
|
## @param metrics.prometheusRule.rules Rules to be created, check values for an example
|
|
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#rulegroup
|
|
## https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/
|
|
##
|
|
## This is an example of a rule, you should add the below code block under the "rules" param, removing the brackets
|
|
## rules:
|
|
## - alert: HighRequestLatency
|
|
## expr: job:request_latency_seconds:mean5m{job="myjob"} > 0.5
|
|
## for: 10m
|
|
## labels:
|
|
## severity: page
|
|
## annotations:
|
|
## summary: High request latency
|
|
##
|
|
rules: []
|