-
Notifications
You must be signed in to change notification settings - Fork 64
/
Copy pathvalues.yaml
304 lines (267 loc) · 11.1 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
## Common parameters
# -- partially overrides common.names.name
nameOverride: ""
# -- fully override common.names.fullname
fullnameOverride: "prefect-worker"
# -- fully override common.names.namespace
namespaceOverride: ""
# -- labels to add to all deployed objects
commonLabels: {}
# -- annotations to add to all deployed objects
commonAnnotations: {}
## Deployment Configuration
worker:
autoscaling:
# -- enable autoscaling for the worker
enabled: false
# -- minimum number of replicas to scale down to
minReplicas: 1
# -- maximum number of replicas to scale up to
maxReplicas: 1
# -- target CPU utilization percentage for scaling the worker
targetCPUUtilizationPercentage: 80
# -- target memory utilization percentage for scaling the worker
targetMemoryUtilizationPercentage: 80
# -- unique cluster identifier, if none is provided this value will be inferred at time of helm install
clusterUid: ""
initContainer:
# -- the resource specifications for the sync-base-job-template initContainer
# Defaults to the resources defined for the worker container
resources: {}
# -- the requested resources for the sync-base-job-template initContainer
# requests:
# memory: 256Mi
# cpu: 100m
# -- the requested limits for the sync-base-job-template initContainer
# limits:
# memory: 1Gi
# cpu: 1000m
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
# -- security context for the sync-base-job-template initContainer
containerSecurityContext:
# -- set init containers' security context runAsUser
runAsUser: 1001
# -- set init containers' security context runAsNonRoot
runAsNonRoot: true
# -- set init containers' security context readOnlyRootFilesystem
readOnlyRootFilesystem: true
# -- set init containers' security context allowPrivilegeEscalation
allowPrivilegeEscalation: false
# -- set init container's security context capabilities
capabilities: {}
# -- additional sidecar containers
extraContainers: []
image:
# -- worker image repository
repository: prefecthq/prefect
## prefect tag is pinned to the latest available image tag at packaging time. Update the value here to
## override pinned tag
# -- prefect image tag (immutable tags are recommended)
prefectTag: 3-python3.11-kubernetes
# -- worker image pull policy
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
# -- worker image pull secrets
pullSecrets: []
# -- enable worker image debug mode
debug: false
## general configuration of the worker
config:
# -- the work pool that your started worker will poll.
workPool: ""
# -- one or more work queue names for the worker to pull from. if not provided, the worker will pull from all work queues in the work pool
workQueues: []
# -- how often the worker will query for runs
queryInterval: 5
# -- when querying for runs, how many seconds in the future can they be scheduled
prefetchSeconds: 10
# -- connect using HTTP/2 if the server supports it (experimental)
http2: true
## You can set the worker type here.
## The default image includes only the type "kubernetes".
## Custom workers must be properly registered with the prefect cli.
## See the guide here: https://docs.prefect.io/2.11.3/guides/deployment/developing-a-new-worker-type/
# -- specify the worker type
type: kubernetes
## one of 'always', 'if-not-present', 'never', 'prompt'
# -- install policy to use workers from Prefect integration packages.
installPolicy: prompt
# -- the name to give to the started worker. If not provided, a unique name will be generated.
name: null
# -- maximum number of flow runs to start simultaneously (default: unlimited)
limit: null
## If unspecified, Prefect will use the default base job template for the given worker type. If the work pool already exists, this will be ignored.
## e.g.:
## baseJobTemplate:
## configuration: |
## {
## "variables": {
## ...
## },
## "job_configuration": {
## ...
## }
## }
## OR
## baseJobTemplate:
## existingConfigMapName: "my-existing-config-map"
baseJobTemplate:
# -- the name of an existing ConfigMap containing a base job template. NOTE - the key must be 'baseJobTemplate.json'
existingConfigMapName: ""
# -- JSON formatted base job template. If data is provided here, the chart will generate a configmap and mount it to the worker pod
configuration: null
# -- optionally override the default name of the generated configmap
# name: ""
## connection settings
# -- one of 'cloud', 'selfHosted', or 'server'
apiConfig: "cloud"
cloudApiConfig:
# -- prefect account ID
accountId: ""
# -- prefect workspace ID
workspaceId: ""
apiKeySecret:
# -- prefect API secret name
name: prefect-api-key
# -- prefect API secret key
key: key
# -- prefect cloud API url; the full URL is constructed as https://cloudUrl/accounts/accountId/workspaces/workspaceId
cloudUrl: https://api.prefect.cloud/api
selfHostedCloudApiConfig:
# -- prefect API url (PREFECT_API_URL)
apiUrl: ""
# -- prefect account ID
accountId: ""
# -- prefect workspace ID
workspaceId: ""
apiKeySecret:
# -- prefect API secret name
name: prefect-api-key
# -- prefect API secret key
key: key
# -- self hosted UI url
uiUrl: ""
serverApiConfig:
# If the prefect server is located external to this cluster, set a fully qualified domain name as the apiUrl
# If the prefect server pod is deployed to this cluster, use the cluster DNS endpoint: http://<prefect-server-service-name>.<namespace>.svc.cluster.local:<prefect-server-port>/api
# -- prefect API url (PREFECT_API_URL)
apiUrl: ""
# -- prefect UI url
uiUrl: http://localhost:4200
# -- the number of old ReplicaSets to retain to allow rollback
revisionHistoryLimit: 10
# -- number of worker replicas to deploy
replicaCount: 1
resources:
# -- the requested resources for the worker container
requests:
memory: 256Mi
cpu: 100m
# -- the requested limits for the worker container
limits:
memory: 1Gi
cpu: 1000m
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
livenessProbe:
enabled: false
config:
# -- The number of seconds to wait before starting the first probe.
initialDelaySeconds: 10
# -- The number of seconds to wait between consecutive probes.
periodSeconds: 10
# -- The number of seconds to wait for a probe response before considering it as failed.
timeoutSeconds: 5
# -- The number of consecutive failures allowed before considering the probe as failed.
failureThreshold: 3
# -- The minimum consecutive successes required to consider the probe successful.
successThreshold: 1
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
podSecurityContext:
# -- set worker pod's security context runAsUser
runAsUser: 1001
# -- set worker pod's security context runAsNonRoot
runAsNonRoot: true
# -- set worker pod's security context fsGroup
fsGroup: 1001
# ref: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass
# -- priority class name to use for the worker pods; if the priority class is empty or doesn't exist, the worker pods are scheduled without a priority class
priorityClassName: ""
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
containerSecurityContext:
# -- set worker containers' security context runAsUser
runAsUser: 1001
# -- set worker containers' security context runAsNonRoot
runAsNonRoot: true
# -- set worker containers' security context readOnlyRootFilesystem
readOnlyRootFilesystem: true
# -- set worker containers' security context allowPrivilegeEscalation
allowPrivilegeEscalation: false
# -- set worker container's security context capabilities
capabilities: {}
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
# -- extra labels for worker pod
podLabels: {}
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
# -- extra annotations for worker pod
podAnnotations: {}
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
# -- affinity for worker pods assignment
affinity: {}
## ref: https://kubernetes.io/docs/user-guide/node-selection/
# -- node labels for worker pods assignment
nodeSelector: {}
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
# -- tolerations for worker pods assignment
tolerations: []
## List of extra env vars
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
# -- array with extra environment variables to add to worker nodes
extraEnvVars: []
# -- name of existing ConfigMap containing extra env vars to add to worker nodes (deprecated, use extraEnvVarsCMs)
extraEnvVarsCM: ""
# -- names of existing ConfigMaps containing extra env vars to add to worker nodes
extraEnvVarsCMs: []
# -- name of existing Secret containing extra env vars to add to worker nodes (deprecated, use extraEnvVarsSecrets)
extraEnvVarsSecret: ""
# -- names of existing Secrets containing extra env vars to add to worker nodes
extraEnvVarsSecrets: []
# -- additional sidecar containers
extraContainers: []
# -- array with extra volumes for the worker pod
extraVolumes: []
# -- array with extra volumeMounts for the worker pod
extraVolumeMounts: []
# -- array with extra Arguments for the worker container to start with
extraArgs: []
## ServiceAccount configuration
serviceAccount:
# -- specifies whether a ServiceAccount should be created
create: true
# -- the name of the ServiceAccount to use. if not set and create is true, a name is generated using the common.names.fullname template
name: ""
# -- additional service account annotations (evaluated as a template)
annotations: {}
## Role configuration
role:
# -- specifies whether a Role should be created
create: true
## List of extra role permissions
## e.g:
## extraPermissions:
## - apiGroups: [""]
## resources: ["pods", "services"]
## verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# -- array with extra permissions to add to the worker role
extraPermissions: []
## RoleBinding configuration
rolebinding:
# -- specifies whether a RoleBinding should be created
create: true