This repository has been archived by the owner on May 6, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 385
/
values.yaml
179 lines (179 loc) · 7.56 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
# Default values for Service Catalog
# service-catalog image to use
image: quay.io/kubernetes-service-catalog/service-catalog:v0.1.36
# imagePullPolicy for the service-catalog; valid values are "IfNotPresent",
# "Never", and "Always"
imagePullPolicy: Always
# determines whether the API server should be registered with the kube-aggregator
useAggregator: true
## If true, create & use RBAC resources
##
rbacEnable: true
apiserver:
replicas: 1
# updateStrategy for service-catalog; value values are "RollingUpdate" and "Recreate"
updateStrategy: RollingUpdate
minReadySeconds: 1
# annotations is a collection of annotations to add to the apiserver pods.
annotations: {}
# nodeSelector to apply to the apiserver pods
nodeSelector:
# PodPreset is an optional feature and can be enabled by uncommenting the line below
# featureGates: "PodPreset=true"
aggregator:
# priority is the priority of the APIService. Please see
# https://github.com/kubernetes/kubernetes/blob/v1.7.0/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go#L56-L61
# for more information on proper values of this field.
#
# This field is only applicable on clusters that expose APIService as a v1alpha1 field,
# which is generally 1.6.x clusters
priority: 100
# groupPriorityMinimum is the minimum priority the group should have. Please see
# https://github.com/kubernetes/kubernetes/blob/v1.7.0/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go#L56-L61
# for more information on proper values of this field.
groupPriorityMinimum: 10000
# versionPriority is the ordering of this API inside of the group. Please see
# https://github.com/kubernetes/kubernetes/blob/v1.7.0/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go#L56-L61
# for more information on proper values of this field
versionPriority: 20
# healthcheck configures the readiness and liveliness probes for the apiserver pod.
healthcheck:
enabled: true
tls:
# Base64-encoded CA used to validate request-header authentication, when
# receiving delegated authentication from an aggregator. If not set, the
# service catalog API server will inherit this CA from the
# extension-apiserver-authentication ConfigMap if available.
requestHeaderCA:
# Attributes of the apiserver's service resource
service:
# Type of service; valid values are "LoadBalancer" and "NodePort"
# NodePort is useful if deploying on bare metal or hacking locally on
# minikube
type: NodePort
# Further configuration for services of type NodePort
nodePort:
# Available port in allowable range (e.g. 30000 - 32767 on minikube)
# The TLS-enabled endpoint will be exposed here
securePort: 30443
storage:
# The storage backend to use; the only valid value is "etcd"
# (left for "crd" support in future)
type: etcd
# Further configuration for the etcd-based backend
etcd:
# Whether to enable TLS communitation with etcd
tls:
enabled: false
## If etcd tls is enabled you need to provide name of secret which stores 3 keys:
## etcd-client-ca.crt - SSL Certificate Authority file used to secure etcd communication
## etcd-client.crt - SSL certification file used to secure etcd communication.
## etcd-client.key - SSL key file used to secure etcd communication.
clientCertSecretName:
# Whether to embed an etcd container in the apiserver pod
# THIS IS INADEQUATE FOR PRODUCTION USE!
useEmbedded: true
# etcd URL(s); override this if NOT using embedded etcd
servers: http://localhost:2379
# etcd image to use
image: quay.io/coreos/etcd:latest
# imagePullPolicy for the etcd; valid values are "IfNotPresent",
# "Never", and "Always"
imagePullPolicy: Always
# etcd persistence options IF using embedded etcd
persistence:
enabled: false
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 4Gi
# etcd resource requests and limits
# Ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
cpu: 100m
memory: 30Mi
limits:
cpu: 100m
memory: 40Mi
# Log level; valid values are in the range 0 - 10
verbosity: 10
auth:
# Enable or disable authentication and authorization. Disabling
# authentication and authorization can be useful for outlying scenarios
# but is not suitable for production.
enabled: true
audit:
# If true, enables the use of audit features via this chart.
activated: false
# If specified, audit log goes to specified path.
logPath: "/tmp/service-catalog-apiserver-audit.log"
serviceAccount: service-catalog-apiserver
# if true, makes the API server serve the OpenAPI schema (which is problematic with older versions of kubectl)
serveOpenAPISpec: false
# Apiserver resource requests and limits
# Ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
cpu: 100m
memory: 20Mi
limits:
cpu: 100m
memory: 30Mi
controllerManager:
replicas: 1
# updateStrategy for service-catalog; value values are "RollingUpdate" and "Recreate"
updateStrategy: RollingUpdate
minReadySeconds: 1
# annotations is a collection of annotations to add to the controllerManager pod.
annotations: {}
# nodeSelector to apply to the controllerManager pods
nodeSelector:
# healthcheck configures the readiness and liveliness probes for the controllerManager pod.
healthcheck:
enabled: true
# Log level; valid values are in the range 0 - 10
verbosity: 10
# Resync interval; format is a duration (`20m`, `1h`, etc)
resyncInterval: 5m
# Broker relist interval; format is a duration (`20m`, `1h`, etc)
brokerRelistInterval: 24h
# Whether or not the controller supports a --broker-relist-interval flag. If this is
# set to true, brokerRelistInterval will be used as the value for that flag
brokerRelistIntervalActivated: true
# enables profiling via web interface host:port/debug/pprof/
profiling:
# Disable profiling via web interface host:port/debug/pprof/
disabled: false
# Enables lock contention profiling, if profiling is enabled.
contentionProfiling: false
leaderElection:
# Whether the controller has leader election enabled.
activated: false
serviceAccount: service-catalog-controller-manager
# Controls whether the API server's TLS verification should be skipped.
apiserverSkipVerify: true
# Whether the controller will expose metrics on /metrics
enablePrometheusScrape: false
# Controller Manager resource requests and limits
# Ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
requests:
cpu: 100m
memory: 20Mi
limits:
cpu: 100m
memory: 30Mi
# Whether the OriginatingIdentity feature should be enabled
originatingIdentityEnabled: true
# Whether the AsyncBindingOperations alpha feature should be enabled
asyncBindingOperationsEnabled: false
# Whether the NamespacedServiceBroker alpha feature should be disabled
namespacedServiceBrokerDisabled: false
# Whether the ServicePlanDefaults alpha feature should be enabled
servicePlanDefaultsEnabled: false