diff --git a/.github/workflows/dockers-readreplica-rotate.yml b/.github/workflows/dockers-readreplica-rotate.yml new file mode 100644 index 0000000000..74eabf441d --- /dev/null +++ b/.github/workflows/dockers-readreplica-rotate.yml @@ -0,0 +1,78 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +name: "Build docker image: readreplica-rotate" +on: + push: + branches: + - main + tags: + - "*.*.*" + - "v*.*.*" + - "*.*.*-*" + - "v*.*.*-*" + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + pull_request: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + pull_request_target: + paths: + - ".github/actions/docker-build/actions.yaml" + - ".github/workflows/_docker-image.yaml" + - ".github/workflows/dockers-readreplica-rotate.yml" + - "go.mod" + - "go.sum" + - "internal/**" + - "!internal/**/*_test.go" + - "!internal/db/**" + - "!internal/k8s/**" + - "apis/grpc/**" + - "pkg/index/job/readreplica/rotate/**" + - "cmd/index/job/readreplica/rotate/**" + - "dockers/index/job/readreplica/rotate/Dockerfile" + - "versions/GO_VERSION" + +jobs: + build: + uses: ./.github/workflows/_docker-image.yaml + with: + target: readreplica-rotate + secrets: inherit diff --git a/Makefile b/Makefile index 4a82f747b6..47278d014c 100644 --- a/Makefile +++ b/Makefile @@ -33,6 +33,7 @@ LOADTEST_IMAGE = $(NAME)-loadtest INDEX_CORRECTION_IMAGE = $(NAME)-index-correction INDEX_CREATION_IMAGE = $(NAME)-index-creation INDEX_SAVE_IMAGE = $(NAME)-index-save +READREPLICA_ROTATE_IMAGE = $(NAME)-readreplica-rotate MANAGER_INDEX_IMAGE = $(NAME)-manager-index MAINTAINER = "$(ORG).org $(NAME) team <$(NAME)@$(ORG).org>" diff --git a/Makefile.d/build.mk b/Makefile.d/build.mk index 8bc4fbb444..0911abaf4f 100644 --- a/Makefile.d/build.mk +++ b/Makefile.d/build.mk @@ -293,6 +293,35 @@ cmd/index/job/save/index-save: \ $(dir $@)main.go $@ -version +cmd/index/job/readreplica/rotate/readreplica-rotate: \ + $(GO_SOURCES_INTERNAL) \ + $(PBGOS) \ + $(shell find $(ROOTDIR)/cmd/index/job/readreplica/rotate -type f -name '*.go' -not -name '*_test.go' -not -name 'doc.go') \ + $(shell find $(ROOTDIR)/pkg/index/job/readreplica/rotate -type f -name '*.go' -not -name '*_test.go' -not -name 'doc.go') + $(eval CGO_ENABLED = 0) + CGO_ENABLED=$(CGO_ENABLED) \ + GO111MODULE=on \ + GOPRIVATE=$(GOPRIVATE) \ + go build \ + --ldflags "-w -extldflags=-static \ + -X '$(GOPKG)/internal/info.Version=$(VERSION)' \ + -X '$(GOPKG)/internal/info.GitCommit=$(GIT_COMMIT)' \ + -X '$(GOPKG)/internal/info.BuildTime=$(DATETIME)' \ + -X '$(GOPKG)/internal/info.GoVersion=$(GO_VERSION)' \ + -X '$(GOPKG)/internal/info.GoOS=$(GOOS)' \ + -X '$(GOPKG)/internal/info.GoArch=$(GOARCH)' \ + -X '$(GOPKG)/internal/info.CGOEnabled=$(CGO_ENABLED)' \ + -X '$(GOPKG)/internal/info.BuildCPUInfoFlags=$(CPU_INFO_FLAGS)' \ + -buildid=" \ + -mod=readonly \ + -modcacherw \ + -a \ + -tags "osusergo netgo static_build" \ + -trimpath \ + -o $@ \ + $(dir $@)main.go + $@ -version + .PHONY: binary/build/zip ## build all binaries and zip them binary/build/zip: \ diff --git a/Makefile.d/docker.mk b/Makefile.d/docker.mk index 7c1bb74e7c..b630073223 100644 --- a/Makefile.d/docker.mk +++ b/Makefile.d/docker.mk @@ -230,3 +230,17 @@ docker/build/index-save: -t $(ORG)/$(INDEX_SAVE_IMAGE):$(TAG) . \ --build-arg MAINTAINER=$(MAINTAINER) \ --build-arg GO_VERSION=$(GO_VERSION) + +.PHONY: docker/name/readreplica-rotate +docker/name/readreplica-rotate: + @echo "$(ORG)/$(READREPLICA_ROTATE_IMAGE)" + +.PHONY: docker/build/readreplica-rotate +## build readreplica-rotate image +docker/build/readreplica-rotate: + $(DOCKER) build \ + $(DOCKER_OPTS) \ + -f dockers/index/job/readreplica/rotate/Dockerfile \ + -t $(ORG)/$(READREPLICA_ROTATE_IMAGE):$(TAG) . \ + --build-arg MAINTAINER=$(MAINTAINER) \ + --build-arg GO_VERSION=$(GO_VERSION) diff --git a/Makefile.d/k8s.mk b/Makefile.d/k8s.mk index 6ee28a3bae..c55c533659 100644 --- a/Makefile.d/k8s.mk +++ b/Makefile.d/k8s.mk @@ -38,6 +38,7 @@ k8s/manifest/update: \ mkdir -p k8s/gateway mkdir -p k8s/manager mkdir -p k8s/index/job + mkdir -p k8s/index/job/readreplica mv $(TEMP_DIR)/vald/templates/agent k8s/agent mv $(TEMP_DIR)/vald/templates/discoverer k8s/discoverer mv $(TEMP_DIR)/vald/templates/gateway/lb k8s/gateway/lb @@ -45,6 +46,7 @@ k8s/manifest/update: \ mv $(TEMP_DIR)/vald/templates/index/job/correction k8s/index/job/correction mv $(TEMP_DIR)/vald/templates/index/job/creation k8s/index/job/creation mv $(TEMP_DIR)/vald/templates/index/job/save k8s/index/job/save + mv $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate k8s/index/job/readreplica/rotate rm -rf $(TEMP_DIR) .PHONY: k8s/manifest/helm-operator/clean @@ -87,6 +89,9 @@ k8s/vald/deploy: kubectl apply -f $(TEMP_DIR)/vald/templates/discoverer || true kubectl apply -f $(TEMP_DIR)/vald/templates/gateway/lb || true kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/correction || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/creation || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/save || true + kubectl apply -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate || true rm -rf $(TEMP_DIR) kubectl get pods -o jsonpath="{.items[*].spec.containers[*].image}" | tr " " "\n" @@ -104,6 +109,9 @@ k8s/vald/delete: --set manager.index.image.repository=$(CRORG)/$(MANAGER_INDEX_IMAGE) \ --output-dir $(TEMP_DIR) \ charts/vald + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/readreplica/rotate + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/save + kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/creation kubectl delete -f $(TEMP_DIR)/vald/templates/index/job/correction kubectl delete -f $(TEMP_DIR)/vald/templates/gateway/lb kubectl delete -f $(TEMP_DIR)/vald/templates/manager/index diff --git a/charts/vald-helm-operator/crds/valdrelease.yaml b/charts/vald-helm-operator/crds/valdrelease.yaml index d61dde21d6..936f1093e1 100644 --- a/charts/vald-helm-operator/crds/valdrelease.yaml +++ b/charts/vald-helm-operator/crds/valdrelease.yaml @@ -8536,6 +8536,631 @@ spec: x-kubernetes-preserve-unknown-fields: true progressDeadlineSeconds: type: integer + readreplica: + type: object + properties: + rotator: + type: object + properties: + agent_namespace: + type: string + clusterRole: + type: object + properties: + enabled: + type: boolean + name: + type: string + clusterRoleBinding: + type: object + properties: + enabled: + type: boolean + name: + type: string + env: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + image: + type: object + properties: + pullPolicy: + type: string + enum: + - Always + - Never + - IfNotPresent + repository: + type: string + tag: + type: string + initContainers: + type: array + items: + type: object + x-kubernetes-preserve-unknown-fields: true + name: + type: string + observability: + type: object + properties: + enabled: + type: boolean + metrics: + type: object + properties: + enable_cgo: + type: boolean + enable_goroutine: + type: boolean + enable_memory: + type: boolean + enable_version_info: + type: boolean + version_info_labels: + type: array + items: + type: string + enum: + - vald_version + - server_name + - git_commit + - build_time + - go_version + - go_os + - go_arch + - cgo_enabled + - ngt_version + - build_cpu_info_flags + otlp: + type: object + properties: + attribute: + type: object + properties: + namespace: + type: string + node_name: + type: string + pod_name: + type: string + service_name: + type: string + collector_endpoint: + type: string + metrics_export_interval: + type: string + metrics_export_timeout: + type: string + trace_batch_timeout: + type: string + trace_export_timeout: + type: string + trace_max_export_batch_size: + type: integer + trace_max_queue_size: + type: integer + trace: + type: object + properties: + enabled: + type: boolean + read_replica_id: + type: string + server_config: + type: object + properties: + full_shutdown_duration: + type: string + healths: + type: object + properties: + liveness: + type: object + properties: + enabled: + type: boolean + host: + type: string + livenessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + readiness: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + readinessProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + startup: + type: object + properties: + enabled: + type: boolean + port: + type: integer + maximum: 65535 + minimum: 0 + startupProbe: + type: object + properties: + failureThreshold: + type: integer + httpGet: + type: object + properties: + path: + type: string + port: + type: string + scheme: + type: string + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + timeoutSeconds: + type: integer + metrics: + type: object + properties: + pprof: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + servers: + type: object + properties: + grpc: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + grpc: + type: object + properties: + bidirectional_stream_concurrency: + type: integer + connection_timeout: + type: string + enable_reflection: + type: boolean + header_table_size: + type: integer + initial_conn_window_size: + type: integer + initial_window_size: + type: integer + interceptors: + type: array + items: + type: string + enum: + - RecoverInterceptor + - AccessLogInterceptor + - TraceInterceptor + - MetricInterceptor + keepalive: + type: object + properties: + max_conn_age: + type: string + max_conn_age_grace: + type: string + max_conn_idle: + type: string + min_time: + type: string + permit_without_stream: + type: boolean + time: + type: string + timeout: + type: string + max_header_list_size: + type: integer + max_receive_message_size: + type: integer + max_send_message_size: + type: integer + read_buffer_size: + type: integer + write_buffer_size: + type: integer + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + restart: + type: boolean + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + rest: + type: object + properties: + enabled: + type: boolean + host: + type: string + port: + type: integer + maximum: 65535 + minimum: 0 + server: + type: object + properties: + http: + type: object + properties: + handler_timeout: + type: string + idle_timeout: + type: string + read_header_timeout: + type: string + read_timeout: + type: string + shutdown_duration: + type: string + write_timeout: + type: string + mode: + type: string + network: + type: string + enum: + - tcp + - tcp4 + - tcp6 + - udp + - udp4 + - udp6 + - unix + - unixgram + - unixpacket + probe_wait_time: + type: string + socket_option: + type: object + properties: + ip_recover_destination_addr: + type: boolean + ip_transparent: + type: boolean + reuse_addr: + type: boolean + reuse_port: + type: boolean + tcp_cork: + type: boolean + tcp_defer_accept: + type: boolean + tcp_fast_open: + type: boolean + tcp_no_delay: + type: boolean + tcp_quick_ack: + type: boolean + socket_path: + type: string + servicePort: + type: integer + maximum: 65535 + minimum: 0 + tls: + type: object + properties: + ca: + type: string + cert: + type: string + enabled: + type: boolean + insecure_skip_verify: + type: boolean + key: + type: string + serviceAccount: + type: object + properties: + enabled: + type: boolean + name: + type: string + ttlSecondsAfterFinished: + type: integer + version: + type: string + pattern: ^v[0-9]+\.[0-9]+\.[0-9]$ replicas: type: integer minimum: 0 diff --git a/charts/vald/README.md b/charts/vald/README.md index 84f15e818e..a2d089acc5 100644 --- a/charts/vald/README.md +++ b/charts/vald/README.md @@ -44,775 +44,793 @@ Run the following command to install the chart, ### Parameters -| Key | Type | Default | Description | -| ----------------------------------------------------------------------------------------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| agent.annotations | object | `{}` | deployment annotations | -| agent.enabled | bool | `true` | agent enabled | -| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.hpa.enabled | bool | `false` | HPA enabled | -| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| agent.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | -| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.initContainers | list | `[]` | init containers | -| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | -| agent.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | -| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | -| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | -| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | -| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | -| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | -| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | -| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | -| agent.ngt.creation_edge_size | int | `20` | creation edge size | -| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | -| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | -| agent.ngt.default_radius | float | `-1` | default radius used for search | -| agent.ngt.dimension | int | `4096` | vector dimension | -| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | -| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | -| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | -| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | -| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | -| agent.ngt.index_path | string | `""` | path to index data | -| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | -| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | -| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | -| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | -| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | -| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | -| agent.ngt.search_edge_size | int | `10` | search edge size | -| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | -| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | -| agent.nodeName | string | `""` | node name | -| agent.nodeSelector | object | `{}` | node selector | -| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | -| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | -| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | -| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | -| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | -| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | -| agent.podAnnotations | object | `{}` | pod annotations | -| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | -| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | -| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | -| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | -| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | -| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| agent.service.annotations | object | `{}` | service annotations | -| agent.service.labels | object | `{}` | service labels | -| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | -| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | -| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | -| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | -| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | -| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | -| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | -| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | -| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | -| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | -| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | -| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | -| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | -| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | -| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | -| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | -| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | -| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | -| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | -| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | -| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | -| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | -| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | -| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | -| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | -| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | -| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | -| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | -| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | -| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | -| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | -| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | -| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | -| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | -| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | -| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | -| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | -| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | -| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | -| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | -| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | -| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | -| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | -| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | -| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | -| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | -| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | -| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | -| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | -| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | -| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | -| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | -| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | -| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | -| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | -| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | -| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | -| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | -| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | -| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | -| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | -| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | -| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | -| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | -| agent.sidecar.enabled | bool | `false` | sidecar enabled | -| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | -| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | -| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | -| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | -| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | -| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | -| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | -| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | -| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | -| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | -| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | -| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | -| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| agent.sidecar.time_zone | string | `""` | Time zone | -| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | -| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | -| agent.time_zone | string | `""` | Time zone | -| agent.tolerations | list | `[]` | tolerations | -| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | -| agent.version | string | `"v0.0.0"` | version of agent config | -| agent.volumeMounts | list | `[]` | volume mounts | -| agent.volumes | list | `[]` | volumes | -| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | -| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | -| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | -| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | -| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | -| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | -| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | -| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | -| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | -| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | -| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | -| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | -| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | -| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | -| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | -| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | -| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | -| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | -| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | -| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | -| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | -| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | -| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | -| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | -| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | -| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | -| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | -| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | -| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | -| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | -| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | -| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | -| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | -| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | -| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | -| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | -| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | -| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | -| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | -| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | -| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | -| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | -| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | -| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | -| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | -| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.image.tag | string | `"v1.7.9"` | docker image tag | -| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | -| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | -| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | -| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | -| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | -| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | -| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | -| defaults.observability.enabled | bool | `false` | observability features enabled | -| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | -| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | -| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | -| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | -| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | -| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | -| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | -| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | -| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | -| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | -| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | -| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | -| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | -| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | -| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | -| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | -| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | -| defaults.observability.trace.enabled | bool | `false` | trace enabled | -| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | -| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | -| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | -| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | -| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | -| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | -| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | -| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | -| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | -| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | -| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | -| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | -| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | -| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | -| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | -| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | -| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | -| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | -| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | -| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | -| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | -| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | -| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | -| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | -| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | -| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | -| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | -| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | -| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | -| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | -| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | -| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | -| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | -| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | -| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | -| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | -| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | -| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | -| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | -| defaults.server_config.healths.startup.port | int | `3000` | startup server port | -| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | -| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | -| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | -| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | -| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | -| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | -| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | -| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | -| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | -| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | -| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | -| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | -| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | -| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | -| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | -| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | -| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | -| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | -| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | -| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | -| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | -| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | -| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | -| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | -| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | -| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | -| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | -| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | -| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | -| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | -| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | -| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | -| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | -| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | -| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | -| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | -| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | -| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | -| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | -| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | -| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | -| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | -| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | -| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | -| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | -| defaults.server_config.servers.rest.port | int | `8080` | REST server port | -| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | -| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | -| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | -| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | -| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | -| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | -| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | -| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | -| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | -| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | -| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | -| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | -| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | -| defaults.time_zone | string | `"UTC"` | Time zone | -| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| discoverer.annotations | object | `{}` | deployment annotations | -| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | -| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | -| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | -| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | -| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | -| discoverer.discoverer.name | string | `""` | name to discovery | -| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | -| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | -| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | -| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | -| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | -| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | -| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | -| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | -| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | -| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | -| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | -| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | -| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | -| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | -| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | -| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | -| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | -| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | -| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | -| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | -| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | -| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | -| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | -| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | -| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | -| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | -| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | -| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | -| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | -| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | -| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | -| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | -| discoverer.enabled | bool | `true` | discoverer enabled | -| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| discoverer.hpa.enabled | bool | `false` | HPA enabled | -| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | -| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | -| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| discoverer.initContainers | list | `[]` | init containers | -| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | -| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | -| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | -| discoverer.nodeName | string | `""` | node name | -| discoverer.nodeSelector | object | `{}` | node selector | -| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | -| discoverer.podAnnotations | object | `{}` | pod annotations | -| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | -| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | -| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | -| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| discoverer.service.annotations | object | `{}` | service annotations | -| discoverer.service.labels | object | `{}` | service labels | -| discoverer.serviceAccount.enabled | bool | `true` | creates service account | -| discoverer.serviceAccount.name | string | `"vald"` | name of service account | -| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| discoverer.time_zone | string | `""` | Time zone | -| discoverer.tolerations | list | `[]` | tolerations | -| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | -| discoverer.version | string | `"v0.0.0"` | version of discoverer config | -| discoverer.volumeMounts | list | `[]` | volume mounts | -| discoverer.volumes | list | `[]` | volumes | -| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.filter.annotations | object | `{}` | deployment annotations | -| gateway.filter.enabled | bool | `false` | gateway enabled | -| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | -| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | -| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | -| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | -| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | -| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | -| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | -| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | -| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | -| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | -| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | -| gateway.filter.nodeName | string | `""` | node name | -| gateway.filter.nodeSelector | object | `{}` | node selector | -| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.filter.podAnnotations | object | `{}` | pod annotations | -| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.filter.service.annotations | object | `{}` | service annotations | -| gateway.filter.service.labels | object | `{}` | service labels | -| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.filter.time_zone | string | `""` | Time zone | -| gateway.filter.tolerations | list | `[]` | tolerations | -| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | -| gateway.filter.volumeMounts | list | `[]` | volume mounts | -| gateway.filter.volumes | list | `[]` | volumes | -| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | -| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| gateway.lb.annotations | object | `{}` | deployment annotations | -| gateway.lb.enabled | bool | `true` | gateway enabled | -| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | -| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | -| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | -| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | -| gateway.lb.gateway_config.node_name | string | `""` | node name | -| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | -| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | -| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | -| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | -| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | -| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | -| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | -| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | -| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | -| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | -| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | -| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | -| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | -| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | -| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | -| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | -| gateway.lb.nodeName | string | `""` | node name | -| gateway.lb.nodeSelector | object | `{}` | node selector | -| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | -| gateway.lb.podAnnotations | object | `{}` | pod annotations | -| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | -| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | -| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | -| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| gateway.lb.service.annotations | object | `{}` | service annotations | -| gateway.lb.service.labels | object | `{}` | service labels | -| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| gateway.lb.time_zone | string | `""` | Time zone | -| gateway.lb.tolerations | list | `[]` | tolerations | -| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | -| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | -| gateway.lb.volumeMounts | list | `[]` | volume mounts | -| gateway.lb.volumes | list | `[]` | volumes | -| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | -| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | -| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | -| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | -| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | -| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | -| manager.index.annotations | object | `{}` | deployment annotations | -| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | -| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.corrector.image.pullPolicy | string | `"Always"` | | -| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | -| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | -| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | -| manager.index.corrector.node_name | string | `""` | node name | -| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | -| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | -| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | -| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | -| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.creator.concurrency | int | `1` | concurrency for indexing | -| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | -| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.creator.image.pullPolicy | string | `"Always"` | | -| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | -| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | -| manager.index.creator.node_name | string | `""` | node name | -| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | -| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | -| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | -| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.enabled | bool | `true` | index manager enabled | -| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | -| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | -| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | -| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | -| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | -| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | -| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | -| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | -| manager.index.indexer.concurrency | int | `1` | concurrency | -| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | -| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.indexer.node_name | string | `""` | node name | -| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | -| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | -| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | -| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | -| manager.index.nodeName | string | `""` | node name | -| manager.index.nodeSelector | object | `{}` | node selector | -| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | -| manager.index.podAnnotations | object | `{}` | pod annotations | -| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | -| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | -| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | -| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | -| manager.index.replicas | int | `1` | number of replicas | -| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | -| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | -| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | -| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | -| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | -| manager.index.saver.concurrency | int | `1` | concurrency for index saving | -| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | -| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | -| manager.index.saver.enabled | bool | `false` | enable index save CronJob | -| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | -| manager.index.saver.image.pullPolicy | string | `"Always"` | | -| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | -| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | -| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | -| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | -| manager.index.saver.node_name | string | `""` | node name | -| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | -| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | -| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | -| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | -| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | -| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | -| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | -| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | -| manager.index.service.annotations | object | `{}` | service annotations | -| manager.index.service.labels | object | `{}` | service labels | -| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | -| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | -| manager.index.time_zone | string | `""` | Time zone | -| manager.index.tolerations | list | `[]` | tolerations | -| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | -| manager.index.version | string | `"v0.0.0"` | version of index manager config | -| manager.index.volumeMounts | list | `[]` | volume mounts | -| manager.index.volumes | list | `[]` | volumes | +| Key | Type | Default | Description | +| ----------------------------------------------------------------------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| agent.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| agent.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| agent.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| agent.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| agent.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-agent-ngt"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| agent.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| agent.annotations | object | `{}` | deployment annotations | +| agent.enabled | bool | `true` | agent enabled | +| agent.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| agent.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.hpa.enabled | bool | `false` | HPA enabled | +| agent.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| agent.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.image.repository | string | `"vdaas/vald-agent-ngt"` | image repository | +| agent.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.initContainers | list | `[]` | init containers | +| agent.kind | string | `"StatefulSet"` | deployment kind: Deployment, DaemonSet or StatefulSet | +| agent.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.maxReplicas | int | `300` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| agent.maxUnavailable | string | `"1"` | maximum number of unavailable replicas | +| agent.minReplicas | int | `20` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| agent.name | string | `"vald-agent-ngt"` | name of agent deployment | +| agent.ngt.auto_create_index_pool_size | int | `16` | batch process pool size of automatic create index operation | +| agent.ngt.auto_index_check_duration | string | `"30m"` | check duration of automatic indexing | +| agent.ngt.auto_index_duration_limit | string | `"24h"` | limit duration of automatic indexing | +| agent.ngt.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| agent.ngt.auto_save_index_duration | string | `"35m"` | duration of automatic save index | +| agent.ngt.broken_index_history_limit | int | `0` | maximum number of broken index generations to backup | +| agent.ngt.bulk_insert_chunk_size | int | `10` | bulk insert chunk size | +| agent.ngt.creation_edge_size | int | `20` | creation edge size | +| agent.ngt.default_epsilon | float | `0.1` | default epsilon used for search | +| agent.ngt.default_pool_size | int | `16` | default create index batch pool size | +| agent.ngt.default_radius | float | `-1` | default radius used for search | +| agent.ngt.dimension | int | `4096` | vector dimension | +| agent.ngt.distance_type | string | `"l2"` | distance type. it should be `l1`, `l2`, `angle`, `hamming`, `cosine`,`poincare`, `lorentz`, `jaccard`, `sparsejaccard`, `normalizedangle` or `normalizedcosine`. for further details about NGT libraries supported distance is https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference and vald agent's supported NGT distance type is https://pkg.go.dev/github.com/vdaas/vald/internal/core/algorithm/ngt#pkg-constants | +| agent.ngt.enable_copy_on_write | bool | `false` | enable copy on write saving for more stable backup | +| agent.ngt.enable_in_memory_mode | bool | `true` | in-memory mode enabled | +| agent.ngt.enable_proactive_gc | bool | `false` | enable proactive GC call for reducing heap memory allocation | +| agent.ngt.error_buffer_limit | int | `10` | maximum number of core ngt error buffer pool size limit | +| agent.ngt.index_path | string | `""` | path to index data | +| agent.ngt.initial_delay_max_duration | string | `"3m"` | maximum duration for initial delay | +| agent.ngt.kvsdb.concurrency | int | `6` | kvsdb processing concurrency | +| agent.ngt.load_index_timeout_factor | string | `"1ms"` | a factor of load index timeout. timeout duration will be calculated by (index count to be loaded) \* (factor). | +| agent.ngt.max_load_index_timeout | string | `"10m"` | maximum duration of load index timeout | +| agent.ngt.min_load_index_timeout | string | `"3m"` | minimum duration of load index timeout | +| agent.ngt.object_type | string | `"float"` | object type. it should be `float` or `uint8` or `float16`. for further details: https://github.com/yahoojapan/NGT/wiki/Command-Quick-Reference | +| agent.ngt.search_edge_size | int | `10` | search edge size | +| agent.ngt.vqueue.delete_buffer_pool_size | int | `5000` | delete slice pool buffer size | +| agent.ngt.vqueue.insert_buffer_pool_size | int | `10000` | insert slice pool buffer size | +| agent.nodeName | string | `""` | node name | +| agent.nodeSelector | object | `{}` | node selector | +| agent.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-ngt"}}}` | observability config (overrides defaults.observability) | +| agent.persistentVolume.accessMode | string | `"ReadWriteOncePod"` | agent pod storage accessMode | +| agent.persistentVolume.enabled | bool | `false` | enables PVC. It is required to enable if agent pod's file store functionality is enabled with non in-memory mode | +| agent.persistentVolume.mountPropagation | string | `"None"` | agent pod storage mountPropagation | +| agent.persistentVolume.size | string | `"100Gi"` | size of agent pod volume | +| agent.persistentVolume.storageClass | string | `"vald-sc"` | storageClass name for agent pod volume | +| agent.podAnnotations | object | `{}` | pod annotations | +| agent.podManagementPolicy | string | `"OrderedReady"` | pod management policy: OrderedReady or Parallel | +| agent.podPriority.enabled | bool | `true` | agent pod PriorityClass enabled | +| agent.podPriority.value | int | `1000000000` | agent pod PriorityClass value | +| agent.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| agent.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| agent.resources | object | `{"requests":{"cpu":"300m","memory":"4Gi"}}` | compute resources. recommended setting of memory requests = cluster memory \* 0.4 / number of agent pods | +| agent.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| agent.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| agent.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| agent.rollingUpdate.partition | int | `0` | StatefulSet partition | +| agent.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":false,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| agent.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{"startupProbe":{"failureThreshold":200,"periodSeconds":5}}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| agent.service.annotations | object | `{}` | service annotations | +| agent.service.labels | object | `{}` | service labels | +| agent.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.config.auto_backup_duration | string | `"24h"` | auto backup duration | +| agent.sidecar.config.auto_backup_enabled | bool | `true` | auto backup triggered by timer is enabled | +| agent.sidecar.config.blob_storage.bucket | string | `""` | bucket name | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_file_path | string | `""` | credentials file path | +| agent.sidecar.config.blob_storage.cloud_storage.client.credentials_json | string | `""` | credentials json | +| agent.sidecar.config.blob_storage.cloud_storage.url | string | `""` | cloud storage url | +| agent.sidecar.config.blob_storage.cloud_storage.write_buffer_size | int | `0` | bytes of the chunks for upload | +| agent.sidecar.config.blob_storage.cloud_storage.write_cache_control | string | `""` | Cache-Control of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_disposition | string | `""` | Content-Disposition of HTTP Header | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_encoding | string | `""` | the encoding of the blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_language | string | `""` | the language of blob's content | +| agent.sidecar.config.blob_storage.cloud_storage.write_content_type | string | `""` | MIME type of the blob | +| agent.sidecar.config.blob_storage.s3.access_key | string | `"_AWS_ACCESS_KEY_"` | s3 access key | +| agent.sidecar.config.blob_storage.s3.enable_100_continue | bool | `true` | enable AWS SDK adding the 'Expect: 100-Continue' header to PUT requests over 2MB of content. | +| agent.sidecar.config.blob_storage.s3.enable_content_md5_validation | bool | `true` | enable the S3 client to add MD5 checksum to upload API calls. | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_discovery | bool | `false` | enable endpoint discovery | +| agent.sidecar.config.blob_storage.s3.enable_endpoint_host_prefix | bool | `true` | enable prefixing request endpoint hosts with modeled information | +| agent.sidecar.config.blob_storage.s3.enable_param_validation | bool | `true` | enables semantic parameter validation | +| agent.sidecar.config.blob_storage.s3.enable_ssl | bool | `true` | enable ssl for s3 session | +| agent.sidecar.config.blob_storage.s3.endpoint | string | `""` | s3 endpoint | +| agent.sidecar.config.blob_storage.s3.force_path_style | bool | `false` | use path-style addressing | +| agent.sidecar.config.blob_storage.s3.max_chunk_size | string | `"64mb"` | s3 download max chunk size | +| agent.sidecar.config.blob_storage.s3.max_part_size | string | `"64mb"` | s3 multipart upload max part size | +| agent.sidecar.config.blob_storage.s3.max_retries | int | `3` | maximum number of retries of s3 client | +| agent.sidecar.config.blob_storage.s3.region | string | `""` | s3 region | +| agent.sidecar.config.blob_storage.s3.secret_access_key | string | `"_AWS_SECRET_ACCESS_KEY_"` | s3 secret access key | +| agent.sidecar.config.blob_storage.s3.token | string | `""` | s3 token | +| agent.sidecar.config.blob_storage.s3.use_accelerate | bool | `false` | enable s3 accelerate feature | +| agent.sidecar.config.blob_storage.s3.use_arn_region | bool | `false` | s3 service client to use the region specified in the ARN | +| agent.sidecar.config.blob_storage.s3.use_dual_stack | bool | `false` | use dual stack | +| agent.sidecar.config.blob_storage.storage_type | string | `"s3"` | storage type | +| agent.sidecar.config.client.net.dialer.dual_stack_enabled | bool | `false` | HTTP client TCP dialer dual stack enabled | +| agent.sidecar.config.client.net.dialer.keepalive | string | `"5m"` | HTTP client TCP dialer keep alive | +| agent.sidecar.config.client.net.dialer.timeout | string | `"5s"` | HTTP client TCP dialer connect timeout | +| agent.sidecar.config.client.net.dns.cache_enabled | bool | `true` | HTTP client TCP DNS cache enabled | +| agent.sidecar.config.client.net.dns.cache_expiration | string | `"24h"` | | +| agent.sidecar.config.client.net.dns.refresh_duration | string | `"1h"` | HTTP client TCP DNS cache expiration | +| agent.sidecar.config.client.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| agent.sidecar.config.client.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| agent.sidecar.config.client.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| agent.sidecar.config.client.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| agent.sidecar.config.client.net.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| agent.sidecar.config.client.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| agent.sidecar.config.client.net.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| agent.sidecar.config.client.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| agent.sidecar.config.client.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| agent.sidecar.config.client.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| agent.sidecar.config.client.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| agent.sidecar.config.client.net.tls.enabled | bool | `false` | TLS enabled | +| agent.sidecar.config.client.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| agent.sidecar.config.client.net.tls.key | string | `"/path/to/key"` | TLS key path | +| agent.sidecar.config.client.transport.backoff.backoff_factor | float | `1.1` | backoff backoff factor | +| agent.sidecar.config.client.transport.backoff.backoff_time_limit | string | `"5s"` | backoff time limit | +| agent.sidecar.config.client.transport.backoff.enable_error_log | bool | `true` | backoff error log enabled | +| agent.sidecar.config.client.transport.backoff.initial_duration | string | `"5ms"` | backoff initial duration | +| agent.sidecar.config.client.transport.backoff.jitter_limit | string | `"100ms"` | backoff jitter limit | +| agent.sidecar.config.client.transport.backoff.maximum_duration | string | `"5s"` | backoff maximum duration | +| agent.sidecar.config.client.transport.backoff.retry_count | int | `100` | backoff retry count | +| agent.sidecar.config.client.transport.round_tripper.expect_continue_timeout | string | `"5s"` | expect continue timeout | +| agent.sidecar.config.client.transport.round_tripper.force_attempt_http_2 | bool | `true` | force attempt HTTP2 | +| agent.sidecar.config.client.transport.round_tripper.idle_conn_timeout | string | `"90s"` | timeout for idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_conns_per_host | int | `10` | maximum count of connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns | int | `100` | maximum count of idle connections | +| agent.sidecar.config.client.transport.round_tripper.max_idle_conns_per_host | int | `10` | maximum count of idle connections per host | +| agent.sidecar.config.client.transport.round_tripper.max_response_header_size | int | `0` | maximum response header size | +| agent.sidecar.config.client.transport.round_tripper.read_buffer_size | int | `0` | read buffer size | +| agent.sidecar.config.client.transport.round_tripper.response_header_timeout | string | `"5s"` | timeout for response header | +| agent.sidecar.config.client.transport.round_tripper.tls_handshake_timeout | string | `"5s"` | TLS handshake timeout | +| agent.sidecar.config.client.transport.round_tripper.write_buffer_size | int | `0` | write buffer size | +| agent.sidecar.config.compress.compress_algorithm | string | `"gzip"` | compression algorithm. must be `gob`, `gzip`, `lz4` or `zstd` | +| agent.sidecar.config.compress.compression_level | int | `-1` | compression level. value range relies on which algorithm is used. `gob`: level will be ignored. `gzip`: -1 (default compression), 0 (no compression), or 1 (best speed) to 9 (best compression). `lz4`: >= 0, higher is better compression. `zstd`: 1 (fastest) to 22 (best), however implementation relies on klauspost/compress. | +| agent.sidecar.config.filename | string | `"_MY_POD_NAME_"` | backup filename | +| agent.sidecar.config.filename_suffix | string | `".tar.gz"` | suffix for backup filename | +| agent.sidecar.config.post_stop_timeout | string | `"2m"` | timeout for observing file changes during post stop | +| agent.sidecar.config.restore_backoff.backoff_factor | float | `1.2` | restore backoff factor | +| agent.sidecar.config.restore_backoff.backoff_time_limit | string | `"30m"` | restore backoff time limit | +| agent.sidecar.config.restore_backoff.enable_error_log | bool | `true` | restore backoff log enabled | +| agent.sidecar.config.restore_backoff.initial_duration | string | `"1s"` | restore backoff initial duration | +| agent.sidecar.config.restore_backoff.jitter_limit | string | `"10s"` | restore backoff jitter limit | +| agent.sidecar.config.restore_backoff.maximum_duration | string | `"1m"` | restore backoff maximum duration | +| agent.sidecar.config.restore_backoff.retry_count | int | `100` | restore backoff retry count | +| agent.sidecar.config.restore_backoff_enabled | bool | `false` | restore backoff enabled | +| agent.sidecar.config.watch_enabled | bool | `true` | auto backup triggered by file changes is enabled | +| agent.sidecar.enabled | bool | `false` | sidecar enabled | +| agent.sidecar.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"AWS_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"access-key","name":"aws-secret"}}},{"name":"AWS_SECRET_ACCESS_KEY","valueFrom":{"secretKeyRef":{"key":"secret-access-key","name":"aws-secret"}}}]` | environment variables | +| agent.sidecar.image.pullPolicy | string | `"Always"` | image pull policy | +| agent.sidecar.image.repository | string | `"vdaas/vald-agent-sidecar"` | image repository | +| agent.sidecar.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| agent.sidecar.initContainerEnabled | bool | `false` | sidecar on initContainer mode enabled. | +| agent.sidecar.logging | object | `{}` | logging config (overrides defaults.logging) | +| agent.sidecar.name | string | `"vald-agent-sidecar"` | name of agent sidecar | +| agent.sidecar.observability | object | `{"otlp":{"attribute":{"service_name":"vald-agent-sidecar"}}}` | observability config (overrides defaults.observability) | +| agent.sidecar.resources | object | `{"requests":{"cpu":"100m","memory":"100Mi"}}` | compute resources. | +| agent.sidecar.server_config | object | `{"healths":{"liveness":{"enabled":false,"port":13000,"servicePort":13000},"readiness":{"enabled":false,"port":13001,"servicePort":13001},"startup":{"enabled":false,"port":13001}},"metrics":{"pprof":{"port":16060,"servicePort":16060}},"servers":{"grpc":{"enabled":false,"port":18081,"servicePort":18081},"rest":{"enabled":false,"port":18080,"servicePort":18080}}}` | server config (overrides defaults.server_config) | +| agent.sidecar.service.annotations | object | `{}` | agent sidecar service annotations | +| agent.sidecar.service.enabled | bool | `false` | agent sidecar service enabled | +| agent.sidecar.service.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| agent.sidecar.service.labels | object | `{}` | agent sidecar service labels | +| agent.sidecar.service.type | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| agent.sidecar.time_zone | string | `""` | Time zone | +| agent.sidecar.version | string | `"v0.0.0"` | version of agent sidecar config | +| agent.terminationGracePeriodSeconds | int | `120` | duration in seconds pod needs to terminate gracefully | +| agent.time_zone | string | `""` | Time zone | +| agent.tolerations | list | `[]` | tolerations | +| agent.topologySpreadConstraints | list | `[]` | topology spread constraints for agent pods | +| agent.version | string | `"v0.0.0"` | version of agent config | +| agent.volumeMounts | list | `[]` | volume mounts | +| agent.volumes | list | `[]` | volumes | +| defaults.grpc.client.addrs | list | `[]` | gRPC client addresses | +| defaults.grpc.client.backoff.backoff_factor | float | `1.1` | gRPC client backoff factor | +| defaults.grpc.client.backoff.backoff_time_limit | string | `"5s"` | gRPC client backoff time limit | +| defaults.grpc.client.backoff.enable_error_log | bool | `true` | gRPC client backoff log enabled | +| defaults.grpc.client.backoff.initial_duration | string | `"5ms"` | gRPC client backoff initial duration | +| defaults.grpc.client.backoff.jitter_limit | string | `"100ms"` | gRPC client backoff jitter limit | +| defaults.grpc.client.backoff.maximum_duration | string | `"5s"` | gRPC client backoff maximum duration | +| defaults.grpc.client.backoff.retry_count | int | `100` | gRPC client backoff retry count | +| defaults.grpc.client.call_option.max_recv_msg_size | int | `0` | gRPC client call option max receive message size | +| defaults.grpc.client.call_option.max_retry_rpc_buffer_size | int | `0` | gRPC client call option max retry rpc buffer size | +| defaults.grpc.client.call_option.max_send_msg_size | int | `0` | gRPC client call option max send message size | +| defaults.grpc.client.call_option.wait_for_ready | bool | `true` | gRPC client call option wait for ready | +| defaults.grpc.client.circuit_breaker.closed_error_rate | float | `0.7` | gRPC client circuitbreaker closed error rate | +| defaults.grpc.client.circuit_breaker.closed_refresh_timeout | string | `"10s"` | gRPC client circuitbreaker closed refresh timeout | +| defaults.grpc.client.circuit_breaker.half_open_error_rate | float | `0.5` | gRPC client circuitbreaker half-open error rate | +| defaults.grpc.client.circuit_breaker.min_samples | int | `1000` | gRPC client circuitbreaker minimum sampling count | +| defaults.grpc.client.circuit_breaker.open_timeout | string | `"1s"` | gRPC client circuitbreaker open timeout | +| defaults.grpc.client.connection_pool.enable_dns_resolver | bool | `true` | enables gRPC client connection pool dns resolver, when enabled vald uses ip handshake exclude dns discovery which improves network performance | +| defaults.grpc.client.connection_pool.enable_rebalance | bool | `true` | enables gRPC client connection pool rebalance | +| defaults.grpc.client.connection_pool.old_conn_close_duration | string | `"2m"` | makes delay before gRPC client connection closing during connection pool rebalance | +| defaults.grpc.client.connection_pool.rebalance_duration | string | `"30m"` | gRPC client connection pool rebalance duration | +| defaults.grpc.client.connection_pool.size | int | `3` | gRPC client connection pool size | +| defaults.grpc.client.dial_option.backoff_base_delay | string | `"1s"` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_jitter | float | `0.2` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.backoff_max_delay | string | `"120s"` | gRPC client dial option max backoff delay | +| defaults.grpc.client.dial_option.backoff_multiplier | float | `1.6` | gRPC client dial option base backoff delay | +| defaults.grpc.client.dial_option.enable_backoff | bool | `false` | gRPC client dial option backoff enabled | +| defaults.grpc.client.dial_option.initial_connection_window_size | int | `2097152` | gRPC client dial option initial connection window size | +| defaults.grpc.client.dial_option.initial_window_size | int | `1048576` | gRPC client dial option initial window size | +| defaults.grpc.client.dial_option.insecure | bool | `true` | gRPC client dial option insecure enabled | +| defaults.grpc.client.dial_option.interceptors | list | `[]` | gRPC client interceptors | +| defaults.grpc.client.dial_option.keepalive.permit_without_stream | bool | `false` | gRPC client keep alive permit without stream | +| defaults.grpc.client.dial_option.keepalive.time | string | `""` | gRPC client keep alive time | +| defaults.grpc.client.dial_option.keepalive.timeout | string | `"30s"` | gRPC client keep alive timeout | +| defaults.grpc.client.dial_option.max_msg_size | int | `0` | gRPC client dial option max message size | +| defaults.grpc.client.dial_option.min_connection_timeout | string | `"20s"` | gRPC client dial option minimum connection timeout | +| defaults.grpc.client.dial_option.net.dialer.dual_stack_enabled | bool | `true` | gRPC client TCP dialer dual stack enabled | +| defaults.grpc.client.dial_option.net.dialer.keepalive | string | `""` | gRPC client TCP dialer keep alive | +| defaults.grpc.client.dial_option.net.dialer.timeout | string | `""` | gRPC client TCP dialer timeout | +| defaults.grpc.client.dial_option.net.dns.cache_enabled | bool | `true` | gRPC client TCP DNS cache enabled | +| defaults.grpc.client.dial_option.net.dns.cache_expiration | string | `"1h"` | gRPC client TCP DNS cache expiration | +| defaults.grpc.client.dial_option.net.dns.refresh_duration | string | `"30m"` | gRPC client TCP DNS cache refresh duration | +| defaults.grpc.client.dial_option.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.grpc.client.dial_option.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.grpc.client.dial_option.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.grpc.client.dial_option.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.dial_option.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.dial_option.net.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.dial_option.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.dial_option.net.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.grpc.client.dial_option.read_buffer_size | int | `0` | gRPC client dial option read buffer size | +| defaults.grpc.client.dial_option.timeout | string | `""` | gRPC client dial option timeout | +| defaults.grpc.client.dial_option.write_buffer_size | int | `0` | gRPC client dial option write buffer size | +| defaults.grpc.client.health_check_duration | string | `"1s"` | gRPC client health check duration | +| defaults.grpc.client.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.grpc.client.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.grpc.client.tls.enabled | bool | `false` | TLS enabled | +| defaults.grpc.client.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.grpc.client.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.image.tag | string | `"v1.7.9"` | docker image tag | +| defaults.logging.format | string | `"raw"` | logging format. logging format must be `raw` or `json` | +| defaults.logging.level | string | `"debug"` | logging level. logging level must be `debug`, `info`, `warn`, `error` or `fatal`. | +| defaults.logging.logger | string | `"glg"` | logger name. currently logger must be `glg` or `zap`. | +| defaults.networkPolicy.custom | object | `{"egress":[],"ingress":[]}` | custom network policies that a user can add | +| defaults.networkPolicy.custom.egress | list | `[]` | custom egress network policies that a user can add | +| defaults.networkPolicy.custom.ingress | list | `[]` | custom ingress network policies that a user can add | +| defaults.networkPolicy.enabled | bool | `false` | if network policy enabled | +| defaults.observability.enabled | bool | `false` | observability features enabled | +| defaults.observability.metrics.enable_cgo | bool | `true` | CGO metrics enabled | +| defaults.observability.metrics.enable_goroutine | bool | `true` | goroutine metrics enabled | +| defaults.observability.metrics.enable_memory | bool | `true` | memory metrics enabled | +| defaults.observability.metrics.enable_version_info | bool | `true` | version info metrics enabled | +| defaults.observability.metrics.version_info_labels | list | `["vald_version","server_name","git_commit","build_time","go_version","go_os","go_arch","ngt_version"]` | enabled label names of version info | +| defaults.observability.otlp.attribute | object | `{"namespace":"_MY_POD_NAMESPACE_","node_name":"_MY_NODE_NAME_","pod_name":"_MY_POD_NAME_","service_name":"vald"}` | default resource attribute | +| defaults.observability.otlp.attribute.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace | +| defaults.observability.otlp.attribute.node_name | string | `"_MY_NODE_NAME_"` | node name | +| defaults.observability.otlp.attribute.pod_name | string | `"_MY_POD_NAME_"` | pod name | +| defaults.observability.otlp.attribute.service_name | string | `"vald"` | service name | +| defaults.observability.otlp.collector_endpoint | string | `""` | OpenTelemetry Collector endpoint | +| defaults.observability.otlp.metrics_export_interval | string | `"1s"` | metrics export interval | +| defaults.observability.otlp.metrics_export_timeout | string | `"1m"` | metrics export timeout | +| defaults.observability.otlp.trace_batch_timeout | string | `"1s"` | trace batch timeout | +| defaults.observability.otlp.trace_export_timeout | string | `"1m"` | trace export timeout | +| defaults.observability.otlp.trace_max_export_batch_size | int | `1024` | trace maximum export batch size | +| defaults.observability.otlp.trace_max_queue_size | int | `256` | trace maximum queue size | +| defaults.observability.trace.enabled | bool | `false` | trace enabled | +| defaults.server_config.full_shutdown_duration | string | `"600s"` | server full shutdown duration | +| defaults.server_config.healths.liveness.enabled | bool | `true` | liveness server enabled | +| defaults.server_config.healths.liveness.host | string | `"0.0.0.0"` | liveness server host | +| defaults.server_config.healths.liveness.livenessProbe.failureThreshold | int | `2` | liveness probe failure threshold | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.path | string | `"/liveness"` | liveness probe path | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.port | string | `"liveness"` | liveness probe port | +| defaults.server_config.healths.liveness.livenessProbe.httpGet.scheme | string | `"HTTP"` | liveness probe scheme | +| defaults.server_config.healths.liveness.livenessProbe.initialDelaySeconds | int | `5` | liveness probe initial delay seconds | +| defaults.server_config.healths.liveness.livenessProbe.periodSeconds | int | `3` | liveness probe period seconds | +| defaults.server_config.healths.liveness.livenessProbe.successThreshold | int | `1` | liveness probe success threshold | +| defaults.server_config.healths.liveness.livenessProbe.timeoutSeconds | int | `2` | liveness probe timeout seconds | +| defaults.server_config.healths.liveness.port | int | `3000` | liveness server port | +| defaults.server_config.healths.liveness.server.http.handler_timeout | string | `""` | liveness server handler timeout | +| defaults.server_config.healths.liveness.server.http.idle_timeout | string | `""` | liveness server idle timeout | +| defaults.server_config.healths.liveness.server.http.read_header_timeout | string | `""` | liveness server read header timeout | +| defaults.server_config.healths.liveness.server.http.read_timeout | string | `""` | liveness server read timeout | +| defaults.server_config.healths.liveness.server.http.shutdown_duration | string | `"5s"` | liveness server shutdown duration | +| defaults.server_config.healths.liveness.server.http.write_timeout | string | `""` | liveness server write timeout | +| defaults.server_config.healths.liveness.server.mode | string | `""` | liveness server mode | +| defaults.server_config.healths.liveness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.liveness.server.probe_wait_time | string | `"3s"` | liveness server probe wait time | +| defaults.server_config.healths.liveness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.liveness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_fast_open | bool | `true` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.liveness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.liveness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.liveness.servicePort | int | `3000` | liveness server service port | +| defaults.server_config.healths.readiness.enabled | bool | `true` | readiness server enabled | +| defaults.server_config.healths.readiness.host | string | `"0.0.0.0"` | readiness server host | +| defaults.server_config.healths.readiness.port | int | `3001` | readiness server port | +| defaults.server_config.healths.readiness.readinessProbe.failureThreshold | int | `2` | readiness probe failure threshold | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.path | string | `"/readiness"` | readiness probe path | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.port | string | `"readiness"` | readiness probe port | +| defaults.server_config.healths.readiness.readinessProbe.httpGet.scheme | string | `"HTTP"` | readiness probe scheme | +| defaults.server_config.healths.readiness.readinessProbe.initialDelaySeconds | int | `10` | readiness probe initial delay seconds | +| defaults.server_config.healths.readiness.readinessProbe.periodSeconds | int | `3` | readiness probe period seconds | +| defaults.server_config.healths.readiness.readinessProbe.successThreshold | int | `1` | readiness probe success threshold | +| defaults.server_config.healths.readiness.readinessProbe.timeoutSeconds | int | `2` | readiness probe timeout seconds | +| defaults.server_config.healths.readiness.server.http.handler_timeout | string | `""` | readiness server handler timeout | +| defaults.server_config.healths.readiness.server.http.idle_timeout | string | `""` | readiness server idle timeout | +| defaults.server_config.healths.readiness.server.http.read_header_timeout | string | `""` | readiness server read header timeout | +| defaults.server_config.healths.readiness.server.http.read_timeout | string | `""` | readiness server read timeout | +| defaults.server_config.healths.readiness.server.http.shutdown_duration | string | `"0s"` | readiness server shutdown duration | +| defaults.server_config.healths.readiness.server.http.write_timeout | string | `""` | readiness server write timeout | +| defaults.server_config.healths.readiness.server.mode | string | `""` | readiness server mode | +| defaults.server_config.healths.readiness.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.healths.readiness.server.probe_wait_time | string | `"3s"` | readiness server probe wait time | +| defaults.server_config.healths.readiness.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.healths.readiness.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_fast_open | bool | `true` | | +| defaults.server_config.healths.readiness.server.socket_option.tcp_no_delay | bool | `true` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.healths.readiness.server.socket_option.tcp_quick_ack | bool | `true` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.healths.readiness.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.healths.readiness.servicePort | int | `3001` | readiness server service port | +| defaults.server_config.healths.startup.enabled | bool | `true` | startup server enabled | +| defaults.server_config.healths.startup.port | int | `3000` | startup server port | +| defaults.server_config.healths.startup.startupProbe.failureThreshold | int | `30` | startup probe failure threshold | +| defaults.server_config.healths.startup.startupProbe.httpGet.path | string | `"/liveness"` | startup probe path | +| defaults.server_config.healths.startup.startupProbe.httpGet.port | string | `"liveness"` | startup probe port | +| defaults.server_config.healths.startup.startupProbe.httpGet.scheme | string | `"HTTP"` | startup probe scheme | +| defaults.server_config.healths.startup.startupProbe.initialDelaySeconds | int | `5` | startup probe initial delay seconds | +| defaults.server_config.healths.startup.startupProbe.periodSeconds | int | `5` | startup probe period seconds | +| defaults.server_config.healths.startup.startupProbe.successThreshold | int | `1` | startup probe success threshold | +| defaults.server_config.healths.startup.startupProbe.timeoutSeconds | int | `2` | startup probe timeout seconds | +| defaults.server_config.metrics.pprof.enabled | bool | `false` | pprof server enabled | +| defaults.server_config.metrics.pprof.host | string | `"0.0.0.0"` | pprof server host | +| defaults.server_config.metrics.pprof.port | int | `6060` | pprof server port | +| defaults.server_config.metrics.pprof.server.http.handler_timeout | string | `"5s"` | pprof server handler timeout | +| defaults.server_config.metrics.pprof.server.http.idle_timeout | string | `"2s"` | pprof server idle timeout | +| defaults.server_config.metrics.pprof.server.http.read_header_timeout | string | `"1s"` | pprof server read header timeout | +| defaults.server_config.metrics.pprof.server.http.read_timeout | string | `"1s"` | pprof server read timeout | +| defaults.server_config.metrics.pprof.server.http.shutdown_duration | string | `"5s"` | pprof server shutdown duration | +| defaults.server_config.metrics.pprof.server.http.write_timeout | string | `"1m"` | pprof server write timeout | +| defaults.server_config.metrics.pprof.server.mode | string | `"REST"` | pprof server mode | +| defaults.server_config.metrics.pprof.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.metrics.pprof.server.probe_wait_time | string | `"3s"` | pprof server probe wait time | +| defaults.server_config.metrics.pprof.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.metrics.pprof.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_cork | bool | `true` | server listen socket option for tcp_cork functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.metrics.pprof.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.metrics.pprof.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.metrics.pprof.servicePort | int | `6060` | pprof server service port | +| defaults.server_config.servers.grpc.enabled | bool | `true` | gRPC server enabled | +| defaults.server_config.servers.grpc.host | string | `"0.0.0.0"` | gRPC server host | +| defaults.server_config.servers.grpc.port | int | `8081` | gRPC server port | +| defaults.server_config.servers.grpc.server.grpc.bidirectional_stream_concurrency | int | `20` | gRPC server bidirectional stream concurrency | +| defaults.server_config.servers.grpc.server.grpc.connection_timeout | string | `""` | gRPC server connection timeout | +| defaults.server_config.servers.grpc.server.grpc.enable_reflection | bool | `true` | gRPC server reflection option | +| defaults.server_config.servers.grpc.server.grpc.header_table_size | int | `0` | gRPC server header table size | +| defaults.server_config.servers.grpc.server.grpc.initial_conn_window_size | int | `2097152` | gRPC server initial connection window size | +| defaults.server_config.servers.grpc.server.grpc.initial_window_size | int | `1048576` | gRPC server initial window size | +| defaults.server_config.servers.grpc.server.grpc.interceptors | list | `["RecoverInterceptor"]` | gRPC server interceptors | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age | string | `""` | gRPC server keep alive max connection age | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_age_grace | string | `""` | gRPC server keep alive max connection age grace | +| defaults.server_config.servers.grpc.server.grpc.keepalive.max_conn_idle | string | `""` | gRPC server keep alive max connection idle | +| defaults.server_config.servers.grpc.server.grpc.keepalive.min_time | string | `"10m"` | gRPC server keep alive min_time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.permit_without_stream | bool | `false` | gRPC server keep alive permit_without_stream | +| defaults.server_config.servers.grpc.server.grpc.keepalive.time | string | `"3h"` | gRPC server keep alive time | +| defaults.server_config.servers.grpc.server.grpc.keepalive.timeout | string | `"60s"` | gRPC server keep alive timeout | +| defaults.server_config.servers.grpc.server.grpc.max_header_list_size | int | `0` | gRPC server max header list size | +| defaults.server_config.servers.grpc.server.grpc.max_receive_message_size | int | `0` | gRPC server max receive message size | +| defaults.server_config.servers.grpc.server.grpc.max_send_message_size | int | `0` | gRPC server max send message size | +| defaults.server_config.servers.grpc.server.grpc.read_buffer_size | int | `0` | gRPC server read buffer size | +| defaults.server_config.servers.grpc.server.grpc.write_buffer_size | int | `0` | gRPC server write buffer size | +| defaults.server_config.servers.grpc.server.mode | string | `"GRPC"` | gRPC server server mode | +| defaults.server_config.servers.grpc.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.grpc.server.probe_wait_time | string | `"3s"` | gRPC server probe wait time | +| defaults.server_config.servers.grpc.server.restart | bool | `true` | gRPC server restart | +| defaults.server_config.servers.grpc.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.grpc.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.grpc.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.grpc.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.grpc.servicePort | int | `8081` | gRPC server service port | +| defaults.server_config.servers.rest.enabled | bool | `false` | REST server enabled | +| defaults.server_config.servers.rest.host | string | `"0.0.0.0"` | REST server host | +| defaults.server_config.servers.rest.port | int | `8080` | REST server port | +| defaults.server_config.servers.rest.server.http.handler_timeout | string | `"5s"` | REST server handler timeout | +| defaults.server_config.servers.rest.server.http.idle_timeout | string | `"2s"` | REST server idle timeout | +| defaults.server_config.servers.rest.server.http.read_header_timeout | string | `"1s"` | REST server read header timeout | +| defaults.server_config.servers.rest.server.http.read_timeout | string | `"1s"` | REST server read timeout | +| defaults.server_config.servers.rest.server.http.shutdown_duration | string | `"5s"` | REST server shutdown duration | +| defaults.server_config.servers.rest.server.http.write_timeout | string | `"1s"` | REST server write timeout | +| defaults.server_config.servers.rest.server.mode | string | `"REST"` | REST server server mode | +| defaults.server_config.servers.rest.server.network | string | `"tcp"` | mysql network | +| defaults.server_config.servers.rest.server.probe_wait_time | string | `"3s"` | REST server probe wait time | +| defaults.server_config.servers.rest.server.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| defaults.server_config.servers.rest.server.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| defaults.server_config.servers.rest.server.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| defaults.server_config.servers.rest.server.socket_path | string | `""` | mysql socket_path | +| defaults.server_config.servers.rest.servicePort | int | `8080` | REST server service port | +| defaults.server_config.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| defaults.server_config.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| defaults.server_config.tls.enabled | bool | `false` | TLS enabled | +| defaults.server_config.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| defaults.server_config.tls.key | string | `"/path/to/key"` | TLS key path | +| defaults.time_zone | string | `"UTC"` | Time zone | +| discoverer.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| discoverer.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| discoverer.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| discoverer.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| discoverer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-discoverer"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| discoverer.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| discoverer.annotations | object | `{}` | deployment annotations | +| discoverer.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| discoverer.clusterRole.name | string | `"discoverer"` | name of clusterRole | +| discoverer.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| discoverer.clusterRoleBinding.name | string | `"discoverer"` | name of clusterRoleBinding | +| discoverer.discoverer.discovery_duration | string | `"3s"` | duration to discovery | +| discoverer.discoverer.name | string | `""` | name to discovery | +| discoverer.discoverer.namespace | string | `"_MY_POD_NAMESPACE_"` | namespace to discovery | +| discoverer.discoverer.net.dialer.dual_stack_enabled | bool | `false` | TCP dialer dual stack enabled | +| discoverer.discoverer.net.dialer.keepalive | string | `"10m"` | TCP dialer keep alive | +| discoverer.discoverer.net.dialer.timeout | string | `"30s"` | TCP dialer timeout | +| discoverer.discoverer.net.dns.cache_enabled | bool | `true` | TCP DNS cache enabled | +| discoverer.discoverer.net.dns.cache_expiration | string | `"24h"` | TCP DNS cache expiration | +| discoverer.discoverer.net.dns.refresh_duration | string | `"5m"` | TCP DNS cache refresh duration | +| discoverer.discoverer.net.socket_option.ip_recover_destination_addr | bool | `false` | server listen socket option for ip_recover_destination_addr functionality | +| discoverer.discoverer.net.socket_option.ip_transparent | bool | `false` | server listen socket option for ip_transparent functionality | +| discoverer.discoverer.net.socket_option.reuse_addr | bool | `true` | server listen socket option for reuse_addr functionality | +| discoverer.discoverer.net.socket_option.reuse_port | bool | `true` | server listen socket option for reuse_port functionality | +| discoverer.discoverer.net.socket_option.tcp_cork | bool | `false` | server listen socket option for tcp_cork functionality | +| discoverer.discoverer.net.socket_option.tcp_defer_accept | bool | `false` | server listen socket option for tcp_defer_accept functionality | +| discoverer.discoverer.net.socket_option.tcp_fast_open | bool | `false` | server listen socket option for tcp_fast_open functionality | +| discoverer.discoverer.net.socket_option.tcp_no_delay | bool | `false` | server listen socket option for tcp_no_delay functionality | +| discoverer.discoverer.net.socket_option.tcp_quick_ack | bool | `false` | server listen socket option for tcp_quick_ack functionality | +| discoverer.discoverer.net.tls.ca | string | `"/path/to/ca"` | TLS ca path | +| discoverer.discoverer.net.tls.cert | string | `"/path/to/cert"` | TLS cert path | +| discoverer.discoverer.net.tls.enabled | bool | `false` | TLS enabled | +| discoverer.discoverer.net.tls.insecure_skip_verify | bool | `false` | enable/disable skip SSL certificate verification | +| discoverer.discoverer.net.tls.key | string | `"/path/to/key"` | TLS key path | +| discoverer.discoverer.selectors | object | `{"node":{"fields":{},"labels":{}},"node_metrics":{"fields":{},"labels":{}},"pod":{"fields":{},"labels":{}},"pod_metrics":{"fields":{},"labels":{}}}` | k8s resource selectors | +| discoverer.discoverer.selectors.node | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node discovery | +| discoverer.discoverer.selectors.node.fields | object | `{}` | k8s field selectors for node discovery | +| discoverer.discoverer.selectors.node.labels | object | `{}` | k8s label selectors for node discovery | +| discoverer.discoverer.selectors.node_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.fields | object | `{}` | k8s field selectors for node_metrics discovery | +| discoverer.discoverer.selectors.node_metrics.labels | object | `{}` | k8s label selectors for node_metrics discovery | +| discoverer.discoverer.selectors.pod | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod discovery | +| discoverer.discoverer.selectors.pod.fields | object | `{}` | k8s field selectors for pod discovery | +| discoverer.discoverer.selectors.pod.labels | object | `{}` | k8s label selectors for pod discovery | +| discoverer.discoverer.selectors.pod_metrics | object | `{"fields":{},"labels":{}}` | k8s resource selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.fields | object | `{}` | k8s field selectors for pod_metrics discovery | +| discoverer.discoverer.selectors.pod_metrics.labels | object | `{}` | k8s label selectors for pod_metrics discovery | +| discoverer.enabled | bool | `true` | discoverer enabled | +| discoverer.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| discoverer.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| discoverer.hpa.enabled | bool | `false` | HPA enabled | +| discoverer.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| discoverer.image.pullPolicy | string | `"Always"` | image pull policy | +| discoverer.image.repository | string | `"vdaas/vald-discoverer-k8s"` | image repository | +| discoverer.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| discoverer.initContainers | list | `[]` | init containers | +| discoverer.internalTrafficPolicy | string | `""` | internal traffic policy : Cluster or Local | +| discoverer.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| discoverer.logging | object | `{}` | logging config (overrides defaults.logging) | +| discoverer.maxReplicas | int | `2` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| discoverer.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| discoverer.minReplicas | int | `1` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| discoverer.name | string | `"vald-discoverer"` | name of discoverer deployment | +| discoverer.nodeName | string | `""` | node name | +| discoverer.nodeSelector | object | `{}` | node selector | +| discoverer.observability | object | `{"otlp":{"attribute":{"service_name":"vald-discoverer"}}}` | observability config (overrides defaults.observability) | +| discoverer.podAnnotations | object | `{}` | pod annotations | +| discoverer.podPriority.enabled | bool | `true` | discoverer pod PriorityClass enabled | +| discoverer.podPriority.value | int | `1000000` | discoverer pod PriorityClass value | +| discoverer.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| discoverer.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| discoverer.resources | object | `{"limits":{"cpu":"600m","memory":"200Mi"},"requests":{"cpu":"200m","memory":"65Mi"}}` | compute resources | +| discoverer.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| discoverer.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| discoverer.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| discoverer.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| discoverer.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| discoverer.service.annotations | object | `{}` | service annotations | +| discoverer.service.labels | object | `{}` | service labels | +| discoverer.serviceAccount.enabled | bool | `true` | creates service account | +| discoverer.serviceAccount.name | string | `"vald"` | name of service account | +| discoverer.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| discoverer.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| discoverer.time_zone | string | `""` | Time zone | +| discoverer.tolerations | list | `[]` | tolerations | +| discoverer.topologySpreadConstraints | list | `[]` | topology spread constraints of discoverer pods | +| discoverer.version | string | `"v0.0.0"` | version of discoverer config | +| discoverer.volumeMounts | list | `[]` | volume mounts | +| discoverer.volumes | list | `[]` | volumes | +| gateway.filter.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.filter.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.filter.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.filter.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.filter.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-filter-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.filter.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.filter.annotations | object | `{}` | deployment annotations | +| gateway.filter.enabled | bool | `false` | gateway enabled | +| gateway.filter.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.filter.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.gateway_config.egress_filter | object | `{"client":{},"distance_filters":[],"object_filters":[]}` | gRPC client config for egress filter | +| gateway.filter.gateway_config.egress_filter.client | object | `{}` | gRPC client config for egress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.egress_filter.distance_filters | list | `[]` | distance egress vector filter targets | +| gateway.filter.gateway_config.egress_filter.object_filters | list | `[]` | object egress vector filter targets | +| gateway.filter.gateway_config.gateway_client | object | `{}` | gRPC client for next gateway (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter | object | `{"client":{},"insert_filters":[],"search_filters":[],"update_filters":[],"upsert_filters":[],"vectorizer":""}` | gRPC client config for ingress filter | +| gateway.filter.gateway_config.ingress_filter.client | object | `{}` | gRPC client for ingress filter (overrides defaults.grpc.client) | +| gateway.filter.gateway_config.ingress_filter.insert_filters | list | `[]` | insert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.search_filters | list | `[]` | search ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.update_filters | list | `[]` | update ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.upsert_filters | list | `[]` | upsert ingress vector filter targets | +| gateway.filter.gateway_config.ingress_filter.vectorizer | string | `""` | object ingress vectorize filter targets | +| gateway.filter.hpa.enabled | bool | `true` | HPA enabled | +| gateway.filter.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.filter.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.filter.image.repository | string | `"vdaas/vald-filter-gateway"` | image repository | +| gateway.filter.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.filter.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.filter.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.filter.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.filter.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.filter.ingress.host | string | `"filter.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.filter.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.filter.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.filter.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-gateway-lb","sleepDuration":2,"target":"gateway-lb","type":"wait-for"}]` | init containers | +| gateway.filter.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.filter.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.filter.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.filter.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.filter.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.filter.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.filter.name | string | `"vald-filter-gateway"` | name of filter gateway deployment | +| gateway.filter.nodeName | string | `""` | node name | +| gateway.filter.nodeSelector | object | `{}` | node selector | +| gateway.filter.observability | object | `{"otlp":{"attribute":{"service_name":"vald-filter-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.filter.podAnnotations | object | `{}` | pod annotations | +| gateway.filter.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.filter.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.filter.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.filter.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.filter.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.filter.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.filter.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.filter.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.filter.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.filter.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.filter.service.annotations | object | `{}` | service annotations | +| gateway.filter.service.labels | object | `{}` | service labels | +| gateway.filter.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.filter.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.filter.time_zone | string | `""` | Time zone | +| gateway.filter.tolerations | list | `[]` | tolerations | +| gateway.filter.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.filter.version | string | `"v0.0.0"` | version of gateway config | +| gateway.filter.volumeMounts | list | `[]` | volume mounts | +| gateway.filter.volumes | list | `[]` | volumes | +| gateway.lb.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| gateway.lb.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| gateway.lb.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| gateway.lb.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| gateway.lb.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[{"podAffinityTerm":{"labelSelector":{"matchExpressions":[{"key":"app","operator":"In","values":["vald-lb-gateway"]}]},"topologyKey":"kubernetes.io/hostname"},"weight":100}]` | pod anti-affinity preferred scheduling terms | +| gateway.lb.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| gateway.lb.annotations | object | `{}` | deployment annotations | +| gateway.lb.enabled | bool | `true` | gateway enabled | +| gateway.lb.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| gateway.lb.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.gateway_config.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | agent namespace | +| gateway.lb.gateway_config.discoverer.agent_client_options | object | `{}` | gRPC client options for agents (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| gateway.lb.gateway_config.discoverer.duration | string | `"200ms"` | | +| gateway.lb.gateway_config.index_replica | int | `3` | number of index replica | +| gateway.lb.gateway_config.multi_operation_concurrency | int | `20` | number of concurrency of multiXXX api's operation | +| gateway.lb.gateway_config.node_name | string | `""` | node name | +| gateway.lb.hpa.enabled | bool | `true` | HPA enabled | +| gateway.lb.hpa.targetCPUUtilizationPercentage | int | `80` | HPA CPU utilization percentage | +| gateway.lb.image.pullPolicy | string | `"Always"` | image pull policy | +| gateway.lb.image.repository | string | `"vdaas/vald-lb-gateway"` | image repository | +| gateway.lb.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| gateway.lb.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/grpc-backend":"true"}` | annotations for ingress | +| gateway.lb.ingress.defaultBackend | object | `{"enabled":true}` | defaultBackend config | +| gateway.lb.ingress.defaultBackend.enabled | bool | `true` | gateway ingress defaultBackend enabled | +| gateway.lb.ingress.enabled | bool | `false` | gateway ingress enabled | +| gateway.lb.ingress.host | string | `"lb.gateway.vald.vdaas.org"` | ingress hostname | +| gateway.lb.ingress.pathType | string | `"ImplementationSpecific"` | gateway ingress pathType | +| gateway.lb.ingress.servicePort | string | `"grpc"` | service port to be exposed by ingress | +| gateway.lb.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"}]` | init containers | +| gateway.lb.internalTrafficPolicy | string | `""` | internal traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| gateway.lb.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| gateway.lb.logging | object | `{}` | logging config (overrides defaults.logging) | +| gateway.lb.maxReplicas | int | `9` | maximum number of replicas. if HPA is disabled, this value will be ignored. | +| gateway.lb.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| gateway.lb.minReplicas | int | `3` | minimum number of replicas. if HPA is disabled, the replicas will be set to this value | +| gateway.lb.name | string | `"vald-lb-gateway"` | name of gateway deployment | +| gateway.lb.nodeName | string | `""` | node name | +| gateway.lb.nodeSelector | object | `{}` | node selector | +| gateway.lb.observability | object | `{"otlp":{"attribute":{"service_name":"vald-lb-gateway"}}}` | observability config (overrides defaults.observability) | +| gateway.lb.podAnnotations | object | `{}` | pod annotations | +| gateway.lb.podPriority.enabled | bool | `true` | gateway pod PriorityClass enabled | +| gateway.lb.podPriority.value | int | `1000000` | gateway pod PriorityClass value | +| gateway.lb.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| gateway.lb.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| gateway.lb.resources | object | `{"limits":{"cpu":"2000m","memory":"700Mi"},"requests":{"cpu":"200m","memory":"150Mi"}}` | compute resources | +| gateway.lb.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| gateway.lb.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| gateway.lb.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| gateway.lb.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| gateway.lb.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| gateway.lb.service.annotations | object | `{}` | service annotations | +| gateway.lb.service.labels | object | `{}` | service labels | +| gateway.lb.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| gateway.lb.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| gateway.lb.time_zone | string | `""` | Time zone | +| gateway.lb.tolerations | list | `[]` | tolerations | +| gateway.lb.topologySpreadConstraints | list | `[]` | topology spread constraints of gateway pods | +| gateway.lb.version | string | `"v0.0.0"` | version of gateway config | +| gateway.lb.volumeMounts | list | `[]` | volume mounts | +| gateway.lb.volumes | list | `[]` | volumes | +| manager.index.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | node affinity preferred scheduling terms | +| manager.index.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms | list | `[]` | node affinity required node selectors | +| manager.index.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity preferred scheduling terms | +| manager.index.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod affinity required scheduling terms | +| manager.index.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity preferred scheduling terms | +| manager.index.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution | list | `[]` | pod anti-affinity required scheduling terms | +| manager.index.annotations | object | `{}` | deployment annotations | +| manager.index.corrector.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.corrector.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.corrector.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.corrector.enabled | bool | `false` | enable index correction CronJob | +| manager.index.corrector.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.corrector.image.pullPolicy | string | `"Always"` | | +| manager.index.corrector.image.repository | string | `"vdaas/vald-index-correction"` | image repository | +| manager.index.corrector.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.corrector.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.corrector.kvs_async_write_concurrency | int | `2048` | concurrency for kvs async write | +| manager.index.corrector.name | string | `"vald-index-correction"` | name of index correction job | +| manager.index.corrector.node_name | string | `""` | node name | +| manager.index.corrector.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-correction"}}}` | observability config (overrides defaults.observability) | +| manager.index.corrector.schedule | string | `"6 3 * * *"` | CronJob schedule setting for index correction | +| manager.index.corrector.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.corrector.startingDeadlineSeconds | int | `86400` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.corrector.stream_list_concurrency | int | `200` | concurrency for stream list object rpc | +| manager.index.corrector.suspend | bool | `false` | CronJob suspend setting for index correction | +| manager.index.corrector.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.corrector.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.creator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.creator.concurrency | int | `1` | concurrency for indexing | +| manager.index.creator.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.creator.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.creator.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.creator.enabled | bool | `false` | enable index creation CronJob | +| manager.index.creator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.creator.image.pullPolicy | string | `"Always"` | | +| manager.index.creator.image.repository | string | `"vdaas/vald-index-creation"` | image repository | +| manager.index.creator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.creator.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.creator.name | string | `"vald-index-creation"` | name of index creation job | +| manager.index.creator.node_name | string | `""` | node name | +| manager.index.creator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-creation"}}}` | observability config (overrides defaults.observability) | +| manager.index.creator.schedule | string | `"* * * * *"` | CronJob schedule setting for index creation | +| manager.index.creator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.creator.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.creator.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.creator.target_addrs | list | `[]` | indexing target addresses | +| manager.index.creator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.creator.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.enabled | bool | `true` | index manager enabled | +| manager.index.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.externalTrafficPolicy | string | `""` | external traffic policy (can be specified when service type is LoadBalancer or NodePort) : Cluster or Local | +| manager.index.image.pullPolicy | string | `"Always"` | image pull policy | +| manager.index.image.repository | string | `"vdaas/vald-manager-index"` | image repository | +| manager.index.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.indexer.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.indexer.auto_index_check_duration | string | `"1m"` | check duration of automatic indexing | +| manager.index.indexer.auto_index_duration_limit | string | `"30m"` | limit duration of automatic indexing | +| manager.index.indexer.auto_index_length | int | `100` | number of cache to trigger automatic indexing | +| manager.index.indexer.auto_save_index_duration_limit | string | `"3h"` | limit duration of automatic index saving | +| manager.index.indexer.auto_save_index_wait_duration | string | `"10m"` | duration of automatic index saving wait duration for next saving | +| manager.index.indexer.concurrency | int | `1` | concurrency | +| manager.index.indexer.creation_pool_size | int | `16` | number of pool size of create index processing | +| manager.index.indexer.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.indexer.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.indexer.node_name | string | `""` | node name | +| manager.index.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.kind | string | `"Deployment"` | deployment kind: Deployment or DaemonSet | +| manager.index.logging | object | `{}` | logging config (overrides defaults.logging) | +| manager.index.maxUnavailable | string | `"50%"` | maximum number of unavailable replicas | +| manager.index.name | string | `"vald-manager-index"` | name of index manager deployment | +| manager.index.nodeName | string | `""` | node name | +| manager.index.nodeSelector | object | `{}` | node selector | +| manager.index.observability | object | `{"otlp":{"attribute":{"service_name":"vald-manager-index"}}}` | observability config (overrides defaults.observability) | +| manager.index.podAnnotations | object | `{}` | pod annotations | +| manager.index.podPriority.enabled | bool | `true` | index manager pod PriorityClass enabled | +| manager.index.podPriority.value | int | `1000000` | index manager pod PriorityClass value | +| manager.index.podSecurityContext | object | `{"fsGroup":65532,"fsGroupChangePolicy":"OnRootMismatch","runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for pod | +| manager.index.progressDeadlineSeconds | int | `600` | progress deadline seconds | +| manager.index.readreplica.rotator | object | `{"agent_namespace":"_MY_POD_NAMESPACE_","clusterRole":{"enabled":true,"name":"vald-readreplica-rotate"},"clusterRoleBinding":{"enabled":true,"name":"vald-readreplica-rotate"},"env":[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":{"pullPolicy":"Always","repository":"vdaas/vald-readreplica-rotate","tag":""},"initContainers":[],"name":"vald-readreplica-rotate","observability":{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}},"read_replica_id":"_MY_TARGET_REPLICA_ID_","server_config":{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}},"serviceAccount":{"enabled":true,"name":"vald-readreplica-rotate"},"ttlSecondsAfterFinished":86400,"version":"v0.0.0"}` | [This feature is work in progress] readreplica agents rotation job | +| manager.index.readreplica.rotator.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.readreplica.rotator.clusterRole.enabled | bool | `true` | creates clusterRole resource | +| manager.index.readreplica.rotator.clusterRole.name | string | `"vald-readreplica-rotate"` | name of clusterRole | +| manager.index.readreplica.rotator.clusterRoleBinding.enabled | bool | `true` | creates clusterRoleBinding resource | +| manager.index.readreplica.rotator.clusterRoleBinding.name | string | `"vald-readreplica-rotate"` | name of clusterRoleBinding | +| manager.index.readreplica.rotator.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.readreplica.rotator.image.repository | string | `"vdaas/vald-readreplica-rotate"` | image repository | +| manager.index.readreplica.rotator.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.readreplica.rotator.initContainers | list | `[]` | init containers | +| manager.index.readreplica.rotator.name | string | `"vald-readreplica-rotate"` | name of readreplica rotator job | +| manager.index.readreplica.rotator.observability | object | `{"otlp":{"attribute":{"service_name":"vald-readreplica-rotation"}}}` | observability config (overrides defaults.observability) | +| manager.index.readreplica.rotator.read_replica_id | string | `"_MY_TARGET_REPLICA_ID_"` | read replica id to perform rotation | +| manager.index.readreplica.rotator.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.readreplica.rotator.serviceAccount.enabled | bool | `true` | creates service account | +| manager.index.readreplica.rotator.serviceAccount.name | string | `"vald-readreplica-rotate"` | name of service account | +| manager.index.readreplica.rotator.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.readreplica.rotator.version | string | `"v0.0.0"` | version of readreplica rotator config | +| manager.index.replicas | int | `1` | number of replicas | +| manager.index.resources | object | `{"limits":{"cpu":"1000m","memory":"500Mi"},"requests":{"cpu":"200m","memory":"80Mi"}}` | compute resources | +| manager.index.revisionHistoryLimit | int | `2` | number of old history to retain to allow rollback | +| manager.index.rollingUpdate.maxSurge | string | `"25%"` | max surge of rolling update | +| manager.index.rollingUpdate.maxUnavailable | string | `"25%"` | max unavailable of rolling update | +| manager.index.saver.agent_namespace | string | `"_MY_POD_NAMESPACE_"` | namespace of agent pods to manage | +| manager.index.saver.concurrency | int | `1` | concurrency for index saving | +| manager.index.saver.discoverer.agent_client_options | object | `{"dial_option":{"net":{"dialer":{"keepalive":"15m"}}}}` | gRPC client options for agents (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.client | object | `{}` | gRPC client for discoverer (overrides defaults.grpc.client) | +| manager.index.saver.discoverer.duration | string | `"500ms"` | refresh duration to discover | +| manager.index.saver.enabled | bool | `false` | enable index save CronJob | +| manager.index.saver.env | list | `[{"name":"MY_NODE_NAME","valueFrom":{"fieldRef":{"fieldPath":"spec.nodeName"}}},{"name":"MY_POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"MY_POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}]` | environment variables | +| manager.index.saver.image.pullPolicy | string | `"Always"` | | +| manager.index.saver.image.repository | string | `"vdaas/vald-index-save"` | image repository | +| manager.index.saver.image.tag | string | `""` | image tag (overrides defaults.image.tag) | +| manager.index.saver.initContainers | list | `[{"image":"busybox:stable","name":"wait-for-agent","sleepDuration":2,"target":"agent","type":"wait-for"},{"image":"busybox:stable","name":"wait-for-discoverer","sleepDuration":2,"target":"discoverer","type":"wait-for"}]` | init containers | +| manager.index.saver.name | string | `"vald-index-save"` | name of index save job | +| manager.index.saver.node_name | string | `""` | node name | +| manager.index.saver.observability | object | `{"otlp":{"attribute":{"service_name":"vald-index-save"}}}` | observability config (overrides defaults.observability) | +| manager.index.saver.schedule | string | `"0 */3 * * *"` | CronJob schedule setting for index save | +| manager.index.saver.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.saver.startingDeadlineSeconds | int | `43200` | startingDeadlineSeconds setting for K8s completed jobs | +| manager.index.saver.suspend | bool | `false` | CronJob suspend setting for index creation | +| manager.index.saver.target_addrs | list | `[]` | index saving target addresses | +| manager.index.saver.ttlSecondsAfterFinished | int | `86400` | ttl setting for K8s completed jobs | +| manager.index.saver.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532}` | security context for container | +| manager.index.server_config | object | `{"healths":{"liveness":{},"readiness":{},"startup":{}},"metrics":{"pprof":{}},"servers":{"grpc":{},"rest":{}}}` | server config (overrides defaults.server_config) | +| manager.index.service.annotations | object | `{}` | service annotations | +| manager.index.service.labels | object | `{}` | service labels | +| manager.index.serviceType | string | `"ClusterIP"` | service type: ClusterIP, LoadBalancer or NodePort | +| manager.index.terminationGracePeriodSeconds | int | `30` | duration in seconds pod needs to terminate gracefully | +| manager.index.time_zone | string | `""` | Time zone | +| manager.index.tolerations | list | `[]` | tolerations | +| manager.index.topologySpreadConstraints | list | `[]` | topology spread constraints of index manager pods | +| manager.index.version | string | `"v0.0.0"` | version of index manager config | +| manager.index.volumeMounts | list | `[]` | volume mounts | +| manager.index.volumes | list | `[]` | volumes | diff --git a/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml b/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml new file mode 100644 index 0000000000..921d78f061 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/clusterrole.yaml @@ -0,0 +1,59 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.clusterRole.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ $rotator.clusterRole.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +rules: + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - create + - delete + - apiGroups: + - "apps" + resources: + - deployments + verbs: + - get + - list + - watch + - update +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml b/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml new file mode 100644 index 0000000000..e69382eae5 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/clusterrolebinding.yaml @@ -0,0 +1,37 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.clusterRoleBinding.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ $rotator.clusterRoleBinding.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ $rotator.clusterRole.name }} +subjects: + - kind: ServiceAccount + name: {{ $rotator.serviceAccount.name }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml new file mode 100644 index 0000000000..6402c217b0 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/configmap.yaml @@ -0,0 +1,52 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- $gateway := .Values.gateway.lb -}} +{{- $index := .Values.manager.index -}} +{{- $agent := .Values.agent -}} +{{- $discoverer := .Values.discoverer -}} +{{- if $rotator.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $rotator.name }}-config + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: {{ $rotator.name }} +data: + config.yaml: | + --- + version: {{ $rotator.version }} + time_zone: {{ default .Values.defaults.time_zone $rotator.time_zone }} + logging: + {{- $logging := dict "Values" $rotator.logging "default" .Values.defaults.logging }} + {{- include "vald.logging" $logging | nindent 6 }} + server_config: + {{- $servers := dict "Values" $rotator.server_config "default" .Values.defaults.server_config }} + {{- include "vald.servers" $servers | nindent 6 }} + observability: + {{- $observability := dict "Values" $rotator.observability "default" .Values.defaults.observability }} + {{- include "vald.observability" $observability | nindent 6 }} + rotator: + agent_namespace: {{ $rotator.agent_namespace | quote }} + read_replica_label_key: "vald-readreplica-id" + read_replica_id: "_MY_TARGET_REPLICA_ID_" + volume_name: "vald-agent-ngt-readreplica-pvc" +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml new file mode 100644 index 0000000000..4988b8af02 --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/cronjob.yaml @@ -0,0 +1,79 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if $rotator.enabled }} +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ $rotator.name }} + labels: + app: {{ $rotator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} +spec: + schedule: "0 0 31 2 *" # This never happens as February never has 31 days so we can prevent this cronjob from running automatically + concurrencyPolicy: Forbid + suspend: true # This cronjob should only be run manually by index manager + startingDeadlineSeconds: 0 # To prevent being blocked in any case + jobTemplate: + spec: + ttlSecondsAfterFinished: {{ $rotator.ttlSecondsAfterFinished }} + template: + metadata: + labels: + app: {{ $rotator.name }} + app.kubernetes.io/name: {{ include "vald.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: {{ $rotator.name }} + annotations: + {{- $pprof := default .Values.defaults.server_config.metrics.pprof $rotator.server_config.metrics.pprof -}} + {{- if $pprof.enabled }} + pyroscope.io/scrape: "true" + pyroscope.io/application-name: {{ $rotator.name }} + pyroscope.io/profile-cpu-enabled: "true" + pyroscope.io/profile-mem-enabled: "true" + pyroscope.io/port: {{ $pprof.port | quote }} + {{- end }} + spec: + {{- if $rotator.initContainers }} + initContainers: + {{- $initContainers := dict "initContainers" $rotator.initContainers "Values" .Values "namespace" .Release.Namespace -}} + {{- include "vald.initContainers" $initContainers | trim | nindent 12 }} + {{- end }} + containers: + - name: {{ $rotator.name }} + image: "{{ $rotator.image.repository }}:{{ default .Values.defaults.image.tag $rotator.image.tag }}" + imagePullPolicy: {{ $rotator.image.pullPolicy }} + volumeMounts: + - name: {{ $rotator.name }}-config + mountPath: /etc/server/ + {{- $servers := dict "Values" $rotator.server_config "default" .Values.defaults.server_config -}} + {{- include "vald.containerPorts" $servers | trim | nindent 14 }} + {{- if $rotator.env }} + env: + {{- toYaml $rotator.env | nindent 16 }} + {{- end }} + restartPolicy: OnFailure + volumes: + - name: {{ $rotator.name }}-config + configMap: + defaultMode: 420 + name: {{ $rotator.name }}-config + serviceAccountName: {{ $rotator.serviceAccount.name }} +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/networkpolicy.yaml b/charts/vald/templates/index/job/readreplica/rotate/networkpolicy.yaml new file mode 100644 index 0000000000..adb7f7ae3f --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/networkpolicy.yaml @@ -0,0 +1,46 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and .Values.defaults.networkPolicy.enabled $rotator.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ $rotator.name }}-allow +spec: + podSelector: + matchLabels: + app: {{ $rotator.name }} + policyTypes: + - Ingress + - Egress + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + {{- if .Values.defaults.networkPolicy.custom.ingress }} + {{- toYaml .Values.defaults.networkPolicy.custom.ingress | nindent 4 }} + {{- end }} + egress: + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + {{- if .Values.defaults.networkPolicy.custom.egress }} + {{- toYaml .Values.defaults.networkPolicy.custom.egress | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml new file mode 100644 index 0000000000..5afae0eeab --- /dev/null +++ b/charts/vald/templates/index/job/readreplica/rotate/serviceaccount.yaml @@ -0,0 +1,29 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +{{- $rotator := .Values.manager.index.readreplica.rotator -}} +{{- if and $rotator.enabled $rotator.serviceAccount.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ $rotator.serviceAccount.name }} + labels: + app.kubernetes.io/name: {{ include "vald.name" . }} + helm.sh/chart: {{ include "vald.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.Version }} + app.kubernetes.io/component: rotator +{{- end }} diff --git a/charts/vald/values.schema.json b/charts/vald/values.schema.json index dcfcc916fc..b4b3ca9576 100644 --- a/charts/vald/values.schema.json +++ b/charts/vald/values.schema.json @@ -14402,6 +14402,1109 @@ "type": "integer", "description": "progress deadline seconds" }, + "readreplica": { + "type": "object", + "description": "[This feature is work in progress] readreplica agents rotation job", + "properties": { + "": { "type": "object" }, + "agent_namespace": { + "type": "string", + "description": "namespace of agent pods to manage" + }, + "clusterRole": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates clusterRole resource" + }, + "name": { + "type": "string", + "description": "name of clusterRole" + } + } + }, + "clusterRoleBinding": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates clusterRoleBinding resource" + }, + "name": { + "type": "string", + "description": "name of clusterRoleBinding" + } + } + }, + "env": { + "type": "array", + "description": "environment variables", + "items": { "type": "object" } + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "type": "string", + "description": "image pull policy", + "enum": ["Always", "Never", "IfNotPresent"] + }, + "repository": { + "type": "string", + "description": "image repository" + }, + "tag": { + "type": "string", + "description": "image tag (overrides defaults.image.tag)" + } + } + }, + "initContainers": { + "type": "array", + "description": "init containers", + "items": { "type": "object" } + }, + "name": { + "type": "string", + "description": "name of readreplica rotator job" + }, + "observability": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "observability features enabled" + }, + "metrics": { + "type": "object", + "properties": { + "enable_cgo": { + "type": "boolean", + "description": "CGO metrics enabled" + }, + "enable_goroutine": { + "type": "boolean", + "description": "goroutine metrics enabled" + }, + "enable_memory": { + "type": "boolean", + "description": "memory metrics enabled" + }, + "enable_version_info": { + "type": "boolean", + "description": "version info metrics enabled" + }, + "version_info_labels": { + "type": "array", + "description": "enabled label names of version info", + "items": { + "type": "string", + "enum": [ + "vald_version", + "server_name", + "git_commit", + "build_time", + "go_version", + "go_os", + "go_arch", + "cgo_enabled", + "ngt_version", + "build_cpu_info_flags" + ] + } + } + } + }, + "otlp": { + "type": "object", + "properties": { + "attribute": { + "type": "object", + "description": "default resource attribute", + "properties": { + "namespace": { + "type": "string", + "description": "namespace" + }, + "node_name": { + "type": "string", + "description": "node name" + }, + "pod_name": { + "type": "string", + "description": "pod name" + }, + "service_name": { + "type": "string", + "description": "service name" + } + } + }, + "collector_endpoint": { + "type": "string", + "description": "OpenTelemetry Collector endpoint" + }, + "metrics_export_interval": { + "type": "string", + "description": "metrics export interval" + }, + "metrics_export_timeout": { + "type": "string", + "description": "metrics export timeout" + }, + "trace_batch_timeout": { + "type": "string", + "description": "trace batch timeout" + }, + "trace_export_timeout": { + "type": "string", + "description": "trace export timeout" + }, + "trace_max_export_batch_size": { + "type": "integer", + "description": "trace maximum export batch size" + }, + "trace_max_queue_size": { + "type": "integer", + "description": "trace maximum queue size" + } + } + }, + "trace": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "trace enabled" + } + } + } + } + }, + "read_replica_id": { + "type": "string", + "description": "read replica id to perform rotation" + }, + "server_config": { + "type": "object", + "properties": { + "full_shutdown_duration": { + "type": "string", + "description": "server full shutdown duration" + }, + "healths": { + "type": "object", + "properties": { + "liveness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "liveness server enabled" + }, + "host": { + "type": "string", + "description": "liveness server host" + }, + "livenessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "liveness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "liveness probe path" + }, + "port": { + "type": "string", + "description": "liveness probe port" + }, + "scheme": { + "type": "string", + "description": "liveness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "liveness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "liveness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "liveness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "liveness probe timeout seconds" + } + } + }, + "port": { + "type": "integer", + "description": "liveness server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "liveness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "readiness": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "readiness server enabled" + }, + "host": { + "type": "string", + "description": "readiness server host" + }, + "port": { + "type": "integer", + "description": "readiness server port", + "maximum": 65535, + "minimum": 0 + }, + "readinessProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "readiness probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "readiness probe path" + }, + "port": { + "type": "string", + "description": "readiness probe port" + }, + "scheme": { + "type": "string", + "description": "readiness probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "readiness probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "readiness probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "readiness probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "readiness probe timeout seconds" + } + } + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "readiness server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "startup": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "startup server enabled" + }, + "port": { + "type": "integer", + "description": "startup server port", + "maximum": 65535, + "minimum": 0 + }, + "startupProbe": { + "type": "object", + "properties": { + "failureThreshold": { + "type": "integer", + "description": "startup probe failure threshold" + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "startup probe path" + }, + "port": { + "type": "string", + "description": "startup probe port" + }, + "scheme": { + "type": "string", + "description": "startup probe scheme" + } + } + }, + "initialDelaySeconds": { + "type": "integer", + "description": "startup probe initial delay seconds" + }, + "periodSeconds": { + "type": "integer", + "description": "startup probe period seconds" + }, + "successThreshold": { + "type": "integer", + "description": "startup probe success threshold" + }, + "timeoutSeconds": { + "type": "integer", + "description": "startup probe timeout seconds" + } + } + } + } + } + } + }, + "metrics": { + "type": "object", + "properties": { + "pprof": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "pprof server enabled" + }, + "host": { + "type": "string", + "description": "pprof server host" + }, + "port": { + "type": "integer", + "description": "pprof server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "pprof server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "servers": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "gRPC server enabled" + }, + "host": { + "type": "string", + "description": "gRPC server host" + }, + "port": { + "type": "integer", + "description": "gRPC server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "grpc": { + "type": "object", + "properties": { + "bidirectional_stream_concurrency": { + "type": "integer", + "description": "gRPC server bidirectional stream concurrency" + }, + "connection_timeout": { + "type": "string", + "description": "gRPC server connection timeout" + }, + "enable_reflection": { + "type": "boolean", + "description": "gRPC server reflection option" + }, + "header_table_size": { + "type": "integer", + "description": "gRPC server header table size" + }, + "initial_conn_window_size": { + "type": "integer", + "description": "gRPC server initial connection window size" + }, + "initial_window_size": { + "type": "integer", + "description": "gRPC server initial window size" + }, + "interceptors": { + "type": "array", + "description": "gRPC server interceptors", + "items": { + "type": "string", + "enum": [ + "RecoverInterceptor", + "AccessLogInterceptor", + "TraceInterceptor", + "MetricInterceptor" + ] + } + }, + "keepalive": { + "type": "object", + "properties": { + "max_conn_age": { + "type": "string", + "description": "gRPC server keep alive max connection age" + }, + "max_conn_age_grace": { + "type": "string", + "description": "gRPC server keep alive max connection age grace" + }, + "max_conn_idle": { + "type": "string", + "description": "gRPC server keep alive max connection idle" + }, + "min_time": { + "type": "string", + "description": "gRPC server keep alive min_time" + }, + "permit_without_stream": { + "type": "boolean", + "description": "gRPC server keep alive permit_without_stream" + }, + "time": { + "type": "string", + "description": "gRPC server keep alive time" + }, + "timeout": { + "type": "string", + "description": "gRPC server keep alive timeout" + } + } + }, + "max_header_list_size": { + "type": "integer", + "description": "gRPC server max header list size" + }, + "max_receive_message_size": { + "type": "integer", + "description": "gRPC server max receive message size" + }, + "max_send_message_size": { + "type": "integer", + "description": "gRPC server max send message size" + }, + "read_buffer_size": { + "type": "integer", + "description": "gRPC server read buffer size" + }, + "write_buffer_size": { + "type": "integer", + "description": "gRPC server write buffer size" + } + } + }, + "mode": { + "type": "string", + "description": "gRPC server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "gRPC server probe wait time" + }, + "restart": { + "type": "boolean", + "description": "gRPC server restart" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "gRPC server service port", + "maximum": 65535, + "minimum": 0 + } + } + }, + "rest": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "REST server enabled" + }, + "host": { + "type": "string", + "description": "REST server host" + }, + "port": { + "type": "integer", + "description": "REST server port", + "maximum": 65535, + "minimum": 0 + }, + "server": { + "type": "object", + "properties": { + "http": { + "type": "object", + "properties": { + "handler_timeout": { + "type": "string", + "description": "REST server handler timeout" + }, + "idle_timeout": { + "type": "string", + "description": "REST server idle timeout" + }, + "read_header_timeout": { + "type": "string", + "description": "REST server read header timeout" + }, + "read_timeout": { + "type": "string", + "description": "REST server read timeout" + }, + "shutdown_duration": { + "type": "string", + "description": "REST server shutdown duration" + }, + "write_timeout": { + "type": "string", + "description": "REST server write timeout" + } + } + }, + "mode": { + "type": "string", + "description": "REST server server mode" + }, + "network": { + "type": "string", + "description": "mysql network", + "enum": [ + "tcp", + "tcp4", + "tcp6", + "udp", + "udp4", + "udp6", + "unix", + "unixgram", + "unixpacket" + ] + }, + "probe_wait_time": { + "type": "string", + "description": "REST server probe wait time" + }, + "socket_option": { + "type": "object", + "properties": { + "ip_recover_destination_addr": { + "type": "boolean", + "description": "server listen socket option for ip_recover_destination_addr functionality" + }, + "ip_transparent": { + "type": "boolean", + "description": "server listen socket option for ip_transparent functionality" + }, + "reuse_addr": { + "type": "boolean", + "description": "server listen socket option for reuse_addr functionality" + }, + "reuse_port": { + "type": "boolean", + "description": "server listen socket option for reuse_port functionality" + }, + "tcp_cork": { + "type": "boolean", + "description": "server listen socket option for tcp_cork functionality" + }, + "tcp_defer_accept": { + "type": "boolean", + "description": "server listen socket option for tcp_defer_accept functionality" + }, + "tcp_fast_open": { + "type": "boolean", + "description": "server listen socket option for tcp_fast_open functionality" + }, + "tcp_no_delay": { + "type": "boolean", + "description": "server listen socket option for tcp_no_delay functionality" + }, + "tcp_quick_ack": { + "type": "boolean", + "description": "server listen socket option for tcp_quick_ack functionality" + } + } + }, + "socket_path": { + "type": "string", + "description": "mysql socket_path" + } + } + }, + "servicePort": { + "type": "integer", + "description": "REST server service port", + "maximum": 65535, + "minimum": 0 + } + } + } + } + }, + "tls": { + "type": "object", + "properties": { + "ca": { + "type": "string", + "description": "TLS ca path" + }, + "cert": { + "type": "string", + "description": "TLS cert path" + }, + "enabled": { + "type": "boolean", + "description": "TLS enabled" + }, + "insecure_skip_verify": { + "type": "boolean", + "description": "enable/disable skip SSL certificate verification" + }, + "key": { + "type": "string", + "description": "TLS key path" + } + } + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "creates service account" + }, + "name": { + "type": "string", + "description": "name of service account" + } + } + }, + "ttlSecondsAfterFinished": { + "type": "integer", + "description": "ttl setting for K8s completed jobs" + }, + "version": { + "type": "string", + "description": "version of gateway config", + "pattern": "^v[0-9]+\\.[0-9]+\\.[0-9]$" + } + } + }, "replicas": { "type": "integer", "description": "number of replicas", diff --git a/charts/vald/values.yaml b/charts/vald/values.yaml index becc93ce12..9d75a74753 100644 --- a/charts/vald/values.yaml +++ b/charts/vald/values.yaml @@ -2949,3 +2949,91 @@ manager: net: dialer: keepalive: 15m #indexer fetches uncommitted index length, which includes huge payload so we need to set keepalive longer than usual + # @schema {"name": "manager.index.readreplica", "type": "object"} + readreplica: + # @schema {"name": "manager.index.readreplica.rotator", "type": "object"} + # manager.index.readreplica.rotator -- [This feature is work in progress] readreplica agents rotation job + rotator: + # @schema {"name": "manager.index.readreplica.rotator.name", "type": "string"} + # manager.index.readreplica.rotator.name -- name of readreplica rotator job + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.image", "alias": "image"} + image: + # manager.index.readreplica.rotator.image.repository -- image repository + repository: vdaas/vald-readreplica-rotate + # manager.index.readreplica.rotator.image.tag -- image tag (overrides defaults.image.tag) + tag: "" + # manager.index.image.pullPolicy -- image pull policy + pullPolicy: Always + # @schema {"name": "manager.index.readreplica.rotator.server_config", "alias": "server_config"} + # manager.index.readreplica.rotator.server_config -- server config (overrides defaults.server_config) + server_config: + servers: + rest: {} + grpc: {} + healths: + liveness: {} + readiness: {} + startup: {} + metrics: + pprof: {} + # @schema {"name": "manager.index.readreplica.rotator.initContainers", "alias": "initContainers"} + # manager.index.readreplica.rotator.initContainers -- init containers + initContainers: [] + # @schema {"name": "manager.index.readreplica.rotator.env", "alias": "env"} + # manager.index.readreplica.rotator.env -- environment variables + env: + - name: MY_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + # @schema {"name": "manager.index.readreplica.rotator.observability", "alias": "observability"} + # manager.index.readreplica.rotator.observability -- observability config (overrides defaults.observability) + observability: + otlp: + attribute: + service_name: vald-readreplica-rotation + # @schema {"name": "manager.index.readreplica.rotator.ttlSecondsAfterFinished", "type": "integer"} + # manager.index.readreplica.rotator.ttlSecondsAfterFinished -- ttl setting for K8s completed jobs + ttlSecondsAfterFinished: 86400 + # @schema {"name": "manager.index.readreplica.rotator.version", "alias": "version"} + # manager.index.readreplica.rotator.version -- version of readreplica rotator config + version: v0.0.0 + # @schema {"name": "manager.index.readreplica.rotator.agent_namespace", "type": "string"} + # manager.index.readreplica.rotator.agent_namespace -- namespace of agent pods to manage + agent_namespace: _MY_POD_NAMESPACE_ + # @schema {"name": "manager.index.readreplica.rotator.read_replica_id", "type": "string"} + # manager.index.readreplica.rotator.read_replica_id -- read replica id to perform rotation + read_replica_id: _MY_TARGET_REPLICA_ID_ + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount", "type": "object"} + serviceAccount: + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.serviceAccount.enabled -- creates service account + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.serviceAccount.name", "type": "string"} + # manager.index.readreplica.rotator.serviceAccount.name -- name of service account + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.clusterRole", "type": "object"} + clusterRole: + # @schema {"name": "manager.index.readreplica.rotator.clusterRole.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.clusterRole.enabled -- creates clusterRole resource + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.clusterRole.name", "type": "string"} + # manager.index.readreplica.rotator.clusterRole.name -- name of clusterRole + name: vald-readreplica-rotate + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding", "type": "object"} + clusterRoleBinding: + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding.enabled", "type": "boolean"} + # manager.index.readreplica.rotator.clusterRoleBinding.enabled -- creates clusterRoleBinding resource + enabled: true + # @schema {"name": "manager.index.readreplica.rotator.clusterRoleBinding.name", "type": "string"} + # manager.index.readreplica.rotator.clusterRoleBinding.name -- name of clusterRoleBinding + name: vald-readreplica-rotate diff --git a/dockers/index/job/readreplica/rotate/Dockerfile b/dockers/index/job/readreplica/rotate/Dockerfile new file mode 100644 index 0000000000..20531bf974 --- /dev/null +++ b/dockers/index/job/readreplica/rotate/Dockerfile @@ -0,0 +1,93 @@ +# +# Copyright (C) 2019-2023 vdaas.org vald team +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# You may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +ARG GO_VERSION=latest +ARG DISTROLESS_IMAGE=gcr.io/distroless/static +ARG DISTROLESS_IMAGE_TAG=nonroot +ARG MAINTAINER="vdaas.org vald team " + +FROM golang:${GO_VERSION} AS golang + +FROM ubuntu:devel AS builder + +ENV GO111MODULE on +ENV DEBIAN_FRONTEND noninteractive +ENV INITRD No +ENV LANG en_US.UTF-8 +ENV GOROOT /opt/go +ENV GOPATH /go +ENV PATH ${PATH}:${GOROOT}/bin:${GOPATH}/bin +ENV ORG vdaas +ENV REPO vald +ENV PKG index/job/readreplica/rotate +ENV APP_NAME readreplica-rotate + +# skipcq: DOK-DL3008 +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + build-essential \ + curl \ + upx \ + git \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +COPY --from=golang /usr/local/go $GOROOT +RUN mkdir -p "$GOPATH/src" + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/Makefile.d +COPY Makefile.d . +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +COPY Makefile . +COPY .git . +COPY go.mod . +COPY go.sum . + +RUN make go/download + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/internal +COPY internal . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/apis/grpc +COPY apis/grpc . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/pkg/${PKG} +COPY pkg/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +COPY cmd/${PKG} . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/versions +COPY versions . + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO} +RUN make REPO=${ORG} NAME=${REPO} cmd/${PKG}/${APP_NAME} \ + && mv "cmd/${PKG}/${APP_NAME}" "/usr/bin/${APP_NAME}" + +WORKDIR ${GOPATH}/src/github.com/${ORG}/${REPO}/cmd/${PKG} +RUN cp sample.yaml /tmp/config.yaml + +FROM ${DISTROLESS_IMAGE}:${DISTROLESS_IMAGE_TAG} +LABEL maintainer="${MAINTAINER}" + +ENV APP_NAME readreplica-rotate + +COPY --from=builder /usr/bin/${APP_NAME} /go/bin/${APP_NAME} +COPY --from=builder /tmp/config.yaml /etc/server/config.yaml + +USER nonroot:nonroot + +ENTRYPOINT ["/go/bin/readreplica-rotate"]