Platform Manager 10.1.0 Helm Readme

# Default values for platform-manager.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

global:
  # -- The domain of the Kubernetes cluster. The vast majority of Kubernetes clusters use the default value.
  clusterDomain: "cluster.local"

  # -- Globally override the registry to pull images from.
  imageRegistry: ""
  # -- Globally override the list of ImagePullSecrets provided.
  imagePullSecrets: []

# -- Override the app name generated by the chart.
nameOverride: ""
# -- Override the fully qualified app name generated by the chart.
fullnameOverride: ""

# -- Number of pods to deploy.
replicaCount: 1

image:
  # -- Registry to pull the image from.
  registry: "registry.axual.io"
  # -- Name of the image being deployed.
  repository: "axual/axual-api"
  # -- Override the image tag whose default is the chart `appVersion`.
  tag: ""
  # -- One of `Always`, `IfNotPresent`, or `Never`.
  pullPolicy: "IfNotPresent"

# -- Image used to create JKS files from PEM certs
keystoreProvider:
  imageRegistry: "registry.axual.io"
  repository: "axual/keystore-provider"
  tag: "0.2.7"
  # -- The [resource requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for this container.
  resources: {}

tls:
  # -- Specifies whether a TLS should be configured
  enabled: false
  # -- Name of the Client KeyPair Secret
  # type: kubernetes.io/tls
  clientKeypairSecretName: ""
  # -- Name of the Server KeyPair Secret
  # type: kubernetes.io/tls
  serverKeypairSecretName: ""
  # -- Name of the Truststore Certificates Secret
  # type: Opaque
  truststoreCaSecretName: ""

# -- Environment variables to define for the container.
# See the Kubernetes documentation on [Environment Variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/).
env: []

# -- Debug Configuration passed to the container.
# Enable a remote port in the deployment.yaml
debug: {}

# -- Configuration passed to the container.
# Contents get injected to a ConfigMap, which gets mounted as an `application.yml` file.
config: {}


# -- (multi-line) String that is put into a configmap, mounted in the pod and used as the logback config for the application. If present, configuration under `logging` is ignored.
logbackConfig: ""

# -- Logging configuration object used when the logbackConfig is not set. Allows for configuring pattern and per package log levels.
logging:
  # -- Log pattern (when logbackConfig is not defined)
  pattern: "%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX, UTC} ${LOG_LEVEL_PATTERN:-%5p} ${PID:- } --- [%15.15t] [traceId=%X{traceId}, spanId=%X{spanId}] %-40.40logger{39} : %m%n}"
  # -- Root log level used (when logbackConfig is not defined)
  rootLoglevel: INFO
  # -- Log level per package (when logbackConfig is not defined)
  loggers:
    # -- Log level for platform-manager root (when logbackConfig is not defined)
    io.axual.flux: INFO

# -- Secrets passed to the container.
# Contents get injected to a Secret, which gets mounted as an `application-secrets.yml` file.
secrets: {}

# -- The name of an existing Kubernetes Secret. The key in the Secret must be `application-secrets.yml`.
# The contents get mounted into the container.
existingSecretName: ""

# -- List of ImagePullSecrets to apply to the service account. If the service account is disabled, it will be applied to the pod instead.
imagePullSecrets: []

serviceAccount:
  # -- Specifies whether a service account should be created
  create: true
  # -- Annotations to add to the service account
  annotations: {}
  # -- The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template.
  name: ""

# -- Extra annotations to add to the Pods.
podAnnotations: {}

# -- Pod-level security attributes and common container settings.
podSecurityContext: {}
#   fsGroup: 2000

livenessProbe:
  # -- Minimum consecutive failures for the probe to be considered failed after having succeeded.
  # A failed livenessProbe will cause the container to be restarted.
  failureThreshold: 4
  # -- Number of seconds after the container has started before liveness probes are initiated.
  initialDelaySeconds: 30
  # -- How often (in seconds) to perform the probe.
  periodSeconds: 10
  # -- Minimum consecutive successes for the probe to be considered successful after having failed.
  successThreshold: 1
  # -- Number of seconds after which the probe times out.
  timeoutSeconds: 1

readinessProbe:
  # -- Minimum consecutive failures for the probe to be considered failed after having succeeded.
  # A failed readinessProbe will cause the container to move to the `NotReady` state.
  failureThreshold: 4
  # -- Number of seconds after the container has started before readiness probes are initiated.
  initialDelaySeconds: 20
  # -- How often (in seconds) to perform the probe.
  periodSeconds: 10
  # -- Minimum consecutive successes for the probe to be considered successful after having failed.
  successThreshold: 1
  # -- Number of seconds after which the probe times out.
  timeoutSeconds: 1

# -- Defines the security options the container should be run with.
# If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
# @default -- See `values.yaml` file.
securityContext: {}

# -- Additional init containers, e. g. for configuring java-security
extraInitContainers: ""

# -- Add additional volumes, e. g. for java-security
extraVolumes: ""

# -- Add additional volumes mounts, e. g. for java-security
extraVolumeMounts: ""

# -- Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy
extraContainers: ""

service:
  # -- Determines how the Service is exposed.
  type: ClusterIP
  # -- The port that will be exposed by the service.
  # Note: this is independent of the ports opened on the container.
  port: 80

ingress:
  # -- Enable creation of the Ingress resource to expose this service.
  enabled: false
  # -- The name of the IngressClass cluster resource.
  # The associated IngressClass defines which controller will implement the resource.
  className: ""
  # -- Annotations to add to the Ingress resource.
  annotations: {}
  hosts:
    - # -- The fully qualified domain name of a network host.
      host: "chart-example.local"
      paths:
        - # -- Matched against the path of an incoming request.
          path: "/api"
          # -- Determines the interpretation of the Path matching.
          # Can be one of the following values: `Exact`, `Prefix`, `ImplementationSpecific`.
          pathType: "ImplementationSpecific"
  # -- TLS configuration for this Ingress.
  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local

route:
  # -- Enable creation of an OpenShift Route resource to expose this service.
  enabled: false
  # -- Annotations to add to the Route.
  annotations: {}
  # -- Labels to add to the route.
  labels: {}
  # -- An alias/DNS that points to the service. Optional. If not specified, a route name will typically be automatically chosen.
  host: ""
  # -- Subdomain is a DNS subdomain requested within the ingress controller’s domain (as a subdomain). If host is set this field is ignored.
  subdomain: ""
  # -- Path that the router watches for, to route traffic for to the service.
  path: "/api"
  tls:
    # -- The Certificate Authority certificate contents.
    caCertificate: ""
    # -- Certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
    certificate: ""
    # -- Key file contents.
    key: ""
    # -- Indicates termination type. One of: `edge`, `passthrough`, or `reencrypt`.
    termination: "passthrough"
    # -- The CA certificate of the final destination.
    # When using reencrypt termination, this file should be provided
    # in order to have routers use it for health checks on the secure connection.
    destinationCACertificate: ""

# -- The [resource requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for this container.
resources:
  requests:
    cpu: 50m
    memory: 512Mi
  limits:
    memory: 512Mi

autoscaling:
  # -- Enables the creation of a HorizontalPodAutoscaler.
  enabled: false
  # -- Lower limit for the number of replicas to which the autoscaler can scale down.
  minReplicas: 1
  # -- Upper limit for the number of replicas to which the autoscaler can scale up. Cannot be less that minReplicas.
  maxReplicas: 10
  # -- Percentage of CPU utilization that the autoscaler will try to meet.
  targetCPUUtilizationPercentage: 80
  # -- (int) Percentage of memory utilization that the autoscaler will try to meet.
  targetMemoryUtilizationPercentage: 80

podDisruptionBudget:
  # -- Enables creation of the PodDisruptionBudget. Ignored if replicaCount is 1.
  enabled: true
  # -- (int) An eviction is allowed if at most "maxUnavailable" pods are unavailable after eviction. Mutually exclusive with minAvailable.
  maxUnavailable: 1
  # -- (int) An eviction is allowed if at least "minAvailable" pods will still be available after the eviction. Mutually exclusive with maxUnavailable.
#  minAvailable: 1

# -- Assigns a PriorityClass to the Pod. See Kubernetes documentation on [Pod Priority and Preemption](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/).
priorityClass: ""

# -- Optional list of hosts and IPs that will be injected into the pod's hosts file.
hostAliases: []

# -- Selector which must match a node's labels for the pod to be scheduled on that node.
nodeSelector: {}

# -- The tolerations on this pod. See the Kubernetes documentation on [Taints and Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/).
tolerations: []

# -- The pod's scheduling constraints. See the Kubernetes documentation on [Affinity and Anti-affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity).
affinity: {}

# -- Describes how a group of pods ought to spread across topology domains. See the Kubernetes documentation on [Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/).
topologySpreadConstraints: []

serviceMonitor:
  # -- Enables creation of Prometheus Operator [ServiceMonitor](https://prometheus-operator.dev/docs/operator/api/#monitoring.coreos.com/v1.ServiceMonitor).
  # Ignored if API `monitoring.coreos.com/v1` is not available.
  enabled: true
  # -- Interval at which metrics should be scraped.
  interval: 30s
  # -- Timeout after which the scrape is ended.
  scrapeTimeout: 10s
  # -- Additional labels for the ServiceMonitor
  labels: {}

prometheusRule:
  # -- Enables creation of Prometheus Operator [PrometheusRule](https://prometheus-operator.dev/docs/operator/api/#monitoring.coreos.com/v1.PrometheusRule).
  # Ignored if API `monitoring.coreos.com/v1` is not available.
  enabled: true
  # -- Determines how often rules in the group are evaluated.
  interval: ""
  # -- Additional labels for the PrometheusRule
  labels: {}
  defaultRule:
    # -- Customize the labels to the default prometheusRule
    labels:
      severity: medium
      target: business
  # -- A list alerting or recording rules to include on top of the defaults. These fields are templated.
  extraRules:
    []
    # - alert: MyAlertName
    #   annotations:
    #     summary: Summary of my alert
    #     description: Longer description of my alert that goes into a bit more detail
    #   expr: up{service="{{ include "platform-manager.fullname" . }}"} == 0
    #   for: 5m
    #   labels:
    #     severity: medium
  #     target: business